diff options
| author | Luke Howard <lukeh@padl.com> | 2009-12-15 19:42:52 +0000 |
|---|---|---|
| committer | Luke Howard <lukeh@padl.com> | 2009-12-15 19:42:52 +0000 |
| commit | 11c9a99c6f0cc6d5b3529d2c37a860fb1bfbea75 (patch) | |
| tree | 27aa0e9a0aa5e243db83011e79fc1d3b95cb5f29 /src/lib | |
| parent | 85ac294e4d1b435790acdb73f4465e2999cce892 (diff) | |
| download | krb5-11c9a99c6f0cc6d5b3529d2c37a860fb1bfbea75.zip krb5-11c9a99c6f0cc6d5b3529d2c37a860fb1bfbea75.tar.gz krb5-11c9a99c6f0cc6d5b3529d2c37a860fb1bfbea75.tar.bz2 | |
merge r23302:23471 of trunk into gssextras
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/gssextras-no-cqa@23472 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
382 files changed, 15403 insertions, 16781 deletions
diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in index f5180d7..55e9b0f 100644 --- a/src/lib/Makefile.in +++ b/src/lib/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=./.. -myfulldir=lib mydir=lib SUBDIRS=crypto krb5 gssapi rpc kdb kadm5 apputils BUILDTOP=$(REL).. @@ -74,7 +72,7 @@ clean-windows:: ##WIN32##GGLUE=$(GSS_GLUE) ##WIN32##K4GLUE=$(K4_GLUE) -##WIN32##RCFLAGS=$(CPPFLAGS) -I$(SRCTOP) -D_WIN32 -DRES_ONLY +##WIN32##RCFLAGS=$(CPPFLAGS) -I$(top_srcdir) -D_WIN32 -DRES_ONLY ##WIN32##SRES=$(SLIB:.lib=.res) ##WIN32##CRES=$(CLIB:.lib=.res) diff --git a/src/lib/apputils/Makefile.in b/src/lib/apputils/Makefile.in index 07d7aa3..37a77bc 100644 --- a/src/lib/apputils/Makefile.in +++ b/src/lib/apputils/Makefile.in @@ -2,8 +2,6 @@ prefix=@prefix@ bindir=@bindir@ datadir=@datadir@ mydatadir=$(datadir)/apputils -thisconfigdir=../.. -myfulldir=lib/apputils mydir=lib/apputils BUILDTOP=$(REL)..$(S).. RELDIR=../lib/apputils diff --git a/src/lib/apputils/daemon.c b/src/lib/apputils/daemon.c index 42b2bbc..f084396 100644 --- a/src/lib/apputils/daemon.c +++ b/src/lib/apputils/daemon.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-file-style: "bsd"; indent-tabs-mode: t -*- */ /*- * Copyright (c) 1990 The Regents of the University of California. * All rights reserved. diff --git a/src/lib/apputils/deps b/src/lib/apputils/deps index 49c57e1..c738588 100644 --- a/src/lib/apputils/deps +++ b/src/lib/apputils/deps @@ -3,12 +3,12 @@ # daemon.so daemon.po $(OUTPRE)daemon.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h daemon.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h daemon.c dummy.so dummy.po $(OUTPRE)dummy.$(OBJEXT): dummy.c diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index e22f48d..91ea0f3 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../.. -myfulldir=lib/crypto mydir=lib/crypto BUILDTOP=$(REL)..$(S).. SUBDIRS= krb @CRYPTO_IMPL@ crypto_tests @@ -21,19 +19,19 @@ LIBFINIFUNC=cryptoint_cleanup_library RELDIR=crypto STOBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST @CRYPTO_IMPL@/enc_provider/OBJS.ST \ - @CRYPTO_IMPL@/hash_provider/OBJS.ST krb/keyhash_provider/OBJS.ST \ + @CRYPTO_IMPL@/hash_provider/OBJS.ST krb/checksum/OBJS.ST \ krb/prf/OBJS.ST krb/rand2key/OBJS.ST \ krb/old/OBJS.ST krb/raw/OBJS.ST krb/yarrow/OBJS.ST \ @CRYPTO_IMPL@/md4/OBJS.ST @CRYPTO_IMPL@/md5/OBJS.ST @CRYPTO_IMPL@/sha1/OBJS.ST \ - @CRYPTO_IMPL@/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ + krb/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ krb/OBJS.ST @CRYPTO_IMPL@/OBJS.ST SUBDIROBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST @CRYPTO_IMPL@/enc_provider/OBJS.ST \ - @CRYPTO_IMPL@/hash_provider/OBJS.ST krb/keyhash_provider/OBJS.ST \ + @CRYPTO_IMPL@/hash_provider/OBJS.ST krb/checksum/OBJS.ST \ krb/prf/OBJS.ST krb/rand2key/OBJS.ST \ krb/old/OBJS.ST krb/raw/OBJS.ST krb/yarrow/OBJS.ST \ @CRYPTO_IMPL@/md4/OBJS.ST @CRYPTO_IMPL@/md5/OBJS.ST @CRYPTO_IMPL@/sha1/OBJS.ST \ - @CRYPTO_IMPL@/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ + krb/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ krb/OBJS.ST @CRYPTO_IMPL@/OBJS.ST # No dependencies. Record places to find this shared object if the target diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in index de56ed4..a65f64d 100644 --- a/src/lib/crypto/builtin/Makefile.in +++ b/src/lib/crypto/builtin/Makefile.in @@ -1,13 +1,10 @@ -thisconfigdir=../../.. -myfulldir=lib/crypto/builtin mydir=lib/crypto/builtin BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS=des arcfour aes md4 md5 sha1 enc_provider hash_provider +SUBDIRS=des aes md4 md5 sha1 enc_provider hash_provider LOCALINCLUDES = -I$(srcdir)/../krb \ -I$(srcdir)/../krb/hash_provider \ -I$(srcdir)/des \ -I$(srcdir)/aes \ - -I$(srcdir)/arcfour \ -I$(srcdir)/sha1 \ -I$(srcdir)/md4 \ -I$(srcdir)/md5 \ @@ -24,8 +21,8 @@ EXTRADEPSRCS= $(srcdir)/t_cf2.c ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=$(OUTPRE)crypto.lib ##DOSOBJFILE=$(OUTPRE)crypto.lst -##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst -##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst STLIBOBJS=\ hmac.o \ @@ -43,7 +40,6 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST \ OBJS.ST @@ -51,7 +47,6 @@ SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -94,9 +89,6 @@ all-windows:: cd ..\enc_provider @echo Making in crypto\enc_provider $(MAKE) -$(MFLAGS) - cd ..\arcfour - @echo Making in crypto\arcfour - $(MAKE) -$(MFLAGS) cd ..\aes @echo Making in crypto\aes $(MAKE) -$(MFLAGS) @@ -121,9 +113,6 @@ clean-windows:: cd ..\enc_provider @echo Making clean in crypto\enc_provider $(MAKE) -$(MFLAGS) clean - cd ..\arcfour - @echo Making clean in crypto\arcfour - $(MAKE) -$(MFLAGS) clean cd ..\aes @echo Making clean in crypto\aes $(MAKE) -$(MFLAGS) clean @@ -148,9 +137,6 @@ check-windows:: cd ..\enc_provider @echo Making check in crypto\enc_provider $(MAKE) -$(MFLAGS) check - cd ..\arcfour - @echo Making check in crypto\arcfour - $(MAKE) -$(MFLAGS) check cd ..\aes @echo Making check in crypto\aes $(MAKE) -$(MFLAGS) check diff --git a/src/lib/crypto/builtin/aes/Makefile.in b/src/lib/crypto/builtin/aes/Makefile.in index d8e866f..260cc97 100644 --- a/src/lib/crypto/builtin/aes/Makefile.in +++ b/src/lib/crypto/builtin/aes/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/aes mydir=lib/crypto/builtin/aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include @@ -15,20 +13,17 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS=\ aescrypt.o \ aestab.o \ - aeskey.o \ - aes_s2k.o + aeskey.o OBJS=\ $(OUTPRE)aescrypt.$(OBJEXT) \ $(OUTPRE)aestab.$(OBJEXT) \ - $(OUTPRE)aeskey.$(OBJEXT) \ - $(OUTPRE)aes_s2k.$(OBJEXT) + $(OUTPRE)aeskey.$(OBJEXT) SRCS=\ $(srcdir)/aescrypt.c \ $(srcdir)/aestab.c \ $(srcdir)/aeskey.c \ - $(srcdir)/aes_s2k.c GEN_OBJS=\ $(OUTPRE)aescrypt.$(OBJEXT) \ diff --git a/src/lib/crypto/builtin/aes/aes_s2k.c b/src/lib/crypto/builtin/aes/aes_s2k.c deleted file mode 100644 index 0eccdd9..0000000 --- a/src/lib/crypto/builtin/aes/aes_s2k.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * lib/crypto/aes/aes_s2k.c - * - * Copyright 2003 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5int_aes_string_to_key - */ - -#include "k5-int.h" -#include "dk.h" -#include "aes_s2k.h" - -#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ -#define MAX_ITERATION_COUNT 0x1000000L - -krb5_error_code -krb5int_aes_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) -{ - unsigned long iter_count; - krb5_data out; - static const krb5_data usage = { KV5M_DATA, 8, "kerberos" }; - krb5_key tempkey = NULL; - krb5_error_code err; - - if (params) { - unsigned char *p = (unsigned char *) params->data; - if (params->length != 4) - return KRB5_ERR_BAD_S2K_PARAMS; - /* The first two need casts in case 'int' is 16 bits. */ - iter_count = load_32_be(p); - if (iter_count == 0) { - iter_count = (1UL << 16) << 16; - if (((iter_count >> 16) >> 16) != 1) - return KRB5_ERR_BAD_S2K_PARAMS; - } - } else - iter_count = DEFAULT_ITERATION_COUNT; - - /* This is not a protocol specification constraint; this is an - implementation limit, which should eventually be controlled by - a config file. */ - if (iter_count >= MAX_ITERATION_COUNT) - return KRB5_ERR_BAD_S2K_PARAMS; - - /* Use the output keyblock contents for temporary space. */ - out.data = (char *) key->contents; - out.length = key->length; - if (out.length != 16 && out.length != 32) - return KRB5_CRYPTO_INTERNAL; - - err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt); - if (err) - goto cleanup; - - err = krb5_k_create_key (NULL, key, &tempkey); - if (err) - goto cleanup; - - err = krb5int_derive_keyblock (enc, tempkey, key, &usage); - -cleanup: - if (err) - memset (out.data, 0, out.length); - krb5_k_free_key (NULL, tempkey); - return err; -} diff --git a/src/lib/crypto/builtin/aes/aes_s2k.h b/src/lib/crypto/builtin/aes/aes_s2k.h deleted file mode 100644 index b6804a9..0000000 --- a/src/lib/crypto/builtin/aes/aes_s2k.h +++ /dev/null @@ -1,4 +0,0 @@ -extern krb5_error_code -krb5int_aes_string_to_key (const struct krb5_enc_provider *, - const krb5_data *, const krb5_data *, - const krb5_data *, krb5_keyblock *key); diff --git a/src/lib/crypto/builtin/aes/deps b/src/lib/crypto/builtin/aes/deps index 815ef29..7ce4e84 100644 --- a/src/lib/crypto/builtin/aes/deps +++ b/src/lib/crypto/builtin/aes/deps @@ -8,14 +8,3 @@ aestab.so aestab.po $(OUTPRE)aestab.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ aes.h aesopt.h aestab.c uitypes.h aeskey.so aeskey.po $(OUTPRE)aeskey.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ aes.h aeskey.c aesopt.h uitypes.h -aes_s2k.so aes_s2k.po $(OUTPRE)aes_s2k.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/dk/dk.h \ - aes_s2k.c aes_s2k.h diff --git a/src/lib/crypto/builtin/deps b/src/lib/crypto/builtin/deps index ad337da..a5d53a9 100644 --- a/src/lib/crypto/builtin/deps +++ b/src/lib/crypto/builtin/deps @@ -3,25 +3,26 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../krb/aead.h \ - $(srcdir)/../krb/cksumtypes.h hmac.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ + $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hmac.c pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ pbkdf2.c t_cf2.so t_cf2.po $(OUTPRE)t_cf2.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h t_cf2.c + $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h t_cf2.c diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in index 79356f2..ff5e3fa 100644 --- a/src/lib/crypto/builtin/des/Makefile.in +++ b/src/lib/crypto/builtin/des/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/des mydir=lib/crypto/builtin/des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb @@ -16,11 +14,9 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS=\ afsstring2key.o \ - d3_cbc.o \ d3_aead.o \ d3_kysched.o \ f_aead.o \ - f_cbc.o \ f_cksum.o \ f_parity.o \ f_sched.o \ @@ -30,11 +26,9 @@ STLIBOBJS=\ weak_key.o OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \ - $(OUTPRE)d3_cbc.$(OBJEXT) \ $(OUTPRE)d3_aead.$(OBJEXT) \ $(OUTPRE)d3_kysched.$(OBJEXT) \ $(OUTPRE)f_aead.$(OBJEXT) \ - $(OUTPRE)f_cbc.$(OBJEXT) \ $(OUTPRE)f_cksum.$(OBJEXT) \ $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)f_sched.$(OBJEXT) \ @@ -44,11 +38,9 @@ OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \ $(OUTPRE)weak_key.$(OBJEXT) SRCS= $(srcdir)/afsstring2key.c \ - $(srcdir)/d3_cbc.c \ $(srcdir)/d3_aead.c \ $(srcdir)/d3_kysched.c \ $(srcdir)/f_aead.c \ - $(srcdir)/f_cbc.c \ $(srcdir)/f_cksum.c \ $(srcdir)/f_parity.c \ $(srcdir)/f_sched.c \ @@ -57,7 +49,7 @@ SRCS= $(srcdir)/afsstring2key.c \ $(srcdir)/weak_key.c \ $(srcdir)/string2key.c -EXTRADEPSRCS = $(SRCDIR)destest.c +EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/builtin/des/afsstring2key.c b/src/lib/crypto/builtin/des/afsstring2key.c index 4b61a2f..8c88046 100644 --- a/src/lib/crypto/builtin/des/afsstring2key.c +++ b/src/lib/crypto/builtin/des/afsstring2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/string2key.c * @@ -68,88 +69,88 @@ char *afs_crypt (const char *, const char *, char *); #define min(a,b) ((a)>(b)?(b):(a)) krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* totally different approach from MIT string2key. */ - /* much of the work has already been done by the only caller - which is mit_des_string_to_key; in particular, *keyblock is already - set up. */ + /* totally different approach from MIT string2key. */ + /* much of the work has already been done by the only caller + which is mit_des_string_to_key; in particular, *keyblock is already + set up. */ char *realm = salt->data; unsigned int i, j; krb5_octet *key = keyblock->contents; if (data->length <= 8) { - /* One block only. Run afs_crypt and use the first eight - returned bytes after the copy of the (fixed) salt. - - Since the returned bytes are alphanumeric, the output is - limited to 2**48 possibilities; for each byte, only 64 - possible values can be used. */ - unsigned char password[9]; /* trailing nul for crypt() */ - char afs_crypt_buf[16]; - - memset (password, 0, sizeof (password)); - memcpy (password, realm, min (salt->length, 8)); - for (i=0; i<8; i++) - if (isupper(password[i])) - password[i] = tolower(password[i]); - for (i=0; i<data->length; i++) - password[i] ^= data->data[i]; - for (i=0; i<8; i++) - if (password[i] == '\0') - password[i] = 'X'; - password[8] = '\0'; - /* Out-of-bounds salt characters are equivalent to a salt string - of "p1". */ - strncpy((char *) key, - (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2, - 8); - for (i=0; i<8; i++) - key[i] <<= 1; - /* now fix up key parity again */ - mit_des_fixup_key_parity(key); - /* clean & free the input string */ - memset(password, 0, (size_t) sizeof(password)); + /* One block only. Run afs_crypt and use the first eight + returned bytes after the copy of the (fixed) salt. + + Since the returned bytes are alphanumeric, the output is + limited to 2**48 possibilities; for each byte, only 64 + possible values can be used. */ + unsigned char password[9]; /* trailing nul for crypt() */ + char afs_crypt_buf[16]; + + memset (password, 0, sizeof (password)); + memcpy (password, realm, min (salt->length, 8)); + for (i=0; i<8; i++) + if (isupper(password[i])) + password[i] = tolower(password[i]); + for (i=0; i<data->length; i++) + password[i] ^= data->data[i]; + for (i=0; i<8; i++) + if (password[i] == '\0') + password[i] = 'X'; + password[8] = '\0'; + /* Out-of-bounds salt characters are equivalent to a salt string + of "p1". */ + strncpy((char *) key, + (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2, + 8); + for (i=0; i<8; i++) + key[i] <<= 1; + /* now fix up key parity again */ + mit_des_fixup_key_parity(key); + /* clean & free the input string */ + memset(password, 0, (size_t) sizeof(password)); } else { - /* Multiple blocks. Do a CBC checksum, twice, and use the - result as the new key. */ - mit_des_cblock ikey, tkey; - mit_des_key_schedule key_sked; - unsigned int pw_len = salt->length+data->length; - unsigned char *password = malloc(pw_len+1); - if (!password) return ENOMEM; - - /* Some bound checks from the original code are elided here as - the malloc above makes sure we have enough storage. */ - memcpy (password, data->data, data->length); - for (i=data->length, j = 0; j < salt->length; i++, j++) { - password[i] = realm[j]; - if (isupper(password[i])) - password[i] = tolower(password[i]); - } - - memcpy (ikey, "kerberos", sizeof(ikey)); - memcpy (tkey, ikey, sizeof(tkey)); - mit_des_fixup_key_parity (tkey); - (void) mit_des_key_sched (tkey, key_sked); - (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey); - - memcpy (ikey, tkey, sizeof(ikey)); - mit_des_fixup_key_parity (tkey); - (void) mit_des_key_sched (tkey, key_sked); - (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey); - - /* erase key_sked */ - memset(key_sked, 0,sizeof(key_sked)); - - /* now fix up key parity again */ - mit_des_fixup_key_parity(key); - - /* clean & free the input string */ - memset(password, 0, (size_t) pw_len); - free(password); + /* Multiple blocks. Do a CBC checksum, twice, and use the + result as the new key. */ + mit_des_cblock ikey, tkey; + mit_des_key_schedule key_sked; + unsigned int pw_len = salt->length+data->length; + unsigned char *password = malloc(pw_len+1); + if (!password) return ENOMEM; + + /* Some bound checks from the original code are elided here as + the malloc above makes sure we have enough storage. */ + memcpy (password, data->data, data->length); + for (i=data->length, j = 0; j < salt->length; i++, j++) { + password[i] = realm[j]; + if (isupper(password[i])) + password[i] = tolower(password[i]); + } + + memcpy (ikey, "kerberos", sizeof(ikey)); + memcpy (tkey, ikey, sizeof(tkey)); + mit_des_fixup_key_parity (tkey); + (void) mit_des_key_sched (tkey, key_sked); + (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey); + + memcpy (ikey, tkey, sizeof(ikey)); + mit_des_fixup_key_parity (tkey); + (void) mit_des_key_sched (tkey, key_sked); + (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey); + + /* erase key_sked */ + memset(key_sked, 0,sizeof(key_sked)); + + /* now fix up key parity again */ + mit_des_fixup_key_parity(key); + + /* clean & free the input string */ + memset(password, 0, (size_t) pw_len); + free(password); } #if 0 /* must free here because it was copied for this special case */ @@ -161,7 +162,7 @@ mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, /* Portions of this code: Copyright 1989 by the Massachusetts Institute of Technology - */ +*/ /* * Copyright (c) 1990 Regents of The University of Michigan. @@ -177,12 +178,12 @@ mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, * specific, written prior permission. This software is supplied as * is without expressed or implied warranties of any kind. * - * ITD Research Systems - * University of Michigan - * 535 W. William Street - * Ann Arbor, Michigan - * +1-313-936-2652 - * netatalk@terminator.cc.umich.edu + * ITD Research Systems + * University of Michigan + * 535 W. William Street + * Ann Arbor, Michigan + * +1-313-936-2652 + * netatalk@terminator.cc.umich.edu */ static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]); @@ -191,101 +192,101 @@ static void krb5_afs_encrypt (char*,char*,char (*)[48]); /* * Initial permutation, */ -static const char IP[] = { - 58,50,42,34,26,18,10, 2, - 60,52,44,36,28,20,12, 4, - 62,54,46,38,30,22,14, 6, - 64,56,48,40,32,24,16, 8, - 57,49,41,33,25,17, 9, 1, - 59,51,43,35,27,19,11, 3, - 61,53,45,37,29,21,13, 5, - 63,55,47,39,31,23,15, 7, +static const char IP[] = { + 58,50,42,34,26,18,10, 2, + 60,52,44,36,28,20,12, 4, + 62,54,46,38,30,22,14, 6, + 64,56,48,40,32,24,16, 8, + 57,49,41,33,25,17, 9, 1, + 59,51,43,35,27,19,11, 3, + 61,53,45,37,29,21,13, 5, + 63,55,47,39,31,23,15, 7, }; /* * Final permutation, FP = IP^(-1) */ -static const char FP[] = { - 40, 8,48,16,56,24,64,32, - 39, 7,47,15,55,23,63,31, - 38, 6,46,14,54,22,62,30, - 37, 5,45,13,53,21,61,29, - 36, 4,44,12,52,20,60,28, - 35, 3,43,11,51,19,59,27, - 34, 2,42,10,50,18,58,26, - 33, 1,41, 9,49,17,57,25, +static const char FP[] = { + 40, 8,48,16,56,24,64,32, + 39, 7,47,15,55,23,63,31, + 38, 6,46,14,54,22,62,30, + 37, 5,45,13,53,21,61,29, + 36, 4,44,12,52,20,60,28, + 35, 3,43,11,51,19,59,27, + 34, 2,42,10,50,18,58,26, + 33, 1,41, 9,49,17,57,25, }; /* * Permuted-choice 1 from the key bits to yield C and D. * Note that bits 8,16... are left out: They are intended for a parity check. */ -static const char PC1_C[] = { - 57,49,41,33,25,17, 9, - 1,58,50,42,34,26,18, - 10, 2,59,51,43,35,27, - 19,11, 3,60,52,44,36, +static const char PC1_C[] = { + 57,49,41,33,25,17, 9, + 1,58,50,42,34,26,18, + 10, 2,59,51,43,35,27, + 19,11, 3,60,52,44,36, }; -static const char PC1_D[] = { - 63,55,47,39,31,23,15, - 7,62,54,46,38,30,22, - 14, 6,61,53,45,37,29, - 21,13, 5,28,20,12, 4, +static const char PC1_D[] = { + 63,55,47,39,31,23,15, + 7,62,54,46,38,30,22, + 14, 6,61,53,45,37,29, + 21,13, 5,28,20,12, 4, }; /* * Sequence of shifts used for the key schedule. */ -static const char shifts[] = { - 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, +static const char shifts[] = { + 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, }; /* * Permuted-choice 2, to pick out the bits from * the CD array that generate the key schedule. */ -static const char PC2_C[] = { - 14,17,11,24, 1, 5, - 3,28,15, 6,21,10, - 23,19,12, 4,26, 8, - 16, 7,27,20,13, 2, +static const char PC2_C[] = { + 14,17,11,24, 1, 5, + 3,28,15, 6,21,10, + 23,19,12, 4,26, 8, + 16, 7,27,20,13, 2, }; -static const char PC2_D[] = { - 41,52,31,37,47,55, - 30,40,51,45,33,48, - 44,49,39,56,34,53, - 46,42,50,36,29,32, +static const char PC2_D[] = { + 41,52,31,37,47,55, + 30,40,51,45,33,48, + 44,49,39,56,34,53, + 46,42,50,36,29,32, }; /* * The E bit-selection table. */ -static const char e[] = { - 32, 1, 2, 3, 4, 5, - 4, 5, 6, 7, 8, 9, - 8, 9,10,11,12,13, - 12,13,14,15,16,17, - 16,17,18,19,20,21, - 20,21,22,23,24,25, - 24,25,26,27,28,29, - 28,29,30,31,32, 1, +static const char e[] = { + 32, 1, 2, 3, 4, 5, + 4, 5, 6, 7, 8, 9, + 8, 9,10,11,12,13, + 12,13,14,15,16,17, + 16,17,18,19,20,21, + 20,21,22,23,24,25, + 24,25,26,27,28,29, + 28,29,30,31,32, 1, }; /* * P is a permutation on the selected combination * of the current L and key. */ -static const char P[] = { - 16, 7,20,21, - 29,12,28,17, - 1,15,23,26, - 5,18,31,10, - 2, 8,24,14, - 32,27, 3, 9, - 19,13,30, 6, - 22,11, 4,25, +static const char P[] = { + 16, 7,20,21, + 29,12,28,17, + 1,15,23,26, + 5,18,31,10, + 2, 8,24,14, + 32,27, 3, 9, + 19,13,30, 6, + 22,11, 4,25, }; /* @@ -293,109 +294,109 @@ static const char P[] = { * For some reason, they give a 0-origin * index, unlike everything else. */ -static const char S[8][64] = { - {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, - 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, - 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, - 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13}, - - {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, - 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, - 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, - 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9}, - - {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, - 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, - 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, - 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12}, - - { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, - 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, - 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, - 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14}, - - { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, - 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, - 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, - 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3}, - - {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, - 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, - 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, - 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13}, - - { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, - 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, - 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, - 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12}, - - {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, - 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, - 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, - 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11}, +static const char S[8][64] = { + {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, + 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, + 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, + 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13}, + + {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, + 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, + 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, + 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9}, + + {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, + 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, + 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, + 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12}, + + { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, + 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, + 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, + 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14}, + + { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, + 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, + 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, + 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3}, + + {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, + 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, + 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, + 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13}, + + { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, + 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, + 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, + 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12}, + + {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, + 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, + 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, + 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11}, }; char *afs_crypt(const char *pw, const char *salt, - /* must be at least 16 bytes */ - char *iobuf) + /* must be at least 16 bytes */ + char *iobuf) { - int i, j, c; - int temp; - char block[66]; - char E[48]; - /* - * The key schedule. - * Generated from the key. - */ - char KS[16][48]; - - for(i=0; i<66; i++) - block[i] = 0; - for(i=0; (c= *pw) && i<64; pw++){ - for(j=0; j<7; j++, i++) - block[i] = (c>>(6-j)) & 01; - i++; - } - - krb5_afs_crypt_setkey(block, E, KS); - - for(i=0; i<66; i++) - block[i] = 0; - - for(i=0;i<2;i++){ - c = *salt++; - iobuf[i] = c; - if(c>'Z') c -= 6; - if(c>'9') c -= 7; - c -= '.'; - for(j=0;j<6;j++){ - if((c>>j) & 01){ - temp = E[6*i+j]; - E[6*i+j] = E[6*i+j+24]; - E[6*i+j+24] = temp; - } - } - } - - for(i=0; i<25; i++) - krb5_afs_encrypt(block,E,KS); - - for(i=0; i<11; i++){ - c = 0; - for(j=0; j<6; j++){ - c <<= 1; - c |= block[6*i+j]; - } - c += '.'; - if(c>'9') c += 7; - if(c>'Z') c += 6; - iobuf[i+2] = c; - } - iobuf[i+2] = 0; - if(iobuf[1]==0) - iobuf[1] = iobuf[0]; - return(iobuf); + int i, j, c; + int temp; + char block[66]; + char E[48]; + /* + * The key schedule. + * Generated from the key. + */ + char KS[16][48]; + + for(i=0; i<66; i++) + block[i] = 0; + for(i=0; (c= *pw) && i<64; pw++){ + for(j=0; j<7; j++, i++) + block[i] = (c>>(6-j)) & 01; + i++; + } + + krb5_afs_crypt_setkey(block, E, KS); + + for(i=0; i<66; i++) + block[i] = 0; + + for(i=0;i<2;i++){ + c = *salt++; + iobuf[i] = c; + if(c>'Z') c -= 6; + if(c>'9') c -= 7; + c -= '.'; + for(j=0;j<6;j++){ + if((c>>j) & 01){ + temp = E[6*i+j]; + E[6*i+j] = E[6*i+j+24]; + E[6*i+j+24] = temp; + } + } + } + + for(i=0; i<25; i++) + krb5_afs_encrypt(block,E,KS); + + for(i=0; i<11; i++){ + c = 0; + for(j=0; j<6; j++){ + c <<= 1; + c |= block[6*i+j]; + } + c += '.'; + if(c>'9') c += 7; + if(c>'Z') c += 6; + iobuf[i+2] = c; + } + iobuf[i+2] = 0; + if(iobuf[1]==0) + iobuf[1] = iobuf[0]; + return(iobuf); } /* @@ -404,57 +405,57 @@ char *afs_crypt(const char *pw, const char *salt, static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48]) { - register int i, j, k; - int t; - /* - * The C and D arrays used to calculate the key schedule. - */ - char C[28], D[28]; - - /* - * First, generate C and D by permuting - * the key. The low order bit of each - * 8-bit char is not used, so C and D are only 28 - * bits apiece. - */ - for (i=0; i<28; i++) { - C[i] = key[PC1_C[i]-1]; - D[i] = key[PC1_D[i]-1]; - } - /* - * To generate Ki, rotate C and D according - * to schedule and pick up a permutation - * using PC2. - */ - for (i=0; i<16; i++) { - /* - * rotate. - */ - for (k=0; k<shifts[i]; k++) { - t = C[0]; - for (j=0; j<28-1; j++) - C[j] = C[j+1]; - C[27] = t; - t = D[0]; - for (j=0; j<28-1; j++) - D[j] = D[j+1]; - D[27] = t; - } - /* - * get Ki. Note C and D are concatenated. - */ - for (j=0; j<24; j++) { - KS[i][j] = C[PC2_C[j]-1]; - KS[i][j+24] = D[PC2_D[j]-28-1]; - } - } + register int i, j, k; + int t; + /* + * The C and D arrays used to calculate the key schedule. + */ + char C[28], D[28]; + + /* + * First, generate C and D by permuting + * the key. The low order bit of each + * 8-bit char is not used, so C and D are only 28 + * bits apiece. + */ + for (i=0; i<28; i++) { + C[i] = key[PC1_C[i]-1]; + D[i] = key[PC1_D[i]-1]; + } + /* + * To generate Ki, rotate C and D according + * to schedule and pick up a permutation + * using PC2. + */ + for (i=0; i<16; i++) { + /* + * rotate. + */ + for (k=0; k<shifts[i]; k++) { + t = C[0]; + for (j=0; j<28-1; j++) + C[j] = C[j+1]; + C[27] = t; + t = D[0]; + for (j=0; j<28-1; j++) + D[j] = D[j+1]; + D[27] = t; + } + /* + * get Ki. Note C and D are concatenated. + */ + for (j=0; j<24; j++) { + KS[i][j] = C[PC2_C[j]-1]; + KS[i][j+24] = D[PC2_D[j]-28-1]; + } + } #if 0 - for(i=0;i<48;i++) { - E[i] = e[i]; - } + for(i=0;i<48;i++) { + E[i] = e[i]; + } #else - memcpy(E, e, 48); + memcpy(E, e, 48); #endif } @@ -464,107 +465,107 @@ static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48]) static void krb5_afs_encrypt(char *block, char *E, char (*KS)[48]) { - const long edflag = 0; - int i, ii; - int t, j, k; - char tempL[32]; - char f[32]; - /* - * The current block, divided into 2 halves. - */ - char L[64]; - char *const R = &L[32]; - /* - * The combination of the key and the input, before selection. - */ - char preS[48]; - - /* - * First, permute the bits in the input - */ - for (j=0; j<64; j++) - L[j] = block[IP[j]-1]; - /* - * Perform an encryption operation 16 times. - */ - for (ii=0; ii<16; ii++) { - /* - * Set direction - */ - if (edflag) - i = 15-ii; - else - i = ii; - /* - * Save the R array, - * which will be the new L. - */ + const long edflag = 0; + int i, ii; + int t, j, k; + char tempL[32]; + char f[32]; + /* + * The current block, divided into 2 halves. + */ + char L[64]; + char *const R = &L[32]; + /* + * The combination of the key and the input, before selection. + */ + char preS[48]; + + /* + * First, permute the bits in the input + */ + for (j=0; j<64; j++) + L[j] = block[IP[j]-1]; + /* + * Perform an encryption operation 16 times. + */ + for (ii=0; ii<16; ii++) { + /* + * Set direction + */ + if (edflag) + i = 15-ii; + else + i = ii; + /* + * Save the R array, + * which will be the new L. + */ #if 0 - for (j=0; j<32; j++) - tempL[j] = R[j]; + for (j=0; j<32; j++) + tempL[j] = R[j]; #else - memcpy(tempL, R, 32); + memcpy(tempL, R, 32); #endif - /* - * Expand R to 48 bits using the E selector; - * exclusive-or with the current key bits. - */ - for (j=0; j<48; j++) - preS[j] = R[E[j]-1] ^ KS[i][j]; - /* - * The pre-select bits are now considered - * in 8 groups of 6 bits each. - * The 8 selection functions map these - * 6-bit quantities into 4-bit quantities - * and the results permuted - * to make an f(R, K). - * The indexing into the selection functions - * is peculiar; it could be simplified by - * rewriting the tables. - */ - for (j=0; j<8; j++) { - t = 6*j; - k = S[j][(preS[t+0]<<5)+ - (preS[t+1]<<3)+ - (preS[t+2]<<2)+ - (preS[t+3]<<1)+ - (preS[t+4]<<0)+ - (preS[t+5]<<4)]; - t = 4*j; - f[t+0] = (k>>3)&01; - f[t+1] = (k>>2)&01; - f[t+2] = (k>>1)&01; - f[t+3] = (k>>0)&01; - } - /* - * The new R is L ^ f(R, K). - * The f here has to be permuted first, though. - */ - for (j=0; j<32; j++) - R[j] = L[j] ^ f[P[j]-1]; - /* - * Finally, the new L (the original R) - * is copied back. - */ + /* + * Expand R to 48 bits using the E selector; + * exclusive-or with the current key bits. + */ + for (j=0; j<48; j++) + preS[j] = R[E[j]-1] ^ KS[i][j]; + /* + * The pre-select bits are now considered + * in 8 groups of 6 bits each. + * The 8 selection functions map these + * 6-bit quantities into 4-bit quantities + * and the results permuted + * to make an f(R, K). + * The indexing into the selection functions + * is peculiar; it could be simplified by + * rewriting the tables. + */ + for (j=0; j<8; j++) { + t = 6*j; + k = S[j][(preS[t+0]<<5)+ + (preS[t+1]<<3)+ + (preS[t+2]<<2)+ + (preS[t+3]<<1)+ + (preS[t+4]<<0)+ + (preS[t+5]<<4)]; + t = 4*j; + f[t+0] = (k>>3)&01; + f[t+1] = (k>>2)&01; + f[t+2] = (k>>1)&01; + f[t+3] = (k>>0)&01; + } + /* + * The new R is L ^ f(R, K). + * The f here has to be permuted first, though. + */ + for (j=0; j<32; j++) + R[j] = L[j] ^ f[P[j]-1]; + /* + * Finally, the new L (the original R) + * is copied back. + */ #if 0 - for (j=0; j<32; j++) - L[j] = tempL[j]; + for (j=0; j<32; j++) + L[j] = tempL[j]; #else - memcpy(L, tempL, 32); + memcpy(L, tempL, 32); #endif - } - /* - * The output L and R are reversed. - */ - for (j=0; j<32; j++) { - t = L[j]; - L[j] = R[j]; - R[j] = t; - } - /* - * The final output - * gets the inverse permutation of the very original. - */ - for (j=0; j<64; j++) - block[j] = L[FP[j]-1]; + } + /* + * The output L and R are reversed. + */ + for (j=0; j<32; j++) { + t = L[j]; + L[j] = R[j]; + R[j] = t; + } + /* + * The final output + * gets the inverse permutation of the very original. + */ + for (j=0; j<64; j++) + block[j] = L[FP[j]-1]; } diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c index 3eb9422..4052a40 100644 --- a/src/lib/crypto/builtin/des/d3_aead.c +++ b/src/lib/crypto/builtin/des/d3_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2008 by the Massachusetts Institute of Technology. * Copyright 1995 by Richard P. Basch. All Rights Reserved. @@ -26,107 +27,85 @@ #include "aead.h" void -krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) +krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; const unsigned char *ip; - unsigned char *op; struct iov_block_state input_pos, output_pos; - unsigned char iblock[MIT_DES_BLOCK_LENGTH]; - unsigned char oblock[MIT_DES_BLOCK_LENGTH]; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - /* - * Get key pointer here. This won't need to be reinitialized - */ + /* Get key pointers here. These won't need to be reinitialized. */ kp1 = (const unsigned DES_INT32 *)ks1; kp2 = (const unsigned DES_INT32 *)ks2; kp3 = (const unsigned DES_INT32 *)ks3; - /* - * Initialize left and right with the contents of the initial - * vector. - */ - if (ivec != NULL) - ip = ivec; - else - ip = mit_des_zeroblock; + /* Initialize left and right with the contents of the initial vector. */ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; GET_HALF_BLOCK(left, ip); GET_HALF_BLOCK(right, ip); - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ + /* Work the length down 8 bytes at a time. */ for (;;) { - unsigned DES_INT32 temp; - - ip = iblock; - op = oblock; - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp1); - DES_DO_DECRYPT(left, right, kp2); - DES_DO_ENCRYPT(left, right, kp3); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + unsigned DES_INT32 temp; + + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Decompose this block and xor it with the previous ciphertext. */ + GET_HALF_BLOCK(temp, ptr); + left ^= temp; + GET_HALF_BLOCK(temp, ptr); + right ^= temp; + + /* Encrypt what we have and store it back into block. */ + DES_DO_ENCRYPT(left, right, kp1); + DES_DO_DECRYPT(left, right, kp2); + DES_DO_ENCRYPT(left, right, kp3); + ptr = block; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + + iov_store_block(data, num_data, block, storage, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + if (ivec != NULL && block != NULL) { + ptr = ivec; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + } } void -krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) +krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; const unsigned char *ip; unsigned DES_INT32 ocipherl, ocipherr; unsigned DES_INT32 cipherl, cipherr; - unsigned char *op; struct iov_block_state input_pos, output_pos; - unsigned char iblock[MIT_DES_BLOCK_LENGTH]; - unsigned char oblock[MIT_DES_BLOCK_LENGTH]; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - /* - * Get key pointer here. This won't need to be reinitialized - */ + /* Get key pointers here. These won't need to be reinitialized. */ kp1 = (const unsigned DES_INT32 *)ks1; kp2 = (const unsigned DES_INT32 *)ks2; kp3 = (const unsigned DES_INT32 *)ks3; @@ -137,71 +116,48 @@ krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, * Should think about this a little more... */ - if (num_data == 0) - return; - - /* - * Prime the old cipher with ivec. - */ - if (ivec != NULL) - ip = ivec; - else - ip = mit_des_zeroblock; + /* Prime the old cipher with ivec.*/ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; GET_HALF_BLOCK(ocipherl, ip); GET_HALF_BLOCK(ocipherr, ip); - /* - * Now do this in earnest until we run out of length. - */ + /* Work the length down 8 bytes at a time. */ for (;;) { - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - ip = iblock; - op = oblock; - - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp3); - DES_DO_ENCRYPT(left, right, kp2); - DES_DO_DECRYPT(left, right, kp1); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Split this block into left and right. */ + GET_HALF_BLOCK(left, ptr); + GET_HALF_BLOCK(right, ptr); + cipherl = left; + cipherr = right; + + /* Decrypt and xor with the old cipher to get plain text. */ + DES_DO_DECRYPT(left, right, kp3); + DES_DO_ENCRYPT(left, right, kp2); + DES_DO_DECRYPT(left, right, kp1); + left ^= ocipherl; + right ^= ocipherr; + + /* Store the encrypted halves back into block. */ + ptr = block; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + + /* Save current cipher block halves. */ + ocipherl = cipherl; + ocipherr = cipherr; + + iov_store_block(data, num_data, block, storage, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if (ivec != NULL) { - op = ivec; - PUT_HALF_BLOCK(ocipherl,op); - PUT_HALF_BLOCK(ocipherr, op); + if (ivec != NULL && block != NULL) { + ptr = ivec; + PUT_HALF_BLOCK(ocipherl, ptr); + PUT_HALF_BLOCK(ocipherr, ptr); } } diff --git a/src/lib/crypto/builtin/des/d3_cbc.c b/src/lib/crypto/builtin/des/d3_cbc.c deleted file mode 100644 index f90d8e5..0000000 --- a/src/lib/crypto/builtin/des/d3_cbc.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright 1995 by Richard P. Basch. All Rights Reserved. - * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used - * in advertising or publicity pertaining to distribution of the software - * without specific, written prior permission. Richard P. Basch, - * Lehman Brothers and M.I.T. make no representations about the suitability - * of this software for any purpose. It is provided "as is" without - * express or implied warranty. - */ - -#include "des_int.h" -#include "f_tables.h" - -/* - * Triple-DES CBC encryption mode. - */ - -#undef mit_des3_cbc_encrypt -int -mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, int enc) -{ - if (enc) - krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec); - else - krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec); - return 0; -} - -void -krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp1, *kp2, *kp3; - const unsigned char *ip; - unsigned char *op; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp1 = (const unsigned DES_INT32 *)ks1; - kp2 = (const unsigned DES_INT32 *)ks2; - kp3 = (const unsigned DES_INT32 *)ks3; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = *in; - op = *out; - while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: right ^= (*(--ip) & FF_UINT32) << 8; - case 6: right ^= (*(--ip) & FF_UINT32) << 16; - case 5: right ^= (*(--ip) & FF_UINT32) << 24; - case 4: left ^= *(--ip) & FF_UINT32; - case 3: left ^= (*(--ip) & FF_UINT32) << 8; - case 2: left ^= (*(--ip) & FF_UINT32) << 16; - case 1: left ^= (*(--ip) & FF_UINT32) << 24; - - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp1); - DES_DO_DECRYPT(left, right, kp2); - DES_DO_ENCRYPT(left, right, kp3); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - } -} - -void -krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp1, *kp2, *kp3; - const unsigned char *ip; - unsigned char *op; - unsigned DES_INT32 ocipherl, ocipherr; - unsigned DES_INT32 cipherl, cipherr; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp1 = (const unsigned DES_INT32 *)ks1; - kp2 = (const unsigned DES_INT32 *)ks2; - kp3 = (const unsigned DES_INT32 *)ks3; - - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ - - if (length <= 0) - return; - - /* - * Prime the old cipher with ivec. - */ - ip = ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); - - /* - * Now do this in earnest until we run out of length. - */ - ip = *in; - op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp3); - DES_DO_ENCRYPT(left, right, kp2); - DES_DO_DECRYPT(left, right, kp1); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: *(--op) = (unsigned char) (right & 0xff); - case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: *(--op) = (unsigned char) (left & 0xff); - case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff); - } - break; /* we're done */ - } - } -} diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c index 2a9cc5a..ebd1050 100644 --- a/src/lib/crypto/builtin/des/d3_kysched.c +++ b/src/lib/crypto/builtin/des/d3_kysched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by Richard P. Basch. All Rights Reserved. * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. @@ -30,20 +31,20 @@ mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule) mit_des_make_key_sched(k[1],schedule[1]); mit_des_make_key_sched(k[2],schedule[2]); - if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ - return(-1); + if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ + return(-1); if (mit_des_is_weak_key(k[0])) - return(-2); + return(-2); if (!mit_des_check_key_parity(k[1])) - return(-1); + return(-1); if (mit_des_is_weak_key(k[1])) - return(-2); + return(-2); if (!mit_des_check_key_parity(k[2])) - return(-1); + return(-1); if (mit_des_is_weak_key(k[2])) - return(-2); + return(-2); /* if key was good, return 0 */ return 0; diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps index e5f382e..7041f29 100644 --- a/src/lib/crypto/builtin/des/deps +++ b/src/lib/crypto/builtin/des/deps @@ -4,154 +4,154 @@ afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ afsstring2key.c des_int.h -d3_cbc.so d3_cbc.po $(OUTPRE)d3_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h d3_cbc.c des_int.h \ - f_tables.h d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h d3_aead.c des_int.h \ - f_tables.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + d3_aead.c des_int.h f_tables.h d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ d3_kysched.c des_int.h f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h des_int.h f_aead.c \ - f_tables.h -f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h des_int.h f_cbc.c \ - f_tables.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h f_aead.c f_tables.h f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h des_int.h f_cksum.c \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \ f_tables.h f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ des_int.h f_parity.c f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h des_int.h f_sched.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ des_int.h f_tables.c f_tables.h key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ des_int.h key_sched.c weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ des_int.h weak_key.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ des_int.h string2key.c destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h des_int.h destest.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_int.h destest.c +f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \ + f_tables.h +t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h t_verify.c diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h index d6fa04a..419459d 100644 --- a/src/lib/crypto/builtin/des/des_int.h +++ b/src/lib/crypto/builtin/des/des_int.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/des_int.h * @@ -53,7 +54,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -/* only do the whole thing once */ +/* only do the whole thing once */ #ifndef DES_INTERNAL_DEFS #define DES_INTERNAL_DEFS @@ -91,7 +92,7 @@ #define DES_UINT32 unsigned long #endif -typedef unsigned char des_cblock[8] /* crypto-block size */ +typedef unsigned char des_cblock[8] /* crypto-block size */ KRB5INT_DES_DEPRECATED; /* @@ -119,11 +120,11 @@ typedef des_cblock mit_des_cblock; typedef des_key_schedule mit_des_key_schedule; /* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; +typedef mit_des_cblock mit_des3_cblock[3]; +typedef mit_des_key_schedule mit_des3_key_schedule[3]; -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 +#define MIT_DES_ENCRYPT 1 +#define MIT_DES_DECRYPT 0 typedef struct mit_des_ran_key_seed { krb5_encrypt_block eblock; @@ -132,246 +133,166 @@ typedef struct mit_des_ran_key_seed { /* the first byte of the key is already in the keyblock */ -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH +#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH /* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 +#define MIT_DES_KEYSIZE 8 -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) +#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) /* * Check if k5-int.h has been included before us. If so, then check to see * that our view of the DES key size is the same as k5-int.h's. */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE +#ifdef KRB5_MIT_DES_KEYSIZE +#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ +#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ +#endif /* KRB5_MIT_DES_KEYSIZE */ #endif /* KRB5_MIT_DES__ */ /* * End "mit-des.h" */ /* afsstring2key.c */ -extern krb5_error_code mit_afs_string_to_key - (krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); -extern char *mit_afs_crypt - (const char *pw, const char *salt, char *iobuf); +krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, + const krb5_data *data, + const krb5_data *salt); +char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf); /* f_cksum.c */ -extern unsigned long mit_des_cbc_cksum - (const krb5_octet *, krb5_octet *, unsigned long , - const mit_des_key_schedule, const krb5_octet *); +unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *, + unsigned long, const mit_des_key_schedule, + const krb5_octet *); -/* f_ecb.c */ -extern int mit_des_ecb_encrypt - (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int ); - -/* f_cbc.c */ -extern int mit_des_cbc_encrypt (const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc); +/* f_cbc.c (used by test programs) */ +int +mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc); #define mit_des_zeroblock krb5int_c_mit_des_zeroblock extern const mit_des_cblock mit_des_zeroblock; /* fin_rndkey.c */ -extern krb5_error_code mit_des_finish_random_key - ( const krb5_encrypt_block *, - krb5_pointer *); +krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *, + krb5_pointer *); /* finish_key.c */ -extern krb5_error_code mit_des_finish_key - ( krb5_encrypt_block *); +krb5_error_code mit_des_finish_key(krb5_encrypt_block *); /* init_rkey.c */ -extern krb5_error_code mit_des_init_random_key - ( const krb5_encrypt_block *, - const krb5_keyblock *, - krb5_pointer *); +krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *, + const krb5_keyblock *, + krb5_pointer *); /* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); +void mit_des_fixup_key_parity(mit_des_cblock); +int mit_des_check_key_parity(mit_des_cblock); /* key_sched.c */ -extern int mit_des_key_sched - (mit_des_cblock , mit_des_key_schedule ); +int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule); /* process_ky.c */ -extern krb5_error_code mit_des_process_key - ( krb5_encrypt_block *, const krb5_keyblock *); +krb5_error_code mit_des_process_key(krb5_encrypt_block *, + const krb5_keyblock *); /* random_key.c */ -extern krb5_error_code mit_des_random_key - ( const krb5_encrypt_block *, krb5_pointer , - krb5_keyblock **); +krb5_error_code mit_des_random_key(const krb5_encrypt_block *, + krb5_pointer, krb5_keyblock **); /* string2key.c */ -extern krb5_error_code mit_des_string_to_key - ( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int - (krb5_keyblock *, const krb5_data *, const krb5_data *); +krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *, + krb5_keyblock *, const krb5_data *, + const krb5_data *); +krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *, + const krb5_data *); /* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); +int mit_des_is_weak_key(mit_des_cblock); /* cmb_keys.c */ -krb5_error_code mit_des_combine_subkeys - (const krb5_keyblock *, const krb5_keyblock *, - krb5_keyblock **); +krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *, + const krb5_keyblock *, + krb5_keyblock **); /* f_pcbc.c */ -int mit_des_pcbc_encrypt (); +int mit_des_pcbc_encrypt(); /* f_sched.c */ int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule); /* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); +extern void swap_bits(char *); +extern unsigned long long_swap_bits(unsigned long); +extern unsigned long swap_six_bits_to_ansi(unsigned long); +extern unsigned long swap_four_bits_to_ansi(unsigned long); +extern unsigned long swap_bit_pos_1(unsigned long); +extern unsigned long swap_bit_pos_0(unsigned long); +extern unsigned long swap_bit_pos_0_to_ansi(unsigned long); +extern unsigned long rev_swap_bit_pos_0(unsigned long); +extern unsigned long swap_byte_bits(unsigned long); +extern unsigned long swap_long_bytes_bit_number(unsigned long); #ifdef FILE /* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); +extern void test_set(FILE *, const char *, int, const char *, int); #endif -/* d3_ecb.c */ -extern int mit_des3_ecb_encrypt - (const mit_des_cblock *in, - mit_des_cblock *out, - mit_des_key_schedule sched1, - mit_des_key_schedule sched2, - mit_des_key_schedule sched3, - int enc); - -/* d3_cbc.c */ -extern int mit_des3_cbc_encrypt - (const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, - int enc); - -void -krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec); -void -krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec); - void -krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); +krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec); void -krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); - -#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \ - ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \ - (in, out, length, ks1, ks2, ks3, ivec), 0) +krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec); void -krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec); -void -krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec); - -#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \ - ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \ - (in, out, length, schedule, ivec), 0) +krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec); void -krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); +krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec); void -krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); +krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, mit_des_cblock ivec, + mit_des_cblock out); /* d3_procky.c */ -extern krb5_error_code mit_des3_process_key - (krb5_encrypt_block * eblock, - const krb5_keyblock * keyblock); +krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, + const krb5_keyblock *keyblock); /* d3_kysched.c */ -extern int mit_des3_key_sched - (mit_des3_cblock key, - mit_des3_key_schedule schedule); +int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule); /* d3_str2ky.c */ -extern krb5_error_code mit_des3_string_to_key - (const krb5_encrypt_block * eblock, - krb5_keyblock * keyblock, - const krb5_data * data, - const krb5_data * salt); +krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock, + krb5_keyblock *keyblock, + const krb5_data *data, + const krb5_data *salt); /* u_nfold.c */ -extern krb5_error_code mit_des_n_fold - (const krb5_octet * input, - const size_t in_len, - krb5_octet * output, - const size_t out_len); +krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len, + krb5_octet *output, const size_t out_len); /* u_rn_key.c */ -extern int mit_des_is_weak_keyblock - (krb5_keyblock *keyblock); +int mit_des_is_weak_keyblock(krb5_keyblock *keyblock); -extern void mit_des_fixup_keyblock_parity - (krb5_keyblock *keyblock); +void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock); -extern krb5_error_code mit_des_set_random_generator_seed - (const krb5_data * seed, - krb5_pointer random_state); +krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed, + krb5_pointer random_state); -extern krb5_error_code mit_des_set_random_sequence_number - (const krb5_data * sequence, - krb5_pointer random_state); -#endif /*DES_INTERNAL_DEFS*/ +krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence, + krb5_pointer random_state); +#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c index 287a4e9..86c7477 100644 --- a/src/lib/crypto/builtin/des/destest.c +++ b/src/lib/crypto/builtin/des/destest.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/destest.c * @@ -87,71 +88,71 @@ main(argc, argv) int error = 0; while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { - convert(block1, key); - convert(block2, input); - convert(block3, output); - - retval = mit_des_key_sched(key, sched); - if (retval) { - fprintf(stderr, "des test: can't process key: %d\n", retval); - fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); + convert(block1, key); + convert(block2, input); + convert(block3, output); + + retval = mit_des_key_sched(key, sched); + if (retval) { + fprintf(stderr, "des test: can't process key: %d\n", retval); + fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); exit(1); } - mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8, - sched, zeroblock, 1); - - if (memcmp((char *)output2, (char *)output, 8)) { - fprintf(stderr, - "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", - block1, block2, block3, - output2[0],output2[1],output2[2],output2[3], - output2[4],output2[5],output2[6],output2[7]); - error++; - } - - /* - * Now try decrypting.... - */ - mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8, - sched, zeroblock, 0); - - if (memcmp((char *)output2, (char *)input, 8)) { - fprintf(stderr, - "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", - block1, block2, block3, - output2[0],output2[1],output2[2],output2[3], - output2[4],output2[5],output2[6],output2[7]); - error++; - } - - num++; + mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8, + sched, zeroblock, 1); + + if (memcmp((char *)output2, (char *)output, 8)) { + fprintf(stderr, + "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + /* + * Now try decrypting.... + */ + mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8, + sched, zeroblock, 0); + + if (memcmp((char *)output2, (char *)input, 8)) { + fprintf(stderr, + "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + num++; } if (error) - printf("destest: failed to pass the test\n"); + printf("destest: failed to pass the test\n"); else - printf("destest: %d tests passed successfully\n", num); + printf("destest: %d tests passed successfully\n", num); exit( (error > 256 && error % 256) ? 1 : error); } int value[128] = { --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -0, 1, 2, 3, 4, 5, 6, 7, -8, 9, -1, -1, -1, -1, -1, -1, --1, 10, 11, 12, 13, 14, 15, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + 0, 1, 2, 3, 4, 5, 6, 7, + 8, 9, -1, -1, -1, -1, -1, -1, + -1, 10, 11, 12, 13, 14, 15, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, }; void @@ -161,13 +162,13 @@ convert(text, cblock) { register int i; for (i = 0; i < 8; i++) { - if (text[i*2] < 0 || text[i*2] >= 128) - abort (); - if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { - printf("Bad value byte %d in %s\n", i, text); - exit(1); - } - cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; + if (text[i*2] < 0 || text[i*2] >= 128) + abort (); + if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { + printf("Bad value byte %d in %s\n", i, text); + exit(1); + } + cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; } return; } @@ -182,7 +183,7 @@ int mit_des_is_weak_key(key) mit_des_cblock key; { - return 0; /* fake it out for testing */ + return 0; /* fake it out for testing */ } void @@ -214,18 +215,18 @@ des_cblock_print_file(x, fp) */ int mit_des_check_key_parity(key) - register mit_des_cblock key; + register mit_des_cblock key; { int i; for (i=0; i<sizeof(mit_des_cblock); i++) { - if ((key[i] & 1) == parity_char(0xfe&key[i])) { - printf("warning: bad parity key:"); - des_cblock_print_file(key, stdout); - putchar('\n'); + if ((key[i] & 1) == parity_char(0xfe&key[i])) { + printf("warning: bad parity key:"); + des_cblock_print_file(key, stdout); + putchar('\n'); - return 1; - } + return 1; + } } return(1); @@ -233,14 +234,14 @@ mit_des_check_key_parity(key) void mit_des_fixup_key_parity(key) - register mit_des_cblock key; + register mit_des_cblock key; { int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - key[i] &= 0xfe; - key[i] |= 1^parity_char(key[i]); - } + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } return; } diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 328d20a..bb3982d 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2008 by the Massachusetts Institute of Technology. * Copyright 1995 by Richard P. Basch. All Rights Reserved. @@ -25,100 +26,80 @@ #include "f_tables.h" #include "aead.h" +const mit_des_cblock mit_des_zeroblock /* = all zero */; + void -krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) +krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; const unsigned char *ip; - unsigned char *op; struct iov_block_state input_pos, output_pos; - unsigned char iblock[MIT_DES_BLOCK_LENGTH]; - unsigned char oblock[MIT_DES_BLOCK_LENGTH]; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - /* - * Get key pointer here. This won't need to be reinitialized - */ + /* Get key pointer here. This won't need to be reinitialized. */ kp = (const unsigned DES_INT32 *)schedule; - /* - * Initialize left and right with the contents of the initial - * vector. - */ - if (ivec != NULL) - ip = ivec; - else - ip = mit_des_zeroblock; + /* Initialize left and right with the contents of the initial vector. */ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; GET_HALF_BLOCK(left, ip); GET_HALF_BLOCK(right, ip); - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ + /* Work the length down 8 bytes at a time. */ for (;;) { - unsigned DES_INT32 temp; - - ip = iblock; - op = oblock; - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + unsigned DES_INT32 temp; + + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Decompose this block and xor it with the previous ciphertext. */ + GET_HALF_BLOCK(temp, ptr); + left ^= temp; + GET_HALF_BLOCK(temp, ptr); + right ^= temp; + + /* Encrypt what we have and store back into block. */ + DES_DO_ENCRYPT(left, right, kp); + ptr = block; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + + iov_store_block(data, num_data, block, storage, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + if (ivec != NULL && block != NULL) { + ptr = ivec; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + } } void -krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) +krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; const unsigned char *ip; unsigned DES_INT32 ocipherl, ocipherr; unsigned DES_INT32 cipherl, cipherr; - unsigned char *op; struct iov_block_state input_pos, output_pos; - unsigned char iblock[MIT_DES_BLOCK_LENGTH]; - unsigned char oblock[MIT_DES_BLOCK_LENGTH]; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - /* - * Get key pointer here. This won't need to be reinitialized - */ + /* Get key pointer here. This won't need to be reinitialized. */ kp = (const unsigned DES_INT32 *)schedule; /* @@ -127,66 +108,110 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, * Should think about this a little more... */ - if (num_data == 0) - return; - - /* - * Prime the old cipher with ivec. - */ - if (ivec != NULL) - ip = ivec; - else - ip = mit_des_zeroblock; + /* Prime the old cipher with ivec. */ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; GET_HALF_BLOCK(ocipherl, ip); GET_HALF_BLOCK(ocipherr, ip); - /* - * Now do this in earnest until we run out of length. - */ + /* Work the length down 8 bytes at a time. */ for (;;) { - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - ip = iblock; - op = oblock; - - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Split this block into left and right. */ + GET_HALF_BLOCK(left, ptr); + GET_HALF_BLOCK(right, ptr); + cipherl = left; + cipherr = right; + + /* Decrypt and xor with the old cipher to get plain text. */ + DES_DO_DECRYPT(left, right, kp); + left ^= ocipherl; + right ^= ocipherr; + + /* Store the encrypted halves back into block. */ + ptr = block; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); + + /* Save current cipher block halves. */ + ocipherl = cipherl; + ocipherr = cipherr; + + iov_store_block(data, num_data, block, storage, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + if (ivec != NULL && block != NULL) { + ptr = ivec; + PUT_HALF_BLOCK(ocipherl, ptr); + PUT_HALF_BLOCK(ocipherr, ptr); + } +} + +void +krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, mit_des_cblock ivec, + mit_des_cblock out) +{ + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + struct iov_block_state input_pos; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; + + IOV_BLOCK_STATE_INIT(&input_pos); + input_pos.include_sign_only = 1; + + /* Get key pointer here. This won't need to be reinitialized. */ + kp = (const unsigned DES_INT32 *)schedule; + + /* Initialize left and right with the contents of the initial vector. */ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + + /* Work the length down 8 bytes at a time. */ + for (;;) { + unsigned DES_INT32 temp; + + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Decompose this block and xor it with the previous ciphertext. */ + GET_HALF_BLOCK(temp, ptr); + left ^= temp; + GET_HALF_BLOCK(temp, ptr); + right ^= temp; + + /* Encrypt what we have. */ + DES_DO_ENCRYPT(left, right, kp); + } + + /* Output the final ciphertext block. */ + ptr = out; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); +} + +#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) +void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) +{ + DES_DO_ENCRYPT_1 (*left, *right, kp); +} + +void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) +{ + DES_DO_DECRYPT_1 (*left, *right, kp); } +#endif diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c index 0949ba1..887740b 100644 --- a/src/lib/crypto/builtin/des/f_cbc.c +++ b/src/lib/crypto/builtin/des/f_cbc.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_cbc.c * @@ -23,7 +24,8 @@ * this software for any purpose. It is provided "as is" without express * or implied warranty. * - * DES implementation donated by Dennis Ferguson + * CBC functions; used only by the test programs at this time. (krb5 uses the + * functions in f_aead.c instead.) */ /* @@ -57,218 +59,197 @@ const mit_des_cblock mit_des_zeroblock /* = all zero */; -#undef mit_des_cbc_encrypt -int -mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc) +static void +des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; + /* - * Deal with encryption and decryption separately. + * Get key pointer here. This won't need to be reinitialized */ - if (enc) - krb5int_des_cbc_encrypt(in, out, length, schedule, ivec); - else - krb5int_des_cbc_decrypt(in, out, length, schedule, ivec); - return 0; -} - -void -krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; + kp = (const unsigned DES_INT32 *)schedule; - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp = (const unsigned DES_INT32 *)schedule; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = *in; - op = *out; - while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: - right ^= (*(--ip) & FF_UINT32) << 8; - case 6: - right ^= (*(--ip) & FF_UINT32) << 16; - case 5: - right ^= (*(--ip) & FF_UINT32) << 24; - case 4: - left ^= *(--ip) & FF_UINT32; - case 3: - left ^= (*(--ip) & FF_UINT32) << 8; - case 2: - left ^= (*(--ip) & FF_UINT32) << 16; - case 1: - left ^= (*(--ip) & FF_UINT32) << 24; - break; - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp); + /* + * Initialize left and right with the contents of the initial + * vector. + */ + ip = ivec; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - } + /* + * Suitably initialized, now work the length down 8 bytes + * at a time. + */ + ip = *in; + op = *out; + while (length > 0) { + /* + * Get more input, xor it in. If the length is + * greater than or equal to 8 this is straight + * forward. Otherwise we have to fart around. + */ + if (length >= 8) { + unsigned DES_INT32 temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; + length -= 8; + } else { + /* + * Oh, shoot. We need to pad the + * end with zeroes. Work backwards + * to do this. + */ + ip += (int) length; + switch(length) { + case 7: + right ^= (*(--ip) & FF_UINT32) << 8; + case 6: + right ^= (*(--ip) & FF_UINT32) << 16; + case 5: + right ^= (*(--ip) & FF_UINT32) << 24; + case 4: + left ^= *(--ip) & FF_UINT32; + case 3: + left ^= (*(--ip) & FF_UINT32) << 8; + case 2: + left ^= (*(--ip) & FF_UINT32) << 16; + case 1: + left ^= (*(--ip) & FF_UINT32) << 24; + break; + } + length = 0; + } + + /* + * Encrypt what we have + */ + DES_DO_ENCRYPT(left, right, kp); + + /* + * Copy the results out + */ + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + } } -void -krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) +static void +des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; - unsigned DES_INT32 ocipherl, ocipherr; - unsigned DES_INT32 cipherl, cipherr; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp = (const unsigned DES_INT32 *)schedule; - - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; + unsigned DES_INT32 ocipherl, ocipherr; + unsigned DES_INT32 cipherl, cipherr; - if (length <= 0) - return; - - /* - * Prime the old cipher with ivec. - */ - ip = ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); + /* + * Get key pointer here. This won't need to be reinitialized + */ + kp = (const unsigned DES_INT32 *)schedule; - /* - * Now do this in earnest until we run out of length. - */ - ip = *in; - op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; + /* + * Decrypting is harder than encrypting because of + * the necessity of remembering a lot more things. + * Should think about this a little more... + */ - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp); + if (length <= 0) + return; - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: - *(--op) = (unsigned char) (right & 0xff); - case 7: - *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: - *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: - *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: - *(--op) = (unsigned char) (left & 0xff); - case 3: - *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: - *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: - *(--op) = (unsigned char) ((left >> 24) & 0xff); - break; - } - break; /* we're done */ - } - } -} + /* + * Prime the old cipher with ivec. + */ + ip = ivec; + GET_HALF_BLOCK(ocipherl, ip); + GET_HALF_BLOCK(ocipherr, ip); -#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) -void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) -{ - DES_DO_ENCRYPT_1 (*left, *right, kp); + /* + * Now do this in earnest until we run out of length. + */ + ip = *in; + op = *out; + for (;;) { /* check done inside loop */ + /* + * Read a block from the input into left and + * right. Save this cipher block for later. + */ + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + cipherl = left; + cipherr = right; + + /* + * Decrypt this. + */ + DES_DO_DECRYPT(left, right, kp); + + /* + * Xor with the old cipher to get plain + * text. Output 8 or less bytes of this. + */ + left ^= ocipherl; + right ^= ocipherr; + if (length > 8) { + length -= 8; + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + /* + * Save current cipher block here + */ + ocipherl = cipherl; + ocipherr = cipherr; + } else { + /* + * Trouble here. Start at end of output, + * work backwards. + */ + op += (int) length; + switch(length) { + case 8: + *(--op) = (unsigned char) (right & 0xff); + case 7: + *(--op) = (unsigned char) ((right >> 8) & 0xff); + case 6: + *(--op) = (unsigned char) ((right >> 16) & 0xff); + case 5: + *(--op) = (unsigned char) ((right >> 24) & 0xff); + case 4: + *(--op) = (unsigned char) (left & 0xff); + case 3: + *(--op) = (unsigned char) ((left >> 8) & 0xff); + case 2: + *(--op) = (unsigned char) ((left >> 16) & 0xff); + case 1: + *(--op) = (unsigned char) ((left >> 24) & 0xff); + break; + } + break; /* we're done */ + } + } } -void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) +int +mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc) { - DES_DO_DECRYPT_1 (*left, *right, kp); + /* + * Deal with encryption and decryption separately. + */ + if (enc) + des_cbc_encrypt(in, out, length, schedule, ivec); + else + des_cbc_decrypt(in, out, length, schedule, ivec); + return 0; } -#endif diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c index 1c03da4..09ac4a0 100644 --- a/src/lib/crypto/builtin/des/f_cksum.c +++ b/src/lib/crypto/builtin/des/f_cksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_cksum.c * @@ -49,88 +50,88 @@ unsigned long mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) + unsigned long length, const mit_des_key_schedule schedule, + const krb5_octet *ivec) { - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; - register DES_INT32 len; + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; + register DES_INT32 len; - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); + /* + * Initialize left and right with the contents of the initial + * vector. + */ + ip = ivec; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = in; - len = length; - while (len > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (len >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - len -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) len; - switch(len) { - case 7: - right ^= (*(--ip) & FF_UINT32) << 8; - case 6: - right ^= (*(--ip) & FF_UINT32) << 16; - case 5: - right ^= (*(--ip) & FF_UINT32) << 24; - case 4: - left ^= *(--ip) & FF_UINT32; - case 3: - left ^= (*(--ip) & FF_UINT32) << 8; - case 2: - left ^= (*(--ip) & FF_UINT32) << 16; - case 1: - left ^= (*(--ip) & FF_UINT32) << 24; - break; - } - len = 0; - } + /* + * Suitably initialized, now work the length down 8 bytes + * at a time. + */ + ip = in; + len = length; + while (len > 0) { + /* + * Get more input, xor it in. If the length is + * greater than or equal to 8 this is straight + * forward. Otherwise we have to fart around. + */ + if (len >= 8) { + unsigned DES_INT32 temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; + len -= 8; + } else { + /* + * Oh, shoot. We need to pad the + * end with zeroes. Work backwards + * to do this. + */ + ip += (int) len; + switch(len) { + case 7: + right ^= (*(--ip) & FF_UINT32) << 8; + case 6: + right ^= (*(--ip) & FF_UINT32) << 16; + case 5: + right ^= (*(--ip) & FF_UINT32) << 24; + case 4: + left ^= *(--ip) & FF_UINT32; + case 3: + left ^= (*(--ip) & FF_UINT32) << 8; + case 2: + left ^= (*(--ip) & FF_UINT32) << 16; + case 1: + left ^= (*(--ip) & FF_UINT32) << 24; + break; + } + len = 0; + } - /* - * Encrypt what we have - */ - kp = (const unsigned DES_INT32 *)schedule; - DES_DO_ENCRYPT(left, right, kp); - } + /* + * Encrypt what we have + */ + kp = (const unsigned DES_INT32 *)schedule; + DES_DO_ENCRYPT(left, right, kp); + } - /* - * Done. Left and right have the checksum. Put it into - * the output. - */ - op = out; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); + /* + * Done. Left and right have the checksum. Put it into + * the output. + */ + op = out; + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); - /* - * Return right. I'll bet the MIT code returns this - * inconsistantly (with the low order byte of the checksum - * not always in the low order byte of the DES_INT32). We won't. - */ - return right & 0xFFFFFFFFUL; + /* + * Return right. I'll bet the MIT code returns this + * inconsistantly (with the low order byte of the checksum + * not always in the low order byte of the DES_INT32). We won't. + */ + return right & 0xFFFFFFFFUL; } diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c index 846c821..460b506 100644 --- a/src/lib/crypto/builtin/des/f_parity.c +++ b/src/lib/crypto/builtin/des/f_parity.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * These routines check and fix parity of encryption keys for the DES * algorithm. @@ -25,10 +26,10 @@ mit_des_fixup_key_parity(mit_des_cblock key) { unsigned int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - key[i] &= 0xfe; - key[i] |= 1^parity_char(key[i]); - } + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } return; } @@ -44,12 +45,12 @@ mit_des_check_key_parity(mit_des_cblock key) unsigned int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - if((key[i] & 1) == parity_char(0xfe&key[i])) - { - return 0; - } - } + { + if((key[i] & 1) == parity_char(0xfe&key[i])) + { + return 0; + } + } return(1); } diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c index cb0a6bb..af9d66b 100644 --- a/src/lib/crypto/builtin/des/f_sched.c +++ b/src/lib/crypto/builtin/des/f_sched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_sched.c * @@ -39,27 +40,27 @@ * part of each key are used to form Ci and Di. */ static const unsigned DES_INT32 PC1_CL[8] = { - 0x00000000, 0x00000010, 0x00001000, 0x00001010, - 0x00100000, 0x00100010, 0x00101000, 0x00101010 + 0x00000000, 0x00000010, 0x00001000, 0x00001010, + 0x00100000, 0x00100010, 0x00101000, 0x00101010 }; static const unsigned DES_INT32 PC1_DL[16] = { - 0x00000000, 0x00100000, 0x00001000, 0x00101000, - 0x00000010, 0x00100010, 0x00001010, 0x00101010, - 0x00000001, 0x00100001, 0x00001001, 0x00101001, - 0x00000011, 0x00100011, 0x00001011, 0x00101011 + 0x00000000, 0x00100000, 0x00001000, 0x00101000, + 0x00000010, 0x00100010, 0x00001010, 0x00101010, + 0x00000001, 0x00100001, 0x00001001, 0x00101001, + 0x00000011, 0x00100011, 0x00001011, 0x00101011 }; static const unsigned DES_INT32 PC1_CR[16] = { - 0x00000000, 0x00000001, 0x00000100, 0x00000101, - 0x00010000, 0x00010001, 0x00010100, 0x00010101, - 0x01000000, 0x01000001, 0x01000100, 0x01000101, - 0x01010000, 0x01010001, 0x01010100, 0x01010101 + 0x00000000, 0x00000001, 0x00000100, 0x00000101, + 0x00010000, 0x00010001, 0x00010100, 0x00010101, + 0x01000000, 0x01000001, 0x01000100, 0x01000101, + 0x01010000, 0x01010001, 0x01010100, 0x01010101 }; static const unsigned DES_INT32 PC1_DR[8] = { - 0x00000000, 0x01000000, 0x00010000, 0x01010000, - 0x00000100, 0x01000100, 0x00010100, 0x01010100 + 0x00000000, 0x01000000, 0x00010000, 0x01010000, + 0x00000100, 0x01000100, 0x00010100, 0x01010100 }; @@ -69,7 +70,7 @@ static const unsigned DES_INT32 PC1_DR[8] = { * two places. This has bits set for the iterations where we do 2 bit * shifts, starting at the low order bit. */ -#define TWO_BIT_SHIFTS 0x7efc +#define TWO_BIT_SHIFTS 0x7efc /* * Permuted choice 2 tables. The first actually produces the low order @@ -84,153 +85,153 @@ static const unsigned DES_INT32 PC1_DR[8] = { * in in the des code. */ static const unsigned DES_INT32 PC2_C[4][64] = { - { - 0x00000000, 0x00000004, 0x00010000, 0x00010004, - 0x00000400, 0x00000404, 0x00010400, 0x00010404, - 0x00000020, 0x00000024, 0x00010020, 0x00010024, - 0x00000420, 0x00000424, 0x00010420, 0x00010424, - 0x01000000, 0x01000004, 0x01010000, 0x01010004, - 0x01000400, 0x01000404, 0x01010400, 0x01010404, - 0x01000020, 0x01000024, 0x01010020, 0x01010024, - 0x01000420, 0x01000424, 0x01010420, 0x01010424, - 0x00020000, 0x00020004, 0x00030000, 0x00030004, - 0x00020400, 0x00020404, 0x00030400, 0x00030404, - 0x00020020, 0x00020024, 0x00030020, 0x00030024, - 0x00020420, 0x00020424, 0x00030420, 0x00030424, - 0x01020000, 0x01020004, 0x01030000, 0x01030004, - 0x01020400, 0x01020404, 0x01030400, 0x01030404, - 0x01020020, 0x01020024, 0x01030020, 0x01030024, - 0x01020420, 0x01020424, 0x01030420, 0x01030424, - }, - { - 0x00000000, 0x02000000, 0x00000800, 0x02000800, - 0x00080000, 0x02080000, 0x00080800, 0x02080800, - 0x00000001, 0x02000001, 0x00000801, 0x02000801, - 0x00080001, 0x02080001, 0x00080801, 0x02080801, - 0x00000100, 0x02000100, 0x00000900, 0x02000900, - 0x00080100, 0x02080100, 0x00080900, 0x02080900, - 0x00000101, 0x02000101, 0x00000901, 0x02000901, - 0x00080101, 0x02080101, 0x00080901, 0x02080901, - 0x10000000, 0x12000000, 0x10000800, 0x12000800, - 0x10080000, 0x12080000, 0x10080800, 0x12080800, - 0x10000001, 0x12000001, 0x10000801, 0x12000801, - 0x10080001, 0x12080001, 0x10080801, 0x12080801, - 0x10000100, 0x12000100, 0x10000900, 0x12000900, - 0x10080100, 0x12080100, 0x10080900, 0x12080900, - 0x10000101, 0x12000101, 0x10000901, 0x12000901, - 0x10080101, 0x12080101, 0x10080901, 0x12080901, - }, - { - 0x00000000, 0x00040000, 0x00002000, 0x00042000, - 0x00100000, 0x00140000, 0x00102000, 0x00142000, - 0x20000000, 0x20040000, 0x20002000, 0x20042000, - 0x20100000, 0x20140000, 0x20102000, 0x20142000, - 0x00000008, 0x00040008, 0x00002008, 0x00042008, - 0x00100008, 0x00140008, 0x00102008, 0x00142008, - 0x20000008, 0x20040008, 0x20002008, 0x20042008, - 0x20100008, 0x20140008, 0x20102008, 0x20142008, - 0x00200000, 0x00240000, 0x00202000, 0x00242000, - 0x00300000, 0x00340000, 0x00302000, 0x00342000, - 0x20200000, 0x20240000, 0x20202000, 0x20242000, - 0x20300000, 0x20340000, 0x20302000, 0x20342000, - 0x00200008, 0x00240008, 0x00202008, 0x00242008, - 0x00300008, 0x00340008, 0x00302008, 0x00342008, - 0x20200008, 0x20240008, 0x20202008, 0x20242008, - 0x20300008, 0x20340008, 0x20302008, 0x20342008, - }, - { - 0x00000000, 0x00000010, 0x08000000, 0x08000010, - 0x00000200, 0x00000210, 0x08000200, 0x08000210, - 0x00000002, 0x00000012, 0x08000002, 0x08000012, - 0x00000202, 0x00000212, 0x08000202, 0x08000212, - 0x04000000, 0x04000010, 0x0c000000, 0x0c000010, - 0x04000200, 0x04000210, 0x0c000200, 0x0c000210, - 0x04000002, 0x04000012, 0x0c000002, 0x0c000012, - 0x04000202, 0x04000212, 0x0c000202, 0x0c000212, - 0x00001000, 0x00001010, 0x08001000, 0x08001010, - 0x00001200, 0x00001210, 0x08001200, 0x08001210, - 0x00001002, 0x00001012, 0x08001002, 0x08001012, - 0x00001202, 0x00001212, 0x08001202, 0x08001212, - 0x04001000, 0x04001010, 0x0c001000, 0x0c001010, - 0x04001200, 0x04001210, 0x0c001200, 0x0c001210, - 0x04001002, 0x04001012, 0x0c001002, 0x0c001012, - 0x04001202, 0x04001212, 0x0c001202, 0x0c001212 - }, + { + 0x00000000, 0x00000004, 0x00010000, 0x00010004, + 0x00000400, 0x00000404, 0x00010400, 0x00010404, + 0x00000020, 0x00000024, 0x00010020, 0x00010024, + 0x00000420, 0x00000424, 0x00010420, 0x00010424, + 0x01000000, 0x01000004, 0x01010000, 0x01010004, + 0x01000400, 0x01000404, 0x01010400, 0x01010404, + 0x01000020, 0x01000024, 0x01010020, 0x01010024, + 0x01000420, 0x01000424, 0x01010420, 0x01010424, + 0x00020000, 0x00020004, 0x00030000, 0x00030004, + 0x00020400, 0x00020404, 0x00030400, 0x00030404, + 0x00020020, 0x00020024, 0x00030020, 0x00030024, + 0x00020420, 0x00020424, 0x00030420, 0x00030424, + 0x01020000, 0x01020004, 0x01030000, 0x01030004, + 0x01020400, 0x01020404, 0x01030400, 0x01030404, + 0x01020020, 0x01020024, 0x01030020, 0x01030024, + 0x01020420, 0x01020424, 0x01030420, 0x01030424, + }, + { + 0x00000000, 0x02000000, 0x00000800, 0x02000800, + 0x00080000, 0x02080000, 0x00080800, 0x02080800, + 0x00000001, 0x02000001, 0x00000801, 0x02000801, + 0x00080001, 0x02080001, 0x00080801, 0x02080801, + 0x00000100, 0x02000100, 0x00000900, 0x02000900, + 0x00080100, 0x02080100, 0x00080900, 0x02080900, + 0x00000101, 0x02000101, 0x00000901, 0x02000901, + 0x00080101, 0x02080101, 0x00080901, 0x02080901, + 0x10000000, 0x12000000, 0x10000800, 0x12000800, + 0x10080000, 0x12080000, 0x10080800, 0x12080800, + 0x10000001, 0x12000001, 0x10000801, 0x12000801, + 0x10080001, 0x12080001, 0x10080801, 0x12080801, + 0x10000100, 0x12000100, 0x10000900, 0x12000900, + 0x10080100, 0x12080100, 0x10080900, 0x12080900, + 0x10000101, 0x12000101, 0x10000901, 0x12000901, + 0x10080101, 0x12080101, 0x10080901, 0x12080901, + }, + { + 0x00000000, 0x00040000, 0x00002000, 0x00042000, + 0x00100000, 0x00140000, 0x00102000, 0x00142000, + 0x20000000, 0x20040000, 0x20002000, 0x20042000, + 0x20100000, 0x20140000, 0x20102000, 0x20142000, + 0x00000008, 0x00040008, 0x00002008, 0x00042008, + 0x00100008, 0x00140008, 0x00102008, 0x00142008, + 0x20000008, 0x20040008, 0x20002008, 0x20042008, + 0x20100008, 0x20140008, 0x20102008, 0x20142008, + 0x00200000, 0x00240000, 0x00202000, 0x00242000, + 0x00300000, 0x00340000, 0x00302000, 0x00342000, + 0x20200000, 0x20240000, 0x20202000, 0x20242000, + 0x20300000, 0x20340000, 0x20302000, 0x20342000, + 0x00200008, 0x00240008, 0x00202008, 0x00242008, + 0x00300008, 0x00340008, 0x00302008, 0x00342008, + 0x20200008, 0x20240008, 0x20202008, 0x20242008, + 0x20300008, 0x20340008, 0x20302008, 0x20342008, + }, + { + 0x00000000, 0x00000010, 0x08000000, 0x08000010, + 0x00000200, 0x00000210, 0x08000200, 0x08000210, + 0x00000002, 0x00000012, 0x08000002, 0x08000012, + 0x00000202, 0x00000212, 0x08000202, 0x08000212, + 0x04000000, 0x04000010, 0x0c000000, 0x0c000010, + 0x04000200, 0x04000210, 0x0c000200, 0x0c000210, + 0x04000002, 0x04000012, 0x0c000002, 0x0c000012, + 0x04000202, 0x04000212, 0x0c000202, 0x0c000212, + 0x00001000, 0x00001010, 0x08001000, 0x08001010, + 0x00001200, 0x00001210, 0x08001200, 0x08001210, + 0x00001002, 0x00001012, 0x08001002, 0x08001012, + 0x00001202, 0x00001212, 0x08001202, 0x08001212, + 0x04001000, 0x04001010, 0x0c001000, 0x0c001010, + 0x04001200, 0x04001210, 0x0c001200, 0x0c001210, + 0x04001002, 0x04001012, 0x0c001002, 0x0c001012, + 0x04001202, 0x04001212, 0x0c001202, 0x0c001212 + }, }; static const unsigned DES_INT32 PC2_D[4][64] = { - { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000008, 0x02000008, 0x00020008, 0x02020008, - 0x00000108, 0x02000108, 0x00020108, 0x02020108, - 0x00200000, 0x02200000, 0x00220000, 0x02220000, - 0x00200100, 0x02200100, 0x00220100, 0x02220100, - 0x00200008, 0x02200008, 0x00220008, 0x02220008, - 0x00200108, 0x02200108, 0x00220108, 0x02220108, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000208, 0x02000208, 0x00020208, 0x02020208, - 0x00000308, 0x02000308, 0x00020308, 0x02020308, - 0x00200200, 0x02200200, 0x00220200, 0x02220200, - 0x00200300, 0x02200300, 0x00220300, 0x02220300, - 0x00200208, 0x02200208, 0x00220208, 0x02220208, - 0x00200308, 0x02200308, 0x00220308, 0x02220308, - }, - { - 0x00000000, 0x00001000, 0x00000020, 0x00001020, - 0x00100000, 0x00101000, 0x00100020, 0x00101020, - 0x08000000, 0x08001000, 0x08000020, 0x08001020, - 0x08100000, 0x08101000, 0x08100020, 0x08101020, - 0x00000004, 0x00001004, 0x00000024, 0x00001024, - 0x00100004, 0x00101004, 0x00100024, 0x00101024, - 0x08000004, 0x08001004, 0x08000024, 0x08001024, - 0x08100004, 0x08101004, 0x08100024, 0x08101024, - 0x00000400, 0x00001400, 0x00000420, 0x00001420, - 0x00100400, 0x00101400, 0x00100420, 0x00101420, - 0x08000400, 0x08001400, 0x08000420, 0x08001420, - 0x08100400, 0x08101400, 0x08100420, 0x08101420, - 0x00000404, 0x00001404, 0x00000424, 0x00001424, - 0x00100404, 0x00101404, 0x00100424, 0x00101424, - 0x08000404, 0x08001404, 0x08000424, 0x08001424, - 0x08100404, 0x08101404, 0x08100424, 0x08101424, - }, - { - 0x00000000, 0x10000000, 0x00010000, 0x10010000, - 0x00000002, 0x10000002, 0x00010002, 0x10010002, - 0x00002000, 0x10002000, 0x00012000, 0x10012000, - 0x00002002, 0x10002002, 0x00012002, 0x10012002, - 0x00040000, 0x10040000, 0x00050000, 0x10050000, - 0x00040002, 0x10040002, 0x00050002, 0x10050002, - 0x00042000, 0x10042000, 0x00052000, 0x10052000, - 0x00042002, 0x10042002, 0x00052002, 0x10052002, - 0x20000000, 0x30000000, 0x20010000, 0x30010000, - 0x20000002, 0x30000002, 0x20010002, 0x30010002, - 0x20002000, 0x30002000, 0x20012000, 0x30012000, - 0x20002002, 0x30002002, 0x20012002, 0x30012002, - 0x20040000, 0x30040000, 0x20050000, 0x30050000, - 0x20040002, 0x30040002, 0x20050002, 0x30050002, - 0x20042000, 0x30042000, 0x20052000, 0x30052000, - 0x20042002, 0x30042002, 0x20052002, 0x30052002, - }, - { - 0x00000000, 0x04000000, 0x00000001, 0x04000001, - 0x01000000, 0x05000000, 0x01000001, 0x05000001, - 0x00000010, 0x04000010, 0x00000011, 0x04000011, - 0x01000010, 0x05000010, 0x01000011, 0x05000011, - 0x00080000, 0x04080000, 0x00080001, 0x04080001, - 0x01080000, 0x05080000, 0x01080001, 0x05080001, - 0x00080010, 0x04080010, 0x00080011, 0x04080011, - 0x01080010, 0x05080010, 0x01080011, 0x05080011, - 0x00000800, 0x04000800, 0x00000801, 0x04000801, - 0x01000800, 0x05000800, 0x01000801, 0x05000801, - 0x00000810, 0x04000810, 0x00000811, 0x04000811, - 0x01000810, 0x05000810, 0x01000811, 0x05000811, - 0x00080800, 0x04080800, 0x00080801, 0x04080801, - 0x01080800, 0x05080800, 0x01080801, 0x05080801, - 0x00080810, 0x04080810, 0x00080811, 0x04080811, - 0x01080810, 0x05080810, 0x01080811, 0x05080811 - }, + { + 0x00000000, 0x02000000, 0x00020000, 0x02020000, + 0x00000100, 0x02000100, 0x00020100, 0x02020100, + 0x00000008, 0x02000008, 0x00020008, 0x02020008, + 0x00000108, 0x02000108, 0x00020108, 0x02020108, + 0x00200000, 0x02200000, 0x00220000, 0x02220000, + 0x00200100, 0x02200100, 0x00220100, 0x02220100, + 0x00200008, 0x02200008, 0x00220008, 0x02220008, + 0x00200108, 0x02200108, 0x00220108, 0x02220108, + 0x00000200, 0x02000200, 0x00020200, 0x02020200, + 0x00000300, 0x02000300, 0x00020300, 0x02020300, + 0x00000208, 0x02000208, 0x00020208, 0x02020208, + 0x00000308, 0x02000308, 0x00020308, 0x02020308, + 0x00200200, 0x02200200, 0x00220200, 0x02220200, + 0x00200300, 0x02200300, 0x00220300, 0x02220300, + 0x00200208, 0x02200208, 0x00220208, 0x02220208, + 0x00200308, 0x02200308, 0x00220308, 0x02220308, + }, + { + 0x00000000, 0x00001000, 0x00000020, 0x00001020, + 0x00100000, 0x00101000, 0x00100020, 0x00101020, + 0x08000000, 0x08001000, 0x08000020, 0x08001020, + 0x08100000, 0x08101000, 0x08100020, 0x08101020, + 0x00000004, 0x00001004, 0x00000024, 0x00001024, + 0x00100004, 0x00101004, 0x00100024, 0x00101024, + 0x08000004, 0x08001004, 0x08000024, 0x08001024, + 0x08100004, 0x08101004, 0x08100024, 0x08101024, + 0x00000400, 0x00001400, 0x00000420, 0x00001420, + 0x00100400, 0x00101400, 0x00100420, 0x00101420, + 0x08000400, 0x08001400, 0x08000420, 0x08001420, + 0x08100400, 0x08101400, 0x08100420, 0x08101420, + 0x00000404, 0x00001404, 0x00000424, 0x00001424, + 0x00100404, 0x00101404, 0x00100424, 0x00101424, + 0x08000404, 0x08001404, 0x08000424, 0x08001424, + 0x08100404, 0x08101404, 0x08100424, 0x08101424, + }, + { + 0x00000000, 0x10000000, 0x00010000, 0x10010000, + 0x00000002, 0x10000002, 0x00010002, 0x10010002, + 0x00002000, 0x10002000, 0x00012000, 0x10012000, + 0x00002002, 0x10002002, 0x00012002, 0x10012002, + 0x00040000, 0x10040000, 0x00050000, 0x10050000, + 0x00040002, 0x10040002, 0x00050002, 0x10050002, + 0x00042000, 0x10042000, 0x00052000, 0x10052000, + 0x00042002, 0x10042002, 0x00052002, 0x10052002, + 0x20000000, 0x30000000, 0x20010000, 0x30010000, + 0x20000002, 0x30000002, 0x20010002, 0x30010002, + 0x20002000, 0x30002000, 0x20012000, 0x30012000, + 0x20002002, 0x30002002, 0x20012002, 0x30012002, + 0x20040000, 0x30040000, 0x20050000, 0x30050000, + 0x20040002, 0x30040002, 0x20050002, 0x30050002, + 0x20042000, 0x30042000, 0x20052000, 0x30052000, + 0x20042002, 0x30042002, 0x20052002, 0x30052002, + }, + { + 0x00000000, 0x04000000, 0x00000001, 0x04000001, + 0x01000000, 0x05000000, 0x01000001, 0x05000001, + 0x00000010, 0x04000010, 0x00000011, 0x04000011, + 0x01000010, 0x05000010, 0x01000011, 0x05000011, + 0x00080000, 0x04080000, 0x00080001, 0x04080001, + 0x01080000, 0x05080000, 0x01080001, 0x05080001, + 0x00080010, 0x04080010, 0x00080011, 0x04080011, + 0x01080010, 0x05080010, 0x01080011, 0x05080011, + 0x00000800, 0x04000800, 0x00000801, 0x04000801, + 0x01000800, 0x05000800, 0x01000801, 0x05000801, + 0x00000810, 0x04000810, 0x00000811, 0x04000811, + 0x01000810, 0x05000810, 0x01000811, 0x05000811, + 0x00080800, 0x04080800, 0x00080801, 0x04080801, + 0x01080800, 0x05080800, 0x01080801, 0x05080801, + 0x00080810, 0x04080810, 0x00080811, 0x04080811, + 0x01080810, 0x05080810, 0x01080811, 0x05080811 + }, }; @@ -241,119 +242,119 @@ static const unsigned DES_INT32 PC2_D[4][64] = { int mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule) { - register unsigned DES_INT32 c, d; + register unsigned DES_INT32 c, d; - { - /* - * Need a pointer for the keys and a temporary DES_INT32 - */ - const unsigned char *k; - register unsigned DES_INT32 tmp; + { + /* + * Need a pointer for the keys and a temporary DES_INT32 + */ + const unsigned char *k; + register unsigned DES_INT32 tmp; - /* - * Fetch the key into something we can work with - */ - k = key; + /* + * Fetch the key into something we can work with + */ + k = key; - /* - * The first permutted choice gives us the 28 bits for C0 and - * 28 for D0. C0 gets 12 bits from the left key and 16 from - * the right, while D0 gets 16 from the left and 12 from the - * right. The code knows which bits go where. - */ - tmp = load_32_be(k), k += 4; + /* + * The first permutted choice gives us the 28 bits for C0 and + * 28 for D0. C0 gets 12 bits from the left key and 16 from + * the right, while D0 gets 16 from the left and 12 from the + * right. The code knows which bits go where. + */ + tmp = load_32_be(k), k += 4; - c = PC1_CL[(tmp >> 29) & 0x7] - | (PC1_CL[(tmp >> 21) & 0x7] << 1) - | (PC1_CL[(tmp >> 13) & 0x7] << 2) - | (PC1_CL[(tmp >> 5) & 0x7] << 3); - d = PC1_DL[(tmp >> 25) & 0xf] - | (PC1_DL[(tmp >> 17) & 0xf] << 1) - | (PC1_DL[(tmp >> 9) & 0xf] << 2) - | (PC1_DL[(tmp >> 1) & 0xf] << 3); + c = PC1_CL[(tmp >> 29) & 0x7] + | (PC1_CL[(tmp >> 21) & 0x7] << 1) + | (PC1_CL[(tmp >> 13) & 0x7] << 2) + | (PC1_CL[(tmp >> 5) & 0x7] << 3); + d = PC1_DL[(tmp >> 25) & 0xf] + | (PC1_DL[(tmp >> 17) & 0xf] << 1) + | (PC1_DL[(tmp >> 9) & 0xf] << 2) + | (PC1_DL[(tmp >> 1) & 0xf] << 3); - tmp = load_32_be(k), k += 4; + tmp = load_32_be(k), k += 4; - c |= PC1_CR[(tmp >> 28) & 0xf] - | (PC1_CR[(tmp >> 20) & 0xf] << 1) - | (PC1_CR[(tmp >> 12) & 0xf] << 2) - | (PC1_CR[(tmp >> 4) & 0xf] << 3); - d |= PC1_DR[(tmp >> 25) & 0x7] - | (PC1_DR[(tmp >> 17) & 0x7] << 1) - | (PC1_DR[(tmp >> 9) & 0x7] << 2) - | (PC1_DR[(tmp >> 1) & 0x7] << 3); - } + c |= PC1_CR[(tmp >> 28) & 0xf] + | (PC1_CR[(tmp >> 20) & 0xf] << 1) + | (PC1_CR[(tmp >> 12) & 0xf] << 2) + | (PC1_CR[(tmp >> 4) & 0xf] << 3); + d |= PC1_DR[(tmp >> 25) & 0x7] + | (PC1_DR[(tmp >> 17) & 0x7] << 1) + | (PC1_DR[(tmp >> 9) & 0x7] << 2) + | (PC1_DR[(tmp >> 1) & 0x7] << 3); + } - { - /* - * Need several temporaries in here - */ - register unsigned DES_INT32 ltmp, rtmp; - register unsigned DES_INT32 *k; - register int two_bit_shifts; - register int i; - /* - * Now iterate to compute the key schedule. Note that we - * record the entire set of subkeys in 6 bit chunks since - * they are used that way. At 6 bits/char, we need - * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. - * The schedule must be this big. - */ - k = (unsigned DES_INT32 *)schedule; - two_bit_shifts = TWO_BIT_SHIFTS; - for (i = 16; i > 0; i--) { - /* - * Do the rotation. One bit and two bit rotations - * are done separately. Note C and D are 28 bits. - */ - if (two_bit_shifts & 0x1) { - c = ((c << 2) & 0xffffffc) | (c >> 26); - d = ((d << 2) & 0xffffffc) | (d >> 26); - } else { - c = ((c << 1) & 0xffffffe) | (c >> 27); - d = ((d << 1) & 0xffffffe) | (d >> 27); - } - two_bit_shifts >>= 1; + { + /* + * Need several temporaries in here + */ + register unsigned DES_INT32 ltmp, rtmp; + register unsigned DES_INT32 *k; + register int two_bit_shifts; + register int i; + /* + * Now iterate to compute the key schedule. Note that we + * record the entire set of subkeys in 6 bit chunks since + * they are used that way. At 6 bits/char, we need + * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. + * The schedule must be this big. + */ + k = (unsigned DES_INT32 *)schedule; + two_bit_shifts = TWO_BIT_SHIFTS; + for (i = 16; i > 0; i--) { + /* + * Do the rotation. One bit and two bit rotations + * are done separately. Note C and D are 28 bits. + */ + if (two_bit_shifts & 0x1) { + c = ((c << 2) & 0xffffffc) | (c >> 26); + d = ((d << 2) & 0xffffffc) | (d >> 26); + } else { + c = ((c << 1) & 0xffffffe) | (c >> 27); + d = ((d << 1) & 0xffffffe) | (d >> 27); + } + two_bit_shifts >>= 1; - /* - * Apply permutted choice 2 to C to get the first - * 24 bits worth of keys. Note that bits 9, 18, 22 - * and 25 (using DES numbering) in C are unused. The - * shift-mask stuff is done to delete these bits from - * the indices, since this cuts the table size in half. - * - * The table is torqued, by the way. If the standard - * byte order for this (high to low order) is 1234, - * the table actually gives us 4132. - */ - ltmp = PC2_C[0][((c >> 22) & 0x3f)] - | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] - | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] - | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; - /* - * Apply permutted choice 2 to D to get the other half. - * Here, bits 7, 10, 15 and 26 go unused. The sqeezing - * actually turns out to be cheaper here. - * - * This table is similarly torqued. If the standard - * byte order is 5678, the table has the bytes permuted - * to give us 7685. - */ - rtmp = PC2_D[0][((d >> 22) & 0x3f)] - | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] - | PC2_D[2][((d >> 7) & 0x3f)] - | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; + /* + * Apply permutted choice 2 to C to get the first + * 24 bits worth of keys. Note that bits 9, 18, 22 + * and 25 (using DES numbering) in C are unused. The + * shift-mask stuff is done to delete these bits from + * the indices, since this cuts the table size in half. + * + * The table is torqued, by the way. If the standard + * byte order for this (high to low order) is 1234, + * the table actually gives us 4132. + */ + ltmp = PC2_C[0][((c >> 22) & 0x3f)] + | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] + | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] + | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; + /* + * Apply permutted choice 2 to D to get the other half. + * Here, bits 7, 10, 15 and 26 go unused. The sqeezing + * actually turns out to be cheaper here. + * + * This table is similarly torqued. If the standard + * byte order is 5678, the table has the bytes permuted + * to give us 7685. + */ + rtmp = PC2_D[0][((d >> 22) & 0x3f)] + | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] + | PC2_D[2][((d >> 7) & 0x3f)] + | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; - /* - * Make up two words of the key schedule, with a - * byte order which is convenient for the DES - * inner loop. The high order (first) word will - * hold bytes 7135 (high to low order) while the - * second holds bytes 4682. - */ - *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); - *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); - } - } - return (0); + /* + * Make up two words of the key schedule, with a + * byte order which is convenient for the DES + * inner loop. The high order (first) word will + * hold bytes 7135 (high to low order) while the + * second holds bytes 4682. + */ + *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); + *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); + } + } + return (0); } diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c index 42426bc..9470b2b 100644 --- a/src/lib/crypto/builtin/des/f_tables.c +++ b/src/lib/crypto/builtin/des/f_tables.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_tables.c * @@ -70,70 +71,70 @@ */ const unsigned DES_INT32 des_IP_table[256] = { - 0x00000000, 0x00000010, 0x00000001, 0x00000011, - 0x00001000, 0x00001010, 0x00001001, 0x00001011, - 0x00000100, 0x00000110, 0x00000101, 0x00000111, - 0x00001100, 0x00001110, 0x00001101, 0x00001111, - 0x00100000, 0x00100010, 0x00100001, 0x00100011, - 0x00101000, 0x00101010, 0x00101001, 0x00101011, - 0x00100100, 0x00100110, 0x00100101, 0x00100111, - 0x00101100, 0x00101110, 0x00101101, 0x00101111, - 0x00010000, 0x00010010, 0x00010001, 0x00010011, - 0x00011000, 0x00011010, 0x00011001, 0x00011011, - 0x00010100, 0x00010110, 0x00010101, 0x00010111, - 0x00011100, 0x00011110, 0x00011101, 0x00011111, - 0x00110000, 0x00110010, 0x00110001, 0x00110011, - 0x00111000, 0x00111010, 0x00111001, 0x00111011, - 0x00110100, 0x00110110, 0x00110101, 0x00110111, - 0x00111100, 0x00111110, 0x00111101, 0x00111111, - 0x10000000, 0x10000010, 0x10000001, 0x10000011, - 0x10001000, 0x10001010, 0x10001001, 0x10001011, - 0x10000100, 0x10000110, 0x10000101, 0x10000111, - 0x10001100, 0x10001110, 0x10001101, 0x10001111, - 0x10100000, 0x10100010, 0x10100001, 0x10100011, - 0x10101000, 0x10101010, 0x10101001, 0x10101011, - 0x10100100, 0x10100110, 0x10100101, 0x10100111, - 0x10101100, 0x10101110, 0x10101101, 0x10101111, - 0x10010000, 0x10010010, 0x10010001, 0x10010011, - 0x10011000, 0x10011010, 0x10011001, 0x10011011, - 0x10010100, 0x10010110, 0x10010101, 0x10010111, - 0x10011100, 0x10011110, 0x10011101, 0x10011111, - 0x10110000, 0x10110010, 0x10110001, 0x10110011, - 0x10111000, 0x10111010, 0x10111001, 0x10111011, - 0x10110100, 0x10110110, 0x10110101, 0x10110111, - 0x10111100, 0x10111110, 0x10111101, 0x10111111, - 0x01000000, 0x01000010, 0x01000001, 0x01000011, - 0x01001000, 0x01001010, 0x01001001, 0x01001011, - 0x01000100, 0x01000110, 0x01000101, 0x01000111, - 0x01001100, 0x01001110, 0x01001101, 0x01001111, - 0x01100000, 0x01100010, 0x01100001, 0x01100011, - 0x01101000, 0x01101010, 0x01101001, 0x01101011, - 0x01100100, 0x01100110, 0x01100101, 0x01100111, - 0x01101100, 0x01101110, 0x01101101, 0x01101111, - 0x01010000, 0x01010010, 0x01010001, 0x01010011, - 0x01011000, 0x01011010, 0x01011001, 0x01011011, - 0x01010100, 0x01010110, 0x01010101, 0x01010111, - 0x01011100, 0x01011110, 0x01011101, 0x01011111, - 0x01110000, 0x01110010, 0x01110001, 0x01110011, - 0x01111000, 0x01111010, 0x01111001, 0x01111011, - 0x01110100, 0x01110110, 0x01110101, 0x01110111, - 0x01111100, 0x01111110, 0x01111101, 0x01111111, - 0x11000000, 0x11000010, 0x11000001, 0x11000011, - 0x11001000, 0x11001010, 0x11001001, 0x11001011, - 0x11000100, 0x11000110, 0x11000101, 0x11000111, - 0x11001100, 0x11001110, 0x11001101, 0x11001111, - 0x11100000, 0x11100010, 0x11100001, 0x11100011, - 0x11101000, 0x11101010, 0x11101001, 0x11101011, - 0x11100100, 0x11100110, 0x11100101, 0x11100111, - 0x11101100, 0x11101110, 0x11101101, 0x11101111, - 0x11010000, 0x11010010, 0x11010001, 0x11010011, - 0x11011000, 0x11011010, 0x11011001, 0x11011011, - 0x11010100, 0x11010110, 0x11010101, 0x11010111, - 0x11011100, 0x11011110, 0x11011101, 0x11011111, - 0x11110000, 0x11110010, 0x11110001, 0x11110011, - 0x11111000, 0x11111010, 0x11111001, 0x11111011, - 0x11110100, 0x11110110, 0x11110101, 0x11110111, - 0x11111100, 0x11111110, 0x11111101, 0x11111111 + 0x00000000, 0x00000010, 0x00000001, 0x00000011, + 0x00001000, 0x00001010, 0x00001001, 0x00001011, + 0x00000100, 0x00000110, 0x00000101, 0x00000111, + 0x00001100, 0x00001110, 0x00001101, 0x00001111, + 0x00100000, 0x00100010, 0x00100001, 0x00100011, + 0x00101000, 0x00101010, 0x00101001, 0x00101011, + 0x00100100, 0x00100110, 0x00100101, 0x00100111, + 0x00101100, 0x00101110, 0x00101101, 0x00101111, + 0x00010000, 0x00010010, 0x00010001, 0x00010011, + 0x00011000, 0x00011010, 0x00011001, 0x00011011, + 0x00010100, 0x00010110, 0x00010101, 0x00010111, + 0x00011100, 0x00011110, 0x00011101, 0x00011111, + 0x00110000, 0x00110010, 0x00110001, 0x00110011, + 0x00111000, 0x00111010, 0x00111001, 0x00111011, + 0x00110100, 0x00110110, 0x00110101, 0x00110111, + 0x00111100, 0x00111110, 0x00111101, 0x00111111, + 0x10000000, 0x10000010, 0x10000001, 0x10000011, + 0x10001000, 0x10001010, 0x10001001, 0x10001011, + 0x10000100, 0x10000110, 0x10000101, 0x10000111, + 0x10001100, 0x10001110, 0x10001101, 0x10001111, + 0x10100000, 0x10100010, 0x10100001, 0x10100011, + 0x10101000, 0x10101010, 0x10101001, 0x10101011, + 0x10100100, 0x10100110, 0x10100101, 0x10100111, + 0x10101100, 0x10101110, 0x10101101, 0x10101111, + 0x10010000, 0x10010010, 0x10010001, 0x10010011, + 0x10011000, 0x10011010, 0x10011001, 0x10011011, + 0x10010100, 0x10010110, 0x10010101, 0x10010111, + 0x10011100, 0x10011110, 0x10011101, 0x10011111, + 0x10110000, 0x10110010, 0x10110001, 0x10110011, + 0x10111000, 0x10111010, 0x10111001, 0x10111011, + 0x10110100, 0x10110110, 0x10110101, 0x10110111, + 0x10111100, 0x10111110, 0x10111101, 0x10111111, + 0x01000000, 0x01000010, 0x01000001, 0x01000011, + 0x01001000, 0x01001010, 0x01001001, 0x01001011, + 0x01000100, 0x01000110, 0x01000101, 0x01000111, + 0x01001100, 0x01001110, 0x01001101, 0x01001111, + 0x01100000, 0x01100010, 0x01100001, 0x01100011, + 0x01101000, 0x01101010, 0x01101001, 0x01101011, + 0x01100100, 0x01100110, 0x01100101, 0x01100111, + 0x01101100, 0x01101110, 0x01101101, 0x01101111, + 0x01010000, 0x01010010, 0x01010001, 0x01010011, + 0x01011000, 0x01011010, 0x01011001, 0x01011011, + 0x01010100, 0x01010110, 0x01010101, 0x01010111, + 0x01011100, 0x01011110, 0x01011101, 0x01011111, + 0x01110000, 0x01110010, 0x01110001, 0x01110011, + 0x01111000, 0x01111010, 0x01111001, 0x01111011, + 0x01110100, 0x01110110, 0x01110101, 0x01110111, + 0x01111100, 0x01111110, 0x01111101, 0x01111111, + 0x11000000, 0x11000010, 0x11000001, 0x11000011, + 0x11001000, 0x11001010, 0x11001001, 0x11001011, + 0x11000100, 0x11000110, 0x11000101, 0x11000111, + 0x11001100, 0x11001110, 0x11001101, 0x11001111, + 0x11100000, 0x11100010, 0x11100001, 0x11100011, + 0x11101000, 0x11101010, 0x11101001, 0x11101011, + 0x11100100, 0x11100110, 0x11100101, 0x11100111, + 0x11101100, 0x11101110, 0x11101101, 0x11101111, + 0x11010000, 0x11010010, 0x11010001, 0x11010011, + 0x11011000, 0x11011010, 0x11011001, 0x11011011, + 0x11010100, 0x11010110, 0x11010101, 0x11010111, + 0x11011100, 0x11011110, 0x11011101, 0x11011111, + 0x11110000, 0x11110010, 0x11110001, 0x11110011, + 0x11111000, 0x11111010, 0x11111001, 0x11111011, + 0x11110100, 0x11110110, 0x11110101, 0x11110111, + 0x11111100, 0x11111110, 0x11111101, 0x11111111 }; /* @@ -150,70 +151,70 @@ const unsigned DES_INT32 des_IP_table[256] = { * which is or'd with the result from the low byte. */ const unsigned DES_INT32 des_FP_table[256] = { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000002, 0x02000002, 0x00020002, 0x02020002, - 0x00000202, 0x02000202, 0x00020202, 0x02020202, - 0x01000000, 0x03000000, 0x01020000, 0x03020000, - 0x01000200, 0x03000200, 0x01020200, 0x03020200, - 0x01000002, 0x03000002, 0x01020002, 0x03020002, - 0x01000202, 0x03000202, 0x01020202, 0x03020202, - 0x00010000, 0x02010000, 0x00030000, 0x02030000, - 0x00010200, 0x02010200, 0x00030200, 0x02030200, - 0x00010002, 0x02010002, 0x00030002, 0x02030002, - 0x00010202, 0x02010202, 0x00030202, 0x02030202, - 0x01010000, 0x03010000, 0x01030000, 0x03030000, - 0x01010200, 0x03010200, 0x01030200, 0x03030200, - 0x01010002, 0x03010002, 0x01030002, 0x03030002, - 0x01010202, 0x03010202, 0x01030202, 0x03030202, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000102, 0x02000102, 0x00020102, 0x02020102, - 0x00000302, 0x02000302, 0x00020302, 0x02020302, - 0x01000100, 0x03000100, 0x01020100, 0x03020100, - 0x01000300, 0x03000300, 0x01020300, 0x03020300, - 0x01000102, 0x03000102, 0x01020102, 0x03020102, - 0x01000302, 0x03000302, 0x01020302, 0x03020302, - 0x00010100, 0x02010100, 0x00030100, 0x02030100, - 0x00010300, 0x02010300, 0x00030300, 0x02030300, - 0x00010102, 0x02010102, 0x00030102, 0x02030102, - 0x00010302, 0x02010302, 0x00030302, 0x02030302, - 0x01010100, 0x03010100, 0x01030100, 0x03030100, - 0x01010300, 0x03010300, 0x01030300, 0x03030300, - 0x01010102, 0x03010102, 0x01030102, 0x03030102, - 0x01010302, 0x03010302, 0x01030302, 0x03030302, - 0x00000001, 0x02000001, 0x00020001, 0x02020001, - 0x00000201, 0x02000201, 0x00020201, 0x02020201, - 0x00000003, 0x02000003, 0x00020003, 0x02020003, - 0x00000203, 0x02000203, 0x00020203, 0x02020203, - 0x01000001, 0x03000001, 0x01020001, 0x03020001, - 0x01000201, 0x03000201, 0x01020201, 0x03020201, - 0x01000003, 0x03000003, 0x01020003, 0x03020003, - 0x01000203, 0x03000203, 0x01020203, 0x03020203, - 0x00010001, 0x02010001, 0x00030001, 0x02030001, - 0x00010201, 0x02010201, 0x00030201, 0x02030201, - 0x00010003, 0x02010003, 0x00030003, 0x02030003, - 0x00010203, 0x02010203, 0x00030203, 0x02030203, - 0x01010001, 0x03010001, 0x01030001, 0x03030001, - 0x01010201, 0x03010201, 0x01030201, 0x03030201, - 0x01010003, 0x03010003, 0x01030003, 0x03030003, - 0x01010203, 0x03010203, 0x01030203, 0x03030203, - 0x00000101, 0x02000101, 0x00020101, 0x02020101, - 0x00000301, 0x02000301, 0x00020301, 0x02020301, - 0x00000103, 0x02000103, 0x00020103, 0x02020103, - 0x00000303, 0x02000303, 0x00020303, 0x02020303, - 0x01000101, 0x03000101, 0x01020101, 0x03020101, - 0x01000301, 0x03000301, 0x01020301, 0x03020301, - 0x01000103, 0x03000103, 0x01020103, 0x03020103, - 0x01000303, 0x03000303, 0x01020303, 0x03020303, - 0x00010101, 0x02010101, 0x00030101, 0x02030101, - 0x00010301, 0x02010301, 0x00030301, 0x02030301, - 0x00010103, 0x02010103, 0x00030103, 0x02030103, - 0x00010303, 0x02010303, 0x00030303, 0x02030303, - 0x01010101, 0x03010101, 0x01030101, 0x03030101, - 0x01010301, 0x03010301, 0x01030301, 0x03030301, - 0x01010103, 0x03010103, 0x01030103, 0x03030103, - 0x01010303, 0x03010303, 0x01030303, 0x03030303 + 0x00000000, 0x02000000, 0x00020000, 0x02020000, + 0x00000200, 0x02000200, 0x00020200, 0x02020200, + 0x00000002, 0x02000002, 0x00020002, 0x02020002, + 0x00000202, 0x02000202, 0x00020202, 0x02020202, + 0x01000000, 0x03000000, 0x01020000, 0x03020000, + 0x01000200, 0x03000200, 0x01020200, 0x03020200, + 0x01000002, 0x03000002, 0x01020002, 0x03020002, + 0x01000202, 0x03000202, 0x01020202, 0x03020202, + 0x00010000, 0x02010000, 0x00030000, 0x02030000, + 0x00010200, 0x02010200, 0x00030200, 0x02030200, + 0x00010002, 0x02010002, 0x00030002, 0x02030002, + 0x00010202, 0x02010202, 0x00030202, 0x02030202, + 0x01010000, 0x03010000, 0x01030000, 0x03030000, + 0x01010200, 0x03010200, 0x01030200, 0x03030200, + 0x01010002, 0x03010002, 0x01030002, 0x03030002, + 0x01010202, 0x03010202, 0x01030202, 0x03030202, + 0x00000100, 0x02000100, 0x00020100, 0x02020100, + 0x00000300, 0x02000300, 0x00020300, 0x02020300, + 0x00000102, 0x02000102, 0x00020102, 0x02020102, + 0x00000302, 0x02000302, 0x00020302, 0x02020302, + 0x01000100, 0x03000100, 0x01020100, 0x03020100, + 0x01000300, 0x03000300, 0x01020300, 0x03020300, + 0x01000102, 0x03000102, 0x01020102, 0x03020102, + 0x01000302, 0x03000302, 0x01020302, 0x03020302, + 0x00010100, 0x02010100, 0x00030100, 0x02030100, + 0x00010300, 0x02010300, 0x00030300, 0x02030300, + 0x00010102, 0x02010102, 0x00030102, 0x02030102, + 0x00010302, 0x02010302, 0x00030302, 0x02030302, + 0x01010100, 0x03010100, 0x01030100, 0x03030100, + 0x01010300, 0x03010300, 0x01030300, 0x03030300, + 0x01010102, 0x03010102, 0x01030102, 0x03030102, + 0x01010302, 0x03010302, 0x01030302, 0x03030302, + 0x00000001, 0x02000001, 0x00020001, 0x02020001, + 0x00000201, 0x02000201, 0x00020201, 0x02020201, + 0x00000003, 0x02000003, 0x00020003, 0x02020003, + 0x00000203, 0x02000203, 0x00020203, 0x02020203, + 0x01000001, 0x03000001, 0x01020001, 0x03020001, + 0x01000201, 0x03000201, 0x01020201, 0x03020201, + 0x01000003, 0x03000003, 0x01020003, 0x03020003, + 0x01000203, 0x03000203, 0x01020203, 0x03020203, + 0x00010001, 0x02010001, 0x00030001, 0x02030001, + 0x00010201, 0x02010201, 0x00030201, 0x02030201, + 0x00010003, 0x02010003, 0x00030003, 0x02030003, + 0x00010203, 0x02010203, 0x00030203, 0x02030203, + 0x01010001, 0x03010001, 0x01030001, 0x03030001, + 0x01010201, 0x03010201, 0x01030201, 0x03030201, + 0x01010003, 0x03010003, 0x01030003, 0x03030003, + 0x01010203, 0x03010203, 0x01030203, 0x03030203, + 0x00000101, 0x02000101, 0x00020101, 0x02020101, + 0x00000301, 0x02000301, 0x00020301, 0x02020301, + 0x00000103, 0x02000103, 0x00020103, 0x02020103, + 0x00000303, 0x02000303, 0x00020303, 0x02020303, + 0x01000101, 0x03000101, 0x01020101, 0x03020101, + 0x01000301, 0x03000301, 0x01020301, 0x03020301, + 0x01000103, 0x03000103, 0x01020103, 0x03020103, + 0x01000303, 0x03000303, 0x01020303, 0x03020303, + 0x00010101, 0x02010101, 0x00030101, 0x02030101, + 0x00010301, 0x02010301, 0x00030301, 0x02030301, + 0x00010103, 0x02010103, 0x00030103, 0x02030103, + 0x00010303, 0x02010303, 0x00030303, 0x02030303, + 0x01010101, 0x03010101, 0x01030101, 0x03030101, + 0x01010301, 0x03010301, 0x01030301, 0x03030301, + 0x01010103, 0x03010103, 0x01030103, 0x03030103, + 0x01010303, 0x03010303, 0x01030303, 0x03030303 }; @@ -223,148 +224,148 @@ const unsigned DES_INT32 des_FP_table[256] = { * spec, to match the order of key application we follow. */ const unsigned DES_INT32 des_SP_table[8][64] = { - { - 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ - 0x00000400, 0x02000401, 0x00100401, 0x02100400, - 0x02100401, 0x00100000, 0x00000000, 0x02000001, - 0x00000001, 0x02000000, 0x02100001, 0x00000401, - 0x02000400, 0x00100401, 0x00100001, 0x02000400, - 0x02000001, 0x02100000, 0x02100400, 0x00100001, - 0x02100000, 0x00000400, 0x00000401, 0x02100401, - 0x00100400, 0x00000001, 0x02000000, 0x00100400, - 0x02000000, 0x00100400, 0x00100000, 0x02000401, - 0x02000401, 0x02100001, 0x02100001, 0x00000001, - 0x00100001, 0x02000000, 0x02000400, 0x00100000, - 0x02100400, 0x00000401, 0x00100401, 0x02100400, - 0x00000401, 0x02000001, 0x02100401, 0x02100000, - 0x00100400, 0x00000000, 0x00000001, 0x02100401, - 0x00000000, 0x00100401, 0x02100000, 0x00000400, - 0x02000001, 0x02000400, 0x00000400, 0x00100001, - }, - { - 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ - 0x00808002, 0x00008202, 0x00000002, 0x00008000, - 0x00000200, 0x00808200, 0x00808202, 0x00000200, - 0x00800202, 0x00808002, 0x00800000, 0x00000002, - 0x00000202, 0x00800200, 0x00800200, 0x00008200, - 0x00008200, 0x00808000, 0x00808000, 0x00800202, - 0x00008002, 0x00800002, 0x00800002, 0x00008002, - 0x00000000, 0x00000202, 0x00008202, 0x00800000, - 0x00008000, 0x00808202, 0x00000002, 0x00808000, - 0x00808200, 0x00800000, 0x00800000, 0x00000200, - 0x00808002, 0x00008000, 0x00008200, 0x00800002, - 0x00000200, 0x00000002, 0x00800202, 0x00008202, - 0x00808202, 0x00008002, 0x00808000, 0x00800202, - 0x00800002, 0x00000202, 0x00008202, 0x00808200, - 0x00000202, 0x00800200, 0x00800200, 0x00000000, - 0x00008002, 0x00008200, 0x00000000, 0x00808002, - }, - { - 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ - 0x04000100, 0x00000000, 0x00010104, 0x04000100, - 0x00010004, 0x04000004, 0x04000004, 0x00010000, - 0x04010104, 0x00010004, 0x04010000, 0x00000104, - 0x04000000, 0x00000004, 0x04010100, 0x00000100, - 0x00010100, 0x04010000, 0x04010004, 0x00010104, - 0x04000104, 0x00010100, 0x00010000, 0x04000104, - 0x00000004, 0x04010104, 0x00000100, 0x04000000, - 0x04010100, 0x04000000, 0x00010004, 0x00000104, - 0x00010000, 0x04010100, 0x04000100, 0x00000000, - 0x00000100, 0x00010004, 0x04010104, 0x04000100, - 0x04000004, 0x00000100, 0x00000000, 0x04010004, - 0x04000104, 0x00010000, 0x04000000, 0x04010104, - 0x00000004, 0x00010104, 0x00010100, 0x04000004, - 0x04010000, 0x04000104, 0x00000104, 0x04010000, - 0x00010104, 0x00000004, 0x04010004, 0x00010100, - }, - { - 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ - 0x00040000, 0x00000080, 0x20000000, 0x01040000, - 0x20040080, 0x00040000, 0x01000080, 0x20040080, - 0x21000080, 0x21040000, 0x00040080, 0x20000000, - 0x01000000, 0x20040000, 0x20040000, 0x00000000, - 0x20000080, 0x21040080, 0x21040080, 0x01000080, - 0x21040000, 0x20000080, 0x00000000, 0x21000000, - 0x01040080, 0x01000000, 0x21000000, 0x00040080, - 0x00040000, 0x21000080, 0x00000080, 0x01000000, - 0x20000000, 0x01040000, 0x21000080, 0x20040080, - 0x01000080, 0x20000000, 0x21040000, 0x01040080, - 0x20040080, 0x00000080, 0x01000000, 0x21040000, - 0x21040080, 0x00040080, 0x21000000, 0x21040080, - 0x01040000, 0x00000000, 0x20040000, 0x21000000, - 0x00040080, 0x01000080, 0x20000080, 0x00040000, - 0x00000000, 0x20040000, 0x01040080, 0x20000080, - }, - { - 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ - 0x00401040, 0x80400040, 0x80400000, 0x80001000, - 0x00000000, 0x00401000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00400040, 0x80400000, - 0x80000000, 0x00001000, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x80001000, 0x00001040, - 0x80400040, 0x80000000, 0x00001040, 0x00400040, - 0x00001000, 0x00401040, 0x80401040, 0x80000040, - 0x00400040, 0x80400000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00000000, 0x00401000, - 0x00001040, 0x00400040, 0x80400040, 0x80000000, - 0x80401000, 0x80001040, 0x80001040, 0x00000040, - 0x80401040, 0x80000040, 0x80000000, 0x00001000, - 0x80400000, 0x80001000, 0x00401040, 0x80400040, - 0x80001000, 0x00001040, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x00001000, 0x00401040, - }, - { - 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ - 0x10200000, 0x00000008, 0x10202008, 0x00200000, - 0x10002000, 0x00202008, 0x00200000, 0x10000008, - 0x00200008, 0x10002000, 0x10000000, 0x00002008, - 0x00000000, 0x00200008, 0x10002008, 0x00002000, - 0x00202000, 0x10002008, 0x00000008, 0x10200008, - 0x10200008, 0x00000000, 0x00202008, 0x10202000, - 0x00002008, 0x00202000, 0x10202000, 0x10000000, - 0x10002000, 0x00000008, 0x10200008, 0x00202000, - 0x10202008, 0x00200000, 0x00002008, 0x10000008, - 0x00200000, 0x10002000, 0x10000000, 0x00002008, - 0x10000008, 0x10202008, 0x00202000, 0x10200000, - 0x00202008, 0x10202000, 0x00000000, 0x10200008, - 0x00000008, 0x00002000, 0x10200000, 0x00202008, - 0x00002000, 0x00200008, 0x10002008, 0x00000000, - 0x10202000, 0x10000000, 0x00200008, 0x10002008, - }, - { - 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ - 0x08000000, 0x08000820, 0x00000020, 0x08000000, - 0x00020020, 0x08020000, 0x08020820, 0x00020800, - 0x08020800, 0x00020820, 0x00000800, 0x00000020, - 0x08020000, 0x08000020, 0x08000800, 0x00000820, - 0x00020800, 0x00020020, 0x08020020, 0x08020800, - 0x00000820, 0x00000000, 0x00000000, 0x08020020, - 0x08000020, 0x08000800, 0x00020820, 0x00020000, - 0x00020820, 0x00020000, 0x08020800, 0x00000800, - 0x00000020, 0x08020020, 0x00000800, 0x00020820, - 0x08000800, 0x00000020, 0x08000020, 0x08020000, - 0x08020020, 0x08000000, 0x00020000, 0x08000820, - 0x00000000, 0x08020820, 0x00020020, 0x08000020, - 0x08020000, 0x08000800, 0x08000820, 0x00000000, - 0x08020820, 0x00020800, 0x00020800, 0x00000820, - 0x00000820, 0x00020020, 0x08000000, 0x08020800, - }, - { - 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ - 0x00080000, 0x00000010, 0x40080010, 0x40004010, - 0x40000010, 0x40084010, 0x40084000, 0x40000000, - 0x40004000, 0x00080000, 0x00000010, 0x40080010, - 0x00084000, 0x00080010, 0x40004010, 0x00000000, - 0x40000000, 0x00004000, 0x00084010, 0x40080000, - 0x00080010, 0x40000010, 0x00000000, 0x00084000, - 0x00004010, 0x40084000, 0x40080000, 0x00004010, - 0x00000000, 0x00084010, 0x40080010, 0x00080000, - 0x40004010, 0x40080000, 0x40084000, 0x00004000, - 0x40080000, 0x40004000, 0x00000010, 0x40084010, - 0x00084010, 0x00000010, 0x00004000, 0x40000000, - 0x00004010, 0x40084000, 0x00080000, 0x40000010, - 0x00080010, 0x40004010, 0x40000010, 0x00080010, - 0x00084000, 0x00000000, 0x40004000, 0x00004010, - 0x40000000, 0x40080010, 0x40084010, 0x00084000 - }, + { + 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ + 0x00000400, 0x02000401, 0x00100401, 0x02100400, + 0x02100401, 0x00100000, 0x00000000, 0x02000001, + 0x00000001, 0x02000000, 0x02100001, 0x00000401, + 0x02000400, 0x00100401, 0x00100001, 0x02000400, + 0x02000001, 0x02100000, 0x02100400, 0x00100001, + 0x02100000, 0x00000400, 0x00000401, 0x02100401, + 0x00100400, 0x00000001, 0x02000000, 0x00100400, + 0x02000000, 0x00100400, 0x00100000, 0x02000401, + 0x02000401, 0x02100001, 0x02100001, 0x00000001, + 0x00100001, 0x02000000, 0x02000400, 0x00100000, + 0x02100400, 0x00000401, 0x00100401, 0x02100400, + 0x00000401, 0x02000001, 0x02100401, 0x02100000, + 0x00100400, 0x00000000, 0x00000001, 0x02100401, + 0x00000000, 0x00100401, 0x02100000, 0x00000400, + 0x02000001, 0x02000400, 0x00000400, 0x00100001, + }, + { + 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ + 0x00808002, 0x00008202, 0x00000002, 0x00008000, + 0x00000200, 0x00808200, 0x00808202, 0x00000200, + 0x00800202, 0x00808002, 0x00800000, 0x00000002, + 0x00000202, 0x00800200, 0x00800200, 0x00008200, + 0x00008200, 0x00808000, 0x00808000, 0x00800202, + 0x00008002, 0x00800002, 0x00800002, 0x00008002, + 0x00000000, 0x00000202, 0x00008202, 0x00800000, + 0x00008000, 0x00808202, 0x00000002, 0x00808000, + 0x00808200, 0x00800000, 0x00800000, 0x00000200, + 0x00808002, 0x00008000, 0x00008200, 0x00800002, + 0x00000200, 0x00000002, 0x00800202, 0x00008202, + 0x00808202, 0x00008002, 0x00808000, 0x00800202, + 0x00800002, 0x00000202, 0x00008202, 0x00808200, + 0x00000202, 0x00800200, 0x00800200, 0x00000000, + 0x00008002, 0x00008200, 0x00000000, 0x00808002, + }, + { + 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ + 0x04000100, 0x00000000, 0x00010104, 0x04000100, + 0x00010004, 0x04000004, 0x04000004, 0x00010000, + 0x04010104, 0x00010004, 0x04010000, 0x00000104, + 0x04000000, 0x00000004, 0x04010100, 0x00000100, + 0x00010100, 0x04010000, 0x04010004, 0x00010104, + 0x04000104, 0x00010100, 0x00010000, 0x04000104, + 0x00000004, 0x04010104, 0x00000100, 0x04000000, + 0x04010100, 0x04000000, 0x00010004, 0x00000104, + 0x00010000, 0x04010100, 0x04000100, 0x00000000, + 0x00000100, 0x00010004, 0x04010104, 0x04000100, + 0x04000004, 0x00000100, 0x00000000, 0x04010004, + 0x04000104, 0x00010000, 0x04000000, 0x04010104, + 0x00000004, 0x00010104, 0x00010100, 0x04000004, + 0x04010000, 0x04000104, 0x00000104, 0x04010000, + 0x00010104, 0x00000004, 0x04010004, 0x00010100, + }, + { + 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ + 0x00040000, 0x00000080, 0x20000000, 0x01040000, + 0x20040080, 0x00040000, 0x01000080, 0x20040080, + 0x21000080, 0x21040000, 0x00040080, 0x20000000, + 0x01000000, 0x20040000, 0x20040000, 0x00000000, + 0x20000080, 0x21040080, 0x21040080, 0x01000080, + 0x21040000, 0x20000080, 0x00000000, 0x21000000, + 0x01040080, 0x01000000, 0x21000000, 0x00040080, + 0x00040000, 0x21000080, 0x00000080, 0x01000000, + 0x20000000, 0x01040000, 0x21000080, 0x20040080, + 0x01000080, 0x20000000, 0x21040000, 0x01040080, + 0x20040080, 0x00000080, 0x01000000, 0x21040000, + 0x21040080, 0x00040080, 0x21000000, 0x21040080, + 0x01040000, 0x00000000, 0x20040000, 0x21000000, + 0x00040080, 0x01000080, 0x20000080, 0x00040000, + 0x00000000, 0x20040000, 0x01040080, 0x20000080, + }, + { + 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ + 0x00401040, 0x80400040, 0x80400000, 0x80001000, + 0x00000000, 0x00401000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00400040, 0x80400000, + 0x80000000, 0x00001000, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x80001000, 0x00001040, + 0x80400040, 0x80000000, 0x00001040, 0x00400040, + 0x00001000, 0x00401040, 0x80401040, 0x80000040, + 0x00400040, 0x80400000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00000000, 0x00401000, + 0x00001040, 0x00400040, 0x80400040, 0x80000000, + 0x80401000, 0x80001040, 0x80001040, 0x00000040, + 0x80401040, 0x80000040, 0x80000000, 0x00001000, + 0x80400000, 0x80001000, 0x00401040, 0x80400040, + 0x80001000, 0x00001040, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x00001000, 0x00401040, + }, + { + 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ + 0x10200000, 0x00000008, 0x10202008, 0x00200000, + 0x10002000, 0x00202008, 0x00200000, 0x10000008, + 0x00200008, 0x10002000, 0x10000000, 0x00002008, + 0x00000000, 0x00200008, 0x10002008, 0x00002000, + 0x00202000, 0x10002008, 0x00000008, 0x10200008, + 0x10200008, 0x00000000, 0x00202008, 0x10202000, + 0x00002008, 0x00202000, 0x10202000, 0x10000000, + 0x10002000, 0x00000008, 0x10200008, 0x00202000, + 0x10202008, 0x00200000, 0x00002008, 0x10000008, + 0x00200000, 0x10002000, 0x10000000, 0x00002008, + 0x10000008, 0x10202008, 0x00202000, 0x10200000, + 0x00202008, 0x10202000, 0x00000000, 0x10200008, + 0x00000008, 0x00002000, 0x10200000, 0x00202008, + 0x00002000, 0x00200008, 0x10002008, 0x00000000, + 0x10202000, 0x10000000, 0x00200008, 0x10002008, + }, + { + 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ + 0x08000000, 0x08000820, 0x00000020, 0x08000000, + 0x00020020, 0x08020000, 0x08020820, 0x00020800, + 0x08020800, 0x00020820, 0x00000800, 0x00000020, + 0x08020000, 0x08000020, 0x08000800, 0x00000820, + 0x00020800, 0x00020020, 0x08020020, 0x08020800, + 0x00000820, 0x00000000, 0x00000000, 0x08020020, + 0x08000020, 0x08000800, 0x00020820, 0x00020000, + 0x00020820, 0x00020000, 0x08020800, 0x00000800, + 0x00000020, 0x08020020, 0x00000800, 0x00020820, + 0x08000800, 0x00000020, 0x08000020, 0x08020000, + 0x08020020, 0x08000000, 0x00020000, 0x08000820, + 0x00000000, 0x08020820, 0x00020020, 0x08000020, + 0x08020000, 0x08000800, 0x08000820, 0x00000000, + 0x08020820, 0x00020800, 0x00020800, 0x00000820, + 0x00000820, 0x00020020, 0x08000000, 0x08020800, + }, + { + 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ + 0x00080000, 0x00000010, 0x40080010, 0x40004010, + 0x40000010, 0x40084010, 0x40084000, 0x40000000, + 0x40004000, 0x00080000, 0x00000010, 0x40080010, + 0x00084000, 0x00080010, 0x40004010, 0x00000000, + 0x40000000, 0x00004000, 0x00084010, 0x40080000, + 0x00080010, 0x40000010, 0x00000000, 0x00084000, + 0x00004010, 0x40084000, 0x40080000, 0x00004010, + 0x00000000, 0x00084010, 0x40080010, 0x00080000, + 0x40004010, 0x40080000, 0x40084000, 0x00004000, + 0x40080000, 0x40004000, 0x00000010, 0x40084010, + 0x00084010, 0x00000010, 0x00004000, 0x40000000, + 0x00004010, 0x40084000, 0x00080000, 0x40000010, + 0x00080010, 0x40004010, 0x40000010, 0x00080010, + 0x00084000, 0x00000000, 0x40004000, 0x00004010, + 0x40000000, 0x40080010, 0x40084010, 0x00084000 + }, }; diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h index 45a6322..556bffd 100644 --- a/src/lib/crypto/builtin/des/f_tables.h +++ b/src/lib/crypto/builtin/des/f_tables.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_tables.h * @@ -28,10 +29,10 @@ /* * des_tables.h - declarations to import the DES tables, used internally - * by some of the library routines. + * by some of the library routines. */ -#ifndef __DES_TABLES_H__ -#define __DES_TABLES_H__ /* nothing */ +#ifndef __DES_TABLES_H__ +#define __DES_TABLES_H__ /* nothing */ #include "k5-platform.h" /* @@ -45,14 +46,14 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; /* * Use standard shortforms to reference these to save typing */ -#define IP des_IP_table -#define FP des_FP_table -#define SP des_SP_table +#define IP des_IP_table +#define FP des_FP_table +#define SP des_SP_table #ifdef DEBUG -#define DEB(foofraw) printf foofraw +#define DEB(foofraw) printf foofraw #else -#define DEB(foofraw) /* nothing */ +#define DEB(foofraw) /* nothing */ #endif /* @@ -89,39 +90,41 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * * When using this, the inner loop of the DES function might look like: * - * for (i = 0; i < 8; i++) { - * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); - * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); - * } + * for (i = 0; i < 8; i++) { + * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); + * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); + * } * * Note the trick above. You are supposed to do 16 rounds, swapping * left and right at the end of each round. By doing two rounds at * a time and swapping left and right in the code we can avoid the * swaps altogether. */ -#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ - (left) ^= SP[0][((temp) >> 24) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[3][((temp) ) & 0x3f]; \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ - (left) ^= SP[4][((temp) >> 24) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[7][((temp) ) & 0x3f] +#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \ + (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ + (left) ^= SP[0][((temp) >> 24) & 0x3f] \ + | SP[1][((temp) >> 16) & 0x3f] \ + | SP[2][((temp) >> 8) & 0x3f] \ + | SP[3][((temp) ) & 0x3f]; \ + (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ + (left) ^= SP[4][((temp) >> 24) & 0x3f] \ + | SP[5][((temp) >> 16) & 0x3f] \ + | SP[6][((temp) >> 8) & 0x3f] \ + | SP[7][((temp) ) & 0x3f]; \ + } while(0); -#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ - (left) ^= SP[7][((temp) ) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[4][((temp) >> 24) & 0x3f]; \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ - (left) ^= SP[3][((temp) ) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[0][((temp) >> 24) & 0x3f] +#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \ + (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ + (left) ^= SP[7][((temp) ) & 0x3f] \ + | SP[6][((temp) >> 8) & 0x3f] \ + | SP[5][((temp) >> 16) & 0x3f] \ + | SP[4][((temp) >> 24) & 0x3f]; \ + (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ + (left) ^= SP[3][((temp) ) & 0x3f] \ + | SP[2][((temp) >> 8) & 0x3f] \ + | SP[1][((temp) >> 16) & 0x3f] \ + | SP[0][((temp) >> 24) & 0x3f]; \ + } while (0); /* * Macros to help deal with the initial permutation table. Note @@ -140,11 +143,11 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * the Macintosh MPW 3.2 C compiler which loses the unsignedness and * propagates the high-order bit in the shift. */ -#define DES_IP_LEFT_BITS(left, right) \ - ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) -#define DES_IP_RIGHT_BITS(left, right) \ - (((left) & 0xaaaaaaaa) | \ - ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) +#define DES_IP_LEFT_BITS(left, right) \ + ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) +#define DES_IP_RIGHT_BITS(left, right) \ + (((left) & 0xaaaaaaaa) | \ + ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) /* * The following macro does an in-place initial permutation given @@ -154,17 +157,18 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * are dealing with. If you use this, though, try to make left, * right and temp register unsigned DES_INT32s. */ -#define DES_INITIAL_PERM(left, right, temp) \ - (temp) = DES_IP_RIGHT_BITS((left), (right)); \ - (right) = DES_IP_LEFT_BITS((left), (right)); \ - (left) = IP[((right) >> 24) & 0xff] \ - | (IP[((right) >> 16) & 0xff] << 1) \ - | (IP[((right) >> 8) & 0xff] << 2) \ - | (IP[(right) & 0xff] << 3); \ - (right) = IP[((temp) >> 24) & 0xff] \ - | (IP[((temp) >> 16) & 0xff] << 1) \ - | (IP[((temp) >> 8) & 0xff] << 2) \ - | (IP[(temp) & 0xff] << 3) +#define DES_INITIAL_PERM(left, right, temp) do { \ + (temp) = DES_IP_RIGHT_BITS((left), (right)); \ + (right) = DES_IP_LEFT_BITS((left), (right)); \ + (left) = IP[((right) >> 24) & 0xff] \ + | (IP[((right) >> 16) & 0xff] << 1) \ + | (IP[((right) >> 8) & 0xff] << 2) \ + | (IP[(right) & 0xff] << 3); \ + (right) = IP[((temp) >> 24) & 0xff] \ + | (IP[((temp) >> 16) & 0xff] << 1) \ + | (IP[((temp) >> 8) & 0xff] << 2) \ + | (IP[(temp) & 0xff] << 3); \ + } while(0); /* * Now the final permutation stuff. The same comments apply to @@ -175,11 +179,11 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * the Macintosh MPW 3.2 C compiler which loses the unsignedness and * propagates the high-order bit in the shift. */ -#define DES_FP_LEFT_BITS(left, right) \ - ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) -#define DES_FP_RIGHT_BITS(left, right) \ - (((left) & 0xf0f0f0f0) | \ - ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) +#define DES_FP_LEFT_BITS(left, right) \ + ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) +#define DES_FP_RIGHT_BITS(left, right) \ + (((left) & 0xf0f0f0f0) | \ + ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) /* @@ -189,17 +193,18 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * swapping internally, which is why left and right are confused * at the beginning. */ -#define DES_FINAL_PERM(left, right, temp) \ - (temp) = DES_FP_RIGHT_BITS((right), (left)); \ - (right) = DES_FP_LEFT_BITS((right), (left)); \ - (left) = (FP[((right) >> 24) & 0xff] << 6) \ - | (FP[((right) >> 16) & 0xff] << 4) \ - | (FP[((right) >> 8) & 0xff] << 2) \ - | FP[(right) & 0xff]; \ - (right) = (FP[((temp) >> 24) & 0xff] << 6) \ - | (FP[((temp) >> 16) & 0xff] << 4) \ - | (FP[((temp) >> 8) & 0xff] << 2) \ - | FP[temp & 0xff] +#define DES_FINAL_PERM(left, right, temp) do { \ + (temp) = DES_FP_RIGHT_BITS((right), (left)); \ + (right) = DES_FP_LEFT_BITS((right), (left)); \ + (left) = (FP[((right) >> 24) & 0xff] << 6) \ + | (FP[((right) >> 16) & 0xff] << 4) \ + | (FP[((right) >> 8) & 0xff] << 2) \ + | FP[(right) & 0xff]; \ + (right) = (FP[((temp) >> 24) & 0xff] << 6) \ + | (FP[((temp) >> 16) & 0xff] << 4) \ + | (FP[((temp) >> 8) & 0xff] << 2) \ + | FP[temp & 0xff]; \ + } while(0); /* @@ -220,44 +225,44 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * at each stage of the encryption, so that by comparing the output to * a known good machine, the location of the first error can be found. */ -#define DES_DO_ENCRYPT_1(left, right, kp) \ - do { \ - register int i; \ - register unsigned DES_INT32 temp1; \ - DEB (("do_encrypt %8lX %8lX \n", left, right)); \ - DES_INITIAL_PERM((left), (right), (temp1)); \ - DEB ((" after IP %8lX %8lX\n", left, right)); \ - for (i = 0; i < 8; i++) { \ - DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ - DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ - DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ - DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ - } \ - DES_FINAL_PERM((left), (right), (temp1)); \ - (kp) -= (2 * 16); \ - DEB ((" after FP %8lX %8lX \n", left, right)); \ - } while (0) +#define DES_DO_ENCRYPT_1(left, right, kp) \ + do { \ + register int i; \ + register unsigned DES_INT32 temp1; \ + DEB (("do_encrypt %8lX %8lX \n", left, right)); \ + DES_INITIAL_PERM((left), (right), (temp1)); \ + DEB ((" after IP %8lX %8lX\n", left, right)); \ + for (i = 0; i < 8; i++) { \ + DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ + DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ + DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ + DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ + } \ + DES_FINAL_PERM((left), (right), (temp1)); \ + (kp) -= (2 * 16); \ + DEB ((" after FP %8lX %8lX \n", left, right)); \ + } while (0) -#define DES_DO_DECRYPT_1(left, right, kp) \ - do { \ - register int i; \ - register unsigned DES_INT32 temp2; \ - DES_INITIAL_PERM((left), (right), (temp2)); \ - (kp) += (2 * 16); \ - for (i = 0; i < 8; i++) { \ - DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ - DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ - } \ - DES_FINAL_PERM((left), (right), (temp2)); \ - } while (0) +#define DES_DO_DECRYPT_1(left, right, kp) \ + do { \ + register int i; \ + register unsigned DES_INT32 temp2; \ + DES_INITIAL_PERM((left), (right), (temp2)); \ + (kp) += (2 * 16); \ + for (i = 0; i < 8; i++) { \ + DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ + DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ + } \ + DES_FINAL_PERM((left), (right), (temp2)); \ + } while (0) #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l, - unsigned DES_INT32 *r, - const unsigned DES_INT32 *k); + unsigned DES_INT32 *r, + const unsigned DES_INT32 *k); extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, - unsigned DES_INT32 *r, - const unsigned DES_INT32 *k); + unsigned DES_INT32 *r, + const unsigned DES_INT32 *k); #define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K)) #define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K)) #else @@ -269,11 +274,11 @@ extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, * These are handy dandy utility thingies for straightening out bytes. * Included here because they're used a couple of places. */ -#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) -#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) +#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) +#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) /* Shorthand that we'll need in several places, for creating values that really can hold 32 bits regardless of the prevailing int size. */ -#define FF_UINT32 ((unsigned DES_INT32) 0xFF) +#define FF_UINT32 ((unsigned DES_INT32) 0xFF) -#endif /* __DES_TABLES_H__ */ +#endif /* __DES_TABLES_H__ */ diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c index dc6f349..2be5586 100644 --- a/src/lib/crypto/builtin/des/key_sched.c +++ b/src/lib/crypto/builtin/des/key_sched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/key_sched.c * @@ -50,11 +51,11 @@ mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) { mit_des_make_key_sched(k,schedule); - if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ - return(-1); + if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ + return(-1); if (mit_des_is_weak_key(k)) - return(-2); + return(-2); /* if key was good, return 0 */ return 0; diff --git a/src/lib/crypto/builtin/des/string2key.c b/src/lib/crypto/builtin/des/string2key.c index c817806..7ddee27 100644 --- a/src/lib/crypto/builtin/des/string2key.c +++ b/src/lib/crypto/builtin/des/string2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/des_s2k.c * @@ -32,13 +33,13 @@ krb5_error_code mit_des_string_to_key_int (krb5_keyblock *key, - const krb5_data *pw, const krb5_data *salt) + const krb5_data *pw, const krb5_data *salt) { union { - /* 8 "forward" bytes, 8 "reverse" bytes */ - unsigned char uc[16]; - krb5_ui_4 ui[4]; - mit_des_cblock cb; + /* 8 "forward" bytes, 8 "reverse" bytes */ + unsigned char uc[16]; + krb5_ui_4 ui[4]; + mit_des_cblock cb; } temp; unsigned int i; krb5_ui_4 x, y, z; @@ -53,30 +54,30 @@ mit_des_string_to_key_int (krb5_keyblock *key, current algorithm is dependent on having four 8-bit char values exactly overlay a 32-bit integral type. */ if (sizeof(temp.uc) != sizeof(temp.ui) - || (unsigned char)~0 != 0xFF - || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF - || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4, - !(temp.ui[0] == 0x01020304 - || temp.ui[0] == 0x04030201))) - abort(); -#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] -#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR + || (unsigned char)~0 != 0xFF + || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF + || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4, + !(temp.ui[0] == 0x01020304 + || temp.ui[0] == 0x04030201))) + abort(); +#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] +#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR if (salt - && (salt->length == SALT_TYPE_AFS_LENGTH - /* XXX Yuck! Aren't we done with this yet? */ - || salt->length == (unsigned) -1)) { - krb5_data afssalt; - char *at; + && (salt->length == SALT_TYPE_AFS_LENGTH + /* XXX Yuck! Aren't we done with this yet? */ + || salt->length == (unsigned) -1)) { + krb5_data afssalt; + char *at; - afssalt.data = salt->data; - at = strchr(afssalt.data, '@'); - if (at) { - *at = 0; - afssalt.length = at - afssalt.data; - } else - afssalt.length = strlen(afssalt.data); - return mit_afs_string_to_key(key, pw, &afssalt); + afssalt.data = salt->data; + at = strchr(afssalt.data, '@'); + if (at) { + *at = 0; + afssalt.length = at - afssalt.data; + } else + afssalt.length = strlen(afssalt.data); + return mit_afs_string_to_key(key, pw, &afssalt); } copylen = pw->length + (salt ? salt->length : 0); @@ -84,10 +85,10 @@ mit_des_string_to_key_int (krb5_keyblock *key, a byte array, not a string. */ copy = malloc(copylen); if (copy == NULL) - return ENOMEM; + return ENOMEM; memcpy(copy, pw->data, pw->length); if (salt) - memcpy(copy + pw->length, salt->data, salt->length); + memcpy(copy + pw->length, salt->data, salt->length); memset(&temp, 0, sizeof(temp)); p = temp.uc; @@ -95,34 +96,34 @@ mit_des_string_to_key_int (krb5_keyblock *key, forward and reverse sections, and combine them later, rather than having to do the reversal over and over again. */ for (i = 0; i < copylen; i++) { - *p++ ^= copy[i]; - if (p == temp.uc+16) { - p = temp.uc; + *p++ ^= copy[i]; + if (p == temp.uc+16) { + p = temp.uc; #ifdef PRINT_TEST_VECTORS - { - int j; - printf("after %d input bytes:\nforward block:\t", i+1); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\nreverse block:\t"); - for (j = 8; j < 16; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); - } + { + int j; + printf("after %d input bytes:\nforward block:\t", i+1); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\nreverse block:\t"); + for (j = 8; j < 16; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); + } #endif - } + } } #ifdef PRINT_TEST_VECTORS if (p != temp.uc) { - int j; - printf("at end, after %d input bytes:\nforward block:\t", i); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\nreverse block:\t"); - for (j = 8; j < 16; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("at end, after %d input bytes:\nforward block:\t", i); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\nreverse block:\t"); + for (j = 8; j < 16; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif #if 0 @@ -137,24 +138,24 @@ mit_des_string_to_key_int (krb5_keyblock *key, If we could rely on 64-bit math, another 7 ops would save us from having to do double the work. */ -#define REVERSE_STEP(VAR, SHIFT, MASK) \ +#define REVERSE_STEP(VAR, SHIFT, MASK) \ VAR = ((VAR >> SHIFT) & MASK) | ((VAR << SHIFT) & (0xFFFFFFFFUL & ~MASK)) -#define REVERSE(VAR) \ - REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \ - REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \ - REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \ - REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \ +#define REVERSE(VAR) \ + REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \ + REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \ + REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \ + REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \ REVERSE_STEP (VAR, 16, 0x0000FFFFUL); #else /* shorter */ -#define REVERSE(VAR) \ - { \ - krb5_ui_4 old = VAR, temp1 = 0; \ - int j; \ - for (j = 0; j < 32; j++) { \ - temp1 = (temp1 << 1) | (old & 1); \ - old >>= 1; \ - } \ - VAR = temp1; \ +#define REVERSE(VAR) \ + { \ + krb5_ui_4 old = VAR, temp1 = 0; \ + int j; \ + for (j = 0; j < 32; j++) { \ + temp1 = (temp1 << 1) | (old & 1); \ + old >>= 1; \ + } \ + VAR = temp1; \ } #endif @@ -168,16 +169,16 @@ mit_des_string_to_key_int (krb5_keyblock *key, REVERSE (y); #ifdef PRINT_TEST_VECTORS { - int j; - union { unsigned char uc[4]; krb5_ui_4 ui; } t2; - printf("after reversal, reversed block:\n\t\t"); - t2.ui = y; - for (j = 0; j < 4; j++) - printf(" %02x", t2.uc[j] & 0xff); - t2.ui = x; - for (j = 0; j < 4; j++) - printf(" %02x", t2.uc[j] & 0xff); - printf("\n"); + int j; + union { unsigned char uc[4]; krb5_ui_4 ui; } t2; + printf("after reversal, reversed block:\n\t\t"); + t2.ui = y; + for (j = 0; j < 4; j++) + printf(" %02x", t2.uc[j] & 0xff); + t2.ui = x; + for (j = 0; j < 4; j++) + printf(" %02x", t2.uc[j] & 0xff); + printf("\n"); } #endif /* Ignored bits are now at the bottom of each byte, where we'll @@ -200,16 +201,16 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after reversal, combined block:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after reversal, combined block:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif -#define FIXUP(K) \ - (mit_des_fixup_key_parity(K), \ +#define FIXUP(K) \ + (mit_des_fixup_key_parity(K), \ mit_des_is_weak_key(K) ? (K[7] ^= 0xF0) : 0) /* Now temp.cb is the temporary key, with invalid parity. */ @@ -217,11 +218,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after fixing parity and weak keys:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after fixing parity and weak keys:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif @@ -233,11 +234,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("cbc checksum:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("cbc checksum:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif @@ -246,11 +247,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after fixing parity and weak keys:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after fixing parity and weak keys:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif diff --git a/src/lib/crypto/builtin/des/t_afss2k.c b/src/lib/crypto/builtin/des/t_afss2k.c index a6d0aa5..5a0f960 100644 --- a/src/lib/crypto/builtin/des/t_afss2k.c +++ b/src/lib/crypto/builtin/des/t_afss2k.c @@ -1,70 +1,71 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "des_int.h" static const char *me; struct test_case { - char *saltstr; - int saltlen; - unsigned char keys[12][8]; + char *saltstr; + int saltlen; + unsigned char keys[12][8]; }; struct test_case test_cases[] = { - { - "Sodium Chloride", -1, - { - { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, }, - { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, }, - { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, }, - { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, }, - { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, }, - { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, }, - { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, }, - { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, }, - { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, }, - { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, }, - { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, }, - { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, }, - } - }, - { - "NaCl", 4, - { - { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, - { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, - { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, - { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, - { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, - { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, - { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, - { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, - { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, - { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, - { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, - { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, - } - }, - { - /* This one intentionally supplies a length shorter - than the string. The point of this is to ensure - that s[len] is not zero, so that anything actually - relying on that value (i.e., reading out of bounds) - should generate incorrect results. */ - "NaCl2", 4, - { - { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, - { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, - { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, - { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, - { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, - { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, - { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, - { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, - { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, - { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, - { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, - { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, - } - }, + { + "Sodium Chloride", -1, + { + { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, }, + { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, }, + { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, }, + { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, }, + { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, }, + { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, }, + { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, }, + { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, }, + { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, }, + { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, }, + { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, }, + { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, }, + } + }, + { + "NaCl", 4, + { + { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, + { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, + { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, + { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, + { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, + { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, + { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, + { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, + { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, + { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, + { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, + { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, + } + }, + { + /* This one intentionally supplies a length shorter + than the string. The point of this is to ensure + that s[len] is not zero, so that anything actually + relying on that value (i.e., reading out of bounds) + should generate incorrect results. */ + "NaCl2", 4, + { + { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, + { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, + { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, + { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, + { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, + { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, + { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, + { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, + { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, + { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, + { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, + { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, + } + }, }; static void do_it (struct test_case *tcase); @@ -72,65 +73,65 @@ static void do_it (struct test_case *tcase); int main (int argc, char *argv[]) { - int i; + int i; - me = argv[0]; - for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) - do_it (&test_cases[i]); - return 0; + me = argv[0]; + for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) + do_it (&test_cases[i]); + return 0; } static void do_it (struct test_case *tcase) { - unsigned char keydata[8]; - krb5_data salt, passwd; - krb5_keyblock key; - krb5_error_code err; - int i; - unsigned char longpass[2048]; + unsigned char keydata[8]; + krb5_data salt, passwd; + krb5_keyblock key; + krb5_error_code err; + int i; + unsigned char longpass[2048]; - key.contents = keydata; - key.length = sizeof (keydata); + key.contents = keydata; + key.length = sizeof (keydata); - salt.data = tcase->saltstr; - if (tcase->saltlen == -1) - salt.length = strlen (tcase->saltstr); - else - salt.length = tcase->saltlen; + salt.data = tcase->saltstr; + if (tcase->saltlen == -1) + salt.length = strlen (tcase->saltstr); + else + salt.length = tcase->saltlen; - /* - * Try passwords with lengths equal to, greater than, and less - * than 8 characters, since the AFS s2k algorithm does - * interesting stuff depending on the length. - */ - passwd.data = "My Password"; - for (i = 0; i < 12; i++) { - passwd.length = i; - err = mit_afs_string_to_key (&key, &passwd, &salt); - if (err != 0) { - com_err (me, err, ""); - exit (1); - } - if (memcmp (tcase->keys[i], keydata, 8) != 0) - abort (); - } + /* + * Try passwords with lengths equal to, greater than, and less + * than 8 characters, since the AFS s2k algorithm does + * interesting stuff depending on the length. + */ + passwd.data = "My Password"; + for (i = 0; i < 12; i++) { + passwd.length = i; + err = mit_afs_string_to_key (&key, &passwd, &salt); + if (err != 0) { + com_err (me, err, ""); + exit (1); + } + if (memcmp (tcase->keys[i], keydata, 8) != 0) + abort (); + } - /* Run another pass to make sure the characters after the - password in the buffer aren't influencing the output. The - password is *not* required to be null-terminated. */ - memset (longpass, '!', sizeof (longpass)); - longpass[sizeof (longpass)-1] = '\0'; - memcpy (longpass, "My Password", strlen ("My Password")); - passwd.data = (char *) longpass; - for (i = 0; i < 12; i++) { - passwd.length = i; - err = mit_afs_string_to_key (&key, &passwd, &salt); - if (err != 0) { - com_err (me, err, ""); - exit (1); - } - if (memcmp (tcase->keys[i], keydata, 8) != 0) - abort (); - } + /* Run another pass to make sure the characters after the + password in the buffer aren't influencing the output. The + password is *not* required to be null-terminated. */ + memset (longpass, '!', sizeof (longpass)); + longpass[sizeof (longpass)-1] = '\0'; + memcpy (longpass, "My Password", strlen ("My Password")); + passwd.data = (char *) longpass; + for (i = 0; i < 12; i++) { + passwd.length = i; + err = mit_afs_string_to_key (&key, &passwd, &salt); + if (err != 0) { + com_err (me, err, ""); + exit (1); + } + if (memcmp (tcase->keys[i], keydata, 8) != 0) + abort (); + } } diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c index 6c1f17b..ae31207 100644 --- a/src/lib/crypto/builtin/des/t_verify.c +++ b/src/lib/crypto/builtin/des/t_verify.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/verify.c * @@ -27,8 +28,8 @@ * Program to test the correctness of the DES library * implementation. * - * exit returns 0 ==> success - * -1 ==> error + * exit returns 0 ==> success + * -1 ==> error */ /* @@ -140,35 +141,35 @@ main(argc,argv) /* Set screen window buffer to infinite size -- MS default is tiny. */ _wsetscreenbuf (fileno (stdout), _WINBUFINF); #endif - progname=argv[0]; /* salt away invoking program */ + progname=argv[0]; /* salt away invoking program */ while (--argc > 0 && (*++argv)[0] == '-') - for (i=1; argv[0][i] != '\0'; i++) { - switch (argv[0][i]) { + for (i=1; argv[0][i] != '\0'; i++) { + switch (argv[0][i]) { - /* debug flag */ - case 'd': - mit_des_debug=3; - continue; + /* debug flag */ + case 'd': + mit_des_debug=3; + continue; - case 'z': - zflag = 1; - continue; + case 'z': + zflag = 1; + continue; - case 'm': - mflag = 1; - continue; + case 'm': + mflag = 1; + continue; - default: - printf("%s: illegal flag \"%c\" ", - progname,argv[0][i]); - exit(1); - } - }; + default: + printf("%s: illegal flag \"%c\" ", + progname,argv[0][i]); + exit(1); + } + }; if (argc) { - fprintf(stderr, "Usage: %s [-dmz]\n", progname); - exit(1); + fprintf(stderr, "Usage: %s [-dmz]\n", progname); + exit(1); } /* do some initialisation */ @@ -177,92 +178,92 @@ main(argc,argv) /* ECB zero text zero key */ if (zflag) { - input = zero_text; - mit_des_key_sched(zero_key, sched); - printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { - printf("verify: error in zero key test\n"); - exit(-1); - } - - exit(0); + input = zero_text; + mit_des_key_sched(zero_key, sched); + printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) + printf("%02x ",cipher_text[j]); + printf("\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { + printf("verify: error in zero key test\n"); + exit(-1); + } + + exit(0); } if (mflag) { - input = msb_text; - mit_des_key_sched(key3, sched); - printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0x80 01 01 01 01 01 01 01\n"); - printf(" cipher = 0xa380e02a6be54696\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { - printf("verify: error in msb test\n"); - exit(-1); - } - exit(0); + input = msb_text; + mit_des_key_sched(key3, sched); + printf("plaintext = 0x00 00 00 00 00 00 00 40, "); + printf("key = 0x80 01 01 01 01 01 01 01\n"); + printf(" cipher = 0xa380e02a6be54696\n"); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) { + printf("%02x ",cipher_text[j]); + } + printf("\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { + printf("verify: error in msb test\n"); + exit(-1); + } + exit(0); } /* ECB mode Davies and Price */ { - input = zero_text; - mit_des_key_sched(key2, sched); - printf("Examples per FIPS publication 81, keys ivs and cipher\n"); - printf("in hex. These are the correct answers, see below for\n"); - printf("the actual answers.\n\n"); - printf("Examples per Davies and Price.\n\n"); - printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); - printf("\tclear = 0\n"); - printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); - printf("ACTUAL ECB\n"); - printf("\tclear \"%s\"\n", input); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encryption is correct\n\n"); + input = zero_text; + mit_des_key_sched(key2, sched); + printf("Examples per FIPS publication 81, keys ivs and cipher\n"); + printf("in hex. These are the correct answers, see below for\n"); + printf("the actual answers.\n\n"); + printf("Examples per Davies and Price.\n\n"); + printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); + printf("\tclear = 0\n"); + printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); + printf("ACTUAL ECB\n"); + printf("\tclear \"%s\"\n", input); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) + printf("%02x ",cipher_text[j]); + printf("\n\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { + printf("verify: error in ECB encryption\n"); + exit(-1); + } + else + printf("verify: ECB encryption is correct\n\n"); } /* ECB mode */ { - mit_des_key_sched(default_key, sched); - input = clear_text; - ivec = default_ivec; - printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); - printf("ACTUAL ECB\n\tclear \"%s\"",input); - do_encrypt(input,cipher_text); - printf("\n\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encryption is correct\n\n"); + mit_des_key_sched(default_key, sched); + input = clear_text; + ivec = default_ivec; + printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); + printf("\tclear = \"Now is the time for all \"\n"); + printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); + printf("ACTUAL ECB\n\tclear \"%s\"",input); + do_encrypt(input,cipher_text); + printf("\n\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) { + printf("%02x ",cipher_text[j]); + } + printf("\n\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { + printf("verify: error in ECB encryption\n"); + exit(-1); + } + else + printf("verify: ECB encryption is correct\n\n"); } /* CBC mode */ @@ -276,39 +277,39 @@ main(argc,argv) printf("ACTUAL CBC\n\tclear \"%s\"\n",input); in_length = strlen((char *)input); if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input, - (mit_des_cblock *) cipher_text, - (size_t) in_length, - sched, - ivec, - MIT_DES_ENCRYPT))) { - com_err("des verify", retval, "can't encrypt"); - exit(-1); + (mit_des_cblock *) cipher_text, + (size_t) in_length, + sched, + ivec, + MIT_DES_ENCRYPT))) { + com_err("des verify", retval, "can't encrypt"); + exit(-1); } printf("\tciphertext = (low to high bytes)\n"); for (i = 0; i <= 2; i++) { - printf("\t\t"); - for (j = 0; j <= 7; j++) { - printf("%02x ",cipher_text[i*8+j]); - } - printf("\n"); + printf("\t\t"); + for (j = 0; j <= 7; j++) { + printf("%02x ",cipher_text[i*8+j]); + } + printf("\n"); } if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text, - (mit_des_cblock *) clear_text, - (size_t) in_length, - sched, - ivec, - MIT_DES_DECRYPT))) { - com_err("des verify", retval, "can't decrypt"); - exit(-1); + (mit_des_cblock *) clear_text, + (size_t) in_length, + sched, + ivec, + MIT_DES_DECRYPT))) { + com_err("des verify", retval, "can't decrypt"); + exit(-1); } printf("\tdecrypted clear_text = \"%s\"\n",clear_text); if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) { - printf("verify: error in CBC encryption\n"); - exit(-1); + printf("verify: error in CBC encryption\n"); + exit(-1); } else - printf("verify: CBC encryption is correct\n\n"); + printf("verify: CBC encryption is correct\n\n"); printf("EXAMPLE CBC checksum"); printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); @@ -317,18 +318,18 @@ main(argc,argv) printf("or some part thereof\n"); input = clear_text2; mit_des_cbc_cksum(input,cipher_text, strlen((char *)input), - sched,ivec); + sched,ivec); printf("ACTUAL CBC checksum\n"); printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); + printf("%02x ",cipher_text[j]); printf("\n\n"); if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) { - printf("verify: error in CBC cheksum\n"); - exit(-1); + printf("verify: error in CBC cheksum\n"); + exit(-1); } else - printf("verify: CBC checksum is correct\n\n"); + printf("verify: CBC checksum is correct\n\n"); exit(0); } @@ -341,18 +342,18 @@ flip(array) register int old,new,i,j; /* flips the bit order within each byte from 0 lsb to 0 msb */ for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array = new; - array++; + old = *array; + new = 0; + for (j = 0; j<=7; j++) { + if (old & 01) + new = new | 01; + if (j < 7) { + old = old >> 1; + new = new << 1; + } + } + *array = new; + array++; } } #endif @@ -364,20 +365,20 @@ do_encrypt(in,out) { int i, j; for (i =1; i<=nflag; i++) { - mit_des_cbc_encrypt((const mit_des_cblock *)in, - (mit_des_cblock *)out, - 8, - sched, - zero_text, - MIT_DES_ENCRYPT); - if (mit_des_debug) { - printf("\nclear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } + mit_des_cbc_encrypt((const mit_des_cblock *)in, + (mit_des_cblock *)out, + 8, + sched, + zero_text, + MIT_DES_ENCRYPT); + if (mit_des_debug) { + printf("\nclear %s\n",in); + for (j = 0; j<=7; j++) + printf("%02X ",in[j] & 0xff); + printf("\tcipher "); + for (j = 0; j<=7; j++) + printf("%02X ",out[j] & 0xff); + } } } @@ -389,20 +390,20 @@ do_decrypt(in,out) { int i, j; for (i =1; i<=nflag; i++) { - mit_des_cbc_encrypt((const mit_des_cblock *)out, - (mit_des_cblock *)in, - 8, - sched, - zero_text, - MIT_DES_DECRYPT); - if (mit_des_debug) { - printf("clear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } + mit_des_cbc_encrypt((const mit_des_cblock *)out, + (mit_des_cblock *)in, + 8, + sched, + zero_text, + MIT_DES_DECRYPT); + if (mit_des_debug) { + printf("clear %s\n",in); + for (j = 0; j<=7; j++) + printf("%02X ",in[j] & 0xff); + printf("\tcipher "); + for (j = 0; j<=7; j++) + printf("%02X ",out[j] & 0xff); + } } } @@ -414,5 +415,5 @@ int mit_des_is_weak_key(key) mit_des_cblock key; { - return 0; /* fake it out for testing */ + return 0; /* fake it out for testing */ } diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c index 7086789..921ce10 100644 --- a/src/lib/crypto/builtin/des/weak_key.c +++ b/src/lib/crypto/builtin/des/weak_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/weak_key.c * @@ -77,8 +78,8 @@ mit_des_is_weak_key(mit_des_cblock key) const mit_des_cblock *weak_p = weak; for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; + if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) + return 1; } return 0; diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in index 14d5317..40e42ef 100644 --- a/src/lib/crypto/builtin/enc_provider/Makefile.in +++ b/src/lib/crypto/builtin/enc_provider/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/enc_provider mydir=lib/crypto/builtin/enc_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../des \ diff --git a/src/lib/crypto/builtin/enc_provider/aes.c b/src/lib/crypto/builtin/enc_provider/aes.c index b735cc9..0440f7a 100644 --- a/src/lib/crypto/builtin/enc_provider/aes.c +++ b/src/lib/crypto/builtin/enc_provider/aes.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/enc_provider/aes.c * @@ -30,352 +31,233 @@ #include <aead.h> #include <rand2key.h> -#if 0 -aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]); -aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]); -aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]); -aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]); -aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]); -#endif - #define CHECK_SIZES 0 -#if 0 -static void printd (const char *descr, krb5_data *d) { - int i, j; - const int r = 16; - - printf("%s:", descr); - - for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); -#ifdef SHOW_TEXT - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } -#endif - } - printf("\n"); -} -#endif - -static inline void enc(char *out, const char *in, aes_ctx *ctx) +static inline void +enc(unsigned char *out, const unsigned char *in, aes_ctx *ctx) { - if (aes_enc_blk((const unsigned char *)in, (unsigned char *)out, ctx) - != aes_good) - abort(); -} -static inline void dec(char *out, const char *in, aes_ctx *ctx) -{ - if (aes_dec_blk((const unsigned char *)in, (unsigned char *)out, ctx) - != aes_good) - abort(); + if (aes_enc_blk(in, out, ctx) != aes_good) + abort(); } -static void xorblock(char *out, const char *in) +static inline void +dec(unsigned char *out, const unsigned char *in, aes_ctx *ctx) { - int z; - for (z = 0; z < BLOCK_SIZE; z++) - out[z] ^= in[z]; + if (aes_dec_blk(in, out, ctx) != aes_good) + abort(); } -krb5_error_code -krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +static void +xorblock(unsigned char *out, const unsigned char *in) { - aes_ctx ctx; - char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; - int nblocks = 0, blockno; - -/* CHECK_SIZES; */ - - if (aes_enc_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); - - if (ivec) - memcpy(tmp, ivec->data, BLOCK_SIZE); - else - memset(tmp, 0, BLOCK_SIZE); - - nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE; - - if (nblocks == 1) { - /* XXX Used for DK function. */ - enc(output->data, input->data, &ctx); - } else { - unsigned int nleft; - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - xorblock(tmp, input->data + blockno * BLOCK_SIZE); - enc(tmp2, tmp, &ctx); - memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); - - /* Set up for next block. */ - memcpy(tmp, tmp2, BLOCK_SIZE); - } - /* Do final CTS step for last two blocks (the second of which - may or may not be incomplete). */ - xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE); - enc(tmp2, tmp, &ctx); - nleft = input->length - (nblocks - 1) * BLOCK_SIZE; - memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft); - memcpy(tmp, tmp2, BLOCK_SIZE); - - memset(tmp3, 0, sizeof(tmp3)); - memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft); - xorblock(tmp, tmp3); - enc(tmp2, tmp, &ctx); - memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE); - if (ivec) - memcpy(ivec->data, tmp2, BLOCK_SIZE); + int z; + for (z = 0; z < BLOCK_SIZE/4; z++) { + unsigned char *outptr = &out[z*4]; + unsigned char *inptr = &in[z*4]; + /* + * Use unaligned accesses. On x86, this will probably still be faster + * than multiple byte accesses for unaligned data, and for aligned data + * should be far better. (One test indicated about 2.4% faster + * encryption for 1024-byte messages.) + * + * If some other CPU has really slow unaligned-word or byte accesses, + * perhaps this function (or the load/store helpers?) should test for + * alignment first. + * + * If byte accesses are faster than unaligned words, we may need to + * conditionalize on CPU type, as that may be hard to determine + * automatically. + */ + store_32_n (load_32_n(outptr) ^ load_32_n(inptr), outptr); } - - return 0; } krb5_error_code -krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - aes_ctx ctx; - char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; - int nblocks = 0, blockno; - - CHECK_SIZES; - - if (aes_dec_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); - - if (ivec) - memcpy(tmp, ivec->data, BLOCK_SIZE); - else - memset(tmp, 0, BLOCK_SIZE); - - nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE; - - if (nblocks == 1) { - if (input->length < BLOCK_SIZE) - abort(); - dec(output->data, input->data, &ctx); - } else { - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx); - xorblock(tmp2, tmp); - memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); - memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE); - } - /* Do last two blocks, the second of which (next-to-last block - of plaintext) may be incomplete. */ - dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx); - /* Set tmp3 to last ciphertext block, padded. */ - memset(tmp3, 0, sizeof(tmp3)); - memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, - input->length - (nblocks - 1) * BLOCK_SIZE); - /* Set tmp2 to last (possibly partial) plaintext block, and - save it. */ - xorblock(tmp2, tmp3); - memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, - input->length - (nblocks - 1) * BLOCK_SIZE); - /* Maybe keep the trailing part, and copy in the last - ciphertext block. */ - memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE); - /* Decrypt, to get next to last plaintext block xor previous - ciphertext. */ - dec(tmp3, tmp2, &ctx); - xorblock(tmp3, tmp); - memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE); - if (ivec) - memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE, - BLOCK_SIZE); - } - - return 0; -} - -static krb5_error_code -krb5int_aes_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { aes_ctx ctx; - char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE]; + unsigned char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE]; int nblocks = 0, blockno; size_t input_length, i; + struct iov_block_state input_pos, output_pos; if (aes_enc_key(key->keyblock.contents, key->keyblock.length, &ctx) - != aes_good) - abort(); + != aes_good) + abort(); if (ivec != NULL) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); for (i = 0, input_length = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } - nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; - - assert(nblocks > 1); - - { - char blockN2[BLOCK_SIZE]; /* second last */ - char blockN1[BLOCK_SIZE]; /* last block */ - struct iov_block_state input_pos, output_pos; - - IOV_BLOCK_STATE_INIT(&input_pos); - IOV_BLOCK_STATE_INIT(&output_pos); - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - char blockN[BLOCK_SIZE]; - - krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); - xorblock(tmp, blockN); - enc(tmp2, tmp, &ctx); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); - /* Set up for next block. */ - memcpy(tmp, tmp2, BLOCK_SIZE); - } - - /* Do final CTS step for last two blocks (the second of which - may or may not be incomplete). */ - - /* First, get the last two blocks */ - memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ - krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); - krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); - - /* Encrypt second last block */ - xorblock(tmp, blockN2); - enc(tmp2, tmp, &ctx); - memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */ - memcpy(tmp, tmp2, BLOCK_SIZE); - - /* Encrypt last block */ - xorblock(tmp, blockN1); - enc(tmp2, tmp, &ctx); - memcpy(blockN1, tmp2, BLOCK_SIZE); - - /* Put the last two blocks back into the iovec (reverse order) */ - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); - - if (ivec != NULL) - memcpy(ivec->data, blockN1, BLOCK_SIZE); + nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; + if (nblocks == 1) { + krb5int_c_iov_get_block(tmp, BLOCK_SIZE, data, num_data, &input_pos); + enc(tmp2, tmp, &ctx); + krb5int_c_iov_put_block(data, num_data, tmp2, BLOCK_SIZE, &output_pos); + } else if (nblocks > 1) { + unsigned char blockN2[BLOCK_SIZE]; /* second last */ + unsigned char blockN1[BLOCK_SIZE]; /* last block */ + + for (blockno = 0; blockno < nblocks - 2; blockno++) { + unsigned char blockN[BLOCK_SIZE], *block; + + block = iov_next_block(blockN, BLOCK_SIZE, data, num_data, + &input_pos); + xorblock(tmp, block); + enc(block, tmp, &ctx); + iov_store_block(data, num_data, block, blockN, BLOCK_SIZE, + &output_pos); + + /* Set up for next block. */ + memcpy(tmp, block, BLOCK_SIZE); + } + + /* Do final CTS step for last two blocks (the second of which + may or may not be incomplete). */ + + /* First, get the last two blocks */ + memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ + krb5int_c_iov_get_block(blockN2, BLOCK_SIZE, data, num_data, + &input_pos); + krb5int_c_iov_get_block(blockN1, BLOCK_SIZE, data, num_data, + &input_pos); + + /* Encrypt second last block */ + xorblock(tmp, blockN2); + enc(tmp2, tmp, &ctx); + memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */ + memcpy(tmp, tmp2, BLOCK_SIZE); + + /* Encrypt last block */ + xorblock(tmp, blockN1); + enc(tmp2, tmp, &ctx); + memcpy(blockN1, tmp2, BLOCK_SIZE); + + /* Put the last two blocks back into the iovec (reverse order) */ + krb5int_c_iov_put_block(data, num_data, blockN1, BLOCK_SIZE, + &output_pos); + krb5int_c_iov_put_block(data, num_data, blockN2, BLOCK_SIZE, + &output_pos); + + if (ivec != NULL) + memcpy(ivec->data, blockN1, BLOCK_SIZE); } return 0; } -static krb5_error_code -krb5int_aes_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { aes_ctx ctx; - char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; + unsigned char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; int nblocks = 0, blockno; unsigned int i; size_t input_length; + struct iov_block_state input_pos, output_pos; CHECK_SIZES; if (aes_dec_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); + &ctx) != aes_good) + abort(); if (ivec != NULL) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); for (i = 0, input_length = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } - nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); - assert(nblocks > 1); - - { - char blockN2[BLOCK_SIZE]; /* second last */ - char blockN1[BLOCK_SIZE]; /* last block */ - struct iov_block_state input_pos, output_pos; - - IOV_BLOCK_STATE_INIT(&input_pos); - IOV_BLOCK_STATE_INIT(&output_pos); - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - char blockN[BLOCK_SIZE]; - - krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); - dec(tmp2, blockN, &ctx); - xorblock(tmp2, tmp); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); - memcpy(tmp, blockN, BLOCK_SIZE); - } - - /* Do last two blocks, the second of which (next-to-last block - of plaintext) may be incomplete. */ - - /* First, get the last two encrypted blocks */ - memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ - krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); - krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); - - if (ivec != NULL) - memcpy(ivec->data, blockN2, BLOCK_SIZE); - - /* Decrypt second last block */ - dec(tmp2, blockN2, &ctx); - /* Set tmp2 to last (possibly partial) plaintext block, and - save it. */ - xorblock(tmp2, blockN1); - memcpy(blockN2, tmp2, BLOCK_SIZE); - - /* Maybe keep the trailing part, and copy in the last - ciphertext block. */ - input_length %= BLOCK_SIZE; - memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE); - dec(tmp3, tmp2, &ctx); - xorblock(tmp3, tmp); - memcpy(blockN1, tmp3, BLOCK_SIZE); - - /* Put the last two blocks back into the iovec */ - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); + nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; + if (nblocks == 1) { + krb5int_c_iov_get_block(tmp, BLOCK_SIZE, data, num_data, &input_pos); + enc(tmp2, tmp, &ctx); + krb5int_c_iov_put_block(data, num_data, tmp2, BLOCK_SIZE, &output_pos); + } else if (nblocks > 1) { + unsigned char blockN2[BLOCK_SIZE]; /* second last */ + unsigned char blockN1[BLOCK_SIZE]; /* last block */ + + for (blockno = 0; blockno < nblocks - 2; blockno++) { + unsigned char blockN[BLOCK_SIZE], *block; + + block = iov_next_block(blockN, BLOCK_SIZE, data, num_data, + &input_pos); + memcpy(tmp2, block, BLOCK_SIZE); + dec(block, block, &ctx); + xorblock(block, tmp); + memcpy(tmp, tmp2, BLOCK_SIZE); + iov_store_block(data, num_data, block, blockN, BLOCK_SIZE, + &output_pos); + } + + /* Do last two blocks, the second of which (next-to-last block + of plaintext) may be incomplete. */ + + /* First, get the last two encrypted blocks */ + memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ + krb5int_c_iov_get_block(blockN2, BLOCK_SIZE, data, num_data, + &input_pos); + krb5int_c_iov_get_block(blockN1, BLOCK_SIZE, data, num_data, + &input_pos); + + if (ivec != NULL) + memcpy(ivec->data, blockN2, BLOCK_SIZE); + + /* Decrypt second last block */ + dec(tmp2, blockN2, &ctx); + /* Set tmp2 to last (possibly partial) plaintext block, and + save it. */ + xorblock(tmp2, blockN1); + memcpy(blockN2, tmp2, BLOCK_SIZE); + + /* Maybe keep the trailing part, and copy in the last + ciphertext block. */ + input_length %= BLOCK_SIZE; + memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE); + dec(tmp3, tmp2, &ctx); + xorblock(tmp3, tmp); + memcpy(blockN1, tmp3, BLOCK_SIZE); + + /* Put the last two blocks back into the iovec */ + krb5int_c_iov_put_block(data, num_data, blockN1, BLOCK_SIZE, + &output_pos); + krb5int_c_iov_put_block(data, num_data, blockN2, BLOCK_SIZE, + &output_pos); } return 0; } static krb5_error_code -krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage, - krb5_data *state) +aes_init_state(const krb5_keyblock *key, krb5_keyusage usage, + krb5_data *state) { state->length = 16; - state->data = (void *) malloc(16); + state->data = malloc(16); if (state->data == NULL) - return ENOMEM; + return ENOMEM; memset(state->data, 0, state->length); return 0; } @@ -385,11 +267,10 @@ const struct krb5_enc_provider krb5int_enc_aes128 = { 16, 16, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, - krb5int_aes_init_state, + aes_init_state, krb5int_default_free_state, - krb5int_aes_encrypt_iov, - krb5int_aes_decrypt_iov }; const struct krb5_enc_provider krb5int_enc_aes256 = { @@ -397,9 +278,8 @@ const struct krb5_enc_provider krb5int_enc_aes256 = { 32, 32, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, - krb5int_aes_init_state, - krb5int_default_free_state, - krb5int_aes_encrypt_iov, - krb5int_aes_decrypt_iov + aes_init_state, + krb5int_default_free_state }; diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps index 74d9887..deeb864 100644 --- a/src/lib/crypto/builtin/enc_provider/deps +++ b/src/lib/crypto/builtin/enc_provider/deps @@ -3,51 +3,53 @@ # des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ - $(srcdir)/../des/des_int.h des.c enc_provider.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des.c enc_provider.h des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ - $(srcdir)/../des/des_int.h des3.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ - $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h aes.c \ - enc_provider.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h aes.c enc_provider.h rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ - $(srcdir)/../arcfour/arcfour-int.h $(srcdir)/../arcfour/arcfour.h \ - enc_provider.h rc4.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h enc_provider.h \ + rc4.c diff --git a/src/lib/crypto/builtin/enc_provider/des.c b/src/lib/crypto/builtin/enc_provider/des.c index f531c06..ed79b06 100644 --- a/src/lib/crypto/builtin/enc_provider/des.c +++ b/src/lib/crypto/builtin/enc_provider/des.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,129 +31,101 @@ #include <aead.h> #include <rand2key.h> - static krb5_error_code -k5_des_docrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output, int enc) +validate_and_schedule(krb5_key key, const krb5_data *ivec, + const krb5_crypto_iov *data, size_t num_data, + mit_des_key_schedule schedule) { - mit_des_key_schedule schedule; + size_t i, input_length; - /* key->keyblock.enctype was checked by the caller */ + for (i = 0, input_length = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; + } if (key->keyblock.length != 8) - return(KRB5_BAD_KEYSIZE); - if ((input->length%8) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); + return KRB5_BAD_KEYSIZE; + if (input_length % 8 != 0 || (ivec != NULL && ivec->length != 8)) + return KRB5_BAD_MSIZE; switch (mit_des_key_sched(key->keyblock.contents, schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } - - /* this has a return value, but the code always returns zero */ - - mit_des_cbc_encrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule, - (ivec - ? (const unsigned char *) ivec->data - : (const unsigned char *) mit_des_zeroblock), - enc); - - memset(schedule, 0, sizeof(schedule)); - - return(0); + return 0; } static krb5_error_code -k5_des_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - return(k5_des_docrypt(key, ivec, input, output, 1)); -} + mit_des_key_schedule schedule; + krb5_error_code err; -static krb5_error_code -k5_des_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - return(k5_des_docrypt(key, ivec, input, output, 0)); + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; + + krb5int_des_cbc_encrypt(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : + NULL); + + zap(schedule, sizeof(schedule)); + return 0; } static krb5_error_code -k5_des_docrypt_iov(krb5_key key, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data, int enc) +des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { mit_des_key_schedule schedule; - size_t input_length = 0; - unsigned int i; - - /* key->keyblock.enctype was checked by the caller */ + krb5_error_code err; - if (key->keyblock.length != 8) - return(KRB5_BAD_KEYSIZE); + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; - for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + krb5int_des_cbc_decrypt(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : + NULL); - if (ENCRYPT_DATA_IOV(iov)) - input_length += iov->data.length; - } - - if ((input_length % 8) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - - switch (mit_des_key_sched(key->keyblock.contents, schedule)) { - case -1: - return(KRB5DES_BAD_KEYPAR); - case -2: - return(KRB5DES_WEAK_KEY); - } - - /* this has a return value, but the code always returns zero */ - if (enc) - krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); - else - krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); - - memset(schedule, 0, sizeof(schedule)); - - return(0); + zap(schedule, sizeof(schedule)); + return 0; } static krb5_error_code -k5_des_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data, + const krb5_data *ivec, krb5_data *output) { - return k5_des_docrypt_iov(key, ivec, data, num_data, 1); -} + mit_des_key_schedule schedule; + krb5_error_code err; -static krb5_error_code -k5_des_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - return k5_des_docrypt_iov(key, ivec, data, num_data, 0); + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; + + if (output->length != 8) + return KRB5_CRYPTO_INTERNAL; + + krb5int_des_cbc_mac(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : NULL, + (unsigned char *) output->data); + + zap(schedule, sizeof(schedule)); + return 0; } const struct krb5_enc_provider krb5int_enc_des = { 8, 7, 8, - k5_des_encrypt, - k5_des_decrypt, + des_encrypt, + des_decrypt, + des_cbc_mac, krb5int_des_make_key, krb5int_des_init_state, - krb5int_default_free_state, - k5_des_encrypt_iov, - k5_des_decrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c index c731639..e08cc62 100644 --- a/src/lib/crypto/builtin/enc_provider/des3.c +++ b/src/lib/crypto/builtin/enc_provider/des3.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -31,77 +32,51 @@ static krb5_error_code validate_and_schedule(krb5_key key, const krb5_data *ivec, - const krb5_data *input, const krb5_data *output, - mit_des3_key_schedule *schedule) -{ - /* key->keyblock.enctype was checked by the caller */ - - if (key->keyblock.length != 24) - return(KRB5_BAD_KEYSIZE); - if ((input->length%8) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); - - switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, - *schedule)) { - case -1: - return(KRB5DES_BAD_KEYPAR); - case -2: - return(KRB5DES_WEAK_KEY); - } - return 0; -} - -static krb5_error_code -validate_and_schedule_iov(krb5_key key, const krb5_data *ivec, - const krb5_crypto_iov *data, size_t num_data, - mit_des3_key_schedule *schedule) + const krb5_crypto_iov *data, size_t num_data, + mit_des3_key_schedule *schedule) { size_t i, input_length; for (i = 0, input_length = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + const krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } if (key->keyblock.length != 24) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if ((input_length%8) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, - *schedule)) { + *schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } return 0; } static krb5_error_code -k5_des3_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { mit_des3_key_schedule schedule; krb5_error_code err; - err = validate_and_schedule(key, ivec, input, output, &schedule); + err = validate_and_schedule(key, ivec, data, num_data, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ - krb5int_des3_cbc_encrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule[0], schedule[1], schedule[2], - ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); + krb5int_des3_cbc_encrypt(data, num_data, + schedule[0], schedule[1], schedule[2], + ivec != NULL ? (unsigned char *) ivec->data : + NULL); zap(schedule, sizeof(schedule)); @@ -109,71 +84,25 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec, } static krb5_error_code -k5_des3_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { mit_des3_key_schedule schedule; krb5_error_code err; - err = validate_and_schedule(key, ivec, input, output, &schedule); + err = validate_and_schedule(key, ivec, data, num_data, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ - krb5int_des3_cbc_decrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule[0], schedule[1], schedule[2], - ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); + krb5int_des3_cbc_decrypt(data, num_data, + schedule[0], schedule[1], schedule[2], + ivec != NULL ? (unsigned char *) ivec->data : + NULL); zap(schedule, sizeof(schedule)); - return(0); -} - -static krb5_error_code -k5_des3_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - mit_des3_key_schedule schedule; - krb5_error_code err; - - err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule); - if (err) - return err; - - /* this has a return value, but the code always returns zero */ - krb5int_des3_cbc_encrypt_iov(data, num_data, - schedule[0], schedule[1], schedule[2], - ivec != NULL ? (unsigned char *) ivec->data : NULL); - - zap(schedule, sizeof(schedule)); - - return(0); -} - -static krb5_error_code -k5_des3_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - mit_des3_key_schedule schedule; - krb5_error_code err; - - err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule); - if (err) - return err; - - /* this has a return value, but the code always returns zero */ - krb5int_des3_cbc_decrypt_iov(data, num_data, - schedule[0], schedule[1], schedule[2], - ivec != NULL ? (unsigned char *) ivec->data : NULL); - - zap(schedule, sizeof(schedule)); - - return(0); + return 0; } const struct krb5_enc_provider krb5int_enc_des3 = { @@ -181,9 +110,8 @@ const struct krb5_enc_provider krb5int_enc_des3 = { 21, 24, k5_des3_encrypt, k5_des3_decrypt, + NULL, krb5int_des3_make_key, krb5int_des_init_state, - krb5int_default_free_state, - k5_des3_encrypt_iov, - k5_des3_decrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/builtin/enc_provider/enc_provider.h b/src/lib/crypto/builtin/enc_provider/enc_provider.h index 49ffaaf..8144b65 100644 --- a/src/lib/crypto/builtin/enc_provider/enc_provider.h +++ b/src/lib/crypto/builtin/enc_provider/enc_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c index 3c3e0f1..a8e0721 100644 --- a/src/lib/crypto/builtin/enc_provider/rc4.c +++ b/src/lib/crypto/builtin/enc_provider/rc4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* arcfour.c * * Copyright (c) 2000 by Computer Science Laboratory, @@ -7,11 +8,22 @@ */ #include "k5-int.h" -#include "arcfour-int.h" #include "enc_provider.h" #include <aead.h> #include <rand2key.h> +typedef struct +{ + unsigned int x; + unsigned int y; + unsigned char state[256]; +} ArcfourContext; + +typedef struct { + int initialized; + ArcfourContext ctx; +} ArcFourCipherState; + /* gets the next byte from the PRNG */ #if ((__GNUC__ >= 2) ) static __inline__ unsigned int k5_arcfour_byte(ArcfourContext *); @@ -21,16 +33,11 @@ static unsigned int k5_arcfour_byte(ArcfourContext *); /* Initializes the context and sets the key. */ static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, - unsigned int keylen); + unsigned int keylen); /* Encrypts/decrypts data. */ static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest, - const unsigned char *src, unsigned int len); - -/* Interface layer to kerb5 crypto layer */ -static krb5_error_code -k5_arcfour_docrypt(krb5_key, const krb5_data *, - const krb5_data *, krb5_data *); + const unsigned char *src, unsigned int len); static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd}; static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc}; @@ -44,125 +51,76 @@ static const struct { static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx) { - unsigned int x; - unsigned int y; - unsigned int sx, sy; - unsigned char *state; - - state = ctx->state; - x = (ctx->x + 1) & 0xff; - sx = state[x]; - y = (sx + ctx->y) & 0xff; - sy = state[y]; - ctx->x = x; - ctx->y = y; - state[y] = sx; - state[x] = sy; - return state[(sx + sy) & 0xff]; + unsigned int x; + unsigned int y; + unsigned int sx, sy; + unsigned char *state; + + state = ctx->state; + x = (ctx->x + 1) & 0xff; + sx = state[x]; + y = (sx + ctx->y) & 0xff; + sy = state[y]; + ctx->x = x; + ctx->y = y; + state[y] = sx; + state[x] = sy; + return state[(sx + sy) & 0xff]; } static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest, - const unsigned char *src, unsigned int len) + const unsigned char *src, unsigned int len) { - unsigned int i; - for (i = 0; i < len; i++) - dest[i] = src[i] ^ k5_arcfour_byte(ctx); + unsigned int i; + for (i = 0; i < len; i++) + dest[i] = src[i] ^ k5_arcfour_byte(ctx); } static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, - unsigned int key_len) + unsigned int key_len) { - unsigned int t, u; - unsigned int keyindex; - unsigned int stateindex; - unsigned char* state; - unsigned int counter; - - if (key_len != 16) - return KRB5_BAD_MSIZE; /*this is probably not the correct error code - to return */ - for (counter=0; - counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); - counter++) - if (!memcmp(key, arcfour_weakkeys[counter].data, - arcfour_weakkeys[counter].length)) - return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ - - state = &ctx->state[0]; - ctx->x = 0; - ctx->y = 0; - for (counter = 0; counter < 256; counter++) - state[counter] = counter; - keyindex = 0; - stateindex = 0; - for (counter = 0; counter < 256; counter++) + unsigned int t, u; + unsigned int keyindex; + unsigned int stateindex; + unsigned char* state; + unsigned int counter; + + if (key_len != 16) + return KRB5_BAD_MSIZE; /*this is probably not the correct error code + to return */ + for (counter=0; + counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); + counter++) + if (!memcmp(key, arcfour_weakkeys[counter].data, + arcfour_weakkeys[counter].length)) + return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ + + state = &ctx->state[0]; + ctx->x = 0; + ctx->y = 0; + for (counter = 0; counter < 256; counter++) + state[counter] = counter; + keyindex = 0; + stateindex = 0; + for (counter = 0; counter < 256; counter++) { - t = state[counter]; - stateindex = (stateindex + key[keyindex] + t) & 0xff; - u = state[stateindex]; - state[stateindex] = t; - state[counter] = u; - if (++keyindex >= key_len) - keyindex = 0; + t = state[counter]; + stateindex = (stateindex + key[keyindex] + t) & 0xff; + u = state[stateindex]; + state[stateindex] = t; + state[counter] = u; + if (++keyindex >= key_len) + keyindex = 0; } - return 0; + return 0; } -/* The workhorse of the arcfour system, this impliments the cipher */ -static krb5_error_code -k5_arcfour_docrypt(krb5_key key, const krb5_data *state, - const krb5_data *input, krb5_data *output) -{ - ArcfourContext *arcfour_ctx; - ArcFourCipherState *cipher_state; - int ret; - - if (key->keyblock.length != 16) - return(KRB5_BAD_KEYSIZE); - if (state && (state->length != sizeof (ArcFourCipherState))) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); - - if (state) { - cipher_state = (ArcFourCipherState *) state->data; - arcfour_ctx=&cipher_state->ctx; - if (cipher_state->initialized == 0) { - if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length))) { - return ret; - } - cipher_state->initialized = 1; - } - k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length); - } - else { - arcfour_ctx=malloc(sizeof (ArcfourContext)); - if (arcfour_ctx == NULL) - return ENOMEM; - if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length))) { - free(arcfour_ctx); - return (ret); - } - k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data, - (const unsigned char * ) input->data, input->length); - memset(arcfour_ctx, 0, sizeof (ArcfourContext)); - free(arcfour_ctx); - } - - return 0; -} - -/* In-place encryption */ static krb5_error_code -k5_arcfour_docrypt_iov(krb5_key key, - const krb5_data *state, - krb5_crypto_iov *data, - size_t num_data) +k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data, + size_t num_data) { ArcfourContext *arcfour_ctx = NULL; ArcFourCipherState *cipher_state = NULL; @@ -170,45 +128,45 @@ k5_arcfour_docrypt_iov(krb5_key key, size_t i; if (key->keyblock.length != 16) - return KRB5_BAD_KEYSIZE; + return KRB5_BAD_KEYSIZE; if (state != NULL && (state->length != sizeof(ArcFourCipherState))) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; if (state != NULL) { - cipher_state = (ArcFourCipherState *)state->data; - arcfour_ctx = &cipher_state->ctx; - if (cipher_state->initialized == 0) { - ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length); - if (ret != 0) - return ret; - - cipher_state->initialized = 1; - } + cipher_state = (ArcFourCipherState *)state->data; + arcfour_ctx = &cipher_state->ctx; + if (cipher_state->initialized == 0) { + ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length); + if (ret != 0) + return ret; + + cipher_state->initialized = 1; + } } else { - arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext)); - if (arcfour_ctx == NULL) - return ENOMEM; - - ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length); - if (ret != 0) { - free(arcfour_ctx); - return ret; - } + arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext)); + if (arcfour_ctx == NULL) + return ENOMEM; + + ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length); + if (ret != 0) { + free(arcfour_ctx); + return ret; + } } for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data, - (const unsigned char *)iov->data.data, iov->data.length); + if (ENCRYPT_IOV(iov)) + k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data, + (const unsigned char *)iov->data.data, iov->data.length); } if (state == NULL) { - memset(arcfour_ctx, 0, sizeof(ArcfourContext)); - free(arcfour_ctx); + memset(arcfour_ctx, 0, sizeof(ArcfourContext)); + free(arcfour_ctx); } return 0; @@ -216,22 +174,22 @@ k5_arcfour_docrypt_iov(krb5_key key, static krb5_error_code k5_arcfour_init_state (const krb5_keyblock *key, - krb5_keyusage keyusage, krb5_data *new_state) + krb5_keyusage keyusage, krb5_data *new_state) { - /* Note that we can't actually set up the state here because the key - * will change between now and when encrypt is called - * because it is data dependent. Yeah, this has strange - * properties. --SDH - */ - new_state->length = sizeof (ArcFourCipherState); - new_state->data = malloc (new_state->length); - if (new_state->data) { - memset (new_state->data, 0 , new_state->length); - /* That will set initialized to zero*/ - }else { - return (ENOMEM); - } - return 0; + /* Note that we can't actually set up the state here because the key + * will change between now and when encrypt is called + * because it is data dependent. Yeah, this has strange + * properties. --SDH + */ + new_state->length = sizeof (ArcFourCipherState); + new_state->data = malloc (new_state->length); + if (new_state->data) { + memset (new_state->data, 0 , new_state->length); + /* That will set initialized to zero*/ + }else { + return (ENOMEM); + } + return 0; } /* Since the arcfour cipher is identical going forwards and backwards, @@ -248,9 +206,8 @@ const struct krb5_enc_provider krb5int_enc_arcfour = { 16, 16, k5_arcfour_docrypt, k5_arcfour_docrypt, + NULL, krb5int_arcfour_make_key, k5_arcfour_init_state, /*xxx not implemented yet*/ - krb5int_default_free_state, - k5_arcfour_docrypt_iov, - k5_arcfour_docrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/builtin/hash_provider/Makefile.in b/src/lib/crypto/builtin/hash_provider/Makefile.in index 09bfb59..36ec412 100644 --- a/src/lib/crypto/builtin/hash_provider/Makefile.in +++ b/src/lib/crypto/builtin/hash_provider/Makefile.in @@ -1,9 +1,7 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/hash_provider mydir=lib/crypto/builtin/hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/../md5 -I$(srcdir)/../sha1 + -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/builtin/hash_provider/deps b/src/lib/crypto/builtin/hash_provider/deps index 398cf14..99e024e 100644 --- a/src/lib/crypto/builtin/hash_provider/deps +++ b/src/lib/crypto/builtin/hash_provider/deps @@ -4,44 +4,52 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../../krb/crc32/crc-32.h hash_crc32.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_crc32.c hash_provider.h hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../md4/rsa-md4.h hash_md4.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md4.c hash_provider.h hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../md5/rsa-md5.h hash_md5.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md5.c hash_provider.h hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../sha1/shs.h hash_provider.h hash_sha1.c + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_provider.h hash_sha1.c diff --git a/src/lib/crypto/builtin/hash_provider/hash_crc32.c b/src/lib/crypto/builtin/hash_provider/hash_crc32.c index 771a7d6..c9cafb0 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_crc32.c +++ b/src/lib/crypto/builtin/hash_provider/hash_crc32.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,25 +28,27 @@ #include "k5-int.h" #include "crc-32.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_crc32_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - unsigned long c, cn; + unsigned long c; unsigned int i; if (output->length != CRC32_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return KRB5_CRYPTO_INTERNAL; c = 0; - for (i=0; i<icount; i++) { - mit_crc32(input[i].data, input[i].length, &cn); - c ^= cn; + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) + mit_crc32(iov->data.data, iov->data.length, &c); } store_32_le(c, output->data); - return(0); + return 0; } const struct krb5_hash_provider krb5int_hash_crc32 = { diff --git a/src/lib/crypto/builtin/hash_provider/hash_md4.c b/src/lib/crypto/builtin/hash_provider/hash_md4.c index 916da0f..85f18f6 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md4.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,20 +28,26 @@ #include "k5-int.h" #include "rsa-md4.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_md4_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { krb5_MD4_CTX ctx; unsigned int i; if (output->length != RSA_MD4_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); krb5int_MD4Init(&ctx); - for (i=0; i<icount; i++) - krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + krb5int_MD4Update(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } krb5int_MD4Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH); diff --git a/src/lib/crypto/builtin/hash_provider/hash_md5.c b/src/lib/crypto/builtin/hash_provider/hash_md5.c index e1e29f0..583a8fb 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md5.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md5.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,25 +28,31 @@ #include "k5-int.h" #include "rsa-md5.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_md5_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { krb5_MD5_CTX ctx; unsigned int i; if (output->length != RSA_MD5_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return KRB5_CRYPTO_INTERNAL; krb5int_MD5Init(&ctx); - for (i=0; i<icount; i++) - krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + krb5int_MD5Update(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } krb5int_MD5Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH); - return(0); + return 0; } const struct krb5_hash_provider krb5int_hash_md5 = { diff --git a/src/lib/crypto/builtin/hash_provider/hash_provider.h b/src/lib/crypto/builtin/hash_provider/hash_provider.h index 1023d1a..eebe845 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_provider.h +++ b/src/lib/crypto/builtin/hash_provider/hash_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/builtin/hash_provider/hash_sha1.c b/src/lib/crypto/builtin/hash_provider/hash_sha1.c index 1f1fc62..7a9cda5 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_sha1.c +++ b/src/lib/crypto/builtin/hash_provider/hash_sha1.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,27 +28,32 @@ #include "k5-int.h" #include "shs.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_sha1_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { SHS_INFO ctx; unsigned int i; if (output->length != SHS_DIGESTSIZE) - return(KRB5_CRYPTO_INTERNAL); + return KRB5_CRYPTO_INTERNAL; shsInit(&ctx); - for (i=0; i<icount; i++) - shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length); - shsFinal(&ctx); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; - for (i=0; i<(sizeof(ctx.digest)/sizeof(ctx.digest[0])); i++) { - store_32_be(ctx.digest[i], &output->data[i*4]); + if (SIGN_IOV(iov)) { + shsUpdate(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } } + shsFinal(&ctx); + + for (i = 0; i < sizeof(ctx.digest) / sizeof(ctx.digest[0]); i++) + store_32_be(ctx.digest[i], &output->data[i*4]); - return(0); + return 0; } const struct krb5_hash_provider krb5int_hash_sha1 = { diff --git a/src/lib/crypto/builtin/hmac.c b/src/lib/crypto/builtin/hmac.c index 3e58a59..3cb4146 100644 --- a/src/lib/crypto/builtin/hmac.c +++ b/src/lib/crypto/builtin/hmac.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,17 +30,14 @@ /* * Because our built-in HMAC implementation doesn't need to invoke any - * encryption or keyed hash functions, it is simplest to define it in - * terms of keyblocks, and then supply a simple wrapper for the - * "normal" krb5_key-using interfaces. The keyblock interfaces are - * useful for the built-in arcfour code which constructs a lot of - * intermediate HMAC keys. For other back ends, it should not be - * necessary to supply the _keyblock versions of the hmac functions if - * the back end code doesn't make use of them. + * encryption or keyed hash functions, it is simplest to define it in terms of + * keyblocks, and then supply a simple wrapper for the "normal" krb5_key-using + * interfaces. The keyblock interfaces are useful for code which creates + * intermediate keyblocks. */ /* - * the HMAC transform looks like: + * The HMAC transform looks like: * * H(K XOR opad, H(K XOR ipad, text)) * @@ -52,143 +50,72 @@ krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, unsigned int icount, - const krb5_data *input, krb5_data *output) + const krb5_keyblock *keyblock, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { - size_t hashsize, blocksize; - unsigned char *xorkey, *ihash; + unsigned char *xorkey = NULL, *ihash = NULL; unsigned int i; - krb5_data *hashin, hashout; + krb5_crypto_iov *ihash_iov = NULL, ohash_iov[2]; + krb5_data hashout; krb5_error_code ret; - hashsize = hash->hashsize; - blocksize = hash->blocksize; + if (keyblock->length > hash->blocksize) + return KRB5_CRYPTO_INTERNAL; + if (output->length < hash->hashsize) + return KRB5_BAD_MSIZE; - if (key->length > blocksize) - return(KRB5_CRYPTO_INTERNAL); - if (output->length < hashsize) - return(KRB5_BAD_MSIZE); - /* if this isn't > 0, then there won't be enough space in this - array to compute the outer hash */ - if (icount == 0) - return(KRB5_CRYPTO_INTERNAL); - - /* allocate space for the xor key, hash input vector, and inner hash */ - - if ((xorkey = (unsigned char *) malloc(blocksize)) == NULL) - return(ENOMEM); - if ((ihash = (unsigned char *) malloc(hashsize)) == NULL) { - free(xorkey); - return(ENOMEM); - } - if ((hashin = (krb5_data *)malloc(sizeof(krb5_data)*(icount+1))) == NULL) { - free(ihash); - free(xorkey); - return(ENOMEM); - } - - /* create the inner padded key */ - - memset(xorkey, 0x36, blocksize); - - for (i=0; i<key->length; i++) - xorkey[i] ^= key->contents[i]; - - /* compute the inner hash */ - - hashin[0].length = blocksize; - hashin[0].data = (char *) xorkey; - for (i=0; i<icount; i++) - hashin[i+1] = input[i]; - - hashout.length = hashsize; - hashout.data = (char *) ihash; - - if ((ret = ((*(hash->hash))(icount+1, hashin, &hashout)))) + /* Allocate space for the xor key, hash input vector, and inner hash */ + xorkey = k5alloc(hash->blocksize, &ret); + if (xorkey == NULL) + goto cleanup; + ihash = k5alloc(hash->hashsize, &ret); + if (ihash == NULL) + goto cleanup; + ihash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret); + if (ihash_iov == NULL) goto cleanup; - /* create the outer padded key */ - - memset(xorkey, 0x5c, blocksize); - - for (i=0; i<key->length; i++) - xorkey[i] ^= key->contents[i]; - - /* compute the outer hash */ - - hashin[0].length = blocksize; - hashin[0].data = (char *) xorkey; - hashin[1] = hashout; - - output->length = hashsize; + /* Create the inner padded key. */ + memset(xorkey, 0x36, hash->blocksize); + for (i = 0; i < keyblock->length; i++) + xorkey[i] ^= keyblock->contents[i]; + + /* Compute the inner hash over the inner key and input data. */ + ihash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA; + ihash_iov[0].data = make_data(xorkey, hash->blocksize); + memcpy(ihash_iov + 1, data, num_data * sizeof(krb5_crypto_iov)); + hashout = make_data(ihash, hash->hashsize); + ret = hash->hash(ihash_iov, num_data + 1, &hashout); + if (ret != 0) + goto cleanup; - if ((ret = ((*(hash->hash))(2, hashin, output)))) + /* Create the outer padded key. */ + memset(xorkey, 0x5c, hash->blocksize); + for (i = 0; i < keyblock->length; i++) + xorkey[i] ^= keyblock->contents[i]; + + /* Compute the outer hash over the outer key and inner hash value. */ + ohash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA; + ohash_iov[0].data = make_data(xorkey, hash->blocksize); + ohash_iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + ohash_iov[1].data = make_data(ihash, hash->hashsize); + output->length = hash->hashsize; + ret = hash->hash(ohash_iov, 2, output); + if (ret != 0) memset(output->data, 0, output->length); - /* ret is set correctly by the prior call */ - cleanup: - memset(xorkey, 0, blocksize); - memset(ihash, 0, hashsize); - - free(hashin); - free(ihash); - free(xorkey); - - return(ret); -} - -krb5_error_code -krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) -{ - krb5_data *sign_data; - size_t num_sign_data; - krb5_error_code ret; - size_t i, j; - - /* Create a checksum over all the data to be signed */ - for (i = 0, num_sign_data = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - num_sign_data++; - } - - /* XXX cleanup to avoid alloc */ - sign_data = (krb5_data *)calloc(num_sign_data, sizeof(krb5_data)); - if (sign_data == NULL) - return ENOMEM; - - for (i = 0, j = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - sign_data[j++] = iov->data; - } - - /* caller must store checksum in iov as it may be TYPE_TRAILER or TYPE_CHECKSUM */ - ret = krb5int_hmac_keyblock(hash, key, num_sign_data, sign_data, output); - - free(sign_data); - + zapfree(xorkey, hash->blocksize); + zapfree(ihash, hash->hashsize); + free(ihash_iov); return ret; } krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key, - unsigned int icount, const krb5_data *input, krb5_data *output) -{ - return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output); -} - -krb5_error_code -krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { - return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data, - output); + return krb5int_hmac_keyblock(hash, &key->keyblock, data, num_data, output); } diff --git a/src/lib/crypto/builtin/md4/Makefile.in b/src/lib/crypto/builtin/md4/Makefile.in index 78dd053..561927a 100644 --- a/src/lib/crypto/builtin/md4/Makefile.in +++ b/src/lib/crypto/builtin/md4/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/md4 mydir=lib/crypto/builtin/md4 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir) diff --git a/src/lib/crypto/builtin/md4/deps b/src/lib/crypto/builtin/md4/deps index e52d180..a28d9da 100644 --- a/src/lib/crypto/builtin/md4/deps +++ b/src/lib/crypto/builtin/md4/deps @@ -3,11 +3,11 @@ # md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h md4.c rsa-md4.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h md4.c rsa-md4.h diff --git a/src/lib/crypto/builtin/md4/md4.c b/src/lib/crypto/builtin/md4/md4.c index b36a476..6850e13 100644 --- a/src/lib/crypto/builtin/md4/md4.c +++ b/src/lib/crypto/builtin/md4/md4.c @@ -1,39 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - * lib/crypto/md4/md4.c + * lib/crypto/md4/md4.c */ /* - ********************************************************************** - ** md4.c ** - ** RSA Data Security, Inc. MD4 Message Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version ** - ********************************************************************** - */ +********************************************************************** +** md4.c ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version ** +********************************************************************** +*/ /* - ********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD4 Message ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD4 Message Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - ********************************************************************** - */ +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ #include "k5-int.h" #include "rsa-md4.h" @@ -42,14 +43,14 @@ static void Transform (krb5_ui_4 *, krb5_ui_4 *); static const unsigned char PADDING[64] = { - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; /* F, G and H are basic MD4 functions: selection, majority, parity */ @@ -62,185 +63,185 @@ static const unsigned char PADDING[64] = { /* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */ /* Rotation is separate from addition to prevent recomputation */ -#define FF(a, b, c, d, x, s) \ - {(a) += F ((b), (c), (d)) + (x); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} -#define GG(a, b, c, d, x, s) \ - {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} -#define HH(a, b, c, d, x, s) \ - {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} +#define FF(a, b, c, d, x, s) \ + {(a) += F ((b), (c), (d)) + (x); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define GG(a, b, c, d, x, s) \ + {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define HH(a, b, c, d, x, s) \ + {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} void krb5int_MD4Init (krb5_MD4_CTX *mdContext) { - mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; - - /* Load magic initialization constants. - */ - mdContext->buf[0] = 0x67452301UL; - mdContext->buf[1] = 0xefcdab89UL; - mdContext->buf[2] = 0x98badcfeUL; - mdContext->buf[3] = 0x10325476UL; + mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; + + /* Load magic initialization constants. + */ + mdContext->buf[0] = 0x67452301UL; + mdContext->buf[1] = 0xefcdab89UL; + mdContext->buf[2] = 0x98badcfeUL; + mdContext->buf[3] = 0x10325476UL; } void krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* update number of bits */ - if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) - mdContext->i[1]++; - mdContext->i[0] += ((krb5_ui_4)inLen << 3); - mdContext->i[1] += ((krb5_ui_4)inLen >> 29); - - while (inLen--) { - /* add new character to buffer, increment mdi */ - mdContext->in[mdi++] = *inBuf++; - - /* transform if necessary */ - if (mdi == 0x40) { - for (i = 0, ii = 0; i < 16; i++, ii += 4) { - in[i] = load_32_le(mdContext->in+ii); - } - Transform (mdContext->buf, in); - mdi = 0; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* update number of bits */ + if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) + mdContext->i[1]++; + mdContext->i[0] += ((krb5_ui_4)inLen << 3); + mdContext->i[1] += ((krb5_ui_4)inLen >> 29); + + while (inLen--) { + /* add new character to buffer, increment mdi */ + mdContext->in[mdi++] = *inBuf++; + + /* transform if necessary */ + if (mdi == 0x40) { + for (i = 0, ii = 0; i < 16; i++, ii += 4) { + in[i] = load_32_le(mdContext->in+ii); + } + Transform (mdContext->buf, in); + mdi = 0; + } } - } } void krb5int_MD4Final (krb5_MD4_CTX *mdContext) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - unsigned int padLen; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + unsigned int padLen; - /* save number of bits */ - in[14] = mdContext->i[0]; - in[15] = mdContext->i[1]; + /* save number of bits */ + in[14] = mdContext->i[0]; + in[15] = mdContext->i[1]; - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - /* pad out to 56 mod 64 */ - padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); - krb5int_MD4Update (mdContext, PADDING, padLen); + /* pad out to 56 mod 64 */ + padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); + krb5int_MD4Update (mdContext, PADDING, padLen); - /* append length in bits and transform */ - for (i = 0, ii = 0; i < 14; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); + /* append length in bits and transform */ + for (i = 0, ii = 0; i < 14; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); - /* store buffer in digest */ - for (i = 0, ii = 0; i < 4; i++, ii += 4) { - store_32_le(mdContext->buf[i], mdContext->digest+ii); - } + /* store buffer in digest */ + for (i = 0, ii = 0; i < 4; i++, ii += 4) { + store_32_le(mdContext->buf[i], mdContext->digest+ii); + } } /* Basic MD4 step. Transform buf based on in. */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in) { - register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; + register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) - int i; + int i; #define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; } - for (i = 0; i < 16; i++) { - static const unsigned char round1consts[] = { 3, 7, 11, 19, }; - FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round2indices[] = { - 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15 - }; - static const unsigned char round2consts[] = { 3, 5, 9, 13 }; - GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round3indices[] = { - 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 - }; - static const unsigned char round3consts[] = { 3, 9, 11, 15 }; - HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE; - } + for (i = 0; i < 16; i++) { + static const unsigned char round1consts[] = { 3, 7, 11, 19, }; + FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round2indices[] = { + 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15 + }; + static const unsigned char round2consts[] = { 3, 5, 9, 13 }; + GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round3indices[] = { + 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 + }; + static const unsigned char round3consts[] = { 3, 9, 11, 15 }; + HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE; + } #else - /* Round 1 */ - FF (a, b, c, d, in[ 0], 3); - FF (d, a, b, c, in[ 1], 7); - FF (c, d, a, b, in[ 2], 11); - FF (b, c, d, a, in[ 3], 19); - FF (a, b, c, d, in[ 4], 3); - FF (d, a, b, c, in[ 5], 7); - FF (c, d, a, b, in[ 6], 11); - FF (b, c, d, a, in[ 7], 19); - FF (a, b, c, d, in[ 8], 3); - FF (d, a, b, c, in[ 9], 7); - FF (c, d, a, b, in[10], 11); - FF (b, c, d, a, in[11], 19); - FF (a, b, c, d, in[12], 3); - FF (d, a, b, c, in[13], 7); - FF (c, d, a, b, in[14], 11); - FF (b, c, d, a, in[15], 19); - - /* Round 2 */ - GG (a, b, c, d, in[ 0], 3); - GG (d, a, b, c, in[ 4], 5); - GG (c, d, a, b, in[ 8], 9); - GG (b, c, d, a, in[12], 13); - GG (a, b, c, d, in[ 1], 3); - GG (d, a, b, c, in[ 5], 5); - GG (c, d, a, b, in[ 9], 9); - GG (b, c, d, a, in[13], 13); - GG (a, b, c, d, in[ 2], 3); - GG (d, a, b, c, in[ 6], 5); - GG (c, d, a, b, in[10], 9); - GG (b, c, d, a, in[14], 13); - GG (a, b, c, d, in[ 3], 3); - GG (d, a, b, c, in[ 7], 5); - GG (c, d, a, b, in[11], 9); - GG (b, c, d, a, in[15], 13); - - /* Round 3 */ - HH (a, b, c, d, in[ 0], 3); - HH (d, a, b, c, in[ 8], 9); - HH (c, d, a, b, in[ 4], 11); - HH (b, c, d, a, in[12], 15); - HH (a, b, c, d, in[ 2], 3); - HH (d, a, b, c, in[10], 9); - HH (c, d, a, b, in[ 6], 11); - HH (b, c, d, a, in[14], 15); - HH (a, b, c, d, in[ 1], 3); - HH (d, a, b, c, in[ 9], 9); - HH (c, d, a, b, in[ 5], 11); - HH (b, c, d, a, in[13], 15); - HH (a, b, c, d, in[ 3], 3); - HH (d, a, b, c, in[11], 9); - HH (c, d, a, b, in[ 7], 11); - HH (b, c, d, a, in[15], 15); + /* Round 1 */ + FF (a, b, c, d, in[ 0], 3); + FF (d, a, b, c, in[ 1], 7); + FF (c, d, a, b, in[ 2], 11); + FF (b, c, d, a, in[ 3], 19); + FF (a, b, c, d, in[ 4], 3); + FF (d, a, b, c, in[ 5], 7); + FF (c, d, a, b, in[ 6], 11); + FF (b, c, d, a, in[ 7], 19); + FF (a, b, c, d, in[ 8], 3); + FF (d, a, b, c, in[ 9], 7); + FF (c, d, a, b, in[10], 11); + FF (b, c, d, a, in[11], 19); + FF (a, b, c, d, in[12], 3); + FF (d, a, b, c, in[13], 7); + FF (c, d, a, b, in[14], 11); + FF (b, c, d, a, in[15], 19); + + /* Round 2 */ + GG (a, b, c, d, in[ 0], 3); + GG (d, a, b, c, in[ 4], 5); + GG (c, d, a, b, in[ 8], 9); + GG (b, c, d, a, in[12], 13); + GG (a, b, c, d, in[ 1], 3); + GG (d, a, b, c, in[ 5], 5); + GG (c, d, a, b, in[ 9], 9); + GG (b, c, d, a, in[13], 13); + GG (a, b, c, d, in[ 2], 3); + GG (d, a, b, c, in[ 6], 5); + GG (c, d, a, b, in[10], 9); + GG (b, c, d, a, in[14], 13); + GG (a, b, c, d, in[ 3], 3); + GG (d, a, b, c, in[ 7], 5); + GG (c, d, a, b, in[11], 9); + GG (b, c, d, a, in[15], 13); + + /* Round 3 */ + HH (a, b, c, d, in[ 0], 3); + HH (d, a, b, c, in[ 8], 9); + HH (c, d, a, b, in[ 4], 11); + HH (b, c, d, a, in[12], 15); + HH (a, b, c, d, in[ 2], 3); + HH (d, a, b, c, in[10], 9); + HH (c, d, a, b, in[ 6], 11); + HH (b, c, d, a, in[14], 15); + HH (a, b, c, d, in[ 1], 3); + HH (d, a, b, c, in[ 9], 9); + HH (c, d, a, b, in[ 5], 11); + HH (b, c, d, a, in[13], 15); + HH (a, b, c, d, in[ 3], 3); + HH (d, a, b, c, in[11], 9); + HH (c, d, a, b, in[ 7], 11); + HH (b, c, d, a, in[15], 15); #endif - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; } /* - ********************************************************************** - ** End of md4.c ** - ******************************* (cut) ******************************** - */ +********************************************************************** +** End of md4.c ** +******************************* (cut) ******************************** +*/ diff --git a/src/lib/crypto/builtin/md4/rsa-md4.h b/src/lib/crypto/builtin/md4/rsa-md4.h index 2f59220..408f2ef 100644 --- a/src/lib/crypto/builtin/md4/rsa-md4.h +++ b/src/lib/crypto/builtin/md4/rsa-md4.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/md4/rsa-md4.h * @@ -35,51 +36,51 @@ #endif /* unicos61 */ /* 16 u_char's in the digest */ -#define RSA_MD4_CKSUM_LENGTH 16 +#define RSA_MD4_CKSUM_LENGTH 16 /* des blocksize is 8, so this works nicely... */ -#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 -#define RSA_MD4_DES_CONFOUND_LENGTH 8 +#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 +#define RSA_MD4_DES_CONFOUND_LENGTH 8 /* - ********************************************************************** - ** md4.h -- Header file for implementation of MD4 ** - ** RSA Data Security, Inc. MD4 Message Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ********************************************************************** - */ +********************************************************************** +** md4.h -- Header file for implementation of MD4 ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +********************************************************************** +*/ /* - ********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD4 Message ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD4 Message Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - ********************************************************************** - */ +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ /* Data structure for MD4 (Message Digest) computation */ typedef struct { - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD4Final call */ + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD4Final call */ } krb5_MD4_CTX; extern void krb5int_MD4Init(krb5_MD4_CTX *); @@ -87,8 +88,8 @@ extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned in extern void krb5int_MD4Final(krb5_MD4_CTX *); /* - ********************************************************************** - ** End of md4.h ** - ******************************* (cut) ******************************** - */ +********************************************************************** +** End of md4.h ** +******************************* (cut) ******************************** +*/ #endif /* __KRB5_RSA_MD4_H__ */ diff --git a/src/lib/crypto/builtin/md5/Makefile.in b/src/lib/crypto/builtin/md5/Makefile.in index 6da4374..6a1f52f 100644 --- a/src/lib/crypto/builtin/md5/Makefile.in +++ b/src/lib/crypto/builtin/md5/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/md5 mydir=lib/crypto/builtin/md5 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= diff --git a/src/lib/crypto/builtin/md5/deps b/src/lib/crypto/builtin/md5/deps index 4e3b63d..876368d 100644 --- a/src/lib/crypto/builtin/md5/deps +++ b/src/lib/crypto/builtin/md5/deps @@ -3,11 +3,11 @@ # md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h md5.c rsa-md5.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h diff --git a/src/lib/crypto/builtin/md5/md5.c b/src/lib/crypto/builtin/md5/md5.c index 76f8fa2..7e06aa6 100644 --- a/src/lib/crypto/builtin/md5/md5.c +++ b/src/lib/crypto/builtin/md5/md5.c @@ -1,66 +1,67 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - *********************************************************************** - ** md5.c -- the source code for MD5 routines ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. ** - *********************************************************************** - */ +*********************************************************************** +** md5.c -- the source code for MD5 routines ** +** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. ** +*********************************************************************** +*/ /* * Modified by John Carr, MIT, to use Kerberos 5 typedefs. */ /* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ +*********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD5 Message- ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +*********************************************************************** +*/ #include "k5-int.h" #include "rsa-md5.h" /* - *********************************************************************** - ** Message-digest routines: ** - ** To form the message digest for a message M ** - ** (1) Initialize a context buffer mdContext using krb5int_MD5Init ** - ** (2) Call krb5int_MD5Update on mdContext and M ** - ** (3) Call krb5int_MD5Final on mdContext ** - ** The message digest is now in mdContext->digest[0...15] ** - *********************************************************************** - */ +*********************************************************************** +** Message-digest routines: ** +** To form the message digest for a message M ** +** (1) Initialize a context buffer mdContext using krb5int_MD5Init ** +** (2) Call krb5int_MD5Update on mdContext and M ** +** (3) Call krb5int_MD5Final on mdContext ** +** The message digest is now in mdContext->digest[0...15] ** +*********************************************************************** +*/ /* forward declaration */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in); static const unsigned char PADDING[64] = { - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; /* F, G, H and I are basic MD5 functions */ @@ -74,270 +75,270 @@ static const unsigned char PADDING[64] = { /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */ /* Rotation is separate from addition to prevent recomputation */ -#define FF(a, b, c, d, x, s, ac) \ - {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define GG(a, b, c, d, x, s, ac) \ - {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define HH(a, b, c, d, x, s, ac) \ - {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define II(a, b, c, d, x, s, ac) \ - {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } +#define FF(a, b, c, d, x, s, ac) \ + {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define GG(a, b, c, d, x, s, ac) \ + {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define HH(a, b, c, d, x, s, ac) \ + {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define II(a, b, c, d, x, s, ac) \ + {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } /* The routine krb5int_MD5Init initializes the message-digest context mdContext. All fields are set to zero. - */ +*/ void krb5int_MD5Init (krb5_MD5_CTX *mdContext) { - mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; - - /* Load magic initialization constants. - */ - mdContext->buf[0] = 0x67452301UL; - mdContext->buf[1] = 0xefcdab89UL; - mdContext->buf[2] = 0x98badcfeUL; - mdContext->buf[3] = 0x10325476UL; + mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; + + /* Load magic initialization constants. + */ + mdContext->buf[0] = 0x67452301UL; + mdContext->buf[1] = 0xefcdab89UL; + mdContext->buf[2] = 0x98badcfeUL; + mdContext->buf[3] = 0x10325476UL; } /* The routine krb5int_MD5Update updates the message-digest context to account for the presence of each of the characters inBuf[0..inLen-1] in the message whose digest is being computed. - */ +*/ void krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* update number of bits */ - if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) - mdContext->i[1]++; - mdContext->i[0] += ((krb5_ui_4)inLen << 3); - mdContext->i[1] += ((krb5_ui_4)inLen >> 29); - - while (inLen--) { - /* add new character to buffer, increment mdi */ - mdContext->in[mdi++] = *inBuf++; - - /* transform if necessary */ - if (mdi == 0x40) { - for (i = 0, ii = 0; i < 16; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); - mdi = 0; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* update number of bits */ + if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) + mdContext->i[1]++; + mdContext->i[0] += ((krb5_ui_4)inLen << 3); + mdContext->i[1] += ((krb5_ui_4)inLen >> 29); + + while (inLen--) { + /* add new character to buffer, increment mdi */ + mdContext->in[mdi++] = *inBuf++; + + /* transform if necessary */ + if (mdi == 0x40) { + for (i = 0, ii = 0; i < 16; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); + mdi = 0; + } } - } } /* The routine krb5int_MD5Final terminates the message-digest computation and ends with the desired message digest in mdContext->digest[0...15]. - */ +*/ void krb5int_MD5Final (krb5_MD5_CTX *mdContext) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - unsigned int padLen; - - /* save number of bits */ - in[14] = mdContext->i[0]; - in[15] = mdContext->i[1]; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* pad out to 56 mod 64 */ - padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); - krb5int_MD5Update (mdContext, PADDING, padLen); - - /* append length in bits and transform */ - for (i = 0, ii = 0; i < 14; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); - - /* store buffer in digest */ - for (i = 0, ii = 0; i < 4; i++, ii += 4) { - store_32_le(mdContext->buf[i], mdContext->digest+ii); - } + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + unsigned int padLen; + + /* save number of bits */ + in[14] = mdContext->i[0]; + in[15] = mdContext->i[1]; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* pad out to 56 mod 64 */ + padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); + krb5int_MD5Update (mdContext, PADDING, padLen); + + /* append length in bits and transform */ + for (i = 0, ii = 0; i < 14; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); + + /* store buffer in digest */ + for (i = 0, ii = 0; i < 4; i++, ii += 4) { + store_32_le(mdContext->buf[i], mdContext->digest+ii); + } } /* Basic MD5 step. Transforms buf based on in. */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in) { - register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; + register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) - int i; + int i; #define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; } - for (i = 0; i < 16; i++) { - const unsigned char round1s[] = { 7, 12, 17, 22 }; - const krb5_ui_4 round1consts[] = { - 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL, - 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL, - 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL, - 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL, - }; - FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - const unsigned char round2s[] = { 5, 9, 14, 20 }; - const krb5_ui_4 round2consts[] = { - 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL, - 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL, - 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL, - 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL, - }; - int r2index = (1 + i * 5) % 16; - GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round3s[] = { 4, 11, 16, 23 }; - static const krb5_ui_4 round3consts[] = { - 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL, - 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL, - 681279174UL, 3936430074UL, 3572445317UL, 76029189UL, - 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL, - }; - int r3index = (5 + i * 3) % 16; - HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round4s[] = { 6, 10, 15, 21 }; - static const krb5_ui_4 round4consts[] = { - 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL, - 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL, - 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL, - 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL, - }; - int r4index = (7 * i) % 16; - II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]); - ROTATE; - } + for (i = 0; i < 16; i++) { + const unsigned char round1s[] = { 7, 12, 17, 22 }; + const krb5_ui_4 round1consts[] = { + 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL, + 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL, + 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL, + 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL, + }; + FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + const unsigned char round2s[] = { 5, 9, 14, 20 }; + const krb5_ui_4 round2consts[] = { + 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL, + 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL, + 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL, + 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL, + }; + int r2index = (1 + i * 5) % 16; + GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round3s[] = { 4, 11, 16, 23 }; + static const krb5_ui_4 round3consts[] = { + 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL, + 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL, + 681279174UL, 3936430074UL, 3572445317UL, 76029189UL, + 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL, + }; + int r3index = (5 + i * 3) % 16; + HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round4s[] = { 6, 10, 15, 21 }; + static const krb5_ui_4 round4consts[] = { + 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL, + 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL, + 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL, + 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL, + }; + int r4index = (7 * i) % 16; + II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]); + ROTATE; + } #else - /* Round 1 */ + /* Round 1 */ #define S11 7 #define S12 12 #define S13 17 #define S14 22 - FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */ - FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */ - FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */ - FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */ - FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */ - FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */ - FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */ - FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */ - FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */ - FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */ - FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */ - FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */ - FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */ - FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */ - FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */ - FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */ - - /* Round 2 */ + FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */ + FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */ + FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */ + FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */ + FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */ + FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */ + FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */ + FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */ + FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */ + FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */ + FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */ + FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */ + FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */ + FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */ + FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */ + FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */ + + /* Round 2 */ #define S21 5 #define S22 9 #define S23 14 #define S24 20 - GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */ - GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */ - GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */ - GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */ - GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */ - GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */ - GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */ - GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */ - GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */ - GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */ - GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */ - GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */ - GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */ - GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */ - GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */ - GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */ - - /* Round 3 */ + GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */ + GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */ + GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */ + GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */ + GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */ + GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */ + GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */ + GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */ + GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */ + GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */ + GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */ + GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */ + GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */ + GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */ + GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */ + GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */ + + /* Round 3 */ #define S31 4 #define S32 11 #define S33 16 #define S34 23 - HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */ - HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */ - HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */ - HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */ - HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */ - HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */ - HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */ - HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */ - HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */ - HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */ - HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */ - HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */ - HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */ - HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */ - HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */ - HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */ - - /* Round 4 */ + HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */ + HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */ + HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */ + HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */ + HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */ + HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */ + HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */ + HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */ + HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */ + HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */ + HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */ + HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */ + HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */ + HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */ + HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */ + HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */ + + /* Round 4 */ #define S41 6 #define S42 10 #define S43 15 #define S44 21 - II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */ - II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */ - II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */ - II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */ - II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */ - II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */ - II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */ - II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */ - II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */ - II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */ - II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */ - II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */ - II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */ - II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */ - II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */ - II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */ + II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */ + II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */ + II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */ + II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */ + II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */ + II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */ + II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */ + II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */ + II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */ + II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */ + II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */ + II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */ + II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */ + II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */ + II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */ + II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */ #endif /* small? */ - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; } diff --git a/src/lib/crypto/builtin/md5/rsa-md5.h b/src/lib/crypto/builtin/md5/rsa-md5.h index 938b22d..11a4fc3 100644 --- a/src/lib/crypto/builtin/md5/rsa-md5.h +++ b/src/lib/crypto/builtin/md5/rsa-md5.h @@ -1,60 +1,61 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - *********************************************************************** - ** md5.h -- header file for implementation of MD5 ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ** Revised (for MD5): RLR 4/27/91 ** - ** -- G modified to have y&~z instead of y&z ** - ** -- FF, GG, HH modified to add in last register done ** - ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** - ** -- distinct additive constant for each step ** - ** -- round 4 added, working mod 7 ** - *********************************************************************** - */ +*********************************************************************** +** md5.h -- header file for implementation of MD5 ** +** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +** Revised (for MD5): RLR 4/27/91 ** +** -- G modified to have y&~z instead of y&z ** +** -- FF, GG, HH modified to add in last register done ** +** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** +** -- distinct additive constant for each step ** +** -- round 4 added, working mod 7 ** +*********************************************************************** +*/ /* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ +*********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD5 Message- ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +*********************************************************************** +*/ -#ifndef KRB5_RSA_MD5__ -#define KRB5_RSA_MD5__ +#ifndef KRB5_RSA_MD5__ +#define KRB5_RSA_MD5__ /* Data structure for MD5 (Message-Digest) computation */ typedef struct { - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD5Final call */ + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD5Final call */ } krb5_MD5_CTX; extern void krb5int_MD5Init(krb5_MD5_CTX *); extern void krb5int_MD5Update(krb5_MD5_CTX *,const unsigned char *,unsigned int); extern void krb5int_MD5Final(krb5_MD5_CTX *); -#define RSA_MD5_CKSUM_LENGTH 16 -#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 -#define RSA_MD5_DES_CONFOUND_LENGTH 8 +#define RSA_MD5_CKSUM_LENGTH 16 +#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 +#define RSA_MD5_DES_CONFOUND_LENGTH 8 #endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/builtin/pbkdf2.c b/src/lib/crypto/builtin/pbkdf2.c index 7b45fe8..7ee07f0 100644 --- a/src/lib/crypto/builtin/pbkdf2.c +++ b/src/lib/crypto/builtin/pbkdf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/pbkdf2.c * @@ -48,13 +49,13 @@ */ typedef krb5_error_code (*prf_func)(krb5_key pass, krb5_data *salt, - krb5_data *out); + krb5_data *out); /* Not exported, for now. */ static krb5_error_code krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, - const krb5_data *salt, unsigned long count, - const krb5_data *output); + const krb5_data *salt, unsigned long count, + const krb5_data *output); static int debug_hmac = 0; @@ -65,16 +66,16 @@ static void printd (const char *descr, krb5_data *d) { printf("%s:", descr); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } } printf("\n"); } @@ -92,7 +93,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, #if 0 printf("F(i=%d, count=%lu, pass=%d:%s)\n", i, count, - pass->length, pass->data); + pass->length, pass->data); #endif /* Compute U_1. */ @@ -117,7 +118,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, #endif err = (*prf)(pass, &sdata, &out); if (err) - return err; + return err; #if 0 printd("F: prf return value", &out); #endif @@ -127,23 +128,23 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, sdata.length = hlen; for (j = 2; j <= count; j++) { #if 0 - printf("F: computing hmac #%d (U_%d)\n", j, j); + printf("F: computing hmac #%d (U_%d)\n", j, j); #endif - memcpy(u_tmp2, u_tmp1, hlen); - err = (*prf)(pass, &sdata, &out); - if (err) - return err; + memcpy(u_tmp2, u_tmp1, hlen); + err = (*prf)(pass, &sdata, &out); + if (err) + return err; #if 0 - printd("F: prf return value", &out); + printd("F: prf return value", &out); #endif - /* And xor them together. */ - for (k = 0; k < hlen; k++) - output[k] ^= u_tmp1[k]; + /* And xor them together. */ + for (k = 0; k < hlen; k++) + output[k] ^= u_tmp1[k]; #if 0 - printf("F: xor result:\n"); - for (k = 0; k < hlen; k++) - printf(" %02x", 0xff & output[k]); - printf("\n"); + printf("F: xor result:\n"); + for (k = 0; k < hlen; k++) + printf(" %02x", 0xff & output[k]); + printf("\n"); #endif } return 0; @@ -151,58 +152,58 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, static krb5_error_code krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, - const krb5_data *salt, unsigned long count, - const krb5_data *output) + const krb5_data *salt, unsigned long count, + const krb5_data *output) { int l, r, i; char *utmp1, *utmp2; - char utmp3[20]; /* XXX length shouldn't be hardcoded! */ + char utmp3[20]; /* XXX length shouldn't be hardcoded! */ if (output->length == 0 || hlen == 0) - abort(); + abort(); /* Step 1 & 2. */ if (output->length / hlen > 0xffffffff) - abort(); + abort(); /* Step 2. */ l = (output->length + hlen - 1) / hlen; r = output->length - (l - 1) * hlen; utmp1 = /*output + dklen; */ malloc(hlen); if (utmp1 == NULL) - return ENOMEM; + return ENOMEM; utmp2 = /*utmp1 + hlen; */ malloc(salt->length + 4 + hlen); if (utmp2 == NULL) { - free(utmp1); - return ENOMEM; + free(utmp1); + return ENOMEM; } /* Step 3. */ for (i = 1; i <= l; i++) { #if 0 - int j; + int j; #endif - krb5_error_code err; - char *out; + krb5_error_code err; + char *out; - if (i == l) - out = utmp3; - else - out = output->data + (i-1) * hlen; - err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i); - if (err) { - free(utmp1); - free(utmp2); - return err; - } - if (i == l) - memcpy(output->data + (i-1) * hlen, utmp3, - output->length - (i-1) * hlen); + if (i == l) + out = utmp3; + else + out = output->data + (i-1) * hlen; + err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i); + if (err) { + free(utmp1); + free(utmp2); + return err; + } + if (i == l) + memcpy(output->data + (i-1) * hlen, utmp3, + output->length - (i-1) * hlen); #if 0 - printf("after F(%d), @%p:\n", i, output->data); - for (j = (i-1) * hlen; j < i * hlen; j++) - printf(" %02x", 0xff & output->data[j]); - printf ("\n"); + printf("after F(%d), @%p:\n", i, output->data); + for (j = (i-1) * hlen; j < i * hlen; j++) + printf(" %02x", 0xff & output->data[j]); + printf ("\n"); #endif } free(utmp1); @@ -220,43 +221,48 @@ hmac_sha1(krb5_key pass, krb5_data *salt, krb5_data *out) { const struct krb5_hash_provider *h = &krb5int_hash_sha1; krb5_error_code err; + krb5_crypto_iov iov; if (debug_hmac) - printd(" hmac input", salt); - err = krb5int_hmac(h, pass, 1, salt, out); + printd(" hmac input", salt); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *salt; + err = krb5int_hmac(h, pass, &iov, 1, out); if (err == 0 && debug_hmac) - printd(" hmac output", out); + printd(" hmac output", out); return err; } krb5_error_code -krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count, - const krb5_data *pass, const krb5_data *salt) +krb5int_pbkdf2_hmac_sha1(const krb5_data *out, unsigned long count, + const krb5_data *pass, const krb5_data *salt) { const struct krb5_hash_provider *h = &krb5int_hash_sha1; krb5_keyblock keyblock; krb5_key key; char tmp[40]; krb5_data d; + krb5_crypto_iov iov; krb5_error_code err; assert(h->hashsize <= sizeof(tmp)); if (pass->length > h->blocksize) { - d.data = tmp; - d.length = h->hashsize; - err = h->hash (1, pass, &d); - if (err) - return err; - keyblock.length = d.length; - keyblock.contents = (krb5_octet *) d.data; + d = make_data(tmp, h->hashsize); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *pass; + err = h->hash(&iov, 1, &d); + if (err) + return err; + keyblock.length = d.length; + keyblock.contents = (krb5_octet *) d.data; } else { - keyblock.length = pass->length; - keyblock.contents = (krb5_octet *) pass->data; + keyblock.length = pass->length; + keyblock.contents = (krb5_octet *) pass->data; } err = krb5_k_create_key(NULL, &keyblock, &key); if (err) - return err; + return err; err = krb5int_pbkdf2(hmac_sha1, 20, key, salt, count, out); krb5_k_free_key(NULL, key); diff --git a/src/lib/crypto/builtin/sha1/Makefile.in b/src/lib/crypto/builtin/sha1/Makefile.in index 24b9ef1..ec51713 100644 --- a/src/lib/crypto/builtin/sha1/Makefile.in +++ b/src/lib/crypto/builtin/sha1/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/builtin/sha1 mydir=lib/crypto/builtin/sha1 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= diff --git a/src/lib/crypto/builtin/sha1/deps b/src/lib/crypto/builtin/sha1/deps index 39b9f9a..40fa5fa 100644 --- a/src/lib/crypto/builtin/sha1/deps +++ b/src/lib/crypto/builtin/sha1/deps @@ -3,11 +3,11 @@ # shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h shs.c shs.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h shs.c shs.h diff --git a/src/lib/crypto/builtin/sha1/shs.c b/src/lib/crypto/builtin/sha1/shs.c index d9372df..f28a4fc 100644 --- a/src/lib/crypto/builtin/sha1/shs.c +++ b/src/lib/crypto/builtin/sha1/shs.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "shs.h" #ifdef HAVE_SYS_TYPES_H #include <sys/types.h> @@ -39,7 +40,7 @@ 80-word expanded input array W, where the first 16 are copies of the input data, and the remaining 64 are defined by - W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] + W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] This implementation generates these values on the fly in a circular buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this @@ -51,27 +52,27 @@ #ifdef NEW_SHS #define expand(W,i) ( W[ i & 15 ] = ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \ - W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ))) + W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ))) #else -#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \ - W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) +#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \ + W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) #endif /* NEW_SHS */ /* The prototype SHS sub-round. The fundamental sub-round is: - a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; - b' = a; - c' = ROTL( 30, b ); - d' = c; - e' = d; + a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; + b' = a; + c' = ROTL( 30, b ); + d' = c; + e' = d; but this is implemented by unrolling the loop 5 times and renaming the variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration. This code is then replicated 20 times for each of the 4 functions, using the next 20 values from the W[] array each time */ -#define subRound(a, b, c, d, e, f, k, data) \ - ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \ +#define subRound(a, b, c, d, e, f, k, data) \ + ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \ e &= 0xffffffff, b = ROTL( 30, b ) ) /* Initialize the SHS values */ @@ -115,25 +116,25 @@ void SHSTransform(SHS_LONG *digest, const SHS_LONG *data) #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) { - int i; - SHS_LONG temp; - for (i = 0; i < 20; i++) { - SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i); - subRound(A, B, C, D, E, f1, K1, x); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 20; i < 40; i++) { - subRound(A, B, C, D, E, f2, K2, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 40; i < 60; i++) { - subRound(A, B, C, D, E, f3, K3, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 60; i < 80; i++) { - subRound(A, B, C, D, E, f4, K4, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } + int i; + SHS_LONG temp; + for (i = 0; i < 20; i++) { + SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i); + subRound(A, B, C, D, E, f1, K1, x); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 20; i < 40; i++) { + subRound(A, B, C, D, E, f2, K2, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 40; i < 60; i++) { + subRound(A, B, C, D, E, f3, K3, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 60; i < 80; i++) { + subRound(A, B, C, D, E, f4, K4, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } } #else @@ -251,7 +252,7 @@ void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) tmp = shsInfo->countLo; shsInfo->countLo = tmp + (((SHS_LONG) count) << 3 ); if ((shsInfo->countLo &= 0xffffffff) < tmp) - shsInfo->countHi++; /* Carry from low to high */ + shsInfo->countHi++; /* Carry from low to high */ shsInfo->countHi += count >> 29; /* Get count of bytes already in data */ @@ -259,72 +260,72 @@ void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) /* Handle any leading odd-sized chunks */ if (dataCount) { - lp = shsInfo->data + dataCount / 4; - dataCount = SHS_DATASIZE - dataCount; - canfill = (count >= dataCount); - - if (dataCount % 4) { - /* Fill out a full 32 bit word first if needed -- this - is not very efficient (computed shift amount), - but it shouldn't happen often. */ - while (dataCount % 4 && count > 0) { - *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8); - count--; - } - lp++; - } - while (lp < shsInfo->data + 16) { - if (count < 4) { - *lp = 0; - switch (count % 4) { - case 3: - *lp |= (SHS_LONG) buffer[2] << 8; - case 2: - *lp |= (SHS_LONG) buffer[1] << 16; - case 1: - *lp |= (SHS_LONG) buffer[0] << 24; - } - count = 0; - break; /* out of while loop */ - } - *lp++ = load_32_be(buffer); - buffer += 4; - count -= 4; - } - if (canfill) { - SHSTransform(shsInfo->digest, shsInfo->data); - } + lp = shsInfo->data + dataCount / 4; + dataCount = SHS_DATASIZE - dataCount; + canfill = (count >= dataCount); + + if (dataCount % 4) { + /* Fill out a full 32 bit word first if needed -- this + is not very efficient (computed shift amount), + but it shouldn't happen often. */ + while (dataCount % 4 && count > 0) { + *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8); + count--; + } + lp++; + } + while (lp < shsInfo->data + 16) { + if (count < 4) { + *lp = 0; + switch (count % 4) { + case 3: + *lp |= (SHS_LONG) buffer[2] << 8; + case 2: + *lp |= (SHS_LONG) buffer[1] << 16; + case 1: + *lp |= (SHS_LONG) buffer[0] << 24; + } + count = 0; + break; /* out of while loop */ + } + *lp++ = load_32_be(buffer); + buffer += 4; + count -= 4; + } + if (canfill) { + SHSTransform(shsInfo->digest, shsInfo->data); + } } /* Process data in SHS_DATASIZE chunks */ while (count >= SHS_DATASIZE) { - lp = shsInfo->data; - while (lp < shsInfo->data + 16) { - *lp++ = load_32_be(buffer); - buffer += 4; - } - SHSTransform(shsInfo->digest, shsInfo->data); - count -= SHS_DATASIZE; + lp = shsInfo->data; + while (lp < shsInfo->data + 16) { + *lp++ = load_32_be(buffer); + buffer += 4; + } + SHSTransform(shsInfo->digest, shsInfo->data); + count -= SHS_DATASIZE; } if (count > 0) { - lp = shsInfo->data; - while (count > 4) { - *lp++ = load_32_be(buffer); - buffer += 4; - count -= 4; - } - *lp = 0; - switch (count % 4) { - case 0: - *lp |= ((SHS_LONG) buffer[3]); - case 3: - *lp |= ((SHS_LONG) buffer[2]) << 8; - case 2: - *lp |= ((SHS_LONG) buffer[1]) << 16; - case 1: - *lp |= ((SHS_LONG) buffer[0]) << 24; - } + lp = shsInfo->data; + while (count > 4) { + *lp++ = load_32_be(buffer); + buffer += 4; + count -= 4; + } + *lp = 0; + switch (count % 4) { + case 0: + *lp |= ((SHS_LONG) buffer[3]); + case 3: + *lp |= ((SHS_LONG) buffer[2]) << 8; + case 2: + *lp |= ((SHS_LONG) buffer[1]) << 16; + case 1: + *lp |= ((SHS_LONG) buffer[0]) << 24; + } } } @@ -345,16 +346,16 @@ void shsFinal(SHS_INFO *shsInfo) lp = shsInfo->data + count / 4; switch (count % 4) { case 3: - *lp++ |= (SHS_LONG) 0x80; - break; + *lp++ |= (SHS_LONG) 0x80; + break; case 2: - *lp++ |= (SHS_LONG) 0x80 << 8; - break; + *lp++ |= (SHS_LONG) 0x80 << 8; + break; case 1: - *lp++ |= (SHS_LONG) 0x80 << 16; - break; + *lp++ |= (SHS_LONG) 0x80 << 16; + break; case 0: - *lp++ = (SHS_LONG) 0x80 << 24; + *lp++ = (SHS_LONG) 0x80 << 24; } /* at this point, lp can point *past* shsInfo->data. If it points @@ -363,16 +364,16 @@ void shsFinal(SHS_INFO *shsInfo) enough room for length words */ if (lp == shsInfo->data + 15) - *lp++ = 0; + *lp++ = 0; if (lp == shsInfo->data + 16) { - SHSTransform(shsInfo->digest, shsInfo->data); - lp = shsInfo->data; + SHSTransform(shsInfo->digest, shsInfo->data); + lp = shsInfo->data; } /* Pad out to 56 bytes */ while (lp < shsInfo->data + 14) - *lp++ = 0; + *lp++ = 0; /* Append length in bits and transform */ *lp++ = shsInfo->countHi; diff --git a/src/lib/crypto/builtin/sha1/shs.h b/src/lib/crypto/builtin/sha1/shs.h index 6dcb41b..e1872f2 100644 --- a/src/lib/crypto/builtin/sha1/shs.h +++ b/src/lib/crypto/builtin/sha1/shs.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef _SHS_DEFINED #include "k5-int.h" @@ -6,8 +7,8 @@ /* Some useful types */ -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; +typedef krb5_octet SHS_BYTE; +typedef krb5_ui_4 SHS_LONG; /* Define the following to use the updated SHS implementation */ #define NEW_SHS /**/ @@ -20,10 +21,10 @@ typedef krb5_ui_4 SHS_LONG; /* The structure for storing SHS info */ typedef struct { - SHS_LONG digest[ 5 ]; /* Message digest */ - SHS_LONG countLo, countHi; /* 64-bit bit count */ - SHS_LONG data[ 16 ]; /* SHS data buffer */ - } SHS_INFO; + SHS_LONG digest[ 5 ]; /* Message digest */ + SHS_LONG countLo, countHi; /* 64-bit bit count */ + SHS_LONG data[ 16 ]; /* SHS data buffer */ +} SHS_INFO; /* Message digest functions (shs.c) */ void shsInit(SHS_INFO *shsInfo); @@ -33,13 +34,13 @@ void shsFinal(SHS_INFO *shsInfo); /* Keyed Message digest functions (hmac_sha.c) */ krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); + int text_len, + krb5_octet *key, + int key_len, + krb5_octet *digest); -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE #endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/builtin/sha1/t_shs.c b/src/lib/crypto/builtin/sha1/t_shs.c index adcb092..08157b6 100644 --- a/src/lib/crypto/builtin/sha1/t_shs.c +++ b/src/lib/crypto/builtin/sha1/t_shs.c @@ -1,8 +1,9 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /**************************************************************************** -* * -* SHS Test Code * -* * -****************************************************************************/ + * * + * SHS Test Code * + * * + ****************************************************************************/ #include <stdio.h> #include <stdlib.h> @@ -17,7 +18,7 @@ static SHS_LONG shsTestResults[][ 5 ] = { { 0xA9993E36L, 0x4706816AL, 0xBA3E2571L, 0x7850C26CL, 0x9CD0D89DL, }, { 0x84983E44L, 0x1C3BD26EL, 0xBAAE4AA1L, 0xF95129E5L, 0xE54670F1L, }, { 0x34AA973CL, 0xD4C4DAA4L, 0xF61EEB2BL, 0xDBAD2731L, 0x6534016FL, } - }; +}; #else @@ -25,30 +26,30 @@ static SHS_LONG shsTestResults[][ 5 ] = { { 0x0164B8A9L, 0x14CD2A5EL, 0x74C4F7FFL, 0x082C4D97L, 0xF1EDF880L }, { 0xD2516EE1L, 0xACFA5BAFL, 0x33DFC1C4L, 0x71E43844L, 0x9EF134C8L }, { 0x3232AFFAL, 0x48628A26L, 0x653B5AAAL, 0x44541FD9L, 0x0D690603L } - }; +}; #endif /* NEW_SHS */ static int compareSHSresults(shsInfo, shsTestLevel) -SHS_INFO *shsInfo; -int shsTestLevel; + SHS_INFO *shsInfo; + int shsTestLevel; { int i, fail = 0; /* Compare the returned digest and required values */ for( i = 0; i < 5; i++ ) if( shsInfo->digest[ i ] != shsTestResults[ shsTestLevel ][ i ] ) - fail = 1; + fail = 1; if (fail) { - printf("\nExpected: "); - for (i = 0; i < 5; i++) { - printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]); - } - printf("\nGot: "); - for (i = 0; i < 5; i++) { - printf("%8.8lx ", (unsigned long) shsInfo->digest[i]); - } - printf("\n"); - return( -1 ); + printf("\nExpected: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]); + } + printf("\nGot: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", (unsigned long) shsInfo->digest[i]); + } + printf("\n"); + return( -1 ); } return( 0 ); } @@ -75,11 +76,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "abc", 3 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 0 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 1 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= A9993E364706816ABA3E25717850C26C9CD0D89D" ); #else @@ -91,11 +92,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 1 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 2 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= 84983E441C3BD26EBAAE4AA1F95129E5E54670F1" ); #else @@ -108,11 +109,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 64 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 2 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 3 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F" ); #else diff --git a/src/lib/crypto/builtin/sha1/t_shs3.c b/src/lib/crypto/builtin/sha1/t_shs3.c index cf9787e..d05ac6d 100644 --- a/src/lib/crypto/builtin/sha1/t_shs3.c +++ b/src/lib/crypto/builtin/sha1/t_shs3.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* test shs code */ #include <stdio.h> @@ -28,23 +29,23 @@ static void longReverse( SHS_LONG *buffer, int byteCount ) switch (init) { case 0: - init=1; - cp = (char *) &init; - if (*cp == 1) { - init=2; - break; - } - init=1; - /* fall through - MSB */ + init=1; + cp = (char *) &init; + if (*cp == 1) { + init=2; + break; + } + init=1; + /* fall through - MSB */ case 1: - return; + return; } byteCount /= sizeof( SHS_LONG ); while( byteCount-- ) { value = *buffer; value = ( ( value & 0xFF00FF00L ) >> 8 ) | - ( ( value & 0x00FF00FFL ) << 8 ); + ( ( value & 0x00FF00FFL ) << 8 ); *buffer++ = ( value << 16 ) | ( value >> 16 ); } } @@ -55,538 +56,538 @@ int Dflag; int main(argc,argv) - char **argv; + char **argv; { - char *argp; - - while (--argc > 0) if (*(argp = *++argv)=='-') - while (*++argp) switch(*argp) - { - case '1': - case '2': - case '3': - case '4': - case '5': - case '6': - case '7': - if (mode) goto Usage; - mode = *argp; - break; - case 'D': - if (argc <= 1) goto Usage; - --argc; - Dflag = atoi(*++argv); - break; - case '-': - break; - default: - fprintf (stderr,"Bad switch char <%c>\n", *argp); - Usage: - fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n"); - exit(1); - } - else goto Usage; - - process(); - exit(rc); + char *argp; + + while (--argc > 0) if (*(argp = *++argv)=='-') + while (*++argp) switch(*argp) + { + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + if (mode) goto Usage; + mode = *argp; + break; + case 'D': + if (argc <= 1) goto Usage; + --argc; + Dflag = atoi(*++argv); + break; + case '-': + break; + default: + fprintf (stderr,"Bad switch char <%c>\n", *argp); + Usage: + fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n"); + exit(1); + } + else goto Usage; + + process(); + exit(rc); } static void process(void) { - switch(mode) - { - case '1': - test1(); - break; - case '2': - test2(); - break; - case '3': - test3(); - break; - case '4': - test4(); - break; - case '5': - test5(); - break; - case '6': - test6(); - break; - case '7': - test7(); - break; - default: - test1(); - test2(); - test3(); - test4(); - test5(); - test6(); - test7(); - } + switch(mode) + { + case '1': + test1(); + break; + case '2': + test2(); + break; + case '3': + test3(); + break; + case '4': + test4(); + break; + case '5': + test5(); + break; + case '6': + test6(); + break; + case '7': + test7(); + break; + default: + test1(); + test2(); + test3(); + test4(); + test5(); + test6(); + test7(); + } } #ifndef shsDigest static unsigned char * shsDigest(si) - SHS_INFO *si; + SHS_INFO *si; { - longReverse(si->digest, SHS_DIGESTSIZE); - return (unsigned char*) si->digest; + longReverse(si->digest, SHS_DIGESTSIZE); + return (unsigned char*) si->digest; } #endif unsigned char results1[SHS_DIGESTSIZE] = { -0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e, -0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d}; + 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e, + 0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d}; static void test1(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 1 ...\n"); - shsInit(si); - shsUpdate(si, (SHS_BYTE *) "abc", 3); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 1 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results1[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 1 ...\n"); + shsInit(si); + shsUpdate(si, (SHS_BYTE *) "abc", 3); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 1 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results1[i]); + } + printf("\n"); } unsigned char results2[SHS_DIGESTSIZE] = { -0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae, -0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1}; + 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae, + 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1}; static void test2(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 2 ...\n"); - shsInit(si); - shsUpdate(si, - (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - 56); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 2 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results2[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 2 ...\n"); + shsInit(si); + shsUpdate(si, + (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + 56); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 2 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results2[i]); + } + printf("\n"); } unsigned char results3[SHS_DIGESTSIZE] = { -0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e, -0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f}; + 0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e, + 0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f}; static void test3(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 3 ...\n"); - shsInit(si); - for (i = 0; i < 15625; ++i) - shsUpdate(si, -(SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - 64); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 3 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results3[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 3 ...\n"); + shsInit(si); + for (i = 0; i < 15625; ++i) + shsUpdate(si, + (SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + 64); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 3 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results3[i]); + } + printf("\n"); } unsigned char randdata[] = { -0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f, -0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb, -0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57, -0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72, -0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c, -0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15, -0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b, -0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41, -0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66, -0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5, -0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00, -0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73, -0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d, -0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15, -0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa, -0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc, -0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70, -0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1, -0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b, -0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b, -0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33, -0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3, -0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23, -0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d, -0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e, -0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff, -0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11, -0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9, -0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24, -0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1, -0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09 + 0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f, + 0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb, + 0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57, + 0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72, + 0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c, + 0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15, + 0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b, + 0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41, + 0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66, + 0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5, + 0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00, + 0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73, + 0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d, + 0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15, + 0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa, + 0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc, + 0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70, + 0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1, + 0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b, + 0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b, + 0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33, + 0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3, + 0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23, + 0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d, + 0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e, + 0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff, + 0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11, + 0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9, + 0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24, + 0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1, + 0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09 }; unsigned char results4[SHS_DIGESTSIZE] = { -0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c, -0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc}; + 0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c, + 0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc}; static void test4(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 4 ...\n"); - shsInit(si); - shsUpdate(si, randdata, 19); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 4 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results4[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 4 ...\n"); + shsInit(si); + shsUpdate(si, randdata, 19); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 4 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results4[i]); + } + printf("\n"); } unsigned char results5[SHS_DIGESTSIZE] = { -0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64, -0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86}; + 0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64, + 0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86}; static void test5(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 5 ...\n"); - shsInit(si); - shsUpdate(si, randdata, 19); - shsUpdate(si, randdata+32, 15); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 5 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results5[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 5 ...\n"); + shsInit(si); + shsUpdate(si, randdata, 19); + shsUpdate(si, randdata+32, 15); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 5 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results5[i]); + } + printf("\n"); } unsigned char results6[SHS_DIGESTSIZE] = { -0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72, -0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10}; + 0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72, + 0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10}; static void test6(void) { - struct { - long pad1; - SHS_INFO si1; - long pad2; - SHS_INFO si2; - long pad3; - } sdata; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - unsigned int i, j; - - printf("Running SHS test 6 ...\n"); - sdata.pad1 = 0x12345678; - sdata.pad2 = 0x87654321; - sdata.pad3 = 0x78563412; - shsInit((&sdata.si2)); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #20 %#lx\n", -sdata.pad2); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #21 %#lx\n", -sdata.pad3); -sdata.pad3 = 0x78563412; -} - for (i = 0; i < 400; ++i) - { - shsInit(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #22 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #23 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #24 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #25 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - shsFinal(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #26 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #27 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); - if (Dflag & 1) - { - printf ("%d: ", i); - for (j = 0; j < SHS_DIGESTSIZE; ++j) - printf("%02x",digest[j]); - printf("\n"); - } - shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #28 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #29 %#lx at %d\n", -sdata.pad3, i); -sdata.pad3 = 0x78563412; -} - if (Dflag & 2) - printf ("%d: %08lx%08lx%08lx%08lx%08lx\n", - i, - (unsigned long) sdata.si2.digest[0], - (unsigned long) sdata.si2.digest[1], - (unsigned long) sdata.si2.digest[2], - (unsigned long) sdata.si2.digest[3], - (unsigned long) sdata.si2.digest[4]); - } - shsFinal((&sdata.si2)); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #30 %#lx\n", -sdata.pad2); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #31 %#lx\n", -sdata.pad3); -sdata.pad3 = 0x78563412; -} - memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 6 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results6[i]); - } - printf("\n"); + struct { + long pad1; + SHS_INFO si1; + long pad2; + SHS_INFO si2; + long pad3; + } sdata; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + unsigned int i, j; + + printf("Running SHS test 6 ...\n"); + sdata.pad1 = 0x12345678; + sdata.pad2 = 0x87654321; + sdata.pad3 = 0x78563412; + shsInit((&sdata.si2)); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #20 %#lx\n", + sdata.pad2); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #21 %#lx\n", + sdata.pad3); + sdata.pad3 = 0x78563412; + } + for (i = 0; i < 400; ++i) + { + shsInit(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #22 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #23 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #24 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #25 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + shsFinal(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #26 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #27 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); + if (Dflag & 1) + { + printf ("%d: ", i); + for (j = 0; j < SHS_DIGESTSIZE; ++j) + printf("%02x",digest[j]); + printf("\n"); + } + shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #28 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #29 %#lx at %d\n", + sdata.pad3, i); + sdata.pad3 = 0x78563412; + } + if (Dflag & 2) + printf ("%d: %08lx%08lx%08lx%08lx%08lx\n", + i, + (unsigned long) sdata.si2.digest[0], + (unsigned long) sdata.si2.digest[1], + (unsigned long) sdata.si2.digest[2], + (unsigned long) sdata.si2.digest[3], + (unsigned long) sdata.si2.digest[4]); + } + shsFinal((&sdata.si2)); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #30 %#lx\n", + sdata.pad2); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #31 %#lx\n", + sdata.pad3); + sdata.pad3 = 0x78563412; + } + memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 6 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results6[i]); + } + printf("\n"); } unsigned char results7[SHS_DIGESTSIZE] = { -0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f, -0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe}; + 0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f, + 0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe}; unsigned int jfsize[] = {0,1,31,32, - 33,55,56,63, - 64,65,71,72, - 73,95,96,97, - 119,120,123,127}; + 33,55,56,63, + 64,65,71,72, + 73,95,96,97, + 119,120,123,127}; unsigned int kfsize[] = {0,1,31,32,33,55,56,63}; static void test7(void) { - struct { - long pad1; - SHS_INFO si1; - long pad2; - SHS_INFO si2; - long pad3; - } sdata; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - unsigned int i, j, k, l; - - printf("Running SHS test 7 ...\n"); - sdata.pad1 = 0x12345678; - sdata.pad2 = 0x87654321; - sdata.pad3 = 0x78563412; - shsInit((&sdata.si2)); - for (i = 1; i <= 128; ++i) - for (j = 0; j < 20; ++j) - for (k = 0; k < 8; ++k) - { - shsInit(&sdata.si1); - shsUpdate(&sdata.si1, (randdata+80+j), i); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #1 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #2 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - shsUpdate(&sdata.si1, randdata+i, jfsize[j]); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #3 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #4 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #5 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #6 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - shsFinal(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #7 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #8 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); - if (Dflag & 1) - { - printf ("%d,%d,%d: ", i, j, k); - for (l = 0; l < SHS_DIGESTSIZE; ++l) - printf("%02x",digest[l]); - printf("\n"); - } - shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #9 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #10 %#lx at %d,%d,%d\n", -sdata.pad3, i,j,k); -sdata.pad3 = 0x78563412; -} - if (Dflag & 2) - printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n", - i,j,k, - (unsigned long) sdata.si2.digest[0], - (unsigned long) sdata.si2.digest[1], - (unsigned long) sdata.si2.digest[2], - (unsigned long) sdata.si2.digest[3], - (unsigned long) sdata.si2.digest[4]); - } - shsFinal((&sdata.si2)); - memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 7 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results7[i]); - } - printf("\n"); + struct { + long pad1; + SHS_INFO si1; + long pad2; + SHS_INFO si2; + long pad3; + } sdata; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + unsigned int i, j, k, l; + + printf("Running SHS test 7 ...\n"); + sdata.pad1 = 0x12345678; + sdata.pad2 = 0x87654321; + sdata.pad3 = 0x78563412; + shsInit((&sdata.si2)); + for (i = 1; i <= 128; ++i) + for (j = 0; j < 20; ++j) + for (k = 0; k < 8; ++k) + { + shsInit(&sdata.si1); + shsUpdate(&sdata.si1, (randdata+80+j), i); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #1 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #2 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + shsUpdate(&sdata.si1, randdata+i, jfsize[j]); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #3 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #4 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #5 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #6 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + shsFinal(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #7 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #8 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); + if (Dflag & 1) + { + printf ("%d,%d,%d: ", i, j, k); + for (l = 0; l < SHS_DIGESTSIZE; ++l) + printf("%02x",digest[l]); + printf("\n"); + } + shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #9 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #10 %#lx at %d,%d,%d\n", + sdata.pad3, i,j,k); + sdata.pad3 = 0x78563412; + } + if (Dflag & 2) + printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n", + i,j,k, + (unsigned long) sdata.si2.digest[0], + (unsigned long) sdata.si2.digest[1], + (unsigned long) sdata.si2.digest[2], + (unsigned long) sdata.si2.digest[3], + (unsigned long) sdata.si2.digest[4]); + } + shsFinal((&sdata.si2)); + memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 7 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results7[i]); + } + printf("\n"); } diff --git a/src/lib/crypto/builtin/t_cf2.c b/src/lib/crypto/builtin/t_cf2.c index 0c968ea..550192c 100644 --- a/src/lib/crypto/builtin/t_cf2.c +++ b/src/lib/crypto/builtin/t_cf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_cf2.c * @@ -42,47 +43,47 @@ #include <string.h> int main () { - char pepper1[1024], pepper2[1024]; - krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL; - krb5_data s2k; - unsigned int i; - while (1) { - krb5_enctype enctype; - char s[1025]; + char pepper1[1024], pepper2[1024]; + krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL; + krb5_data s2k; + unsigned int i; + while (1) { + krb5_enctype enctype; + char s[1025]; - if (scanf( "%d", &enctype) == EOF) - break; - if (scanf("%1024s", &s[0]) == EOF) - break; - assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0); - s2k.data = &s[0]; - s2k.length = strlen(s); - assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0); - if (scanf("%1024s", &s[0]) == EOF) - break; - assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0); - s2k.data = &s[0]; - s2k.length = strlen(s); - assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0); - if (scanf("%1024s %1024s", pepper1, pepper2) == EOF) - break; - assert(krb5_c_fx_cf2_simple(0, k1, pepper1, - k2, pepper2, &out) ==0); - i = out->length; - for (; i > 0; i--) { - printf ("%02x", - (unsigned int) ((unsigned char) out->contents[out->length-i])); - } - printf ("\n"); + if (scanf( "%d", &enctype) == EOF) + break; + if (scanf("%1024s", &s[0]) == EOF) + break; + assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0); + s2k.data = &s[0]; + s2k.length = strlen(s); + assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0); + if (scanf("%1024s", &s[0]) == EOF) + break; + assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0); + s2k.data = &s[0]; + s2k.length = strlen(s); + assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0); + if (scanf("%1024s %1024s", pepper1, pepper2) == EOF) + break; + assert(krb5_c_fx_cf2_simple(0, k1, pepper1, + k2, pepper2, &out) ==0); + i = out->length; + for (; i > 0; i--) { + printf ("%02x", + (unsigned int) ((unsigned char) out->contents[out->length-i])); + } + printf ("\n"); - krb5_free_keyblock(0,out); - out = NULL; + krb5_free_keyblock(0,out); + out = NULL; - krb5_free_keyblock(0, k1); - k1 = NULL; - krb5_free_keyblock(0, k2); - k2 = NULL; - } + krb5_free_keyblock(0, k1); + k1 = NULL; + krb5_free_keyblock(0, k2); + k2 = NULL; + } - return (0); + return (0); } diff --git a/src/lib/crypto/builtin/yhash.h b/src/lib/crypto/builtin/yhash.h index ce78c56..dcb8769 100644 --- a/src/lib/crypto/builtin/yhash.h +++ b/src/lib/crypto/builtin/yhash.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YHASH_H #define YHASH_H @@ -14,14 +14,14 @@ #define HASH_CTX SHS_INFO #define HASH_Init(x) shsInit(x) #define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz) -#define HASH_Final(x, tdigest) do { \ - size_t loopvar; \ - unsigned char *out2 = (void *)(tdigest); \ - HASH_CTX *ctx = (x); \ - shsFinal(ctx); \ - for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \ - store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \ - } while(0) +#define HASH_Final(x, tdigest) do { \ + size_t loopvar; \ + unsigned char *out2 = (void *)(tdigest); \ + HASH_CTX *ctx = (x); \ + shsFinal(ctx); \ + for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \ + store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \ + } while(0) #define HASH_DIGEST_SIZE SHS_DIGESTSIZE diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in index fa916d7..fde5a73 100644 --- a/src/lib/crypto/crypto_tests/Makefile.in +++ b/src/lib/crypto/crypto_tests/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/crypto/crypto_tests mydir=lib/crypto/crypto_tests BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)/../@CRYPTO_IMPL@/enc_provider \ @@ -39,6 +37,9 @@ EXTRADEPSRCS=\ ##DOS##LIBOBJS = $(OBJS) +# NOTE: The t_cksum known checksum values are primarily for regression +# testing. They are not derived a priori, but are known to produce +# checksums that interoperate. check-unix:: t_nfold t_encrypt t_prf t_prng t_hmac \ t_cksum4 t_cksum5 \ aes-test \ @@ -51,8 +52,8 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_hmac \ $(RUN_SETUP) $(VALGRIND) ./t_hmac $(RUN_SETUP) $(VALGRIND) ./t_prf <$(srcdir)/t_prf.in >t_prf.output diff t_prf.output $(srcdir)/t_prf.expected - $(RUN_SETUP) $(VALGRIND) ./t_cksum4 "this is a test" - $(RUN_SETUP) $(VALGRIND) ./t_cksum5 "this is a test" + $(RUN_SETUP) $(VALGRIND) ./t_cksum4 "this is a test" e3f76a07f3401e3536b43a3f54226c39422c35682c354835 + $(RUN_SETUP) $(VALGRIND) ./t_cksum5 "this is a test" e3f76a07f3401e351143ee6f4c09be1edb4264d55015db53 $(RUN_SETUP) $(VALGRIND) ./t_crc $(RUN_SETUP) $(VALGRIND) ./t_cts $(RUN_SETUP) $(VALGRIND) ./aes-test -k > vk.txt @@ -138,7 +139,7 @@ clean:: t_cksum.o t_cksum \ t_crc.o t_crc t_cts.o t_cts \ t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \ - t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \ + t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o t_kperf.o t_kperf \ t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) -$(RM) t_prng.output diff --git a/src/lib/crypto/crypto_tests/aes-test.c b/src/lib/crypto/crypto_tests/aes-test.c index 3ccacd8..714d08e 100644 --- a/src/lib/crypto/crypto_tests/aes-test.c +++ b/src/lib/crypto/crypto_tests/aes-test.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/aes/aes-test.c * @@ -36,25 +37,24 @@ static char plain[16], cipher[16], zero[16]; static krb5_keyblock enc_key; static krb5_data ivec; -static krb5_data in, out; static void init() { enc_key.contents = key; enc_key.length = 16; ivec.data = zero; ivec.length = 16; - in.data = plain; - in.length = 16; - out.data = cipher; - out.length = 16; } static void enc() { - krb5_key key; + krb5_key k; + krb5_crypto_iov iov; - krb5_k_create_key(NULL, &enc_key, &key); - krb5int_aes_encrypt(key, &ivec, &in, &out); - krb5_k_free_key(NULL, key); + memcpy(cipher, plain, 16); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data(cipher, 16); + krb5_k_create_key(NULL, &enc_key, &k); + krb5int_aes_encrypt(k, &ivec, &iov, 1); + krb5_k_free_key(NULL, k); } static void hexdump(const char *label, const char *cp, int len) @@ -83,12 +83,12 @@ static void vk_test_1(int len) memset(plain, 0, sizeof(plain)); hexdump("PT", plain, 16); for (i = 0; i < len * 8; i++) { - memset(key, 0, len); - set_bit(key, i); - printf("\nI=%d\n", i+1); - hexdump("KEY", key, len); - enc(); - hexdump("CT", cipher, 16); + memset(key, 0, len); + set_bit(key, i); + printf("\nI=%d\n", i+1); + hexdump("KEY", key, len); + enc(); + hexdump("CT", cipher, 16); } printf("\n==========\n"); } @@ -108,12 +108,12 @@ static void vt_test_1(int len) memset(key, 0, len); hexdump("KEY", key, len); for (i = 0; i < 16 * 8; i++) { - memset(plain, 0, sizeof(plain)); - set_bit(plain, i); - printf("\nI=%d\n", i+1); - hexdump("PT", plain, 16); - enc(); - hexdump("CT", cipher, 16); + memset(plain, 0, sizeof(plain)); + set_bit(plain, i); + printf("\nI=%d\n", i+1); + hexdump("PT", plain, 16); + enc(); + hexdump("CT", cipher, 16); } printf("\n==========\n"); } @@ -127,16 +127,16 @@ static void vt_test() int main (int argc, char *argv[]) { if (argc > 2 || (argc == 2 && strcmp(argv[1], "-k"))) { - fprintf(stderr, - "usage:\t%s -k\tfor variable-key tests\n" - " or:\t%s \tfor variable-plaintext tests\n", - argv[0], argv[0]); - return 1; + fprintf(stderr, + "usage:\t%s -k\tfor variable-key tests\n" + " or:\t%s \tfor variable-plaintext tests\n", + argv[0], argv[0]); + return 1; } init(); if (argc == 2) - vk_test(); + vk_test(); else - vt_test(); + vt_test(); return 0; } diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps index 2feac3c..65076fe 100644 --- a/src/lib/crypto/crypto_tests/deps +++ b/src/lib/crypto/crypto_tests/deps @@ -1 +1,152 @@ -# No dependencies here. +# +# Generated makefile dependencies follow. +# +$(OUTPRE)t_nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_nfold.c +$(OUTPRE)t_encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + t_encrypt.c +$(OUTPRE)t_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_prf.c +$(OUTPRE)t_prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_prng.c +$(OUTPRE)t_hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + t_hmac.c +$(OUTPRE)t_pkcs5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_pkcs5.c +$(OUTPRE)t_cts.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + t_cts.c +$(OUTPRE)vectors.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + vectors.c +$(OUTPRE)aes-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h aes-test.c +$(OUTPRE)t_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_cksum.c +$(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crc32/crc-32.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + t_crc.c +$(OUTPRE)t_mddriver.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/md5/rsa-md5.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + t_mddriver.c +$(OUTPRE)t_kperf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_kperf.c +$(OUTPRE)ytest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/sha1/shs.h \ + $(srcdir)/../builtin/yhash.h $(srcdir)/../krb/yarrow/yarrow.h \ + $(srcdir)/../krb/yarrow/ycipher.h $(srcdir)/../krb/yarrow/yexcep.h \ + $(srcdir)/../krb/yarrow/ytypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ytest.c diff --git a/src/lib/crypto/crypto_tests/t_cksum.c b/src/lib/crypto/crypto_tests/t_cksum.c index a544d9e..c4f22bc 100644 --- a/src/lib/crypto/crypto_tests/t_cksum.c +++ b/src/lib/crypto/crypto_tests/t_cksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/md5/t_cksum.c * @@ -34,29 +35,46 @@ #define MD5_K5BETA_COMPAT #define MD4_K5BETA_COMPAT -#if MD == 4 -extern struct krb5_keyhash_provider krb5int_keyhash_md4des; -#define khp krb5int_keyhash_md4des +#if MD == 4 +#define CKTYPE CKSUMTYPE_RSA_MD4_DES #endif -#if MD == 5 -extern struct krb5_keyhash_provider krb5int_keyhash_md5des; -#define khp krb5int_keyhash_md5des +#if MD == 5 +#define CKTYPE CKSUMTYPE_RSA_MD5_DES #endif static void -print_checksum(text, number, message, checksum) - char *text; - int number; - char *message; - krb5_data *checksum; +print_checksum(char *text, int number, char *message, krb5_checksum *checksum) { - int i; + unsigned int i; - printf("%s MD%d checksum(\"%s\") = ", text, number, message); - for (i=0; i<checksum->length; i++) - printf("%02x", (unsigned char) checksum->data[i]); - printf("\n"); + printf("%s MD%d checksum(\"%s\") = ", text, number, message); + for (i=0; i<checksum->length; i++) + printf("%02x", (unsigned char) checksum->contents[i]); + printf("\n"); +} + +static void +parse_hexstring(const char *s, krb5_checksum *cksum) +{ + size_t i, len; + unsigned int byte; + unsigned char *cp; + + len = strlen(s); + cp = malloc(len / 2); + cksum->contents = cp; + if (cp == NULL) { + cksum->length = 0; + return; + } + cksum->length = len / 2; + for (i = 0; i + 1 < len; i += 2) { + sscanf(&s[i], "%2x", &byte); + *cp++ = byte; + } + cksum->checksum_type = CKTYPE; + cksum->magic = KV5M_CHECKSUM; } /* @@ -68,78 +86,98 @@ krb5_octet testkey[8] = { 0x45, 0x01, 0x49, 0x61, 0x58, 0x19, 0x1a, 0x3d }; int main(argc, argv) - int argc; - char **argv; + int argc; + char **argv; { - int msgindex; - krb5_boolean valid; - size_t length; - krb5_keyblock keyblock; - krb5_key key; - krb5_error_code kret=0; - krb5_data plaintext, newstyle_checksum; - - /* this is a terrible seed, but that's ok for the test. */ - - plaintext.length = 8; - plaintext.data = (char *) testkey; - - krb5_c_random_seed(/* XXX */ 0, &plaintext); - - keyblock.enctype = ENCTYPE_DES_CBC_CRC; - keyblock.length = sizeof(testkey); - keyblock.contents = testkey; - - krb5_k_create_key(NULL, &keyblock, &key); - - length = khp.hashsize; - - newstyle_checksum.length = length; - - if (!(newstyle_checksum.data = (char *) - malloc((unsigned) newstyle_checksum.length))) { - printf("cannot get memory for new style checksum\n"); - return(ENOMEM); - } - for (msgindex = 1; msgindex < argc; msgindex++) { - plaintext.length = strlen(argv[msgindex]); - plaintext.data = argv[msgindex]; - - if ((kret = (*(khp.hash))(key, 0, 0, &plaintext, &newstyle_checksum))) { - printf("krb5_calculate_checksum choked with %d\n", kret); - break; - } - print_checksum("correct", MD, argv[msgindex], &newstyle_checksum); - - if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum, - &valid))) { - printf("verify on new checksum choked with %d\n", kret); - break; - } - if (!valid) { - printf("verify on new checksum failed\n"); - break; - } - printf("Verify succeeded for \"%s\"\n", argv[msgindex]); - - newstyle_checksum.data[0]++; - if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum, - &valid))) { - printf("verify on new checksum choked with %d\n", kret); - break; - } - if (valid) { - printf("verify on new checksum succeeded, but shouldn't have\n"); - break; + int msgindex; + krb5_boolean valid; + krb5_keyblock keyblock; + krb5_key key; + krb5_error_code kret=0; + krb5_data plaintext; + krb5_checksum checksum, knowncksum; + + /* this is a terrible seed, but that's ok for the test. */ + + plaintext.length = 8; + plaintext.data = (char *) testkey; + + krb5_c_random_seed(/* XXX */ 0, &plaintext); + + keyblock.enctype = ENCTYPE_DES_CBC_CRC; + keyblock.length = sizeof(testkey); + keyblock.contents = testkey; + + krb5_k_create_key(NULL, &keyblock, &key); + + for (msgindex = 1; msgindex + 1 < argc; msgindex += 2) { + plaintext.length = strlen(argv[msgindex]); + plaintext.data = argv[msgindex]; + + /* Create a checksum. */ + kret = krb5_k_make_checksum(NULL, CKTYPE, key, 0, &plaintext, + &checksum); + if (kret != 0) { + printf("krb5_calculate_checksum choked with %d\n", kret); + break; + } + print_checksum("correct", MD, argv[msgindex], &checksum); + + /* Verify it. */ + kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum, + &valid); + if (kret != 0) { + printf("verify on new checksum choked with %d\n", kret); + break; + } + if (!valid) { + printf("verify on new checksum failed\n"); + kret = 1; + break; + } + printf("Verify succeeded for \"%s\"\n", argv[msgindex]); + + /* Corrupt the checksum and see if it still verifies. */ + checksum.contents[0]++; + kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum, + &valid); + if (kret != 0) { + printf("verify on new checksum choked with %d\n", kret); + break; + } + if (valid) { + printf("verify on new checksum succeeded, but shouldn't have\n"); + kret = 1; + break; + } + printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); + free(checksum.contents); + + /* Verify a known-good checksum for this plaintext. */ + parse_hexstring(argv[msgindex+1], &knowncksum); + if (knowncksum.contents == NULL) { + printf("parse_hexstring failed\n"); + kret = 1; + break; + } + kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &knowncksum, + &valid); + if (kret != 0) { + printf("verify on known checksum choked with %d\n", kret); + break; + } + if (!valid) { + printf("verify on known checksum failed\n"); + kret = 1; + break; + } + printf("Verify on known checksum succeeded\n"); + free(knowncksum.contents); } - printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); - kret = 0; - } - free(newstyle_checksum.data); - if (!kret) - printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD); + if (!kret) + printf("%d tests passed successfully for MD%d checksum\n", (argc-1)/2, MD); - krb5_k_free_key(NULL, key); + krb5_k_free_key(NULL, key); - return(kret); + return(kret); } diff --git a/src/lib/crypto/crypto_tests/t_crc.c b/src/lib/crypto/crypto_tests/t_crc.c index cf837f8..99b2b5e 100644 --- a/src/lib/crypto/crypto_tests/t_crc.c +++ b/src/lib/crypto/crypto_tests/t_crc.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/crc32/t_crc.c * @@ -36,9 +37,9 @@ #define HEX 1 #define STR 2 struct crc_trial { - int type; - char *data; - unsigned long sum; + int type; + char *data; + unsigned long sum; }; struct crc_trial trials[] = { @@ -115,42 +116,29 @@ timetest(unsigned int nblk, unsigned int blksiz) block = malloc(blksiz * nblk); if (block == NULL) - exit(1); + exit(1); for (i = 0; i < blksiz * nblk; i++) - block[i] = i % 256; + block[i] = i % 256; times(&before); for (i = 0; i < nblk; i++) { - mit_crc32(block + i * blksiz, blksiz, &cksum); + cksum = 0; + mit_crc32(block + i * blksiz, blksiz, &cksum); } times(&after); printf("shift-8 implementation, %d blocks of %d bytes:\n", - nblk, blksiz); + nblk, blksiz); printf("\tu=%ld s=%ld cu=%ld cs=%ld\n", - (long)(after.tms_utime - before.tms_utime), - (long)(after.tms_stime - before.tms_stime), - (long)(after.tms_cutime - before.tms_cutime), - (long)(after.tms_cstime - before.tms_cstime)); + (long)(after.tms_utime - before.tms_utime), + (long)(after.tms_stime - before.tms_stime), + (long)(after.tms_cutime - before.tms_cutime), + (long)(after.tms_cstime - before.tms_cstime)); -#ifdef CRC32_SHIFT4 - times(&before); - for (i = 0; i < nblk; i++) { - mit_crc32_shift4(block + i * blksiz, blksiz, &cksum); - } - times(&after); - printf("shift-4 implementation, %d blocks of %d bytes:\n", - nblk, blksiz); - printf("\tu=%ld s=%ld cu=%ld cs=%ld\n", - (long)(after.tms_utime - before.tms_utime), - (long)(after.tms_stime - before.tms_stime), - (long)(after.tms_cutime - before.tms_cutime), - (long)(after.tms_cstime - before.tms_cstime)); -#endif free(block); } static void gethexstr(char *data, size_t *outlen, unsigned char *outbuf, - size_t buflen) + size_t buflen) { size_t inlen; char *cp, buf[3]; @@ -159,12 +147,12 @@ static void gethexstr(char *data, size_t *outlen, unsigned char *outbuf, inlen = strlen(data); *outlen = 0; for (cp = data; cp - data < inlen; cp += 2) { - strncpy(buf, cp, 2); - buf[2] = '\0'; - n = strtol(buf, NULL, 16); - outbuf[(*outlen)++] = n; - if (*outlen > buflen) - break; + strncpy(buf, cp, 2); + buf[2] = '\0'; + n = strtol(buf, NULL, 16); + outbuf[(*outlen)++] = n; + if (*outlen > buflen) + break; } } @@ -179,26 +167,28 @@ verify(void) char *typestr; for (i = 0; i < NTRIALS; i++) { - trial = trials[i]; - switch (trial.type) { - case STR: - len = strlen(trial.data); - typestr = "STR"; - mit_crc32(trial.data, len, &cksum); - break; - case HEX: - typestr = "HEX"; - gethexstr(trial.data, &len, buf, 4); - mit_crc32(buf, len, &cksum); - break; - default: - typestr = "BOGUS"; - fprintf(stderr, "bad trial type %d\n", trial.type); - exit(1); - } - printf("%s: %s \"%s\" = 0x%08lx\n", - (trial.sum == cksum) ? "OK" : "***BAD***", - typestr, trial.data, cksum); + trial = trials[i]; + switch (trial.type) { + case STR: + len = strlen(trial.data); + typestr = "STR"; + cksum = 0; + mit_crc32(trial.data, len, &cksum); + break; + case HEX: + typestr = "HEX"; + gethexstr(trial.data, &len, buf, 4); + cksum = 0; + mit_crc32(buf, len, &cksum); + break; + default: + typestr = "BOGUS"; + fprintf(stderr, "bad trial type %d\n", trial.type); + exit(1); + } + printf("%s: %s \"%s\" = 0x%08lx\n", + (trial.sum == cksum) ? "OK" : "***BAD***", + typestr, trial.data, cksum); } } diff --git a/src/lib/crypto/crypto_tests/t_cts.c b/src/lib/crypto/crypto_tests/t_cts.c index d948532..9b1c271 100644 --- a/src/lib/crypto/crypto_tests/t_cts.c +++ b/src/lib/crypto/crypto_tests/t_cts.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/vectors.c * @@ -45,7 +46,7 @@ const char *whoami; static void printhex (size_t len, const char *p) { while (len--) - printf ("%02x", 0xff & *p++); + printf ("%02x", 0xff & *p++); } static void printstringhex (const char *p) { printhex (strlen (p), p); } @@ -68,9 +69,9 @@ keyToData (krb5_keyblock *k, krb5_data *d) void check_error (int r, int line) { if (r != 0) { - fprintf (stderr, "%s:%d: %s\n", __FILE__, line, - error_message (r)); - exit (1); + fprintf (stderr, "%s:%d: %s\n", __FILE__, line, + error_message (r)); + exit (1); } } #define CHECK check_error(r, __LINE__) @@ -86,17 +87,17 @@ static void printd (const char *descr, krb5_data *d) { printf("%s:", descr); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); #ifdef SHOW_TEXT - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } #endif } printf("\n"); @@ -111,20 +112,21 @@ static void printk(const char *descr, krb5_keyblock *k) { static void test_cts() { static const char input[4*16] = - "I would like the General Gau's Chicken, please, and wonton soup."; + "I would like the General Gau's Chicken, please, and wonton soup."; static const unsigned char aeskey[16] = "chicken teriyaki"; static const int lengths[] = { 17, 31, 32, 47, 48, 64 }; int i; - char outbuf[64], encivbuf[16], decivbuf[16], outbuf2[64]; - krb5_data in, out, enciv, deciv, out2; + char outbuf[64], encivbuf[16], decivbuf[16]; + krb5_crypto_iov iov; + krb5_data in, enciv, deciv; krb5_keyblock keyblock; krb5_key key; krb5_error_code err; + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data.data = outbuf; in.data = input; - out.data = outbuf; - out2.data = outbuf2; enciv.length = deciv.length = 16; enciv.data = encivbuf; deciv.data = decivbuf; @@ -133,41 +135,41 @@ static void test_cts() err = krb5_k_create_key(NULL, &keyblock, &key); if (err) { - printf("error %ld from krb5_k_create_key\n", (long)err); - exit(1); + printf("error %ld from krb5_k_create_key\n", (long)err); + exit(1); } memset(enciv.data, 0, 16); printk("AES 128-bit key", &keyblock); for (i = 0; i < sizeof(lengths)/sizeof(lengths[0]); i++) { - memset(enciv.data, 0, 16); - memset(deciv.data, 0, 16); - - printf("\n"); - in.length = out.length = lengths[i]; - printd("IV", &enciv); - err = krb5int_aes_encrypt(key, &enciv, &in, &out); - if (err) { - printf("error %ld from krb5int_aes_encrypt\n", (long)err); - exit(1); - } - printd("Input", &in); - printd("Output", &out); - printd("Next IV", &enciv); - out2.length = out.length; - err = krb5int_aes_decrypt(key, &deciv, &out, &out2); - if (err) { - printf("error %ld from krb5int_aes_decrypt\n", (long)err); - exit(1); - } - if (!data_eq(out2, in)) { - printd("Decryption result DOESN'T MATCH", &out2); - exit(1); - } - if (memcmp(enciv.data, deciv.data, 16)) { - printd("Decryption IV result DOESN'T MATCH", &deciv); - exit(1); - } + memset(enciv.data, 0, 16); + memset(deciv.data, 0, 16); + + printf("\n"); + iov.data.length = in.length = lengths[i]; + memcpy(outbuf, input, lengths[i]); + printd("IV", &enciv); + err = krb5int_aes_encrypt(key, &enciv, &iov, 1); + if (err) { + printf("error %ld from krb5int_aes_encrypt\n", (long)err); + exit(1); + } + printd("Input", &in); + printd("Output", &iov.data); + printd("Next IV", &enciv); + err = krb5int_aes_decrypt(key, &deciv, &iov, 1); + if (err) { + printf("error %ld from krb5int_aes_decrypt\n", (long)err); + exit(1); + } + if (memcmp(outbuf, input, lengths[i]) != 0) { + printd("Decryption result DOESN'T MATCH", &iov.data); + exit(1); + } + if (memcmp(enciv.data, deciv.data, 16)) { + printd("Decryption IV result DOESN'T MATCH", &deciv); + exit(1); + } } krb5_k_free_key(NULL, key); } diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c index 5615bc8..60e86f4 100644 --- a/src/lib/crypto/crypto_tests/t_encrypt.c +++ b/src/lib/crypto/crypto_tests/t_encrypt.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_encrypt.c * @@ -36,15 +37,15 @@ /* What enctypes should we test?*/ krb5_enctype interesting_enctypes[] = { - ENCTYPE_DES_CBC_CRC, - ENCTYPE_DES_CBC_MD4, - ENCTYPE_DES_CBC_MD5, - ENCTYPE_DES3_CBC_SHA1, - ENCTYPE_ARCFOUR_HMAC, - ENCTYPE_ARCFOUR_HMAC_EXP, - ENCTYPE_AES256_CTS_HMAC_SHA1_96, - ENCTYPE_AES128_CTS_HMAC_SHA1_96, - 0 + ENCTYPE_DES_CBC_CRC, + ENCTYPE_DES_CBC_MD4, + ENCTYPE_DES_CBC_MD5, + ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + 0 }; static void @@ -52,24 +53,24 @@ test(const char *msg, krb5_error_code retval) { printf("%s: . . . ", msg); if (retval) { - printf("Failed: %s\n", error_message(retval)); - abort(); + printf("Failed: %s\n", error_message(retval)); + abort(); } else - printf("OK\n"); + printf("OK\n"); } static int compare_results(krb5_data *d1, krb5_data *d2) { if (d1->length != d2->length) { - /* Decryption can leave a little trailing cruft. - For the current cryptosystems, this can be up to 7 bytes. */ - if (d1->length + 8 <= d2->length) - return EINVAL; - if (d1->length > d2->length) - return EINVAL; + /* Decryption can leave a little trailing cruft. + For the current cryptosystems, this can be up to 7 bytes. */ + if (d1->length + 8 <= d2->length) + return EINVAL; + if (d1->length > d2->length) + return EINVAL; } if (memcmp(d1->data, d2->data, d1->length)) { - return EINVAL; + return EINVAL; } return 0; } @@ -77,187 +78,187 @@ static int compare_results(krb5_data *d1, krb5_data *d2) int main () { - krb5_context context = 0; - krb5_data in, in2, out, out2, check, check2, state, signdata; - krb5_crypto_iov iov[5]; - int i, j, pos; - unsigned int dummy; - size_t len; - krb5_enc_data enc_out, enc_out2; - krb5_keyblock *keyblock; - krb5_key key; + krb5_context context = 0; + krb5_data in, in2, out, out2, check, check2, state, signdata; + krb5_crypto_iov iov[5]; + int i, j, pos; + unsigned int dummy; + size_t len; + krb5_enc_data enc_out, enc_out2; + krb5_keyblock *keyblock; + krb5_key key; - memset(iov, 0, sizeof(iov)); + memset(iov, 0, sizeof(iov)); - in.data = "This is a test.\n"; - in.length = strlen (in.data); - in2.data = "This is another test.\n"; - in2.length = strlen (in2.data); + in.data = "This is a test.\n"; + in.length = strlen (in.data); + in2.data = "This is another test.\n"; + in2.length = strlen (in2.data); - test ("Seeding random number generator", - krb5_c_random_seed (context, &in)); + test ("Seeding random number generator", + krb5_c_random_seed (context, &in)); - /* Set up output buffers. */ - out.data = malloc(2048); - out2.data = malloc(2048); - check.data = malloc(2048); - check2.data = malloc(2048); - if (out.data == NULL || out2.data == NULL - || check.data == NULL || check2.data == NULL) - abort(); - out.magic = KV5M_DATA; - out.length = 2048; - out2.magic = KV5M_DATA; - out2.length = 2048; - check.length = 2048; - check2.length = 2048; + /* Set up output buffers. */ + out.data = malloc(2048); + out2.data = malloc(2048); + check.data = malloc(2048); + check2.data = malloc(2048); + if (out.data == NULL || out2.data == NULL + || check.data == NULL || check2.data == NULL) + abort(); + out.magic = KV5M_DATA; + out.length = 2048; + out2.magic = KV5M_DATA; + out2.length = 2048; + check.length = 2048; + check2.length = 2048; - for (i = 0; interesting_enctypes[i]; i++) { - krb5_enctype enctype = interesting_enctypes [i]; + for (i = 0; interesting_enctypes[i]; i++) { + krb5_enctype enctype = interesting_enctypes [i]; - printf ("Testing enctype %d\n", enctype); - test ("Initializing a keyblock", - krb5_init_keyblock (context, enctype, 0, &keyblock)); - test ("Generating random keyblock", - krb5_c_make_random_key (context, enctype, keyblock)); - test ("Creating opaque key from keyblock", - krb5_k_create_key (context, keyblock, &key)); + printf ("Testing enctype %d\n", enctype); + test ("Initializing a keyblock", + krb5_init_keyblock (context, enctype, 0, &keyblock)); + test ("Generating random keyblock", + krb5_c_make_random_key (context, enctype, keyblock)); + test ("Creating opaque key from keyblock", + krb5_k_create_key (context, keyblock, &key)); - enc_out.ciphertext = out; - enc_out2.ciphertext = out2; - /* We use an intermediate `len' because size_t may be different size - than `int' */ - krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len); - enc_out.ciphertext.length = len; + enc_out.ciphertext = out; + enc_out2.ciphertext = out2; + /* We use an intermediate `len' because size_t may be different size + than `int' */ + krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len); + enc_out.ciphertext.length = len; - /* Encrypt, decrypt, and see if we got the plaintext back again. */ - test ("Encrypting (c)", - krb5_c_encrypt (context, keyblock, 7, 0, &in, &enc_out)); - test ("Decrypting", - krb5_c_decrypt (context, keyblock, 7, 0, &enc_out, &check)); - test ("Comparing", compare_results (&in, &check)); + /* Encrypt, decrypt, and see if we got the plaintext back again. */ + test ("Encrypting (c)", + krb5_c_encrypt (context, keyblock, 7, 0, &in, &enc_out)); + test ("Decrypting", + krb5_c_decrypt (context, keyblock, 7, 0, &enc_out, &check)); + test ("Comparing", compare_results (&in, &check)); - /* Try again with the opaque-key-using variants. */ - memset(out.data, 0, out.length); - test ("Encrypting (k)", - krb5_k_encrypt (context, key, 7, 0, &in, &enc_out)); - test ("Decrypting", - krb5_k_decrypt (context, key, 7, 0, &enc_out, &check)); - test ("Comparing", compare_results (&in, &check)); + /* Try again with the opaque-key-using variants. */ + memset(out.data, 0, out.length); + test ("Encrypting (k)", + krb5_k_encrypt (context, key, 7, 0, &in, &enc_out)); + test ("Decrypting", + krb5_k_decrypt (context, key, 7, 0, &enc_out, &check)); + test ("Comparing", compare_results (&in, &check)); - /* Check if this enctype supports IOV encryption. */ - if ( krb5_c_crypto_length(context, keyblock->enctype, - KRB5_CRYPTO_TYPE_HEADER, &dummy) == 0 ){ - /* Set up iovecs for stream decryption. */ - memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length); - iov[0].flags= KRB5_CRYPTO_TYPE_STREAM; - iov[0].data.data = out2.data; - iov[0].data.length = enc_out.ciphertext.length; - iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + /* Check if this enctype supports IOV encryption. */ + if ( krb5_c_crypto_length(context, keyblock->enctype, + KRB5_CRYPTO_TYPE_HEADER, &dummy) == 0 ){ + /* Set up iovecs for stream decryption. */ + memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length); + iov[0].flags= KRB5_CRYPTO_TYPE_STREAM; + iov[0].data.data = out2.data; + iov[0].data.length = enc_out.ciphertext.length; + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; - /* Decrypt the encrypted data from above and check it. */ - test("IOV stream decrypting (c)", - krb5_c_decrypt_iov( context, keyblock, 7, 0, iov, 2)); - test("Comparing results", - compare_results(&in, &iov[1].data)); + /* Decrypt the encrypted data from above and check it. */ + test("IOV stream decrypting (c)", + krb5_c_decrypt_iov( context, keyblock, 7, 0, iov, 2)); + test("Comparing results", + compare_results(&in, &iov[1].data)); - /* Try again with the opaque-key-using variant. */ - memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length); - test("IOV stream decrypting (k)", - krb5_k_decrypt_iov( context, key, 7, 0, iov, 2)); - test("Comparing results", - compare_results(&in, &iov[1].data)); + /* Try again with the opaque-key-using variant. */ + memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length); + test("IOV stream decrypting (k)", + krb5_k_decrypt_iov( context, key, 7, 0, iov, 2)); + test("Comparing results", + compare_results(&in, &iov[1].data)); - /* Set up iovecs for AEAD encryption. */ - signdata.magic = KV5M_DATA; - signdata.data = (char *) "This should be signed"; - signdata.length = strlen(signdata.data); - iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; - iov[1].flags = KRB5_CRYPTO_TYPE_DATA; - iov[1].data = in; /*We'll need to copy memory before encrypt*/ - iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; - iov[2].data = signdata; - iov[3].flags = KRB5_CRYPTO_TYPE_PADDING; - iov[4].flags = KRB5_CRYPTO_TYPE_TRAILER; + /* Set up iovecs for AEAD encryption. */ + signdata.magic = KV5M_DATA; + signdata.data = (char *) "This should be signed"; + signdata.length = strlen(signdata.data); + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data = in; /*We'll need to copy memory before encrypt*/ + iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + iov[2].data = signdata; + iov[3].flags = KRB5_CRYPTO_TYPE_PADDING; + iov[4].flags = KRB5_CRYPTO_TYPE_TRAILER; - /* "Allocate" data for the iovec buffers from the "out" buffer. */ - test("Setting up iov lengths", - krb5_c_crypto_length_iov(context, keyblock->enctype, iov, 5)); - for (j=0,pos=0; j <= 4; j++ ){ - if (iov[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) - continue; - iov[j].data.data = &out.data[pos]; - pos += iov[j].data.length; - } - assert (iov[1].data.length == in.length); - memcpy(iov[1].data.data, in.data, in.length); + /* "Allocate" data for the iovec buffers from the "out" buffer. */ + test("Setting up iov lengths", + krb5_c_crypto_length_iov(context, keyblock->enctype, iov, 5)); + for (j=0,pos=0; j <= 4; j++ ){ + if (iov[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + iov[j].data.data = &out.data[pos]; + pos += iov[j].data.length; + } + assert (iov[1].data.length == in.length); + memcpy(iov[1].data.data, in.data, in.length); - /* Encrypt and decrypt in place, and check the result. */ - test("iov encrypting (c)", - krb5_c_encrypt_iov(context, keyblock, 7, 0, iov, 5)); - assert(iov[1].data.length == in.length); - test("iov decrypting", - krb5_c_decrypt_iov(context, keyblock, 7, 0, iov, 5)); - test("Comparing results", - compare_results(&in, &iov[1].data)); + /* Encrypt and decrypt in place, and check the result. */ + test("iov encrypting (c)", + krb5_c_encrypt_iov(context, keyblock, 7, 0, iov, 5)); + assert(iov[1].data.length == in.length); + test("iov decrypting", + krb5_c_decrypt_iov(context, keyblock, 7, 0, iov, 5)); + test("Comparing results", + compare_results(&in, &iov[1].data)); - /* Try again with opaque-key-using variants. */ - test("iov encrypting (k)", - krb5_k_encrypt_iov(context, key, 7, 0, iov, 5)); - assert(iov[1].data.length == in.length); - test("iov decrypting", - krb5_k_decrypt_iov(context, key, 7, 0, iov, 5)); - test("Comparing results", - compare_results(&in, &iov[1].data)); - } + /* Try again with opaque-key-using variants. */ + test("iov encrypting (k)", + krb5_k_encrypt_iov(context, key, 7, 0, iov, 5)); + assert(iov[1].data.length == in.length); + test("iov decrypting", + krb5_k_decrypt_iov(context, key, 7, 0, iov, 5)); + test("Comparing results", + compare_results(&in, &iov[1].data)); + } - enc_out.ciphertext.length = out.length; - check.length = 2048; + enc_out.ciphertext.length = out.length; + check.length = 2048; - test ("init_state", - krb5_c_init_state (context, keyblock, 7, &state)); - test ("Encrypting with state", - krb5_c_encrypt (context, keyblock, 7, &state, &in, &enc_out)); - test ("Encrypting again with state", - krb5_c_encrypt (context, keyblock, 7, &state, &in2, &enc_out2)); - test ("free_state", - krb5_c_free_state (context, keyblock, &state)); - test ("init_state", - krb5_c_init_state (context, keyblock, 7, &state)); - test ("Decrypting with state", - krb5_c_decrypt (context, keyblock, 7, &state, &enc_out, &check)); - test ("Decrypting again with state", - krb5_c_decrypt (context, keyblock, 7, &state, &enc_out2, &check2)); - test ("free_state", - krb5_c_free_state (context, keyblock, &state)); - test ("Comparing", - compare_results (&in, &check)); - test ("Comparing", - compare_results (&in2, &check2)); + test ("init_state", + krb5_c_init_state (context, keyblock, 7, &state)); + test ("Encrypting with state", + krb5_c_encrypt (context, keyblock, 7, &state, &in, &enc_out)); + test ("Encrypting again with state", + krb5_c_encrypt (context, keyblock, 7, &state, &in2, &enc_out2)); + test ("free_state", + krb5_c_free_state (context, keyblock, &state)); + test ("init_state", + krb5_c_init_state (context, keyblock, 7, &state)); + test ("Decrypting with state", + krb5_c_decrypt (context, keyblock, 7, &state, &enc_out, &check)); + test ("Decrypting again with state", + krb5_c_decrypt (context, keyblock, 7, &state, &enc_out2, &check2)); + test ("free_state", + krb5_c_free_state (context, keyblock, &state)); + test ("Comparing", + compare_results (&in, &check)); + test ("Comparing", + compare_results (&in2, &check2)); - krb5_free_keyblock (context, keyblock); - krb5_k_free_key (context, key); - } + krb5_free_keyblock (context, keyblock); + krb5_k_free_key (context, key); + } - /* Test the RC4 decrypt fallback from key usage 9 to 8. */ - test ("Initializing an RC4 keyblock", - krb5_init_keyblock (context, ENCTYPE_ARCFOUR_HMAC, 0, &keyblock)); - test ("Generating random RC4 key", - krb5_c_make_random_key (context, ENCTYPE_ARCFOUR_HMAC, keyblock)); - enc_out.ciphertext = out; - krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len); - enc_out.ciphertext.length = len; - check.length = 2048; - test ("Encrypting with RC4 key usage 8", - krb5_c_encrypt (context, keyblock, 8, 0, &in, &enc_out)); - test ("Decrypting with RC4 key usage 9", - krb5_c_decrypt (context, keyblock, 9, 0, &enc_out, &check)); - test ("Comparing", compare_results (&in, &check)); + /* Test the RC4 decrypt fallback from key usage 9 to 8. */ + test ("Initializing an RC4 keyblock", + krb5_init_keyblock (context, ENCTYPE_ARCFOUR_HMAC, 0, &keyblock)); + test ("Generating random RC4 key", + krb5_c_make_random_key (context, ENCTYPE_ARCFOUR_HMAC, keyblock)); + enc_out.ciphertext = out; + krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len); + enc_out.ciphertext.length = len; + check.length = 2048; + test ("Encrypting with RC4 key usage 8", + krb5_c_encrypt (context, keyblock, 8, 0, &in, &enc_out)); + test ("Decrypting with RC4 key usage 9", + krb5_c_decrypt (context, keyblock, 9, 0, &enc_out, &check)); + test ("Comparing", compare_results (&in, &check)); - krb5_free_keyblock (context, keyblock); - free(out.data); - free(out2.data); - free(check.data); - free(check2.data); - return 0; + krb5_free_keyblock (context, keyblock); + free(out.data); + free(out2.data); + free(check.data); + free(check2.data); + return 0; } diff --git a/src/lib/crypto/crypto_tests/t_hmac.c b/src/lib/crypto/crypto_tests/t_hmac.c index 55b47b8..1056ff6 100644 --- a/src/lib/crypto/crypto_tests/t_hmac.c +++ b/src/lib/crypto/crypto_tests/t_hmac.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_hmac.c * @@ -47,9 +48,9 @@ static void keyToData (krb5_keyblock *k, krb5_data *d) { #if 0 static void check_error (int r, int line) { if (r != 0) { - fprintf (stderr, "%s:%d: %s\n", __FILE__, line, - error_message (r)); - exit (1); + fprintf (stderr, "%s:%d: %s\n", __FILE__, line, + error_message (r)); + exit (1); } } #define CHECK check_error(r, __LINE__) @@ -62,16 +63,16 @@ static void printd (const char *descr, krb5_data *d) { printf("%s (%d bytes):", descr, d->length); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } } printf("\n"); } @@ -92,40 +93,42 @@ struct hmac_test { }; static krb5_error_code hmac1(const struct krb5_hash_provider *h, - krb5_keyblock *key, - krb5_data *in, krb5_data *out) + krb5_keyblock *key, + krb5_data *in, krb5_data *out) { char tmp[40]; size_t blocksize, hashsize; krb5_error_code err; krb5_key k; + krb5_crypto_iov iov; + krb5_data d; printk(" test key", key); blocksize = h->blocksize; hashsize = h->hashsize; if (hashsize > sizeof(tmp)) - abort(); + abort(); if (key->length > blocksize) { - krb5_data d, d2; - d.data = (char *) key->contents; - d.length = key->length; - d2.data = tmp; - d2.length = hashsize; - err = h->hash (1, &d, &d2); - if (err) { - com_err(whoami, err, "hashing key before calling hmac"); - exit(1); - } - key->length = d2.length; - key->contents = (krb5_octet *) d2.data; - printk(" pre-hashed key", key); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data(key->contents, key->length); + d = make_data(tmp, hashsize); + err = h->hash(&iov, 1, &d); + if (err) { + com_err(whoami, err, "hashing key before calling hmac"); + exit(1); + } + key->length = d.length; + key->contents = (krb5_octet *) d.data; + printk(" pre-hashed key", key); } printd(" hmac input", in); krb5_k_create_key(NULL, key, &k); - err = krb5int_hmac(h, k, 1, in, out); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *in; + err = krb5int_hmac(h, k, &iov, 1, out); krb5_k_free_key(NULL, k); if (err == 0) - printd(" hmac output", out); + printd(" hmac output", out); return err; } @@ -142,128 +145,128 @@ static void test_hmac() /* RFC 2202 test vector. */ static const struct hmac_test md5tests[] = { - { - 16, { - 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, - 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, - }, - 8, "Hi There", - "0x9294727a3638bb1c13f48ef8158bfc9d" - }, + { + 16, { + 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, + 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, + }, + 8, "Hi There", + "0x9294727a3638bb1c13f48ef8158bfc9d" + }, - { - 4, "Jefe", - 28, "what do ya want for nothing?", - "0x750c783e6ab0b503eaa86e310a5db738" - }, + { + 4, "Jefe", + 28, "what do ya want for nothing?", + "0x750c783e6ab0b503eaa86e310a5db738" + }, - { - 16, { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa - }, - 50, { - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - }, - "0x56be34521d144c88dbb8c733f0e8b3f6" - }, + { + 16, { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + }, + 50, { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + }, + "0x56be34521d144c88dbb8c733f0e8b3f6" + }, - { - 25, { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, - 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, - 0x15, 0x16, 0x17, 0x18, 0x19 - }, - 50, { - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - }, - "0x697eaf0aca3a3aea3a75164746ffaa79" - }, + { + 25, { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19 + }, + 50, { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + }, + "0x697eaf0aca3a3aea3a75164746ffaa79" + }, - { - 16, { - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c - }, - 20, "Test With Truncation", - "0x56461ef2342edc00f9bab995690efd4c" - }, + { + 16, { + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c + }, + 20, "Test With Truncation", + "0x56461ef2342edc00f9bab995690efd4c" + }, - { - 80, { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - }, - 54, "Test Using Larger Than Block-Size Key - Hash Key First", - "0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" - }, + { + 80, { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + 54, "Test Using Larger Than Block-Size Key - Hash Key First", + "0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" + }, - { - 80, { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - }, - 73, - "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", - "0x6f630fad67cda0ee1fb1f562db3aa53e" - }, + { + 80, { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + 73, + "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", + "0x6f630fad67cda0ee1fb1f562db3aa53e" + }, }; for (i = 0; i < sizeof(md5tests)/sizeof(md5tests[0]); i++) { - key.contents = md5tests[i].key; - key.length = md5tests[i].key_len; - in.data = md5tests[i].data; - in.length = md5tests[i].data_len; + key.contents = md5tests[i].key; + key.length = md5tests[i].key_len; + in.data = md5tests[i].data; + in.length = md5tests[i].data_len; - out.data = outbuf; - out.length = 20; - printf("\nTest #%d:\n", i+1); - err = hmac1(&krb5int_hash_md5, &key, &in, &out); - if (err) { - com_err(whoami, err, "computing hmac"); - exit(1); - } + out.data = outbuf; + out.length = 20; + printf("\nTest #%d:\n", i+1); + err = hmac1(&krb5int_hash_md5, &key, &in, &out); + if (err) { + com_err(whoami, err, "computing hmac"); + exit(1); + } - krb5int_buf_init_fixed(&buf, stroutbuf, sizeof(stroutbuf)); - krb5int_buf_add(&buf, "0x"); - for (j = 0; j < out.length; j++) - krb5int_buf_add_fmt(&buf, "%02x", 0xff & outbuf[j]); - if (krb5int_buf_data(&buf) == NULL) - abort(); - if (strcmp(stroutbuf, md5tests[i].hexdigest)) { - printf("*** CHECK FAILED!\n" - "\tReturned: %s.\n" - "\tExpected: %s.\n", stroutbuf, md5tests[i].hexdigest); - lose++; - } else - printf("Matches expected result.\n"); + krb5int_buf_init_fixed(&buf, stroutbuf, sizeof(stroutbuf)); + krb5int_buf_add(&buf, "0x"); + for (j = 0; j < out.length; j++) + krb5int_buf_add_fmt(&buf, "%02x", 0xff & outbuf[j]); + if (krb5int_buf_data(&buf) == NULL) + abort(); + if (strcmp(stroutbuf, md5tests[i].hexdigest)) { + printf("*** CHECK FAILED!\n" + "\tReturned: %s.\n" + "\tExpected: %s.\n", stroutbuf, md5tests[i].hexdigest); + lose++; + } else + printf("Matches expected result.\n"); } /* Do again with SHA-1 tests.... */ if (lose) { - printf("%d failures; exiting.\n", lose); - exit(1); + printf("%d failures; exiting.\n", lose); + exit(1); } } diff --git a/src/lib/crypto/crypto_tests/t_kperf.c b/src/lib/crypto/crypto_tests/t_kperf.c index 4c99d72..8c36e90 100644 --- a/src/lib/crypto/crypto_tests/t_kperf.c +++ b/src/lib/crypto/crypto_tests/t_kperf.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/crypto_tests/t_kperf.c * @@ -94,6 +94,14 @@ main(int argc, char **argv) sum.length = cklen; sum.contents = calloc(1, cklen); + /* + * Decrypting typically involves copying the output after checking the + * hash, so we need to create a valid ciphertext to correctly measure its + * performance. + */ + if (op == 'd') + krb5_c_encrypt(NULL, &kblock, 0, NULL, &block, &outblock); + for (i = 0; i < num_blocks; i++) { if (intf == 'c') { if (op == 'e') diff --git a/src/lib/crypto/crypto_tests/t_mdcksum.c b/src/lib/crypto/crypto_tests/t_mdcksum.c index 17ecd51..0b8a4fe 100644 --- a/src/lib/crypto/crypto_tests/t_mdcksum.c +++ b/src/lib/crypto/crypto_tests/t_mdcksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/md5/t_cksum.c * @@ -29,65 +30,65 @@ * t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des */ -#ifndef MD -#define MD 5 -#endif /* MD */ +#ifndef MD +#define MD 5 +#endif /* MD */ #include "k5-int.h" -#if MD == 4 +#if MD == 4 #include "rsa-md4.h" -#endif /* MD == 4 */ -#if MD == 5 +#endif /* MD == 4 */ +#if MD == 5 #include "rsa-md5.h" -#endif /* MD == 5 */ +#endif /* MD == 5 */ #include "des_int.h" #define MD5_K5BETA_COMPAT #define MD4_K5BETA_COMPAT -#if MD == 4 -#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH -#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH -#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH -#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES -#ifdef MD4_K5BETA_COMPAT -#define K5BETA_COMPAT 1 -#else /* MD4_K5BETA_COMPAT */ -#undef K5BETA_COMPAT -#endif /* MD4_K5BETA_COMPAT */ -#define CKSUM_FUNCTION krb5_md4_crypto_sum_func -#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func -#define VERIFY_FUNCTION krb5_md4_crypto_verify_func -#endif /* MD == 4 */ +#if MD == 4 +#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH +#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH +#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH +#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES +#ifdef MD4_K5BETA_COMPAT +#define K5BETA_COMPAT 1 +#else /* MD4_K5BETA_COMPAT */ +#undef K5BETA_COMPAT +#endif /* MD4_K5BETA_COMPAT */ +#define CKSUM_FUNCTION krb5_md4_crypto_sum_func +#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func +#define VERIFY_FUNCTION krb5_md4_crypto_verify_func +#endif /* MD == 4 */ -#if MD == 5 -#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH -#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH -#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH -#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES -#ifdef MD5_K5BETA_COMPAT -#define K5BETA_COMPAT 1 -#else /* MD5_K5BETA_COMPAT */ -#undef K5BETA_COMPAT -#endif /* MD5_K5BETA_COMPAT */ -#define CKSUM_FUNCTION krb5_md5_crypto_sum_func -#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func -#define VERIFY_FUNCTION krb5_md5_crypto_verify_func -#endif /* MD == 5 */ +#if MD == 5 +#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH +#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH +#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH +#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES +#ifdef MD5_K5BETA_COMPAT +#define K5BETA_COMPAT 1 +#else /* MD5_K5BETA_COMPAT */ +#undef K5BETA_COMPAT +#endif /* MD5_K5BETA_COMPAT */ +#define CKSUM_FUNCTION krb5_md5_crypto_sum_func +#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func +#define VERIFY_FUNCTION krb5_md5_crypto_verify_func +#endif /* MD == 5 */ static void print_checksum(text, number, message, checksum) - char *text; - int number; - char *message; - krb5_checksum *checksum; + char *text; + int number; + char *message; + krb5_checksum *checksum; { - int i; + int i; - printf("%s MD%d checksum(\"%s\") = ", text, number, message); - for (i=0; i<checksum->length; i++) - printf("%02x", checksum->contents[i]); - printf("\n"); + printf("%s MD%d checksum(\"%s\") = ", text, number, message); + for (i=0; i<checksum->length; i++) + printf("%02x", checksum->contents[i]); + printf("\n"); } /* @@ -96,111 +97,111 @@ print_checksum(text, number, message, checksum) */ int main(argc, argv) - int argc; - char **argv; + int argc; + char **argv; { - int msgindex; - krb5_context kcontext; - krb5_encrypt_block encblock; - krb5_keyblock keyblock; - krb5_error_code kret; - krb5_checksum oldstyle_checksum; - krb5_checksum newstyle_checksum; - krb5_data pwdata; - char *pwd; + int msgindex; + krb5_context kcontext; + krb5_encrypt_block encblock; + krb5_keyblock keyblock; + krb5_error_code kret; + krb5_checksum oldstyle_checksum; + krb5_checksum newstyle_checksum; + krb5_data pwdata; + char *pwd; - pwd = "test password"; - pwdata.length = strlen(pwd); - pwdata.data = pwd; - krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE); - if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) { - printf("mit_des_string_to_key choked with %d\n", kret); - return(kret); - } - if ((kret = mit_des_process_key(&encblock, &keyblock))) { - printf("mit_des_process_key choked with %d\n", kret); - return(kret); - } - - oldstyle_checksum.length = OLD_CHECKSUM_LENGTH; - if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) { - printf("cannot get memory for old style checksum\n"); - return(ENOMEM); - } - newstyle_checksum.length = NEW_CHECKSUM_LENGTH; - if (!(newstyle_checksum.contents = (krb5_octet *) - malloc(NEW_CHECKSUM_LENGTH))) { - printf("cannot get memory for new style checksum\n"); - return(ENOMEM); - } - for (msgindex = 1; msgindex < argc; msgindex++) { - if ((kret = CKSUM_FUNCTION(argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length, - &newstyle_checksum))) { - printf("krb5_calculate_checksum choked with %d\n", kret); - break; + pwd = "test password"; + pwdata.length = strlen(pwd); + pwdata.data = pwd; + krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE); + if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) { + printf("mit_des_string_to_key choked with %d\n", kret); + return(kret); } - print_checksum("correct", MD, argv[msgindex], &newstyle_checksum); -#ifdef K5BETA_COMPAT - if ((kret = COMPAT_FUNCTION(argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length, - &oldstyle_checksum))) { - printf("old style calculate_checksum choked with %d\n", kret); - break; + if ((kret = mit_des_process_key(&encblock, &keyblock))) { + printf("mit_des_process_key choked with %d\n", kret); + return(kret); } - print_checksum("old", MD, argv[msgindex], &oldstyle_checksum); -#endif /* K5BETA_COMPAT */ - if ((kret = VERIFY_FUNCTION(&newstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on new checksum choked with %d\n", kret); - break; - } - printf("Verify succeeded for \"%s\"\n", argv[msgindex]); -#ifdef K5BETA_COMPAT - if ((kret = VERIFY_FUNCTION(&oldstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on old checksum choked with %d\n", kret); - break; + + oldstyle_checksum.length = OLD_CHECKSUM_LENGTH; + if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) { + printf("cannot get memory for old style checksum\n"); + return(ENOMEM); } - printf("Compatible checksum verify succeeded for \"%s\"\n", - argv[msgindex]); -#endif /* K5BETA_COMPAT */ - newstyle_checksum.contents[0]++; - if (!(kret = VERIFY_FUNCTION(&newstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on new checksum should have choked\n"); - break; + newstyle_checksum.length = NEW_CHECKSUM_LENGTH; + if (!(newstyle_checksum.contents = (krb5_octet *) + malloc(NEW_CHECKSUM_LENGTH))) { + printf("cannot get memory for new style checksum\n"); + return(ENOMEM); } - printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); -#ifdef K5BETA_COMPAT - oldstyle_checksum.contents[0]++; - if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on old checksum should have choked\n"); - break; + for (msgindex = 1; msgindex < argc; msgindex++) { + if ((kret = CKSUM_FUNCTION(argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length, + &newstyle_checksum))) { + printf("krb5_calculate_checksum choked with %d\n", kret); + break; + } + print_checksum("correct", MD, argv[msgindex], &newstyle_checksum); +#ifdef K5BETA_COMPAT + if ((kret = COMPAT_FUNCTION(argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length, + &oldstyle_checksum))) { + printf("old style calculate_checksum choked with %d\n", kret); + break; + } + print_checksum("old", MD, argv[msgindex], &oldstyle_checksum); +#endif /* K5BETA_COMPAT */ + if ((kret = VERIFY_FUNCTION(&newstyle_checksum, + argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length))) { + printf("verify on new checksum choked with %d\n", kret); + break; + } + printf("Verify succeeded for \"%s\"\n", argv[msgindex]); +#ifdef K5BETA_COMPAT + if ((kret = VERIFY_FUNCTION(&oldstyle_checksum, + argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length))) { + printf("verify on old checksum choked with %d\n", kret); + break; + } + printf("Compatible checksum verify succeeded for \"%s\"\n", + argv[msgindex]); +#endif /* K5BETA_COMPAT */ + newstyle_checksum.contents[0]++; + if (!(kret = VERIFY_FUNCTION(&newstyle_checksum, + argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length))) { + printf("verify on new checksum should have choked\n"); + break; + } + printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); +#ifdef K5BETA_COMPAT + oldstyle_checksum.contents[0]++; + if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum, + argv[msgindex], + strlen(argv[msgindex]), + (krb5_pointer) keyblock.contents, + keyblock.length))) { + printf("verify on old checksum should have choked\n"); + break; + } + printf("Compatible checksum verify of altered checksum OK for \"%s\"\n", + argv[msgindex]); +#endif /* K5BETA_COMPAT */ + kret = 0; } - printf("Compatible checksum verify of altered checksum OK for \"%s\"\n", - argv[msgindex]); -#endif /* K5BETA_COMPAT */ - kret = 0; - } - if (!kret) - printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD); - return(kret); + if (!kret) + printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD); + return(kret); } diff --git a/src/lib/crypto/crypto_tests/t_mddriver.c b/src/lib/crypto/crypto_tests/t_mddriver.c index 3fab847..b3af381 100644 --- a/src/lib/crypto/crypto_tests/t_mddriver.c +++ b/src/lib/crypto/crypto_tests/t_mddriver.c @@ -1,21 +1,22 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* MDDRIVER.C - test driver for MD2, MD4 and MD5 */ /* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All -rights reserved. + rights reserved. -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. + RSA Data Security, Inc. makes no representations concerning either + the merchantability of this software or the suitability of this + software for any particular purpose. It is provided "as is" + without express or implied warranty of any kind. -These notices must be retained in any copies of any part of this -documentation and/or software. - */ + These notices must be retained in any copies of any part of this + documentation and/or software. +*/ /* The following makes MD default to MD5 if it has not already been - defined with C compiler flags. - */ + defined with C compiler flags. +*/ #ifndef MD #define MD 5 #endif @@ -67,26 +68,26 @@ struct md_test_entry { struct md_test_entry md_test_suite[] = { { "", - {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, - 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }}, + {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, + 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }}, { "a", - {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, - 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }}, + {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, + 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }}, { "abc", - {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, - 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }}, + {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, + 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }}, { "message digest", - {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, - 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }}, + {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, + 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }}, { "abcdefghijklmnopqrstuvwxyz", - {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, - 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }}, + {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, + 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }}, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, - 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }}, + {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, + 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }}, { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, - 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }}, + {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, + 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }}, {0, {0}} }; @@ -103,26 +104,26 @@ struct md_test_entry md_test_suite[] = { struct md_test_entry md_test_suite[] = { { "", - {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, - 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }}, + {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, + 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }}, { "a", - {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, - 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }}, + {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, + 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }}, { "abc", - {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, - 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }}, + {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, + 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }}, { "message digest", - {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, - 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }}, + {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, + 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }}, { "abcdefghijklmnopqrstuvwxyz", - {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, - 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }}, + {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, + 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }}, { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, - 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }}, + {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, + 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }}, { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, - 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }}, + {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, + 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }}, { 0, {0} } }; @@ -130,88 +131,88 @@ struct md_test_entry md_test_suite[] = { /* Main driver. -Arguments (may be any combination): - -sstring - digests string - -t - runs time trial - -x - runs test script - filename - digests file - (none) - digests standard input - */ + Arguments (may be any combination): + -sstring - digests string + -t - runs time trial + -x - runs test script + filename - digests file + (none) - digests standard input +*/ int main (argc, argv) -int argc; -char *argv[]; + int argc; + char *argv[]; { - int i; - - if (argc > 1) - for (i = 1; i < argc; i++) - if (argv[i][0] == '-' && argv[i][1] == 's') - MDString (argv[i] + 2); - else if (strcmp (argv[i], "-t") == 0) - MDTimeTrial (); - else if (strcmp (argv[i], "-x") == 0) - MDTestSuite (); - else - MDFile (argv[i]); - else - MDFilter (); - - return (0); + int i; + + if (argc > 1) + for (i = 1; i < argc; i++) + if (argv[i][0] == '-' && argv[i][1] == 's') + MDString (argv[i] + 2); + else if (strcmp (argv[i], "-t") == 0) + MDTimeTrial (); + else if (strcmp (argv[i], "-x") == 0) + MDTestSuite (); + else + MDFile (argv[i]); + else + MDFilter (); + + return (0); } /* Digests a string and prints the result. */ static void MDString (string) -char *string; + char *string; { - MD_CTX context; - unsigned int len = strlen (string); + MD_CTX context; + unsigned int len = strlen (string); - MDInit (&context); - MDUpdate (&context, (unsigned char *) string, len); - MDFinal (&context); + MDInit (&context); + MDUpdate (&context, (unsigned char *) string, len); + MDFinal (&context); - printf ("MD%d (\"%s\") = ", MD, string); - MDPrint (context.digest); - printf ("\n"); + printf ("MD%d (\"%s\") = ", MD, string); + MDPrint (context.digest); + printf ("\n"); } /* Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte - blocks. - */ + blocks. +*/ static void MDTimeTrial () { - MD_CTX context; - time_t endTime, startTime; - unsigned char block[TEST_BLOCK_LEN]; - unsigned int i; - - printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD, - TEST_BLOCK_LEN, TEST_BLOCK_COUNT); - - /* Initialize block */ - for (i = 0; i < TEST_BLOCK_LEN; i++) - block[i] = (unsigned char)(i & 0xff); - - /* Start timer */ - time (&startTime); - - /* Digest blocks */ - MDInit (&context); - for (i = 0; i < TEST_BLOCK_COUNT; i++) - MDUpdate (&context, block, TEST_BLOCK_LEN); - MDFinal (&context); - - /* Stop timer */ - time (&endTime); - - printf (" done\n"); - printf ("Digest = "); - MDPrint (context.digest); - printf ("\nTime = %ld seconds\n", (long)(endTime-startTime)); - printf - ("Speed = %ld bytes/second\n", - (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime)); + MD_CTX context; + time_t endTime, startTime; + unsigned char block[TEST_BLOCK_LEN]; + unsigned int i; + + printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD, + TEST_BLOCK_LEN, TEST_BLOCK_COUNT); + + /* Initialize block */ + for (i = 0; i < TEST_BLOCK_LEN; i++) + block[i] = (unsigned char)(i & 0xff); + + /* Start timer */ + time (&startTime); + + /* Digest blocks */ + MDInit (&context); + for (i = 0; i < TEST_BLOCK_COUNT; i++) + MDUpdate (&context, block, TEST_BLOCK_LEN); + MDFinal (&context); + + /* Stop timer */ + time (&endTime); + + printf (" done\n"); + printf ("Digest = "); + MDPrint (context.digest); + printf ("\nTime = %ld seconds\n", (long)(endTime-startTime)); + printf + ("Speed = %ld bytes/second\n", + (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime)); } /* Digests a reference suite of strings and prints the results. @@ -221,37 +222,37 @@ static void MDTestSuite () #ifdef HAVE_TEST_SUITE MD_CTX context; struct md_test_entry *entry; - int i, num_tests = 0, num_failed = 0; + int i, num_tests = 0, num_failed = 0; printf ("MD%d test suite:\n\n", MD); for (entry = md_test_suite; entry->string; entry++) { - unsigned int len = strlen (entry->string); - - MDInit (&context); - MDUpdate (&context, (unsigned char *) entry->string, len); - MDFinal (&context); - - printf ("MD%d (\"%s\") = ", MD, entry->string); - MDPrint (context.digest); - printf ("\n"); - for (i=0; i < 16; i++) { - if (context.digest[i] != entry->digest[i]) { - printf("\tIncorrect MD%d digest! Should have been:\n\t\t ", - MD); - MDPrint(entry->digest); - printf("\n"); - num_failed++; - } - } - num_tests++; + unsigned int len = strlen (entry->string); + + MDInit (&context); + MDUpdate (&context, (unsigned char *) entry->string, len); + MDFinal (&context); + + printf ("MD%d (\"%s\") = ", MD, entry->string); + MDPrint (context.digest); + printf ("\n"); + for (i=0; i < 16; i++) { + if (context.digest[i] != entry->digest[i]) { + printf("\tIncorrect MD%d digest! Should have been:\n\t\t ", + MD); + MDPrint(entry->digest); + printf("\n"); + num_failed++; + } + } + num_tests++; } if (num_failed) { - printf("%d out of %d tests failed for MD%d!!!\n", num_failed, - num_tests, MD); - exit(1); + printf("%d out of %d tests failed for MD%d!!!\n", num_failed, + num_tests, MD); + exit(1); } else { - printf ("%d tests passed successfully for MD%d.\n", num_tests, MD); - exit(0); + printf ("%d tests passed successfully for MD%d.\n", num_tests, MD); + exit(0); } #else @@ -262,9 +263,9 @@ static void MDTestSuite () MDString ("message digest"); MDString ("abcdefghijklmnopqrstuvwxyz"); MDString - ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); + ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); MDString - ("12345678901234567890123456789012345678901234567890123456789012345678901234567890"); + ("12345678901234567890123456789012345678901234567890123456789012345678901234567890"); #endif } @@ -279,18 +280,18 @@ static void MDFile (filename) unsigned char buffer[1024]; if ((file = fopen (filename, "rb")) == NULL) - printf ("%s can't be opened\n", filename); + printf ("%s can't be opened\n", filename); else { - MDInit (&context); - while ((len = fread (buffer, 1, 1024, file)) != 0) - MDUpdate (&context, buffer, len); - MDFinal (&context); + MDInit (&context); + while ((len = fread (buffer, 1, 1024, file)) != 0) + MDUpdate (&context, buffer, len); + MDFinal (&context); - fclose (file); + fclose (file); - printf ("MD%d (%s) = ", MD, filename); - MDPrint (context.digest); - printf ("\n"); + printf ("MD%d (%s) = ", MD, filename); + MDPrint (context.digest); + printf ("\n"); } } @@ -298,26 +299,26 @@ static void MDFile (filename) */ static void MDFilter () { - MD_CTX context; - int len; - unsigned char buffer[16]; + MD_CTX context; + int len; + unsigned char buffer[16]; - MDInit (&context); - while ((len = fread (buffer, 1, 16, stdin)) != 0) - MDUpdate (&context, buffer, len); - MDFinal (&context); + MDInit (&context); + while ((len = fread (buffer, 1, 16, stdin)) != 0) + MDUpdate (&context, buffer, len); + MDFinal (&context); - MDPrint (context.digest); - printf ("\n"); + MDPrint (context.digest); + printf ("\n"); } /* Prints a message digest in hexadecimal. */ static void MDPrint (digest) -unsigned char digest[16]; + unsigned char digest[16]; { - unsigned int i; + unsigned int i; - for (i = 0; i < 16; i++) - printf ("%02x", digest[i]); + for (i = 0; i < 16; i++) + printf ("%02x", digest[i]); } diff --git a/src/lib/crypto/crypto_tests/t_nfold.c b/src/lib/crypto/crypto_tests/t_nfold.c index 27a5760..2536133 100644 --- a/src/lib/crypto/crypto_tests/t_nfold.c +++ b/src/lib/crypto/crypto_tests/t_nfold.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_nfold.c * @@ -26,8 +27,8 @@ * * Program to test the correctness of nfold implementation. * - * exit returns 0 ==> success - * -1 ==> error + * exit returns 0 ==> success + * -1 ==> error */ #include <stdio.h> @@ -41,7 +42,7 @@ static void printhex (size_t len, const unsigned char *p) { while (len--) - printf ("%02x", 0xff & *p++); + printf ("%02x", 0xff & *p++); } static void printstringhex (const unsigned char *p) { @@ -52,48 +53,48 @@ static void rfc_tests () { int i; struct { - char *input; - unsigned int n; - unsigned char exp[192/8]; + char *input; + unsigned int n; + unsigned char exp[192/8]; } tests[] = { - { "012345", 64, - { 0xbe,0x07,0x26,0x31,0x27,0x6b,0x19,0x55, } - }, - { "password", 56, - { 0x78,0xa0,0x7b,0x6c,0xaf,0x85,0xfa, } - }, - { "Rough Consensus, and Running Code", 64, - { 0xbb,0x6e,0xd3,0x08,0x70,0xb7,0xf0,0xe0, } - }, - { "password", 168, - { 0x59,0xe4,0xa8,0xca,0x7c,0x03,0x85,0xc3, - 0xc3,0x7b,0x3f,0x6d,0x20,0x00,0x24,0x7c, - 0xb6,0xe6,0xbd,0x5b,0x3e, } - }, - { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192, - { 0xdb,0x3b,0x0d,0x8f,0x0b,0x06,0x1e,0x60, - 0x32,0x82,0xb3,0x08,0xa5,0x08,0x41,0x22, - 0x9a,0xd7,0x98,0xfa,0xb9,0x54,0x0c,0x1b, } - }, + { "012345", 64, + { 0xbe,0x07,0x26,0x31,0x27,0x6b,0x19,0x55, } + }, + { "password", 56, + { 0x78,0xa0,0x7b,0x6c,0xaf,0x85,0xfa, } + }, + { "Rough Consensus, and Running Code", 64, + { 0xbb,0x6e,0xd3,0x08,0x70,0xb7,0xf0,0xe0, } + }, + { "password", 168, + { 0x59,0xe4,0xa8,0xca,0x7c,0x03,0x85,0xc3, + 0xc3,0x7b,0x3f,0x6d,0x20,0x00,0x24,0x7c, + 0xb6,0xe6,0xbd,0x5b,0x3e, } + }, + { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192, + { 0xdb,0x3b,0x0d,0x8f,0x0b,0x06,0x1e,0x60, + 0x32,0x82,0xb3,0x08,0xa5,0x08,0x41,0x22, + 0x9a,0xd7,0x98,0xfa,0xb9,0x54,0x0c,0x1b, } + }, }; unsigned char outbuf[192/8]; printf ("RFC tests:\n"); for (i = 0; i < ASIZE (tests); i++) { - unsigned char *p = (unsigned char *) tests[i].input; - assert (tests[i].n / 8 <= sizeof (outbuf)); - krb5int_nfold (8 * strlen ((char *) p), p, tests[i].n, outbuf); - printf ("%d-fold(\"%s\") =\n", tests[i].n, p); - printf ("%d-fold(", tests[i].n); - printstringhex (p); - printf (") =\n\t"); - printhex (tests[i].n / 8, outbuf); - printf ("\n\n"); - if (memcmp (outbuf, tests[i].exp, tests[i].n/8) != 0) { - printf ("wrong value! expected:\n\t"); - printhex (tests[i].n / 8, tests[i].exp); - exit (1); - } + unsigned char *p = (unsigned char *) tests[i].input; + assert (tests[i].n / 8 <= sizeof (outbuf)); + krb5int_nfold (8 * strlen ((char *) p), p, tests[i].n, outbuf); + printf ("%d-fold(\"%s\") =\n", tests[i].n, p); + printf ("%d-fold(", tests[i].n); + printstringhex (p); + printf (") =\n\t"); + printhex (tests[i].n / 8, outbuf); + printf ("\n\n"); + if (memcmp (outbuf, tests[i].exp, tests[i].n/8) != 0) { + printf ("wrong value! expected:\n\t"); + printhex (tests[i].n / 8, tests[i].exp); + exit (1); + } } } @@ -103,12 +104,12 @@ static void fold_kerberos(unsigned int nbytes) int j; if (nbytes > 300) - abort(); + abort(); printf("%d-fold(\"kerberos\") =\n\t", nbytes*8); krb5int_nfold(64, (unsigned char *) "kerberos", 8*nbytes, cipher_text); for (j=0; j<nbytes; j++) - printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); + printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); printf("\n"); } @@ -131,26 +132,26 @@ unsigned char nfold_192[4][24] = { int main(argc, argv) - int argc; - char *argv[]; + int argc; + char *argv[]; { unsigned char cipher_text[64]; int i, j; printf("N-fold\n"); for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) { - printf("\tInput:\t\"%.*s\"\n", (int) strlen((char *) nfold_in[i]), - nfold_in[i]); - printf("\t192-Fold:\t"); - krb5int_nfold(strlen((char *) nfold_in[i])*8, nfold_in[i], 24*8, - cipher_text); - for (j=0; j<24; j++) - printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); - printf("\n"); - if (memcmp(cipher_text, nfold_192[i], 24)) { - printf("verify: error in n-fold\n"); - exit(-1); - }; + printf("\tInput:\t\"%.*s\"\n", (int) strlen((char *) nfold_in[i]), + nfold_in[i]); + printf("\t192-Fold:\t"); + krb5int_nfold(strlen((char *) nfold_in[i])*8, nfold_in[i], 24*8, + cipher_text); + for (j=0; j<24; j++) + printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); + printf("\n"); + if (memcmp(cipher_text, nfold_192[i], 24)) { + printf("verify: error in n-fold\n"); + exit(-1); + }; } rfc_tests (); diff --git a/src/lib/crypto/crypto_tests/t_pkcs5.c b/src/lib/crypto/crypto_tests/t_pkcs5.c index 2d58b50..34d884f 100644 --- a/src/lib/crypto/crypto_tests/t_pkcs5.c +++ b/src/lib/crypto/crypto_tests/t_pkcs5.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_pkcs5.c * @@ -37,7 +38,7 @@ static void printhex (size_t len, const char *p) { while (len--) - printf (" %02X", 0xff & *p++); + printf (" %02X", 0xff & *p++); } static void printdata (krb5_data *d) { @@ -53,20 +54,20 @@ static void test_pbkdf2_rfc3211() /* RFC 3211 test cases. */ static const struct { - const char *pass; - const char *salt; - unsigned int count; - size_t len; - const unsigned char expected[24]; + const char *pass; + const char *salt; + unsigned int count; + size_t len; + const unsigned char expected[24]; } t[] = { - { "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 5, 8, - { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 } }, - { "All n-entities must communicate with other " - "n-entities via n-1 entiteeheehees", - "\x12\x34\x56\x78\x78\x56\x34\x12", 500, 24, - { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE, - 0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86, - 0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D } }, + { "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 5, 8, + { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 } }, + { "All n-entities must communicate with other " + "n-entities via n-1 entiteeheehees", + "\x12\x34\x56\x78\x78\x56\x34\x12", 500, 24, + { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE, + 0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86, + 0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D } }, }; d.data = x; @@ -74,27 +75,27 @@ static void test_pbkdf2_rfc3211() for (i = 0; i < sizeof(t)/sizeof(t[0]); i++) { - printf("pkbdf2(iter_count=%d, dklen=%d (%d bytes), salt=12 34 56 78 78 56 34 12,\n" - " pass=%s):\n ->", - t[i].count, t[i].len * 8, t[i].len, t[i].pass); + printf("pkbdf2(iter_count=%d, dklen=%d (%d bytes), salt=12 34 56 78 78 56 34 12,\n" + " pass=%s):\n ->", + t[i].count, t[i].len * 8, t[i].len, t[i].pass); - d.length = t[i].len; - pass.data = t[i].pass; - pass.length = strlen(pass.data); - salt.data = t[i].salt; - salt.length = strlen(salt.data); - err = krb5int_pbkdf2_hmac_sha1 (&d, t[i].count, &pass, &salt); - if (err) { - printf("error in computing pbkdf2: %s\n", error_message(err)); - exit(1); - } - printdata(&d); - if (!memcmp(x, t[i].expected, t[i].len)) - printf("\nTest passed.\n\n"); - else { - printf("\n*** CHECK FAILED!\n"); - exit(1); - } + d.length = t[i].len; + pass.data = t[i].pass; + pass.length = strlen(pass.data); + salt.data = t[i].salt; + salt.length = strlen(salt.data); + err = krb5int_pbkdf2_hmac_sha1 (&d, t[i].count, &pass, &salt); + if (err) { + printf("error in computing pbkdf2: %s\n", error_message(err)); + exit(1); + } + printdata(&d); + if (!memcmp(x, t[i].expected, t[i].len)) + printf("\nTest passed.\n\n"); + else { + printf("\n*** CHECK FAILED!\n"); + exit(1); + } } } diff --git a/src/lib/crypto/crypto_tests/t_prf.c b/src/lib/crypto/crypto_tests/t_prf.c index c8825d0..6336d86 100644 --- a/src/lib/crypto/crypto_tests/t_prf.c +++ b/src/lib/crypto/crypto_tests/t_prf.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_prf.c * @@ -37,55 +38,55 @@ #include <assert.h> int main () { - krb5_data input, output; - krb5_keyblock *key = NULL; - unsigned int in_length; - unsigned int i; - size_t prfsz; + krb5_data input, output; + krb5_keyblock *key = NULL; + unsigned int in_length; + unsigned int i; + size_t prfsz; - while (1) { - krb5_enctype enctype; - char s[1025]; + while (1) { + krb5_enctype enctype; + char s[1025]; - if (scanf( "%d", &enctype) == EOF) - break; - if (scanf("%1024s", &s[0]) == EOF) - break; - assert (krb5_init_keyblock(0, enctype, 0, &key) == 0); - input.data = &s[0]; - input.length = strlen(s); - assert(krb5_c_string_to_key (0, enctype, &input, &input, key) == 0); + if (scanf( "%d", &enctype) == EOF) + break; + if (scanf("%1024s", &s[0]) == EOF) + break; + assert (krb5_init_keyblock(0, enctype, 0, &key) == 0); + input.data = &s[0]; + input.length = strlen(s); + assert(krb5_c_string_to_key (0, enctype, &input, &input, key) == 0); - if (scanf("%u", &in_length) == EOF) - break; + if (scanf("%u", &in_length) == EOF) + break; - if (in_length ) { - unsigned int lc; - assert ((input.data = malloc(in_length)) != NULL); - for (lc = in_length; lc > 0; lc--) { - scanf ("%2x", &i); - input.data[in_length-lc] = (unsigned) (i&0xff); - } - input.length = in_length; - assert (krb5_c_prf_length(0, enctype, &prfsz) == 0); - assert (output.data = malloc(prfsz)); - output.length = prfsz; - assert (krb5_c_prf(0, key, &input, &output) == 0); + if (in_length ) { + unsigned int lc; + assert ((input.data = malloc(in_length)) != NULL); + for (lc = in_length; lc > 0; lc--) { + scanf ("%2x", &i); + input.data[in_length-lc] = (unsigned) (i&0xff); + } + input.length = in_length; + assert (krb5_c_prf_length(0, enctype, &prfsz) == 0); + assert (output.data = malloc(prfsz)); + output.length = prfsz; + assert (krb5_c_prf(0, key, &input, &output) == 0); - free (input.data); - input.data = NULL; - } - for (; prfsz > 0; prfsz--) { - printf ("%02x", - (unsigned int) ((unsigned char ) output.data[output.length-prfsz])); - } - printf ("\n"); + free (input.data); + input.data = NULL; + } + for (; prfsz > 0; prfsz--) { + printf ("%02x", + (unsigned int) ((unsigned char ) output.data[output.length-prfsz])); + } + printf ("\n"); - free (output.data); - output.data = NULL; - krb5_free_keyblock(0, key); - key = NULL; - } + free (output.data); + output.data = NULL; + krb5_free_keyblock(0, key); + key = NULL; + } - return (0); + return (0); } diff --git a/src/lib/crypto/crypto_tests/t_prng.c b/src/lib/crypto/crypto_tests/t_prng.c index 2555e89..634667a 100644 --- a/src/lib/crypto/crypto_tests/t_prng.c +++ b/src/lib/crypto/crypto_tests/t_prng.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_prng.c * @@ -41,47 +42,47 @@ #include <assert.h> int main () { - krb5_error_code ret; - krb5_data input, output; - unsigned int source_id, seed_length; - unsigned int i; - while (1) { + krb5_error_code ret; + krb5_data input, output; + unsigned int source_id, seed_length; + unsigned int i; + while (1) { /* Read source*/ - if (scanf ("%u", &source_id ) == EOF ) - break; + if (scanf ("%u", &source_id ) == EOF ) + break; /* Read seed length*/ - if (scanf ("%u", &seed_length) == EOF) - break; - if (seed_length ) { - unsigned int lc; - assert ((input.data = malloc(seed_length)) != NULL); - for (lc = seed_length; lc > 0; lc--) { - scanf ("%2x", &i); - input.data[seed_length-lc] = (unsigned) (i&0xff); - } - input.length = seed_length; - assert (krb5_c_random_add_entropy (0, source_id, &input) == 0); - free (input.data); - input.data = NULL; + if (scanf ("%u", &seed_length) == EOF) + break; + if (seed_length ) { + unsigned int lc; + assert ((input.data = malloc(seed_length)) != NULL); + for (lc = seed_length; lc > 0; lc--) { + scanf ("%2x", &i); + input.data[seed_length-lc] = (unsigned) (i&0xff); + } + input.length = seed_length; + assert (krb5_c_random_add_entropy (0, source_id, &input) == 0); + free (input.data); + input.data = NULL; + } + if (scanf ("%u", &i) == EOF) + break; + if (i) { + assert ((output.data = malloc (i)) != NULL); + output.length = i; + ret = krb5_c_random_make_octets (0, &output); + if (ret) + printf ("failed\n"); + else { + for (; i > 0; i--) { + printf ("%02x", + (unsigned int) ((unsigned char ) output.data[output.length-i])); + } + printf ("\n"); + } + free (output.data); + output.data = NULL; + } } - if (scanf ("%u", &i) == EOF) - break; - if (i) { - assert ((output.data = malloc (i)) != NULL); - output.length = i; - ret = krb5_c_random_make_octets (0, &output); - if (ret) - printf ("failed\n"); - else { - for (; i > 0; i--) { - printf ("%02x", - (unsigned int) ((unsigned char ) output.data[output.length-i])); - } - printf ("\n"); - } - free (output.data); - output.data = NULL; - } - } - return (0); + return (0); } diff --git a/src/lib/crypto/crypto_tests/vectors.c b/src/lib/crypto/crypto_tests/vectors.c index a6301ed..a6f1bbe 100644 --- a/src/lib/crypto/crypto_tests/vectors.c +++ b/src/lib/crypto/crypto_tests/vectors.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/vectors.c * @@ -45,7 +46,7 @@ const char *whoami; static void printhex (size_t len, const char *p) { while (len--) - printf ("%02x", 0xff & *p++); + printf ("%02x", 0xff & *p++); } static void printstringhex (const char *p) { printhex (strlen (p), p); } @@ -58,29 +59,29 @@ static void test_nfold () { int i; static const struct { - char *input; - int n; + char *input; + int n; } tests[] = { - { "012345", 64, }, - { "password", 56, }, - { "Rough Consensus, and Running Code", 64, }, - { "password", 168, }, - { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192 }, - { "Q", 168 }, - { "ba", 168 }, + { "012345", 64, }, + { "password", 56, }, + { "Rough Consensus, and Running Code", 64, }, + { "password", 168, }, + { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192 }, + { "Q", 168 }, + { "ba", 168 }, }; unsigned char outbuf[192/8]; for (i = 0; i < ASIZE (tests); i++) { - char *p = tests[i].input; - assert (tests[i].n / 8 <= sizeof (outbuf)); - printf ("%d-fold(\"%s\") =\n", tests[i].n, p); - printf ("%d-fold(", tests[i].n); - printstringhex (p); - printf (") =\n\t"); - krb5int_nfold (8 * strlen (p), p, tests[i].n, outbuf); - printhex (tests[i].n / 8U, outbuf); - printf ("\n\n"); + char *p = tests[i].input; + assert (tests[i].n / 8 <= sizeof (outbuf)); + printf ("%d-fold(\"%s\") =\n", tests[i].n, p); + printf ("%d-fold(", tests[i].n); + printstringhex (p); + printf (") =\n\t"); + krb5int_nfold (8 * strlen (p), p, tests[i].n, outbuf); + printhex (tests[i].n / 8U, outbuf); + printf ("\n\n"); } } @@ -89,57 +90,57 @@ static void test_nfold () #define GCLEF "\360\235\204\236" /* outside BMP, woo hoo! */ /* Some weak keys: - {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, - {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, + {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, + {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, so try to generate them. */ static void test_mit_des_s2k () { static const struct { - const char *pass; - const char *salt; + const char *pass; + const char *salt; } pairs[] = { - { "password", "ATHENA.MIT.EDUraeburn" }, - { "potatoe", "WHITEHOUSE.GOVdanny" }, - { "penny", "EXAMPLE.COMbuckaroo", }, - { GCLEF, "EXAMPLE.COMpianist" }, - { ESZETT, "ATHENA.MIT.EDU" JURISIC }, - /* These two trigger weak-key fixups. */ - { "11119999", "AAAAAAAA" }, - { "NNNN6666", "FFFFAAAA" }, + { "password", "ATHENA.MIT.EDUraeburn" }, + { "potatoe", "WHITEHOUSE.GOVdanny" }, + { "penny", "EXAMPLE.COMbuckaroo", }, + { GCLEF, "EXAMPLE.COMpianist" }, + { ESZETT, "ATHENA.MIT.EDU" JURISIC }, + /* These two trigger weak-key fixups. */ + { "11119999", "AAAAAAAA" }, + { "NNNN6666", "FFFFAAAA" }, }; int i; for (i = 0; i < ASIZE (pairs); i++) { - const char *p = pairs[i].pass; - const char *s = pairs[i].salt; - krb5_data pd; - krb5_data sd; - unsigned char key_contents[60]; - krb5_keyblock key; - krb5_error_code r; - char buf[80]; - - key.contents = key_contents; - - pd.length = strlen (p); - pd.data = (char *) p; - sd.length = strlen (s); - sd.data = (char *) s; - - assert (strlen (s) + 4 < sizeof (buf)); - snprintf (buf, sizeof (buf), "\"%s\"", s); - printf ( "salt: %-25s", buf); - printhex (strlen(s), s); - snprintf (buf, sizeof (buf), "\"%s\"", p); - printf ("\npassword: %-25s", buf); - printhex (strlen(p), p); - printf ("\n"); - r = krb5int_des_string_to_key (0, &pd, &sd, 0, &key); - printf ( "DES key: %-25s", ""); - printhex (key.length, key.contents); - printf ("\n\n"); + const char *p = pairs[i].pass; + const char *s = pairs[i].salt; + krb5_data pd; + krb5_data sd; + unsigned char key_contents[60]; + krb5_keyblock key; + krb5_error_code r; + char buf[80]; + + key.contents = key_contents; + + pd.length = strlen (p); + pd.data = (char *) p; + sd.length = strlen (s); + sd.data = (char *) s; + + assert (strlen (s) + 4 < sizeof (buf)); + snprintf (buf, sizeof (buf), "\"%s\"", s); + printf ( "salt: %-25s", buf); + printhex (strlen(s), s); + snprintf (buf, sizeof (buf), "\"%s\"", p); + printf ("\npassword: %-25s", buf); + printhex (strlen(p), p); + printf ("\n"); + r = krb5int_des_string_to_key (0, &pd, &sd, 0, &key); + printf ( "DES key: %-25s", ""); + printhex (key.length, key.contents); + printf ("\n\n"); } } @@ -147,44 +148,44 @@ static void test_s2k (krb5_enctype enctype) { static const struct { - const char *pass; - const char *salt; + const char *pass; + const char *salt; } pairs[] = { - { "password", "ATHENA.MIT.EDUraeburn" }, - { "potatoe", "WHITEHOUSE.GOVdanny" }, - { "penny", "EXAMPLE.COMbuckaroo", }, - { ESZETT, "ATHENA.MIT.EDU" JURISIC }, - { GCLEF, "EXAMPLE.COMpianist" }, + { "password", "ATHENA.MIT.EDUraeburn" }, + { "potatoe", "WHITEHOUSE.GOVdanny" }, + { "penny", "EXAMPLE.COMbuckaroo", }, + { ESZETT, "ATHENA.MIT.EDU" JURISIC }, + { GCLEF, "EXAMPLE.COMpianist" }, }; int i; for (i = 0; i < ASIZE (pairs); i++) { - const char *p = pairs[i].pass; - const char *s = pairs[i].salt; - krb5_data pd, sd; - unsigned char key_contents[60]; - krb5_keyblock key; - krb5_error_code r; - char buf[80]; - - pd.length = strlen (p); - pd.data = (char *) p; - sd.length = strlen (s); - sd.data = (char *) s; - key.contents = key_contents; - - assert (strlen (s) + 4 < sizeof (buf)); - snprintf (buf, sizeof(buf), "\"%s\"", s); - printf ( "salt:\t%s\n\t", buf); - printhex (strlen(s), s); - snprintf (buf, sizeof(buf), "\"%s\"", p); - printf ("\npasswd:\t%s\n\t", buf); - printhex (strlen(p), p); - printf ("\n"); - r = krb5_c_string_to_key (0, enctype, &pd, &sd, &key); - printf ( "key:\t"); - printhex (key.length, key.contents); - printf ("\n\n"); + const char *p = pairs[i].pass; + const char *s = pairs[i].salt; + krb5_data pd, sd; + unsigned char key_contents[60]; + krb5_keyblock key; + krb5_error_code r; + char buf[80]; + + pd.length = strlen (p); + pd.data = (char *) p; + sd.length = strlen (s); + sd.data = (char *) s; + key.contents = key_contents; + + assert (strlen (s) + 4 < sizeof (buf)); + snprintf (buf, sizeof(buf), "\"%s\"", s); + printf ( "salt:\t%s\n\t", buf); + printhex (strlen(s), s); + snprintf (buf, sizeof(buf), "\"%s\"", p); + printf ("\npasswd:\t%s\n\t", buf); + printhex (strlen(p), p); + printf ("\n"); + r = krb5_c_string_to_key (0, enctype, &pd, &sd, &key); + printf ( "key:\t"); + printhex (key.length, key.contents); + printf ("\n\n"); } } @@ -199,9 +200,9 @@ keyToData (krb5_keyblock *k, krb5_data *d) void check_error (int r, int line) { if (r != 0) { - fprintf (stderr, "%s:%d: %s\n", __FILE__, line, - error_message (r)); - exit (1); + fprintf (stderr, "%s:%d: %s\n", __FILE__, line, + error_message (r)); + exit (1); } } #define CHECK check_error(r, __LINE__) @@ -228,114 +229,114 @@ void DR (krb5_data *out, krb5_keyblock *in, const krb5_data *usage) { void test_dr_dk () { static const struct { - unsigned char keydata[KEYLENGTH]; - int usage_len; - unsigned char usage[8]; + unsigned char keydata[KEYLENGTH]; + int usage_len; + unsigned char usage[8]; } derive_tests[] = { - { - { - 0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, - 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c, - 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, - }, - { - { - 0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, - 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b, - 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, - }, - { - { - 0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, - 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52, - 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, - }, - { - { - 0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, - 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02, - 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, - }, - { - { - 0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, - 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92, - 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb, - }, - 8, { 'k', 'e', 'r', 'b', 'e', 'r', 'o', 's' }, - }, - { - { - 0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3, - 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76, - 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e, - }, - 7, { 'c', 'o', 'm', 'b', 'i', 'n', 'e', }, - }, - { - { - 0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, - 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d, - 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, - }, - { - { - 0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, - 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79, - 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, - }, - { - { - 0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, - 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, - 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, - }, - { - { - 0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, - 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, - 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16, - }, - 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, - }, + { + { + 0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, + 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c, + 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, + }, + { + { + 0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, + 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b, + 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, + }, + { + { + 0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, + 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52, + 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, + }, + { + { + 0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, + 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02, + 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, + }, + { + { + 0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, + 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92, + 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb, + }, + 8, { 'k', 'e', 'r', 'b', 'e', 'r', 'o', 's' }, + }, + { + { + 0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3, + 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76, + 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e, + }, + 7, { 'c', 'o', 'm', 'b', 'i', 'n', 'e', }, + }, + { + { + 0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, + 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d, + 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, + }, + { + { + 0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, + 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79, + 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, + }, + { + { + 0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, + 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, + 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0x55 }, + }, + { + { + 0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, + 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, + 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16, + }, + 5, { 0x00, 0x00, 0x00, 0x01, 0xaa }, + }, }; int i; for (i = 0; i < ASIZE(derive_tests); i++) { #define D (derive_tests[i]) - krb5_keyblock key; - krb5_data usage; - - unsigned char drData[KEYBYTES]; - krb5_data dr; - unsigned char dkData[KEYLENGTH]; - krb5_keyblock dk; - - key.length = KEYLENGTH, key.contents = D.keydata; - usage.length = D.usage_len, usage.data = D.usage; - dr.length = KEYBYTES, dr.data = drData; - dk.length = KEYLENGTH, dk.contents = dkData; - - printf ("key:\t"); printkey (&key); printf ("\n"); - printf ("usage:\t"); printdata (&usage); printf ("\n"); - DR (&dr, &key, &usage); - printf ("DR:\t"); printdata (&dr); printf ("\n"); - DK (&dk, &key, &usage); - printf ("DK:\t"); printkey (&dk); printf ("\n\n"); + krb5_keyblock key; + krb5_data usage; + + unsigned char drData[KEYBYTES]; + krb5_data dr; + unsigned char dkData[KEYLENGTH]; + krb5_keyblock dk; + + key.length = KEYLENGTH, key.contents = D.keydata; + usage.length = D.usage_len, usage.data = D.usage; + dr.length = KEYBYTES, dr.data = drData; + dk.length = KEYLENGTH, dk.contents = dkData; + + printf ("key:\t"); printkey (&key); printf ("\n"); + printf ("usage:\t"); printdata (&usage); printf ("\n"); + DR (&dr, &key, &usage); + printf ("DR:\t"); printdata (&dr); printf ("\n"); + DK (&dk, &key, &usage); + printf ("DK:\t"); printkey (&dk); printf ("\n\n"); } } @@ -347,16 +348,16 @@ static void printd (const char *descr, krb5_data *d) { printf("%s:", descr); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } } printf("\n"); } @@ -372,21 +373,21 @@ static void test_pbkdf2() { static struct { - int count; - char *pass; - char *salt; + int count; + char *pass; + char *salt; } test[] = { - { 1, "password", "ATHENA.MIT.EDUraeburn" }, - { 2, "password", "ATHENA.MIT.EDUraeburn" }, - { 1200, "password", "ATHENA.MIT.EDUraeburn" }, - { 5, "password", "\x12\x34\x56\x78\x78\x56\x34\x12" }, - { 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase equals block size" }, - { 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase exceeds block size" }, - { 50, "\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist" }, + { 1, "password", "ATHENA.MIT.EDUraeburn" }, + { 2, "password", "ATHENA.MIT.EDUraeburn" }, + { 1200, "password", "ATHENA.MIT.EDUraeburn" }, + { 5, "password", "\x12\x34\x56\x78\x78\x56\x34\x12" }, + { 1200, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size" }, + { 1200, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size" }, + { 50, "\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist" }, }; unsigned char x[100]; unsigned char x2[100]; @@ -403,43 +404,43 @@ test_pbkdf2() usage.length = 8; for (j = 0; j < sizeof(test)/sizeof(test[0]); j++) { - printf("pkbdf2(count=%d, pass=\"%s\", salt=", - test[j].count, test[j].pass); - if (isprint(test[j].salt[0])) - printf("\"%s\")\n", test[j].salt); - else { - char *s = test[j].salt; - printf("0x"); - while (*s) - printf("%02X", 0xff & *s++); - printf(")\n"); - } - - d.length = 16; - pass.data = test[j].pass; - pass.length = strlen(pass.data); - salt.data = test[j].salt; - salt.length = strlen(salt.data); - err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt); - printd("128-bit PBKDF2 output", &d); - enc = &krb5int_enc_aes128; - k.contents = d.data; - k.length = d.length; - dk.length = d.length; - DK (&dk, &k, &usage); - printk("128-bit AES key",&dk); - - d.length = 32; - err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt); - printd("256-bit PBKDF2 output", &d); - enc = &krb5int_enc_aes256; - k.contents = d.data; - k.length = d.length; - dk.length = d.length; - DK (&dk, &k, &usage); - printk("256-bit AES key", &dk); - - printf("\n"); + printf("pkbdf2(count=%d, pass=\"%s\", salt=", + test[j].count, test[j].pass); + if (isprint(test[j].salt[0])) + printf("\"%s\")\n", test[j].salt); + else { + char *s = test[j].salt; + printf("0x"); + while (*s) + printf("%02X", 0xff & *s++); + printf(")\n"); + } + + d.length = 16; + pass.data = test[j].pass; + pass.length = strlen(pass.data); + salt.data = test[j].salt; + salt.length = strlen(salt.data); + err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt); + printd("128-bit PBKDF2 output", &d); + enc = &krb5int_enc_aes128; + k.contents = d.data; + k.length = d.length; + dk.length = d.length; + DK (&dk, &k, &usage); + printk("128-bit AES key",&dk); + + d.length = 32; + err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt); + printd("256-bit PBKDF2 output", &d); + enc = &krb5int_enc_aes256; + k.contents = d.data; + k.length = d.length; + dk.length = d.length; + DK (&dk, &k, &usage); + printk("256-bit AES key", &dk); + + printf("\n"); } } diff --git a/src/lib/crypto/crypto_tests/ytest.c b/src/lib/crypto/crypto_tests/ytest.c index 82e2eba..5b9ffaf 100644 --- a/src/lib/crypto/crypto_tests/ytest.c +++ b/src/lib/crypto/crypto_tests/ytest.c @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Yarrow - Cryptographic Pseudo-Random Number Generator * Copyright (c) 2000 Zero-Knowledge Systems, Inc. @@ -24,14 +24,14 @@ static void print_yarrow_status( Yarrow_CTX *y ) for ( pool = 0; pool < 2; pool++ ) { - printf( " %s: ", pool == YARROW_SLOW_POOL ? "slow" : "fast" ); - for ( sid = 0; sid < y->num_sources; sid++ ) - { - source = &y->source[ sid ]; - printf( "#%d=%d/%d, ", sid, source->entropy[pool], - pool == YARROW_SLOW_POOL ? - y->slow_thresh : y->fast_thresh ); - } + printf( " %s: ", pool == YARROW_SLOW_POOL ? "slow" : "fast" ); + for ( sid = 0; sid < y->num_sources; sid++ ) + { + source = &y->source[ sid ]; + printf( "#%d=%d/%d, ", sid, source->entropy[pool], + pool == YARROW_SLOW_POOL ? + y->slow_thresh : y->fast_thresh ); + } } printf( "\n" ); } @@ -40,13 +40,13 @@ int yarrow_verbose = 0; #define VERBOSE( x ) if ( yarrow_verbose ) { x } int Instrumented_krb5int_yarrow_input( Yarrow_CTX* y, int sid, void* sample, - size_t size, int entropy ) + size_t size, int entropy ) { int ret; VERBOSE( printf( "krb5int_yarrow_input( #%d, %d bits, %s ) = [", sid, entropy, - y->source[sid].pool == - YARROW_SLOW_POOL ? "slow" : "fast" ); ); + y->source[sid].pool == + YARROW_SLOW_POOL ? "slow" : "fast" ); ); ret = krb5int_yarrow_input( y, sid, sample, size, entropy ); VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); @@ -79,7 +79,7 @@ int do_test( int t ) printf( "[%s]\n", krb5int_yarrow_str_error( ret ) ); fflush( stdout ); THROW( ret ); - CATCH: +CATCH: THROW( EXCEP_BOOL ); EXCEP_RET; } @@ -98,48 +98,48 @@ int main( int argc, char* argv[] ) for ( argvp = argv+1, i = 1; i < argc; i++, argvp++ ) { - arg = *argvp; - if ( arg[0] == '-' ) - { - switch ( arg[1] ) - { - case 'v': yarrow_verbose = 1; continue; - default: fprintf( stderr, "usage: test [-v] [[test] ... ]\n" ); - THROW( YARROW_FAIL ); - } - } - conv_ok = NULL; - test = strtoul( arg, &conv_ok, 10 ); - if ( !conv_ok || test < 1 || test > num_tests ) - { - fprintf( stderr, "usage: test [-v] [[test] ... ]\n" ); - THROW( YARROW_FAIL ); - } - else - { - ret = do_test( test ); - if ( ok ) { ok = ret; } - done_some_tests = 1; - } + arg = *argvp; + if ( arg[0] == '-' ) + { + switch ( arg[1] ) + { + case 'v': yarrow_verbose = 1; continue; + default: fprintf( stderr, "usage: test [-v] [[test] ... ]\n" ); + THROW( YARROW_FAIL ); + } + } + conv_ok = NULL; + test = strtoul( arg, &conv_ok, 10 ); + if ( !conv_ok || test < 1 || test > num_tests ) + { + fprintf( stderr, "usage: test [-v] [[test] ... ]\n" ); + THROW( YARROW_FAIL ); + } + else + { + ret = do_test( test ); + if ( ok ) { ok = ret; } + done_some_tests = 1; + } } if ( !done_some_tests ) { - for ( i = 1; i <= num_tests; i++ ) - { - ret = do_test( i ); - if ( ok ) { ok = ret; } - } + for ( i = 1; i <= num_tests; i++ ) + { + ret = do_test( i ); + if ( ok ) { ok = ret; } + } } THROW( ok ); - CATCH: +CATCH: switch (EXCEPTION) { case YARROW_OK: - exit (EXIT_SUCCESS); + exit (EXIT_SUCCESS); default: - exit (EXIT_FAILURE); + exit (EXIT_FAILURE); } } @@ -157,7 +157,7 @@ int test_1( void ) VERBOSE( printf( "\nunknown hash function\n\n" ); ); THROW( YARROW_NOT_IMPL ); #endif - CATCH: +CATCH: EXCEP_RET; } @@ -178,7 +178,7 @@ int test_2( void ) VERBOSE( printf( "\nunknown encryption function\n\n" ); ); THROW( YARROW_NOT_IMPL ); #endif - CATCH: +CATCH: EXCEP_RET; } @@ -194,7 +194,7 @@ int test_3( void ) VERBOSE( printf( "\nkrb5int_yarrow_stretch\n\n" ); ); THROW( YARROW_NOT_IMPL ); - CATCH: +CATCH: EXCEP_RET; } @@ -217,7 +217,7 @@ int test_4( void ) VERBOSE( printf( "\nGeneral workout test\n\n" ); ) - VERBOSE( printf( "krb5int_yarrow_init() = [" ); ); + VERBOSE( printf( "krb5int_yarrow_init() = [" ); ); ret = krb5int_yarrow_init( &yarrow, YARROW_SEED_FILE ); VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); @@ -230,7 +230,7 @@ int test_4( void ) ret = krb5int_yarrow_new_source( &yarrow, &user ); VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n", - krb5int_yarrow_str_error( ret ) ); ); + krb5int_yarrow_str_error( ret ) ); ); if ( ret != YARROW_OK ) { THROW( ret ); } VERBOSE( printf( "Yarrow_Poll( #%d ) = [", user ); ); @@ -239,12 +239,12 @@ int test_4( void ) ret = krb5int_yarrow_new_source( &yarrow, &mouse ); VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n", - krb5int_yarrow_str_error( ret ) ); ); + krb5int_yarrow_str_error( ret ) ); ); if ( ret != YARROW_OK ) { THROW( ret ); } ret = krb5int_yarrow_new_source( &yarrow, &keyboard ); VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n", - krb5int_yarrow_str_error( ret ) ); ); + krb5int_yarrow_str_error( ret ) ); ); if ( ret != YARROW_OK ) { THROW( ret ); } /* prematurely try to draw output, to check failure when no @@ -261,14 +261,14 @@ int test_4( void ) for ( i = 0; i < 2; i++ ) { - TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample, - sizeof( mouse_sample ), 2 ) ); + TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample, + sizeof( mouse_sample ), 2 ) ); - TRY( Instrumented_krb5int_yarrow_input( &yarrow, keyboard, keyboard_sample, - sizeof( keyboard_sample ), 2 ) ); + TRY( Instrumented_krb5int_yarrow_input( &yarrow, keyboard, keyboard_sample, + sizeof( keyboard_sample ), 2 ) ); - TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample, - sizeof( user_sample ), 2 ) ); + TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample, + sizeof( user_sample ), 2 ) ); } #if defined( YARROW_DEBUG ) @@ -276,38 +276,38 @@ int test_4( void ) #endif VERBOSE( printf( "\nInduce user source (#%d) to reach " - "slow threshold\n\n", user ); ); + "slow threshold\n\n", user ); ); /* induce fast reseed */ for ( i = 0; i < 7; i++ ) { - TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample, - sizeof( user_sample ), - sizeof( user_sample ) * 3 ) ); + TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample, + sizeof( user_sample ), + sizeof( user_sample ) * 3 ) ); } VERBOSE( printf( "\nInduce mouse source (#%d) to reach " - "slow threshold reseed\n\n", mouse ); ); + "slow threshold reseed\n\n", mouse ); ); /* induce slow reseed, by triggering a second source to reach it's threshold */ for ( i = 0; i < 40; i++ ) { - TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample, - sizeof( mouse_sample ), - sizeof( mouse_sample )*2 ) ); + TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample, + sizeof( mouse_sample ), + sizeof( mouse_sample )*2 ) ); } VERBOSE( printf( "\nProduce some output\n\n" ); ); for ( i = 0; i < 30; i++ ) { - VERBOSE( printf( "krb5int_yarrow_output( %d ) = [", sizeof( junk ) ); ); - ret = krb5int_yarrow_output( &yarrow, junk, sizeof( junk ) ); - VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); - if ( ret != YARROW_OK ) { THROW( ret ); } + VERBOSE( printf( "krb5int_yarrow_output( %d ) = [", sizeof( junk ) ); ); + ret = krb5int_yarrow_output( &yarrow, junk, sizeof( junk ) ); + VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); + if ( ret != YARROW_OK ) { THROW( ret ); } } memset( junk, 0, sizeof( junk ) ); @@ -316,20 +316,20 @@ int test_4( void ) for ( i = 0; i < 30; i++ ) { - /* odd input to a different source so there are some slow reseeds */ - - if ( i % 16 == 0 ) - { - TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, junk, - sizeof( junk ), - sizeof( junk ) * 3 ) ); - } - else - { - TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, junk, - sizeof( junk ), - sizeof( junk ) * 3 ) ); - } + /* odd input to a different source so there are some slow reseeds */ + + if ( i % 16 == 0 ) + { + TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, junk, + sizeof( junk ), + sizeof( junk ) * 3 ) ); + } + else + { + TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, junk, + sizeof( junk ), + sizeof( junk ) * 3 ) ); + } } VERBOSE( printf( "\nPrint some random output\n\n" ); ); @@ -339,22 +339,22 @@ int test_4( void ) VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); if ( ret != YARROW_OK ) { - THROW( ret ); + THROW( ret ); } else { - VERBOSE( hex_print( stdout, "random", random, sizeof( random ) ); ); + VERBOSE( hex_print( stdout, "random", random, sizeof( random ) ); ); } VERBOSE( printf( "\nClose down Yarrow\n\n" ); ); - CATCH: +CATCH: if ( initialized ) { - VERBOSE( printf( "krb5int_yarrow_final() = [" ); ); - ret = krb5int_yarrow_final( &yarrow ); - VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); - THROW( ret ); + VERBOSE( printf( "krb5int_yarrow_final() = [" ); ); + ret = krb5int_yarrow_final( &yarrow ); + VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); ); + THROW( ret ); } EXCEP_RET; } @@ -370,9 +370,9 @@ void hex_print( FILE* f, const char* var, void* data, size_t size ) fprintf( f, " = " ); for ( i = 0; i < size; i++ ) { - c = conv[ (p[ i ] >> 4) & 0xf ]; - d = conv[ p[ i ] & 0xf ]; - fprintf( f, "%c%c", c, d ); + c = conv[ (p[ i ] >> 4) & 0xf ]; + d = conv[ p[ i ] & 0xf ]; + fprintf( f, "%c%c", c, d ); } fprintf( f, "\n" ); } diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index fe96eba..5c08de6 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -1,15 +1,13 @@ -thisconfigdir=../../.. -myfulldir=lib/crypto/krb mydir=lib/crypto/krb BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS= crc32 dk keyhash_provider \ +SUBDIRS= arcfour checksum crc32 dk \ prf rand2key old raw yarrow LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../@CRYPTO_IMPL@/enc_provider -I$(srcdir)/dk \ - -I$(srcdir)/../@CRYPTO_IMPL@/hash_provider -I$(srcdir)/keyhash_provider \ + -I$(srcdir)/../@CRYPTO_IMPL@/hash_provider \ -I$(srcdir)/prf -I$(srcdir)/rand2key \ -I$(srcdir)/old -I$(srcdir)/raw -I$(srcdir)/yarrow \ -I$(srcdir)/../@CRYPTO_IMPL@/ -I$(srcdir)/../@CRYPTO_IMPL@/des \ - -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/../@CRYPTO_IMPL@/arcfour \ + -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/arcfour \ -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -18,8 +16,8 @@ DEFS= ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=$(OUTPRE)crypto.lib ##DOSOBJFILE=$(OUTPRE)crypto.lst -##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst -##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)cksum.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)cksum.lst $(OUTPRE)aes.lst PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -153,14 +151,12 @@ SRCS=\ $(srcdir)/verify_checksum.c \ $(srcdir)/verify_checksum_iov.c -STOBJLISTS=crc32/OBJS.ST dk/OBJS.ST \ - keyhash_provider/OBJS.ST \ - prf/OBJS.ST rand2key/OBJS.ST \ +STOBJLISTS=arcfour/OBJS.ST checksum/OBJS.ST crc32/OBJS.ST \ + dk/OBJS.ST prf/OBJS.ST rand2key/OBJS.ST \ old/OBJS.ST raw/OBJS.ST yarrow/OBJS.ST OBJS.ST -SUBDIROBJLISTS=crc32/OBJS.ST dk/OBJS.ST \ - keyhash_provider/OBJS.ST \ - prf/OBJS.ST rand2key/OBJS.ST \ +SUBDIROBJLISTS=arcfour/OBJS.ST checksum/OBJS.ST crc32/OBJS.ST \ + dk/OBJS.ST prf/OBJS.ST rand2key/OBJS.ST \ old/OBJS.ST raw/OBJS.ST yarrow/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -173,15 +169,18 @@ depend:: $(SRCS) clean-unix:: clean-libobjs all-windows:: - cd crc32 + cd arcfour + @echo Making in crypto\arcfour + $(MAKE) -$(MFLAGS) + cd ..\crc32 @echo Making in crypto\crc32 $(MAKE) -$(MFLAGS) + cd ..\checksum + @echo Making in crypto\checksum + $(MAKE) -$(MFLAGS) cd ..\dk @echo Making in crypto\dk $(MAKE) -$(MFLAGS) - cd ..\keyhash_provider - @echo Making in crypto\keyhash_provider - $(MAKE) -$(MFLAGS) cd ..\prf @echo Making in crypto\prf $(MAKE) -$(MFLAGS) @@ -200,15 +199,18 @@ all-windows:: cd .. clean-windows:: - cd crc32 + cd arcfour + @echo Making in clean crypto\arcfour + $(MAKE) -$(MFLAGS) clean + cd ..\crc32 @echo Making in clean crypto\crc32 $(MAKE) -$(MFLAGS) clean + cd ..\checksum + @echo Making clean in crypto\checksum + $(MAKE) -$(MFLAGS) clean cd ..\dk @echo Making clean in crypto\dk $(MAKE) -$(MFLAGS) clean - cd ..\keyhash_provider - @echo Making clean in crypto\keyhash_provider - $(MAKE) -$(MFLAGS) clean cd ..\prf @echo Making clean in crypto\prf $(MAKE) -$(MFLAGS) clean @@ -227,15 +229,18 @@ clean-windows:: cd .. check-windows:: - cd crc32 + cd arcfour + @echo Making in check crypto\arcfour + $(MAKE) -$(MFLAGS) check + cd ..\crc32 @echo Making in check crypto\crc32 $(MAKE) -$(MFLAGS) check + cd ..\checksum + @echo Making check in crypto\checksum + $(MAKE) -$(MFLAGS) check cd ..\dk @echo Making check in crypto\dk $(MAKE) -$(MFLAGS) check - cd ..\keyhash_provider - @echo Making check in crypto\keyhash_provider - $(MAKE) -$(MFLAGS) check cd ..\prf @echo Making check in crypto\prf $(MAKE) -$(MFLAGS) check diff --git a/src/lib/crypto/krb/aead.c b/src/lib/crypto/krb/aead.c index f3ca11b..c1f8ccd 100644 --- a/src/lib/crypto/krb/aead.c +++ b/src/lib/crypto/krb/aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/aead.c * @@ -31,147 +32,41 @@ #include "aead.h" krb5_crypto_iov * -krb5int_c_locate_iov(krb5_crypto_iov *data, - size_t num_data, - krb5_cryptotype type) +krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data, + krb5_cryptotype type) { size_t i; krb5_crypto_iov *iov = NULL; if (data == NULL) - return NULL; + return NULL; for (i = 0; i < num_data; i++) { - if (data[i].flags == type) { - if (iov == NULL) - iov = &data[i]; - else - return NULL; /* can't appear twice */ - } + if (data[i].flags == type) { + if (iov == NULL) + iov = &data[i]; + else + return NULL; /* can't appear twice */ + } } return iov; } -static krb5_error_code -make_unkeyed_checksum_iov(const struct krb5_hash_provider *hash_provider, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output) -{ - krb5_data *sign_data; - size_t num_sign_data; - krb5_error_code ret; - size_t i, j; - - /* Create a checksum over all the data to be signed */ - for (i = 0, num_sign_data = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - num_sign_data++; - } - - /* XXX cleanup to avoid alloc. */ - sign_data = calloc(num_sign_data, sizeof(krb5_data)); - if (sign_data == NULL) - return ENOMEM; - - for (i = 0, j = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - sign_data[j++] = iov->data; - } - - ret = (*hash_provider->hash)(num_sign_data, sign_data, output); - - free(sign_data); - - return ret; -} - -krb5_error_code -krb5int_c_make_checksum_iov(const struct krb5_cksumtypes *cksum_type, - krb5_key key, - krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *cksum_data) -{ - const struct krb5_keytypes *e1, *e2; - krb5_error_code ret; - - if (cksum_type->keyhash != NULL) { - /* Check if key is compatible. */ - - if (cksum_type->keyed_etype) { - e1 = find_enctype(cksum_type->keyed_etype); - e2 = find_enctype(key->keyblock.enctype); - if (e1 == NULL || e2 == NULL || e1->enc != e2->enc) { - ret = KRB5_BAD_ENCTYPE; - goto cleanup; - } - } - - if (cksum_type->keyhash->hash_iov == NULL) - return KRB5_BAD_ENCTYPE; - - ret = (*cksum_type->keyhash->hash_iov)(key, usage, 0, data, num_data, - cksum_data); - } else if (cksum_type->flags & KRB5_CKSUMFLAG_DERIVE) { - ret = krb5int_dk_make_checksum_iov(cksum_type->hash, - key, usage, data, num_data, - cksum_data); - } else { - ret = make_unkeyed_checksum_iov(cksum_type->hash, data, num_data, - cksum_data); - } - - if (ret == 0) { - if (cksum_type->trunc_size) { - cksum_data->length = cksum_type->trunc_size; - } - } - -cleanup: - if (ret != 0) { - memset(cksum_data->data, 0, cksum_data->length); - } - - return ret; -} - -const struct krb5_cksumtypes * -krb5int_c_find_checksum_type(krb5_cksumtype cksumtype) -{ - size_t i; - - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksumtype) - break; - } - - if (i == krb5int_cksumtypes_length) - return NULL; - - return &krb5int_cksumtypes_list[i]; -} - #ifdef DEBUG_IOV static void dump_block(const char *tag, - size_t i, - size_t j, - unsigned char *block, - size_t block_size) + size_t i, + size_t j, + unsigned char *block, + size_t block_size) { size_t k; printf("[%s: %d.%d] ", tag, i, j); for (k = 0; k < block_size; k++) - printf("%02x ", block[k] & 0xFF); + printf("%02x ", block[k] & 0xFF); printf("\n"); } @@ -179,29 +74,29 @@ dump_block(const char *tag, static int process_block_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i) + size_t num_data, + struct iov_block_state *iov_state, + size_t i) { const krb5_crypto_iov *iov = &data[i]; int process_block; switch (iov->flags) { case KRB5_CRYPTO_TYPE_SIGN_ONLY: - process_block = iov_state->include_sign_only; - break; + process_block = iov_state->include_sign_only; + break; case KRB5_CRYPTO_TYPE_PADDING: - process_block = (iov_state->pad_to_boundary == 0); - break; + process_block = (iov_state->pad_to_boundary == 0); + break; case KRB5_CRYPTO_TYPE_HEADER: - process_block = (iov_state->ignore_header == 0); - break; + process_block = (iov_state->ignore_header == 0); + break; case KRB5_CRYPTO_TYPE_DATA: - process_block = 1; - break; + process_block = 1; + break; default: - process_block = 0; - break; + process_block = 0; + break; } return process_block; @@ -213,116 +108,118 @@ process_block_p(const krb5_crypto_iov *data, */ static int pad_to_boundary_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i, - size_t j) + size_t num_data, + struct iov_block_state *iov_state, + size_t i, + size_t j) { /* If the pad_to_boundary flag is unset, return FALSE */ if (iov_state->pad_to_boundary == 0) - return 0; + return 0; /* If we haven't got any data, we need to get some */ if (j == 0) - return 0; + return 0; /* No boundary between adjacent buffers marked for processing */ if (data[iov_state->iov_pos].flags == data[i].flags) - return 0; + return 0; return 1; } krb5_boolean krb5int_c_iov_get_block(unsigned char *block, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state) + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state) { size_t i, j = 0; for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; - if (!process_block_p(data, num_data, iov_state, i)) - continue; + if (!process_block_p(data, num_data, iov_state, i)) + continue; - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; - iov_state->iov_pos = i; + iov_state->iov_pos = i; - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; - memcpy(block + j, iov->data.data + iov_state->data_pos, nbytes); + memcpy(block + j, iov->data.data + iov_state->data_pos, nbytes); - iov_state->data_pos += nbytes; - j += nbytes; + iov_state->data_pos += nbytes; + j += nbytes; - assert(j <= block_size); + assert(j <= block_size); - if (j == block_size) - break; + if (j == block_size) + break; - assert(iov_state->data_pos == iov->data.length); + assert(iov_state->data_pos == iov->data.length); - iov_state->data_pos = 0; + iov_state->data_pos = 0; } iov_state->iov_pos = i; + if (i == num_data) + return FALSE; if (j != block_size) - memset(block + j, 0, block_size - j); + memset(block + j, 0, block_size - j); #ifdef DEBUG_IOV dump_block("get_block", i, j, block, block_size); #endif - return (iov_state->iov_pos < num_data); + return TRUE; } krb5_boolean krb5int_c_iov_put_block(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *block, - size_t block_size, - struct iov_block_state *iov_state) + size_t num_data, + unsigned char *block, + size_t block_size, + struct iov_block_state *iov_state) { size_t i, j = 0; for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; - if (!process_block_p(data, num_data, iov_state, i)) - continue; + if (!process_block_p(data, num_data, iov_state, i)) + continue; - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; - iov_state->iov_pos = i; + iov_state->iov_pos = i; - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; - memcpy(iov->data.data + iov_state->data_pos, block + j, nbytes); + memcpy(iov->data.data + iov_state->data_pos, block + j, nbytes); - iov_state->data_pos += nbytes; - j += nbytes; + iov_state->data_pos += nbytes; + j += nbytes; - assert(j <= block_size); + assert(j <= block_size); - if (j == block_size) - break; + if (j == block_size) + break; - assert(iov_state->data_pos == iov->data.length); + assert(iov_state->data_pos == iov->data.length); - iov_state->data_pos = 0; + iov_state->data_pos = 0; } iov_state->iov_pos = i; @@ -335,17 +232,12 @@ krb5int_c_iov_put_block(const krb5_crypto_iov *data, } krb5_error_code -krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage keyusage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { krb5_error_code ret; - unsigned int header_len, trailer_len, padding_len; + unsigned int header_len, trailer_len; krb5_crypto_iov *iov; krb5_crypto_iov *stream; size_t i, j; @@ -354,219 +246,75 @@ krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, stream = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM); assert(stream != NULL); - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, - &header_len); - if (ret != 0) - return ret; - - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &trailer_len); - if (ret != 0) - return ret; - - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, - &padding_len); - if (ret != 0) - return ret; + header_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER); + trailer_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); if (stream->data.length < header_len + trailer_len) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; iov = calloc(num_data + 2, sizeof(krb5_crypto_iov)); if (iov == NULL) - return ENOMEM; + return ENOMEM; i = 0; iov[i].flags = KRB5_CRYPTO_TYPE_HEADER; /* takes place of STREAM */ - iov[i].data.data = stream->data.data; - iov[i].data.length = header_len; + iov[i].data = make_data(stream->data.data, header_len); i++; for (j = 0; j < num_data; j++) { - if (data[j].flags == KRB5_CRYPTO_TYPE_DATA) { - if (got_data) { - free(iov); - return KRB5_BAD_MSIZE; - } - - got_data++; - - data[j].data.data = stream->data.data + header_len; - data[j].data.length = stream->data.length - header_len - - trailer_len; - } - if (data[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY || - data[j].flags == KRB5_CRYPTO_TYPE_DATA) - iov[i++] = data[j]; + if (data[j].flags == KRB5_CRYPTO_TYPE_DATA) { + if (got_data) { + free(iov); + return KRB5_BAD_MSIZE; + } + + got_data++; + + data[j].data.data = stream->data.data + header_len; + data[j].data.length = stream->data.length - header_len + - trailer_len; + } + if (data[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY || + data[j].flags == KRB5_CRYPTO_TYPE_DATA) + iov[i++] = data[j]; } - /* - * XXX not self-describing with respect to length, this is the best - * we can do. - */ + /* Use empty padding since tokens don't indicate the padding length. */ iov[i].flags = KRB5_CRYPTO_TYPE_PADDING; - iov[i].data.data = NULL; - iov[i].data.length = 0; + iov[i].data = empty_data(); i++; iov[i].flags = KRB5_CRYPTO_TYPE_TRAILER; - iov[i].data.data = stream->data.data + stream->data.length - trailer_len; - iov[i].data.length = trailer_len; + iov[i].data = make_data(stream->data.data + stream->data.length - + trailer_len, trailer_len); i++; assert(i <= num_data + 2); - ret = (*aead->decrypt_iov)(aead, enc, hash, key, keyusage, ivec, iov, i); - + ret = ktp->decrypt(ktp, key, keyusage, ivec, iov, i); free(iov); - return ret; } -krb5_error_code -krb5int_c_padding_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t data_length, - unsigned int *pad_length) +unsigned int +krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length) { - unsigned int padding; - krb5_error_code ret; + unsigned int header, padding; - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, - &padding); - if (ret != 0) - return ret; + /* + * Add in the header length since the header is encrypted along with the + * data. (arcfour violates this assumption since not all of the header is + * encrypted, but that's okay since it has no padding. If there is ever an + * enctype using a similar token format and a block cipher, we will have to + * move this logic into an enctype-dependent function.) + */ + header = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER); + data_length += header; + padding = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); if (padding == 0 || (data_length % padding) == 0) - *pad_length = 0; + return 0; else - *pad_length = padding - (data_length % padding); - - return 0; -} - -krb5_error_code -krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_crypto_iov iov[4]; - krb5_error_code ret; - unsigned int header_len = 0; - unsigned int padding_len = 0; - unsigned int trailer_len = 0; - - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, - &header_len); - if (ret != 0) - return ret; - - ret = krb5int_c_padding_length(aead, enc, hash, input->length, - &padding_len); - if (ret != 0) - return ret; - - ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &trailer_len); - if (ret != 0) - return ret; - - if (output->length < - header_len + input->length + padding_len + trailer_len) - return KRB5_BAD_MSIZE; - - iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; - iov[0].data.data = output->data; - iov[0].data.length = header_len; - - iov[1].flags = KRB5_CRYPTO_TYPE_DATA; - iov[1].data.data = iov[0].data.data + iov[0].data.length; - iov[1].data.length = input->length; - memcpy(iov[1].data.data, input->data, input->length); - - iov[2].flags = KRB5_CRYPTO_TYPE_PADDING; - iov[2].data.data = iov[1].data.data + iov[1].data.length; - iov[2].data.length = padding_len; - - iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER; - iov[3].data.data = iov[2].data.data + iov[2].data.length; - iov[3].data.length = trailer_len; - - ret = (*aead->encrypt_iov)(aead, enc, hash, key, usage, ivec, - iov, sizeof(iov) / sizeof(iov[0])); - - if (ret != 0) - zap(iov[1].data.data, iov[1].data.length); - - output->length = iov[0].data.length + iov[1].data.length + - iov[2].data.length + iov[3].data.length; - - return ret; -} - -krb5_error_code -krb5int_c_decrypt_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_crypto_iov iov[2]; - krb5_error_code ret; - - iov[0].flags = KRB5_CRYPTO_TYPE_STREAM; - iov[0].data.data = malloc(input->length); - if (iov[0].data.data == NULL) - return ENOMEM; - - memcpy(iov[0].data.data, input->data, input->length); - iov[0].data.length = input->length; - - iov[1].flags = KRB5_CRYPTO_TYPE_DATA; - iov[1].data.data = NULL; - iov[1].data.length = 0; - - ret = krb5int_c_iov_decrypt_stream(aead, enc, hash, key, - usage, ivec, - iov, sizeof(iov)/sizeof(iov[0])); - if (ret != 0) - goto cleanup; - - if (output->length < iov[1].data.length) { - ret = KRB5_BAD_MSIZE; - goto cleanup; - } - - memcpy(output->data, iov[1].data.data, iov[1].data.length); - output->length = iov[1].data.length; - -cleanup: - zapfree(iov[0].data.data, iov[0].data.length); - - return ret; -} - -void -krb5int_c_encrypt_length_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - unsigned int header_len = 0; - unsigned int padding_len = 0; - unsigned int trailer_len = 0; - - (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, - &header_len); - krb5int_c_padding_length(aead, enc, hash, inputlen, &padding_len); - (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &trailer_len); - - *length = header_len + inputlen + padding_len + trailer_len; + return padding - (data_length % padding); } diff --git a/src/lib/crypto/krb/aead.h b/src/lib/crypto/krb/aead.h index f9e92bd..df54a05 100644 --- a/src/lib/crypto/krb/aead.h +++ b/src/lib/crypto/krb/aead.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/aead.h * @@ -26,98 +27,103 @@ #include "k5-int.h" #include "cksumtypes.h" +#include "etypes.h" /* AEAD helpers */ krb5_crypto_iov * krb5int_c_locate_iov(krb5_crypto_iov *data, - size_t num_data, - krb5_cryptotype type); + size_t num_data, + krb5_cryptotype type); -krb5_error_code -krb5int_c_make_checksum_iov(const struct krb5_cksumtypes *cksum, - krb5_key key, - krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *cksum_data); - -const struct krb5_cksumtypes * -krb5int_c_find_checksum_type(krb5_cksumtype cksumtype); - -#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) +#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) -#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) +#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) -#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) +#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) -#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) +#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) struct iov_block_state { - size_t iov_pos; /* index into iov array */ - size_t data_pos; /* index into iov contents */ - unsigned int ignore_header : 1; /* have/should we process HEADER */ - unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ - unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ + size_t iov_pos; /* index into iov array */ + size_t data_pos; /* index into iov contents */ + unsigned int ignore_header : 1; /* have/should we process HEADER */ + unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ + unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ }; -#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ - (_state)->data_pos = \ - (_state)->ignore_header = \ - (_state)->include_sign_only = \ - (_state)->pad_to_boundary = 0) +#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ + (_state)->data_pos = \ + (_state)->ignore_header = \ + (_state)->include_sign_only = \ + (_state)->pad_to_boundary = 0) krb5_boolean krb5int_c_iov_get_block(unsigned char *block, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state); + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state); krb5_boolean krb5int_c_iov_put_block(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *block, - size_t block_size, - struct iov_block_state *iov_state); + size_t num_data, + unsigned char *block, + size_t block_size, + struct iov_block_state *iov_state); krb5_error_code -krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data); +krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage keyusage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); -krb5_error_code -krb5int_c_decrypt_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output); +unsigned int +krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length); -krb5_error_code -krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output); - -void -krb5int_c_encrypt_length_aead_compat(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length); +/* + * Returns an alias into the current buffer if the next block is fully + * contained within; otherwise makes a copy of the next block and returns an + * alias to storage. After calling this function, encrypt the returned block + * in place and then call iov_store_block (with a separate output cursor) to + * store the result back into the iov if necessary. Returns NULL if there + * is no next block. + */ +static inline unsigned char * +iov_next_block(unsigned char *storage, size_t len, + const krb5_crypto_iov *data, size_t num_data, + struct iov_block_state *pos) +{ + const krb5_crypto_iov *iov = &data[pos->iov_pos]; + unsigned char *block; + + if (pos->iov_pos < num_data && iov->data.length - pos->data_pos >= len) { + /* Return an alias to memory inside the current iov. */ + block = (unsigned char *) iov->data.data + pos->data_pos; + pos->data_pos += len; + return block; + } + /* Do it the slow way and return a copy into storage. */ + if (krb5int_c_iov_get_block(storage, len, data, num_data, pos)) + return storage; + return NULL; +} -krb5_error_code -krb5int_c_padding_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t data_length, - unsigned int *pad_length); +/* + * Store a block retrieved with iov_next_block if necessary, and advance the + * output cursor. + */ +static inline void +iov_store_block(const krb5_crypto_iov *data, size_t num_data, + unsigned char *block, unsigned char *storage, size_t len, + struct iov_block_state *pos) +{ + if (block == storage) { + /* We got the block the slow way; put it back that way too. */ + krb5int_c_iov_put_block(data, num_data, storage, len, pos); + } else { + /* It's already stored; we just have to advance the output cursor. */ + pos->data_pos += len; + } +} diff --git a/src/lib/crypto/openssl/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in index 61e6354..bd234fa 100644 --- a/src/lib/crypto/openssl/arcfour/Makefile.in +++ b/src/lib/crypto/krb/arcfour/Makefile.in @@ -1,8 +1,7 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/arcfour -mydir=lib/crypto/openssl/arcfour +mydir=lib/crypto/krb/arcfour BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../md4 -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../@CRYPTO_IMPL@ \ + -I$(srcdir)/../../@CRYPTO_IMPL@/md4 DEFS= ##DOS##BUILDTOP = ..\..\..\.. @@ -12,7 +11,6 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS=\ arcfour.o \ arcfour_aead.o \ diff --git a/src/lib/crypto/krb/arcfour/arcfour-int.h b/src/lib/crypto/krb/arcfour/arcfour-int.h new file mode 100644 index 0000000..15ab75b --- /dev/null +++ b/src/lib/crypto/krb/arcfour/arcfour-int.h @@ -0,0 +1,33 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + + ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). + This cipher is widely believed and has been tested to be equivalent + with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark + of RSA Data Security) + +*/ +#ifndef ARCFOUR_INT_H +#define ARCFOUR_INT_H + +#include "arcfour.h" + +#define CONFOUNDERLENGTH 8 + +krb5_keyusage +krb5int_arcfour_translate_usage(krb5_keyusage usage); + +krb5_error_code +krb5int_arcfour_usage_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *session_keyblock, + krb5_keyusage usage, + krb5_keyblock *out); + +krb5_error_code +krb5int_arcfour_enc_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *usage_keyblock, + const krb5_data *checksum, krb5_keyblock *out); + +#endif /* ARCFOUR_INT_H */ diff --git a/src/lib/crypto/krb/arcfour/arcfour.c b/src/lib/crypto/krb/arcfour/arcfour.c new file mode 100644 index 0000000..783b777 --- /dev/null +++ b/src/lib/crypto/krb/arcfour/arcfour.c @@ -0,0 +1,93 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + + ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). + This cipher is widely believed and has been tested to be equivalent + with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark + of RSA Data Security) + +*/ +#include "k5-int.h" +#include "arcfour-int.h" +#include "hash_provider/hash_provider.h" + +const char l40[] = "fortybits"; + +krb5_keyusage +krb5int_arcfour_translate_usage(krb5_keyusage usage) +{ + switch (usage) { + case 1: return 1; /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */ + case 2: return 2; /* ticket from kdc */ + case 3: return 8; /* as-rep encrypted part */ + case 4: return 4; /* tgs-req authz data */ + case 5: return 5; /* tgs-req authz data in subkey */ + case 6: return 6; /* tgs-req authenticator cksum */ + case 7: return 7; /* tgs-req authenticator */ + case 8: return 8; + case 9: return 9; /* tgs-rep encrypted with subkey */ + case 10: return 10; /* ap-rep authentication cksum (never used by MS) */ + case 11: return 11; /* app-req authenticator */ + case 12: return 12; /* app-rep encrypted part */ + case 23: return 13; /* sign wrap token*/ + default: return usage; + } +} + +/* Derive a usage key from a session key and krb5 usage constant. */ +krb5_error_code +krb5int_arcfour_usage_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *session_keyblock, + krb5_keyusage usage, + krb5_keyblock *out) +{ + char salt_buf[14]; + unsigned int salt_len; + krb5_data out_data = make_data(out->contents, out->length); + krb5_crypto_iov iov; + krb5_keyusage ms_usage; + + /* Generate the salt. */ + ms_usage = krb5int_arcfour_translate_usage(usage); + if (session_keyblock->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { + memcpy(salt_buf, l40, 10); + store_32_le(ms_usage, salt_buf + 10); + salt_len = 14; + } else { + store_32_le(ms_usage, salt_buf); + salt_len = 4; + } + + /* Compute HMAC(key, salt) to produce the usage key. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data(salt_buf, salt_len); + return krb5int_hmac_keyblock(hash, session_keyblock, &iov, 1, &out_data); +} + +/* Derive an encryption key from a usage key and (typically) checksum. */ +krb5_error_code +krb5int_arcfour_enc_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *usage_keyblock, + const krb5_data *checksum, krb5_keyblock *out) +{ + krb5_keyblock *trunc_keyblock = NULL; + krb5_data out_data = make_data(out->contents, out->length); + krb5_crypto_iov iov; + krb5_error_code ret; + + /* Copy usage_keyblock to trunc_keyblock and truncate if exportable. */ + ret = krb5int_c_copy_keyblock(NULL, usage_keyblock, &trunc_keyblock); + if (ret != 0) + return ret; + if (trunc_keyblock->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) + memset(trunc_keyblock->contents + 7, 0xab, 9); + + /* Compute HMAC(trunc_key, checksum) to produce the encryption key. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *checksum; + ret = krb5int_hmac_keyblock(hash, trunc_keyblock, &iov, 1, &out_data); + krb5int_c_free_keyblock(NULL, trunc_keyblock); + return ret; +} diff --git a/src/lib/crypto/krb/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h new file mode 100644 index 0000000..7ec0d77 --- /dev/null +++ b/src/lib/crypto/krb/arcfour/arcfour.h @@ -0,0 +1,31 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +#ifndef ARCFOUR_H +#define ARCFOUR_H + +#include "etypes.h" + +unsigned int +krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + +krb5_error_code +krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +krb5_error_code +krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +extern krb5_error_code +krb5int_arcfour_string_to_key( + const struct krb5_keytypes *, + const krb5_data *, + const krb5_data *, + const krb5_data *, + krb5_keyblock *); + +extern const struct krb5_enc_provider krb5int_enc_arcfour; + +#endif /* ARCFOUR_H */ diff --git a/src/lib/crypto/krb/arcfour/arcfour_aead.c b/src/lib/crypto/krb/arcfour/arcfour_aead.c new file mode 100644 index 0000000..6f82921 --- /dev/null +++ b/src/lib/crypto/krb/arcfour/arcfour_aead.c @@ -0,0 +1,296 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/arcfour/arcfour_aead.c + * + * Copyright 2008 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + + +#include "k5-int.h" +#include "arcfour.h" +#include "arcfour-int.h" +#include "hash_provider/hash_provider.h" +#include "aead.h" + +/* AEAD */ + +unsigned int +krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type) +{ + switch (type) { + case KRB5_CRYPTO_TYPE_HEADER: + return ktp->hash->hashsize + CONFOUNDERLENGTH; + case KRB5_CRYPTO_TYPE_PADDING: + case KRB5_CRYPTO_TYPE_TRAILER: + return 0; + case KRB5_CRYPTO_TYPE_CHECKSUM: + return ktp->hash->hashsize; + default: + assert(0 && + "invalid cryptotype passed to krb5int_arcfour_crypto_length"); + return 0; + } +} + +/* Encrypt or decrypt using a keyblock. */ +static krb5_error_code +keyblock_crypt(const struct krb5_enc_provider *enc, krb5_keyblock *keyblock, + const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + krb5_key key; + + ret = krb5_k_create_key(NULL, keyblock, &key); + if (ret != 0) + return ret; + /* Works for encryption or decryption since arcfour is a stream cipher. */ + ret = enc->encrypt(key, ivec, data, num_data); + krb5_k_free_key(NULL, key); + return ret; +} + +krb5_error_code +krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_data checksum, confounder, header_data; + size_t i; + + /* + * Caller must have provided space for the header, padding + * and trailer; per RFC 4757 we will arrange it as: + * + * Checksum | E(Confounder | Plaintext) + */ + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length < hash->hashsize + CONFOUNDERLENGTH) + return KRB5_BAD_MSIZE; + + header_data = header->data; + + /* Trailer may be absent. */ + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL) + trailer->data.length = 0; + + /* Ensure that there is no padding. */ + for (i = 0; i < num_data; i++) { + if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) + data[i].data.length = 0; + } + + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive a usage key from the session key and usage. */ + ret = krb5int_arcfour_usage_key(enc, hash, &key->keyblock, usage, + usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Generate a confounder in the header block, after the checksum. */ + header->data.length = hash->hashsize + CONFOUNDERLENGTH; + confounder = make_data(header->data.data + hash->hashsize, + CONFOUNDERLENGTH); + ret = krb5_c_random_make_octets(0, &confounder); + if (ret != 0) + goto cleanup; + checksum = make_data(header->data.data, hash->hashsize); + + /* Adjust pointers so confounder is at start of header. */ + header->data.length -= hash->hashsize; + header->data.data += hash->hashsize; + + /* Compute the checksum using the usage key. */ + ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, + &checksum); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and checksum. */ + ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, &checksum, + enc_keyblock); + if (ret) + goto cleanup; + + ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); + +cleanup: + header->data = header_data; /* Restore header pointers. */ + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + return ret; +} + +krb5_error_code +krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_data checksum, header_data, comp_checksum = empty_data(); + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length != hash->hashsize + CONFOUNDERLENGTH) + return KRB5_BAD_MSIZE; + + header_data = header->data; + + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL && trailer->data.length != 0) + return KRB5_BAD_MSIZE; + + /* Allocate buffers. */ + ret = alloc_data(&comp_checksum, hash->hashsize); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + checksum = make_data(header->data.data, hash->hashsize); + + /* Adjust pointers so confounder is at start of header. */ + header->data.length -= hash->hashsize; + header->data.data += hash->hashsize; + + /* We may have to try two usage values; see below. */ + do { + /* Derive a usage key from the session key and usage. */ + ret = krb5int_arcfour_usage_key(enc, hash, &key->keyblock, usage, + usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and checksum. */ + ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, &checksum, + enc_keyblock); + if (ret) + goto cleanup; + + /* Decrypt the ciphertext. */ + ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); + if (ret != 0) + goto cleanup; + + /* Compute HMAC(usage key, plaintext) to get the checksum. */ + ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, + &comp_checksum); + if (ret != 0) + goto cleanup; + + if (memcmp(checksum.data, comp_checksum.data, hash->hashsize) != 0) { + if (usage == 9) { + /* + * RFC 4757 specifies usage 8 for TGS-REP encrypted parts + * encrypted in a subkey, but the value used by MS is actually + * 9. We now use 9 to start with, but fall back to 8 on + * failure in case we are communicating with a KDC using the + * value from the RFC. ivec is always NULL in this case. + * We need to re-encrypt the data in the wrong key first. + */ + ret = keyblock_crypt(enc, enc_keyblock, NULL, data, num_data); + if (ret != 0) + goto cleanup; + usage = 8; + continue; + } + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + goto cleanup; + } + + break; + } while (1); + +cleanup: + header->data = header_data; /* Restore header pointers. */ + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + zapfree(comp_checksum.data, comp_checksum.length); + return ret; +} + +krb5_error_code +krb5int_arcfour_gsscrypt(const krb5_keyblock *keyblock, krb5_keyusage usage, + const krb5_data *kd_data, krb5_crypto_iov *data, + size_t num_data) +{ + const struct krb5_enc_provider *enc = &krb5int_enc_arcfour; + const struct krb5_hash_provider *hash = &krb5int_hash_md5; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_error_code ret; + + ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive a usage key from the session key and usage. */ + ret = krb5int_arcfour_usage_key(enc, hash, keyblock, usage, + usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and kd_data. */ + ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, kd_data, + enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Encrypt or decrypt (encrypt_iov works for both) the input. */ + ret = keyblock_crypt(enc, enc_keyblock, 0, data, num_data); + +cleanup: + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + return ret; +} diff --git a/src/lib/crypto/krb/arcfour/arcfour_s2k.c b/src/lib/crypto/krb/arcfour/arcfour_s2k.c new file mode 100644 index 0000000..b77738e --- /dev/null +++ b/src/lib/crypto/krb/arcfour/arcfour_s2k.c @@ -0,0 +1,60 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +#include "k5-int.h" +#include "k5-utf8.h" +#include "rsa-md4.h" +#include "arcfour-int.h" + +#if TARGET_OS_MAC && !defined(DEPEND) +#include <CoreFoundation/CFString.h> +#endif + +krb5_error_code +krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, const krb5_data *salt, + const krb5_data *params, krb5_keyblock *key) +{ + krb5_error_code err = 0; + krb5_MD4_CTX md4_context; + unsigned char *copystr; + size_t copystrlen; + + if (params != NULL) + return KRB5_ERR_BAD_S2K_PARAMS; + + if (key->length != 16) + return (KRB5_BAD_MSIZE); + + /* We ignore salt per the Microsoft spec*/ + + /* compute the space needed for the new string. + Since the password must be stored in unicode, we need to increase + that number by 2x. + */ + + err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, ©strlen); + if (err) + return err; + + /* the actual MD4 hash of the data */ + krb5int_MD4Init(&md4_context); + krb5int_MD4Update(&md4_context, copystr, copystrlen); + krb5int_MD4Final(&md4_context); + memcpy(key->contents, md4_context.digest, 16); + +#if 0 + /* test the string_to_key function */ + printf("Hash="); + { + int counter; + for(counter=0;counter<16;counter++) + printf("%02x", md4_context.digest[counter]); + printf("\n"); + } +#endif /* 0 */ + + /* Zero out the data behind us */ + memset(copystr, 0, copystrlen); + memset(&md4_context, 0, sizeof(md4_context)); + free(copystr); + return err; +} diff --git a/src/lib/crypto/krb/arcfour/deps b/src/lib/crypto/krb/arcfour/deps new file mode 100644 index 0000000..e626ff8 --- /dev/null +++ b/src/lib/crypto/krb/arcfour/deps @@ -0,0 +1,41 @@ +# +# Generated makefile dependencies follow. +# +arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h arcfour-int.h \ + arcfour.c arcfour.h +arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + arcfour-int.h arcfour.h arcfour_aead.c +arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/md4/rsa-md4.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-utf8.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + arcfour-int.h arcfour.h arcfour_s2k.c diff --git a/src/lib/crypto/krb/block_size.c b/src/lib/crypto/krb/block_size.c index 6f88945..7d65a5a 100644 --- a/src/lib/crypto/krb/block_size.c +++ b/src/lib/crypto/krb/block_size.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,13 +30,13 @@ krb5_error_code KRB5_CALLCONV krb5_c_block_size(krb5_context context, krb5_enctype enctype, - size_t *blocksize) + size_t *blocksize) { const struct krb5_keytypes *ktp; ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; *blocksize = ktp->enc->block_size; return 0; diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c index b5724a3..ab0a134 100644 --- a/src/lib/crypto/krb/cf2.c +++ b/src/lib/crypto/krb/cf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/cf2.c * @@ -41,7 +42,7 @@ */ static krb5_error_code prf_plus(krb5_context context, krb5_keyblock *k, const char *pepper, - size_t keybytes, char **out) + size_t keybytes, char **out) { krb5_error_code retval = 0; size_t prflen, iterations; @@ -55,17 +56,17 @@ prf_plus(krb5_context context, krb5_keyblock *k, const char *pepper, krb5int_buf_add(&prf_inbuf, pepper); retval = krb5_c_prf_length( context, k->enctype, &prflen); if (retval) - goto cleanup; + goto cleanup; iterations = keybytes / prflen; if (keybytes % prflen != 0) - iterations++; + iterations++; assert(iterations <= 254); buffer = k5alloc(iterations * prflen, &retval); if (retval) - goto cleanup; + goto cleanup; if (krb5int_buf_len(&prf_inbuf) == -1) { - retval = ENOMEM; - goto cleanup; + retval = ENOMEM; + goto cleanup; } in_data.length = (krb5_int32) krb5int_buf_len(&prf_inbuf); in_data.data = krb5int_buf_data(&prf_inbuf); @@ -73,12 +74,12 @@ prf_plus(krb5_context context, krb5_keyblock *k, const char *pepper, out_data.data = buffer; while (iterations > 0) { - retval = krb5_c_prf(context, k, &in_data, &out_data); - if (retval) - goto cleanup; - out_data.data += prflen; - in_data.data[0]++; - iterations--; + retval = krb5_c_prf(context, k, &in_data, &out_data); + if (retval) + goto cleanup; + out_data.data += prflen; + in_data.data[0]++; + iterations--; } *out = buffer; @@ -93,9 +94,9 @@ cleanup: krb5_error_code KRB5_CALLCONV krb5_c_fx_cf2_simple(krb5_context context, - krb5_keyblock *k1, const char *pepper1, - krb5_keyblock *k2, const char *pepper2, - krb5_keyblock **out) + krb5_keyblock *k1, const char *pepper1, + krb5_keyblock *k2, const char *pepper2, + krb5_keyblock **out) { const struct krb5_keytypes *out_enctype; size_t keybytes, keylength, i; @@ -106,38 +107,38 @@ krb5_c_fx_cf2_simple(krb5_context context, krb5_keyblock *out_key = NULL; if (k1 == NULL || !krb5_c_valid_enctype(k1->enctype)) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; if (k2 == NULL || !krb5_c_valid_enctype(k2->enctype)) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; out_enctype_num = k1->enctype; assert(out != NULL); assert((out_enctype = find_enctype(out_enctype_num)) != NULL); if (out_enctype->prf == NULL) { - if (context) - krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL, - "Enctype %d has no PRF", out_enctype_num); - return KRB5_CRYPTO_INTERNAL; + if (context) + krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL, + "Enctype %d has no PRF", out_enctype_num); + return KRB5_CRYPTO_INTERNAL; } keybytes = out_enctype->enc->keybytes; keylength = out_enctype->enc->keylength; retval = prf_plus(context, k1, pepper1, keybytes, &prf1); if (retval) - goto cleanup; + goto cleanup; retval = prf_plus(context, k2, pepper2, keybytes, &prf2); if (retval) - goto cleanup; + goto cleanup; for (i = 0; i < keybytes; i++) - prf1[i] ^= prf2[i]; + prf1[i] ^= prf2[i]; retval = krb5int_c_init_keyblock(context, out_enctype_num, keylength, - &out_key); + &out_key); if (retval) - goto cleanup; + goto cleanup; keydata.data = prf1; keydata.length = keybytes; retval = (*out_enctype->enc->make_key)(&keydata, out_key); if (retval) - goto cleanup; + goto cleanup; *out = out_key; out_key = NULL; diff --git a/src/lib/crypto/krb/checksum/Makefile.in b/src/lib/crypto/krb/checksum/Makefile.in new file mode 100644 index 0000000..61b41f2 --- /dev/null +++ b/src/lib/crypto/krb/checksum/Makefile.in @@ -0,0 +1,32 @@ +mydir=lib/crypto/krb/checksum +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../arcfour +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=checksum +##DOS##OBJFILE=..\$(OUTPRE)cksum.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= cbc.o confounder.o hmac_md5.o unkeyed.o + +OBJS= $(OUTPRE)cbc.$(OBJEXT) $(OUTPRE)confounder.$(OBJEXT) \ + $(OUTPRE)hmac_md5.$(OBJEXT) $(OUTPRE)unkeyed.$(OBJEXT) + +SRCS= $(srcdir)/cbc.c $(srcdir)/confounder.c $(srcdir)/hmac_md5.c \ + $(srcdir)/unkeyed.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/krb/checksum/cbc.c b/src/lib/crypto/krb/checksum/cbc.c new file mode 100644 index 0000000..6beadf8 --- /dev/null +++ b/src/lib/crypto/krb/checksum/cbc.c @@ -0,0 +1,43 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/krb/checksum/cbc.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * CBC checksum, which computes the ivec resulting from CBC encryption of the + * input. + */ + +#include "k5-int.h" +#include "cksumtypes.h" + +krb5_error_code +krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) +{ + if (ctp->enc->cbc_mac == NULL) + return KRB5_CRYPTO_INTERNAL; + return ctp->enc->cbc_mac(key, data, num_data, NULL, output); +} diff --git a/src/lib/crypto/krb/checksum/confounder.c b/src/lib/crypto/krb/checksum/confounder.c new file mode 100644 index 0000000..6429a19 --- /dev/null +++ b/src/lib/crypto/krb/checksum/confounder.c @@ -0,0 +1,160 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/krb/checksum/confounder.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * Confounder checksum implementation, using tokens of the form: + * enc(xorkey, confounder | hash(confounder | data)) + * where xorkey is the key XOR'd with 0xf0 bytes. + */ + +#include "k5-int.h" +#include "cksumtypes.h" + +/* Derive a key by XOR with 0xF0 bytes. */ +static krb5_error_code +mk_xorkey(krb5_key origkey, krb5_key *xorkey) +{ + krb5_error_code retval = 0; + unsigned char *xorbytes; + krb5_keyblock xorkeyblock; + size_t i = 0; + + xorbytes = malloc(origkey->keyblock.length); + if (xorbytes == NULL) + return ENOMEM; + memcpy(xorbytes, origkey->keyblock.contents, origkey->keyblock.length); + for (i = 0; i < origkey->keyblock.length; i++) + xorbytes[i] ^= 0xf0; + + /* Do a shallow copy here. */ + xorkeyblock = origkey->keyblock; + xorkeyblock.contents = xorbytes; + + retval = krb5_k_create_key(0, &xorkeyblock, xorkey); + zapfree(xorbytes, sizeof(xorbytes)); + return retval; +} + +krb5_error_code +krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) +{ + krb5_error_code ret; + krb5_data conf, hashval; + krb5_key xorkey = NULL; + krb5_crypto_iov *hash_iov, iov; + size_t blocksize = ctp->enc->block_size, hashsize = ctp->hash->hashsize; + + /* Partition the output buffer into confounder and hash. */ + conf = make_data(output->data, blocksize); + hashval = make_data(output->data + blocksize, hashsize); + + /* Create the confounder. */ + ret = krb5_c_random_make_octets(NULL, &conf); + if (ret != 0) + return ret; + + ret = mk_xorkey(key, &xorkey); + if (ret) + return ret; + + /* Hash the confounder, then the input data. */ + hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret); + if (hash_iov == NULL) + goto cleanup; + hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA; + hash_iov[0].data = conf; + memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov)); + ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval); + if (ret != 0) + goto cleanup; + + /* Confounder and hash are in output buffer; encrypt them in place. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *output; + ret = ctp->enc->encrypt(xorkey, NULL, &iov, 1); + +cleanup: + free(hash_iov); + krb5_k_free_key(NULL, xorkey); + return ret; +} + +krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid) +{ + krb5_error_code ret; + unsigned char *plaintext = NULL; + krb5_key xorkey = NULL; + krb5_data computed = empty_data(); + krb5_crypto_iov *hash_iov, iov; + size_t blocksize = ctp->enc->block_size, hashsize = ctp->hash->hashsize; + + plaintext = k5alloc(input->length, &ret); + if (plaintext == NULL) + return ret; + + ret = mk_xorkey(key, &xorkey); + if (ret != 0) + goto cleanup; + + /* Decrypt the input checksum. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data(plaintext, input->length); + memcpy(plaintext, input->data, input->length); + ret = ctp->enc->decrypt(xorkey, NULL, &iov, 1); + if (ret != 0) + goto cleanup; + + /* Hash the confounder, then the input data. */ + hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret); + if (hash_iov == NULL) + goto cleanup; + hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA; + hash_iov[0].data = make_data(plaintext, blocksize); + memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov)); + ret = alloc_data(&computed, hashsize); + if (ret != 0) + goto cleanup; + ret = ctp->hash->hash(hash_iov, num_data + 1, &computed); + if (ret != 0) + goto cleanup; + + /* Compare the decrypted hash to the computed one. */ + *valid = (memcmp(plaintext + blocksize, computed.data, hashsize) == 0); + +cleanup: + zapfree(plaintext, input->length); + zapfree(computed.data, hashsize); + free(hash_iov); + krb5_k_free_key(NULL, xorkey); + return ret; +} diff --git a/src/lib/crypto/krb/checksum/deps b/src/lib/crypto/krb/checksum/deps new file mode 100644 index 0000000..65fd5f2 --- /dev/null +++ b/src/lib/crypto/krb/checksum/deps @@ -0,0 +1,49 @@ +# +# Generated makefile dependencies follow. +# +cbc.so cbc.po $(OUTPRE)cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cbc.c +confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + confounder.c +hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../arcfour/arcfour.h $(srcdir)/../cksumtypes.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h hmac_md5.c +unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h unkeyed.c diff --git a/src/lib/crypto/krb/checksum/hmac_md5.c b/src/lib/crypto/krb/checksum/hmac_md5.c new file mode 100644 index 0000000..1dc05ea --- /dev/null +++ b/src/lib/crypto/krb/checksum/hmac_md5.c @@ -0,0 +1,94 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/krb/checksum/hmac_md5.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * Microsoft HMAC-MD5 and MD5-HMAC checksums (see RFC 4757): + * HMAC(KS, hash(msusage || input)) + * KS is HMAC(key, "signaturekey\0") for HMAC-MD5, or just the key for + * MD5-HMAC. + */ + +#include "k5-int.h" +#include "cksumtypes.h" +#include "arcfour.h" +#include "arcfour-int.h" + +krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output) +{ + krb5_keyusage ms_usage; + krb5_error_code ret; + krb5_keyblock ks, *keyblock; + krb5_crypto_iov *hash_iov = NULL, iov; + krb5_data ds = empty_data(), hashval = empty_data(); + char t[4]; + + if (ctp->ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR) { + /* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */ + ret = alloc_data(&ds, key->keyblock.length); + if (ret != 0) + goto cleanup; + + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data("signaturekey", 13); + ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds); + if (ret) + goto cleanup; + ks.length = key->keyblock.length; + ks.contents = (krb5_octet *) ds.data; + keyblock = &ks; + } else /* For md5-hmac, just use the key. */ + keyblock = &key->keyblock; + + /* Compute the MD5 value of the input. */ + ms_usage = krb5int_arcfour_translate_usage(usage); + store_32_le(ms_usage, t); + hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret); + if (hash_iov == NULL) + goto cleanup; + hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA; + hash_iov[0].data = make_data(t, 4); + memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov)); + ret = alloc_data(&hashval, ctp->hash->hashsize); + if (ret != 0) + goto cleanup; + ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval); + if (ret != 0) + goto cleanup; + + /* Compute HMAC(ks, md5value). */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = hashval; + ret = krb5int_hmac_keyblock(ctp->hash, keyblock, &iov, 1, output); + +cleanup: + zapfree(ds.data, ds.length); + zapfree(hashval.data, hashval.length); + free(hash_iov); + return ret; +} diff --git a/src/lib/crypto/krb/checksum/unkeyed.c b/src/lib/crypto/krb/checksum/unkeyed.c new file mode 100644 index 0000000..fddd676 --- /dev/null +++ b/src/lib/crypto/krb/checksum/unkeyed.c @@ -0,0 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/krb/checksum/unkeyed.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * Unkeyed hash checksum implementation. + */ + +#include "k5-int.h" +#include "cksumtypes.h" + +krb5_error_code +krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) +{ + return ctp->hash->hash(data, num_data, output); +} diff --git a/src/lib/crypto/krb/checksum_length.c b/src/lib/crypto/krb/checksum_length.c index bc1c9d3..2e869cb 100644 --- a/src/lib/crypto/krb/checksum_length.c +++ b/src/lib/crypto/krb/checksum_length.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,24 +30,14 @@ krb5_error_code KRB5_CALLCONV krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, - size_t *length) + size_t *length) { - unsigned int i; + const struct krb5_cksumtypes *ctp; - for (i=0; i<krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksumtype) - break; - } - - if (i == krb5int_cksumtypes_length) - return KRB5_BAD_ENCTYPE; - - if (krb5int_cksumtypes_list[i].keyhash) - *length = krb5int_cksumtypes_list[i].keyhash->hashsize; - else if (krb5int_cksumtypes_list[i].trunc_size) - *length = krb5int_cksumtypes_list[i].trunc_size; - else - *length = krb5int_cksumtypes_list[i].hash->hashsize; + ctp = find_cksumtype(cksumtype); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; + *length = ctp->output_size; return 0; } diff --git a/src/lib/crypto/krb/cksumtype_to_string.c b/src/lib/crypto/krb/cksumtype_to_string.c index d5bb702..1c084e6 100644 --- a/src/lib/crypto/krb/cksumtype_to_string.c +++ b/src/lib/crypto/krb/cksumtype_to_string.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,16 +31,13 @@ krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) { - unsigned int i; + const struct krb5_cksumtypes *ctp; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksumtype) { - if (strlcpy(buffer, krb5int_cksumtypes_list[i].out_string, - buflen) >= buflen) - return ENOMEM; - return 0; - } - } + ctp = find_cksumtype(cksumtype); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; - return EINVAL; + if (strlcpy(buffer, ctp->out_string, buflen) >= buflen) + return ENOMEM; + return 0; } diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c index 2c1924d..74fd158 100644 --- a/src/lib/crypto/krb/cksumtypes.c +++ b/src/lib/crypto/krb/cksumtypes.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -25,67 +26,85 @@ */ #include "k5-int.h" +#include "enc_provider.h" #include "hash_provider.h" -#include "keyhash_provider.h" +#include "dk.h" #include "cksumtypes.h" const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { - { CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF, + { CKSUMTYPE_CRC32, "crc32", { 0 }, "CRC-32", - 0, NULL, - &krb5int_hash_crc32 }, + NULL, &krb5int_hash_crc32, + krb5int_unkeyed_checksum, NULL, + 4, 4, CKSUM_UNKEYED | CKSUM_NOT_COLL_PROOF }, - { CKSUMTYPE_RSA_MD4, 0, + { CKSUMTYPE_RSA_MD4, "md4", { 0 }, "RSA-MD4", - 0, NULL, - &krb5int_hash_md4 }, - { CKSUMTYPE_RSA_MD4_DES, 0, + NULL, &krb5int_hash_md4, + krb5int_unkeyed_checksum, NULL, + 16, 16, CKSUM_UNKEYED }, + + { CKSUMTYPE_RSA_MD4_DES, "md4-des", { 0 }, "RSA-MD4 with DES cbc mode", - ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md4des, - NULL }, + &krb5int_enc_des, &krb5int_hash_md4, + krb5int_confounder_checksum, krb5int_confounder_verify, + 24, 24, 0 }, - { CKSUMTYPE_DESCBC, 0, + { CKSUMTYPE_DESCBC, "des-cbc", { 0 }, "DES cbc mode", - ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_descbc, - NULL }, + &krb5int_enc_des, NULL, + krb5int_cbc_checksum, NULL, + 8, 8, 0 }, - { CKSUMTYPE_RSA_MD5, 0, + { CKSUMTYPE_RSA_MD5, "md5", { 0 }, "RSA-MD5", - 0, NULL, - &krb5int_hash_md5 }, - { CKSUMTYPE_RSA_MD5_DES, 0, + NULL, &krb5int_hash_md5, + krb5int_unkeyed_checksum, NULL, + 16, 16, CKSUM_UNKEYED }, + + { CKSUMTYPE_RSA_MD5_DES, "md5-des", { 0 }, "RSA-MD5 with DES cbc mode", - ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md5des, - NULL }, + &krb5int_enc_des, &krb5int_hash_md5, + krb5int_confounder_checksum, krb5int_confounder_verify, + 24, 24, 0 }, - { CKSUMTYPE_NIST_SHA, 0, + { CKSUMTYPE_NIST_SHA, "sha", { 0 }, "NIST-SHA", - 0, NULL, - &krb5int_hash_sha1 }, + NULL, &krb5int_hash_sha1, + krb5int_unkeyed_checksum, NULL, + 20, 20, CKSUM_UNKEYED }, - { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE, + { CKSUMTYPE_HMAC_SHA1_DES3, "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key", - 0, NULL, - &krb5int_hash_sha1 }, - { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0, + NULL, &krb5int_hash_sha1, + krb5int_dk_checksum, NULL, + 20, 20, 0 }, + + { CKSUMTYPE_HMAC_MD5_ARCFOUR, "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" }, "Microsoft HMAC MD5 (RC4 key)", - ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5, - NULL }, + &krb5int_enc_arcfour, &krb5int_hash_md5, + krb5int_hmacmd5_checksum, NULL, + 16, 16, 0 }, - { CKSUMTYPE_HMAC_SHA1_96_AES128, KRB5_CKSUMFLAG_DERIVE, + { CKSUMTYPE_HMAC_SHA1_96_AES128, "hmac-sha1-96-aes128", { 0 }, "HMAC-SHA1 AES128 key", - 0, NULL, - &krb5int_hash_sha1, 12 }, - { CKSUMTYPE_HMAC_SHA1_96_AES256, KRB5_CKSUMFLAG_DERIVE, + NULL, &krb5int_hash_sha1, + krb5int_dk_checksum, NULL, + 20, 12, 0 }, + + { CKSUMTYPE_HMAC_SHA1_96_AES256, "hmac-sha1-96-aes256", { 0 }, "HMAC-SHA1 AES256 key", - 0, NULL, - &krb5int_hash_sha1, 12 }, - { CKSUMTYPE_MD5_HMAC_ARCFOUR, 0, + NULL, &krb5int_hash_sha1, + krb5int_dk_checksum, NULL, + 20, 12, 0 }, + + { CKSUMTYPE_MD5_HMAC_ARCFOUR, "md5-hmac-rc4", { 0 }, "Microsoft MD5 HMAC (RC4 key)", - ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_md5_hmac, - NULL } + &krb5int_enc_arcfour, &krb5int_hash_md5, + krb5int_hmacmd5_checksum, NULL, + 16, 16, 0 }, }; -const unsigned int krb5int_cksumtypes_length = +const size_t krb5int_cksumtypes_length = sizeof(krb5int_cksumtypes_list) / sizeof(struct krb5_cksumtypes); diff --git a/src/lib/crypto/krb/cksumtypes.h b/src/lib/crypto/krb/cksumtypes.h index f3e1f57..8c32f66 100644 --- a/src/lib/crypto/krb/cksumtypes.h +++ b/src/lib/crypto/krb/cksumtypes.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,42 +28,114 @@ #ifndef CKSUMTYPES_H #define CKSUMTYPES_H #include "k5-int.h" +#include "etypes.h" + +struct krb5_cksumtypes; + +/* + * Compute a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data). The output buffer will already be + * allocated with ctp->compute_size bytes available; the handler just needs to + * fill in the contents. If ctp->enc is not NULL, the handler can assume that + * key is a valid-length key of an enctype which uses that enc provider. + */ +typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +/* + * Verify a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data), and store the boolean result in + * *valid. The handler can assume that hash has length ctp->output_size. If + * ctp->enc is not NULL, the handler can assume that key a valid-length key of + * an enctype which uses that enc provider. + */ +typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); struct krb5_cksumtypes { krb5_cksumtype ctype; - unsigned int flags; char *name; char *aliases[2]; char *out_string; - /* - * If the hash is keyed, this is the etype it is keyed with. - * Actually, it can be keyed by any etype which has the same - * enc_provider as the specified etype. DERIVE checksums can - * be keyed with any valid etype. - */ - krb5_enctype keyed_etype; - /* - * I can't statically initialize a union, so I'm just going to use - * two pointers here. The keyhash is used if non-NULL. If NULL, - * then HMAC/hash with derived keys is used if the relevant flag - * is set. Otherwise, a non-keyed hash is computed. This is all - * kind of messy, but so is the krb5 api. - */ - const struct krb5_keyhash_provider *keyhash; + const struct krb5_enc_provider *enc; const struct krb5_hash_provider *hash; - /* - * This just gets uglier and uglier. In the key derivation case, - * we produce an hmac. To make the hmac code work, we can't hack - * the output size indicated by the hash provider, but we may want - * a truncated hmac. If we want truncation, this is the number of - * bytes we truncate to; it should be 0 otherwise. - */ - unsigned int trunc_size; + checksum_func checksum; + verify_func verify; /* NULL means recompute checksum and compare */ + unsigned int compute_size; /* Allocation size for checksum computation */ + unsigned int output_size; /* Possibly truncated output size */ + krb5_flags flags; }; -#define KRB5_CKSUMFLAG_DERIVE 0x0001 -#define KRB5_CKSUMFLAG_NOT_COLL_PROOF 0x0002 +#define CKSUM_UNKEYED 0x0001 +#define CKSUM_NOT_COLL_PROOF 0x0002 extern const struct krb5_cksumtypes krb5int_cksumtypes_list[]; -extern const unsigned int krb5int_cksumtypes_length; +extern const size_t krb5int_cksumtypes_length; + +krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); + +static inline const struct krb5_cksumtypes * +find_cksumtype(krb5_cksumtype ctype) +{ + size_t i; + + for (i = 0; i < krb5int_cksumtypes_length; i++) { + if (krb5int_cksumtypes_list[i].ctype == ctype) + break; + } + + if (i == krb5int_cksumtypes_length) + return NULL; + return &krb5int_cksumtypes_list[i]; +} + +static inline krb5_error_code +verify_key(const struct krb5_cksumtypes *ctp, krb5_key key) +{ + const struct krb5_keytypes *ktp; + + ktp = key ? find_enctype(key->keyblock.enctype) : NULL; + if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc)) + return KRB5_BAD_ENCTYPE; + if (key && (!ktp || key->keyblock.length != ktp->enc->keylength)) + return KRB5_BAD_KEYSIZE; + return 0; +} + #endif diff --git a/src/lib/crypto/krb/coll_proof_cksum.c b/src/lib/crypto/krb/coll_proof_cksum.c index a6226ba..bc13ba4 100644 --- a/src/lib/crypto/krb/coll_proof_cksum.c +++ b/src/lib/crypto/krb/coll_proof_cksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,15 +31,8 @@ krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) { - unsigned int i; + const struct krb5_cksumtypes *ctp; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == ctype) - return((krb5int_cksumtypes_list[i].flags & - KRB5_CKSUMFLAG_NOT_COLL_PROOF) ? FALSE : TRUE); - } - - /* ick, but it's better than coredumping, which is what the - old code would have done */ - return FALSE; + ctp = find_cksumtype(ctype); + return (ctp != NULL && !(ctp->flags & CKSUM_NOT_COLL_PROOF)); } diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c index 3aa24da..b743538 100644 --- a/src/lib/crypto/krb/combine_keys.c +++ b/src/lib/crypto/krb/combine_keys.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (c) 2002 Naval Research Laboratory (NRL/CCS) * @@ -32,7 +33,7 @@ * R2 = DR(Key2, n-fold(Key1)) [ Output is length of Key2 ] * * rnd = n-fold(R1 | R2) [ Note: output size of nfold must be appropriately - * sized for random-to-key function ] + * sized for random-to-key function ] * tkey = random-to-key(rnd) * Combine-Key(Key1, Key2) = DK(tkey, CombineConstant) * @@ -47,8 +48,8 @@ #include "dk.h" static krb5_error_code dr(const struct krb5_enc_provider *enc, - const krb5_keyblock *inkey, unsigned char *outdata, - const krb5_data *in_constant); + const krb5_keyblock *inkey, unsigned char *outdata, + const krb5_data *in_constant); /* * We only support this combine_keys algorithm for des and 3des keys. @@ -64,15 +65,15 @@ enctype_ok(krb5_enctype e) case ENCTYPE_DES_CBC_MD4: case ENCTYPE_DES_CBC_MD5: case ENCTYPE_DES3_CBC_SHA1: - return TRUE; + return TRUE; default: - return FALSE; + return FALSE; } } krb5_error_code krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, - krb5_keyblock *key2, krb5_keyblock *outkey) + krb5_keyblock *key2, krb5_keyblock *outkey) { unsigned char *r1 = NULL, *r2 = NULL, *combined = NULL, *rnd = NULL; unsigned char *output = NULL; @@ -86,15 +87,15 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, krb5_boolean myalloc = FALSE; if (!enctype_ok(key1->enctype) || !enctype_ok(key2->enctype)) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; if (key1->length != key2->length || key1->enctype != key2->enctype) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; /* Find our encryption algorithm. */ ktp = find_enctype(key1->enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; enc = ktp->enc; keybytes = enc->keybytes; @@ -103,19 +104,19 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, /* Allocate and set up buffers. */ r1 = k5alloc(keybytes, &ret); if (ret) - goto cleanup; + goto cleanup; r2 = k5alloc(keybytes, &ret); if (ret) - goto cleanup; + goto cleanup; rnd = k5alloc(keybytes, &ret); if (ret) - goto cleanup; + goto cleanup; combined = k5alloc(keybytes * 2, &ret); if (ret) - goto cleanup; + goto cleanup; output = k5alloc(keylength, &ret); if (ret) - goto cleanup; + goto cleanup; /* * Get R1 and R2 (by running the input keys through the DR algorithm. @@ -126,13 +127,13 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, input.data = (char *) key2->contents; ret = dr(enc, key1, r1, &input); if (ret) - goto cleanup; + goto cleanup; input.length = key1->length; input.data = (char *) key1->contents; ret = dr(enc, key2, r2, &input); if (ret) - goto cleanup; + goto cleanup; /* * Concatenate the two keys together, and then run them through @@ -158,11 +159,11 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, ret = (*enc->make_key)(&randbits, &tkeyblock); if (ret) - goto cleanup; + goto cleanup; ret = krb5_k_create_key(NULL, &tkeyblock, &tkey); if (ret) - goto cleanup; + goto cleanup; /* * Run through derive-key one more time to produce the final key. @@ -182,21 +183,21 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, */ if (outkey->length == 0 || outkey->contents == NULL) { - outkey->contents = k5alloc(keylength, &ret); - if (ret) - goto cleanup; - outkey->length = keylength; - outkey->enctype = key1->enctype; - myalloc = TRUE; + outkey->contents = k5alloc(keylength, &ret); + if (ret) + goto cleanup; + outkey->length = keylength; + outkey->enctype = key1->enctype; + myalloc = TRUE; } ret = krb5int_derive_keyblock(enc, tkey, outkey, &input); if (ret) { - if (myalloc) { - free(outkey->contents); - outkey->contents = NULL; - } - goto cleanup; + if (myalloc) { + free(outkey->contents); + outkey->contents = NULL; + } + goto cleanup; } cleanup: @@ -209,70 +210,19 @@ cleanup: return ret; } -/* - * Our DR function; mostly taken from derive.c - */ - +/* Our DR function, a simple wrapper around krb5int_derive_random(). */ static krb5_error_code dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, unsigned char *out, const krb5_data *in_constant) { - size_t blocksize, keybytes, n; - unsigned char *inblockdata = NULL, *outblockdata = NULL; - krb5_data inblock, outblock; - krb5_error_code ret; + krb5_data outdata = make_data(out, enc->keybytes); krb5_key key = NULL; + krb5_error_code ret; - blocksize = enc->block_size; - keybytes = enc->keybytes; - - /* Allocate and set up buffers. */ - inblockdata = k5alloc(blocksize, &ret); - if (ret) - goto cleanup; - outblockdata = k5alloc(blocksize, &ret); - if (ret) - goto cleanup; ret = krb5_k_create_key(NULL, inkey, &key); - if (ret) - goto cleanup; - - inblock.data = (char *) inblockdata; - inblock.length = blocksize; - - outblock.data = (char *) outblockdata; - outblock.length = blocksize; - - /* initialize the input block */ - - if (in_constant->length == inblock.length) { - memcpy(inblock.data, in_constant->data, inblock.length); - } else { - krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data, - inblock.length*8, (unsigned char *) inblock.data); - } - - /* loop encrypting the blocks until enough key bytes are generated */ - - n = 0; - while (n < keybytes) { - ret = (*enc->encrypt)(key, 0, &inblock, &outblock); - if (ret) - goto cleanup; - - if ((keybytes - n) <= outblock.length) { - memcpy(out + n, outblock.data, (keybytes - n)); - break; - } - - memcpy(out + n, outblock.data, outblock.length); - memcpy(inblock.data, outblock.data, outblock.length); - n += outblock.length; - } - -cleanup: - zapfree(inblockdata, blocksize); - zapfree(outblockdata, blocksize); + if (ret != 0) + return ret; + ret = krb5int_derive_random(enc, key, &outdata, in_constant); krb5_k_free_key(NULL, key); return ret; } diff --git a/src/lib/crypto/krb/crc32/Makefile.in b/src/lib/crypto/krb/crc32/Makefile.in index d62b6ed..b34f3aa 100644 --- a/src/lib/crypto/krb/crc32/Makefile.in +++ b/src/lib/crypto/krb/crc32/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/crc32 mydir=lib/crypto/krb/crc32 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= diff --git a/src/lib/crypto/krb/crc32/crc-32.h b/src/lib/crypto/krb/crc32/crc-32.h index 5c8c5bc..08fce6d 100644 --- a/src/lib/crypto/krb/crc32/crc-32.h +++ b/src/lib/crypto/krb/crc32/crc-32.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * include/krb5/crc-32.h * @@ -57,15 +58,10 @@ #ifndef KRB5_CRC32__ #define KRB5_CRC32__ -#define CRC32_CKSUM_LENGTH 4 +#define CRC32_CKSUM_LENGTH 4 +/* c is in-out to allow chaining; initialize to 0. */ void mit_crc32 (krb5_pointer in, size_t in_length, unsigned long *c); -#ifdef CRC32_SHIFT4 -void mit_crc32_shift4(krb5_pointer /* in */, - size_t /* in_length */, - unsigned long * /* cksum */); -#endif - #endif /* KRB5_CRC32__ */ diff --git a/src/lib/crypto/krb/crc32/crc32.c b/src/lib/crypto/krb/crc32/crc32.c index ee7e53f..659e611 100644 --- a/src/lib/crypto/krb/crc32/crc32.c +++ b/src/lib/crypto/krb/crc32/crc32.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/crc32/crc.c * @@ -144,49 +145,23 @@ static u_long const crc_table[256] = { 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d - }; +}; void mit_crc32(krb5_pointer in, size_t in_length, unsigned long *cksum) { register u_char *data; - register u_long c = 0; + register u_long c = *cksum; register int idx; size_t i; data = (u_char *)in; for (i = 0; i < in_length; i++) { - idx = (int) (data[i] ^ c); - idx &= 0xff; - c >>= 8; - c ^= crc_table[idx]; + idx = (int) (data[i] ^ c); + idx &= 0xff; + c >>= 8; + c ^= crc_table[idx]; } *cksum = c; } - -#ifdef CRC32_SHIFT4 -static unsigned long const tbl4[16] = { - 0x00000000, 0x1db71064, 0x3b6e20c8, 0x26d930ac, - 0x76dc4190, 0x6b6b51f4, 0x4db26158, 0x5005713c, - 0xedb88320, 0xf00f9344, 0xd6d6a3e8, 0xcb61b38c, - 0x9b64c2b0, 0x86d3d2d4, 0xa00ae278, 0xbdbdf21c -}; - -void -mit_crc32_shift4(krb5_pointer in, size_t in_length, unsigned long *cksum) -{ - register unsigned char *data, b; - register unsigned long c = 0; - size_t i; - - data = (u_char *)in; - for (i = 0; i < in_length; i++) { - b = data[i]; - c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f]; - b >>= 4; - c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f]; - } - *cksum = c; -} -#endif diff --git a/src/lib/crypto/krb/crc32/deps b/src/lib/crypto/krb/crc32/deps index bc04f15..e0243cc 100644 --- a/src/lib/crypto/krb/crc32/deps +++ b/src/lib/crypto/krb/crc32/deps @@ -3,11 +3,11 @@ # crc32.so crc32.po $(OUTPRE)crc32.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h crc-32.h crc32.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crc-32.h crc32.c diff --git a/src/lib/crypto/krb/crypto_length.c b/src/lib/crypto/krb/crypto_length.c index 00de30c..3b0a9ac 100644 --- a/src/lib/crypto/krb/crypto_length.c +++ b/src/lib/crypto/krb/crypto_length.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/crypto_length.c * @@ -30,59 +31,53 @@ krb5_error_code KRB5_CALLCONV krb5_c_crypto_length(krb5_context context, krb5_enctype enctype, - krb5_cryptotype type, unsigned int *size) + krb5_cryptotype type, unsigned int *size) { const struct krb5_keytypes *ktp; - krb5_error_code ret; ktp = find_enctype(enctype); - if (ktp == NULL || ktp->aead == NULL) - return KRB5_BAD_ENCTYPE; + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; switch (type) { case KRB5_CRYPTO_TYPE_EMPTY: case KRB5_CRYPTO_TYPE_SIGN_ONLY: - *size = 0; - ret = 0; - break; + *size = 0; + break; case KRB5_CRYPTO_TYPE_DATA: - *size = (size_t)~0; /* match Heimdal */ - ret = 0; - break; + *size = (size_t)~0; /* match Heimdal */ + break; case KRB5_CRYPTO_TYPE_HEADER: case KRB5_CRYPTO_TYPE_PADDING: case KRB5_CRYPTO_TYPE_TRAILER: case KRB5_CRYPTO_TYPE_CHECKSUM: - ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash, - type, size); - break; + *size = ktp->crypto_length(ktp, type); + break; default: - ret = EINVAL; - break; + return EINVAL; } - return ret; + return 0; } krb5_error_code KRB5_CALLCONV krb5_c_padding_length(krb5_context context, krb5_enctype enctype, - size_t data_length, unsigned int *pad_length) + size_t data_length, unsigned int *pad_length) { const struct krb5_keytypes *ktp; ktp = find_enctype(enctype); - if (ktp == NULL || ktp->aead == NULL) - return KRB5_BAD_ENCTYPE; + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; - return krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, - data_length, pad_length); + *pad_length = krb5int_c_padding_length(ktp, data_length); + return 0; } krb5_error_code KRB5_CALLCONV krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype, - krb5_crypto_iov *data, size_t num_data) + krb5_crypto_iov *data, size_t num_data) { - krb5_error_code ret = 0; size_t i; const struct krb5_keytypes *ktp; unsigned int data_length = 0, pad_length; @@ -94,51 +89,40 @@ krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype, */ ktp = find_enctype(enctype); - if (ktp == NULL || ktp->aead == NULL) - return KRB5_BAD_ENCTYPE; + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; - - switch (iov->flags) { - case KRB5_CRYPTO_TYPE_DATA: - data_length += iov->data.length; - break; - case KRB5_CRYPTO_TYPE_PADDING: - if (padding != NULL) - return EINVAL; - - padding = iov; - break; - case KRB5_CRYPTO_TYPE_HEADER: - case KRB5_CRYPTO_TYPE_TRAILER: - case KRB5_CRYPTO_TYPE_CHECKSUM: - ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash, - iov->flags, &iov->data.length); - break; - case KRB5_CRYPTO_TYPE_EMPTY: - case KRB5_CRYPTO_TYPE_SIGN_ONLY: - default: - break; - } - - if (ret != 0) - break; + krb5_crypto_iov *iov = &data[i]; + + switch (iov->flags) { + case KRB5_CRYPTO_TYPE_DATA: + data_length += iov->data.length; + break; + case KRB5_CRYPTO_TYPE_PADDING: + if (padding != NULL) + return EINVAL; + + padding = iov; + break; + case KRB5_CRYPTO_TYPE_HEADER: + case KRB5_CRYPTO_TYPE_TRAILER: + case KRB5_CRYPTO_TYPE_CHECKSUM: + iov->data.length = ktp->crypto_length(ktp, iov->flags); + break; + case KRB5_CRYPTO_TYPE_EMPTY: + case KRB5_CRYPTO_TYPE_SIGN_ONLY: + default: + break; + } } - if (ret != 0) - return ret; - - ret = krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, - data_length, &pad_length); - if (ret != 0) - return ret; - + pad_length = krb5int_c_padding_length(ktp, data_length); if (pad_length != 0 && padding == NULL) - return EINVAL; + return EINVAL; if (padding != NULL) - padding->data.length = pad_length; + padding->data.length = pad_length; return 0; } diff --git a/src/lib/crypto/krb/crypto_libinit.c b/src/lib/crypto/krb/crypto_libinit.c index 91bf8ac..a69db38 100644 --- a/src/lib/crypto/krb/crypto_libinit.c +++ b/src/lib/crypto/krb/crypto_libinit.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include <assert.h> #include "k5-int.h" @@ -28,6 +29,6 @@ int krb5int_crypto_init(void) void cryptoint_cleanup_library (void) { if (!INITIALIZER_RAN(cryptoint_initialize_library)) - return; + return; krb5int_prng_cleanup (); } diff --git a/src/lib/crypto/krb/decrypt.c b/src/lib/crypto/krb/decrypt.c index 9ad68ad..c12c90d 100644 --- a/src/lib/crypto/krb/decrypt.c +++ b/src/lib/crypto/krb/decrypt.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,41 +31,72 @@ krb5_error_code KRB5_CALLCONV krb5_k_decrypt(krb5_context context, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - const krb5_enc_data *input, krb5_data *output) + krb5_keyusage usage, const krb5_data *ivec, + const krb5_enc_data *input, krb5_data *output) { const struct krb5_keytypes *ktp; + krb5_crypto_iov iov[4]; + krb5_error_code ret; + unsigned int header_len, trailer_len, plain_len; + char *scratch = NULL; ktp = find_enctype(key->keyblock.enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; if (input->enctype != ENCTYPE_UNKNOWN && ktp->etype != input->enctype) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; + + /* Verify the input and output lengths. */ + header_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER); + trailer_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); + if (input->ciphertext.length < header_len + trailer_len) + return KRB5_BAD_MSIZE; + plain_len = input->ciphertext.length - header_len - trailer_len; + if (output->length < plain_len) + return KRB5_BAD_MSIZE; + + scratch = k5alloc(header_len + trailer_len, &ret); + if (scratch == NULL) + return ret; + + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + iov[0].data = make_data(scratch, header_len); + memcpy(iov[0].data.data, input->ciphertext.data, header_len); - if (ktp->decrypt == NULL) { - assert(ktp->aead != NULL); + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data = make_data(output->data, plain_len); + memcpy(iov[1].data.data, input->ciphertext.data + header_len, plain_len); - return krb5int_c_decrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash, - key, usage, ivec, - &input->ciphertext, output); - } + /* Use empty padding since tokens don't indicate the padding length. */ + iov[2].flags = KRB5_CRYPTO_TYPE_PADDING; + iov[2].data = empty_data(); - return (*ktp->decrypt)(ktp->enc, ktp->hash, key, usage, ivec, - &input->ciphertext, output); + iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER; + iov[3].data = make_data(scratch + header_len, trailer_len); + memcpy(iov[3].data.data, input->ciphertext.data + header_len + plain_len, + trailer_len); + + ret = ktp->decrypt(ktp, key, usage, ivec, iov, 4); + if (ret != 0) + zap(output->data, plain_len); + else + output->length = plain_len; + zapfree(scratch, header_len + trailer_len); + return ret; } krb5_error_code KRB5_CALLCONV krb5_c_decrypt(krb5_context context, const krb5_keyblock *keyblock, - krb5_keyusage usage, const krb5_data *ivec, - const krb5_enc_data *input, krb5_data *output) + krb5_keyusage usage, const krb5_data *ivec, + const krb5_enc_data *input, krb5_data *output) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_decrypt(context, key, usage, ivec, input, output); krb5_k_free_key(context, key); return ret; diff --git a/src/lib/crypto/krb/decrypt_iov.c b/src/lib/crypto/krb/decrypt_iov.c index 1813af9..f52a727 100644 --- a/src/lib/crypto/krb/decrypt_iov.c +++ b/src/lib/crypto/krb/decrypt_iov.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/encrypt_iov.c * @@ -29,46 +30,38 @@ #include "aead.h" krb5_error_code KRB5_CALLCONV -krb5_k_decrypt_iov(krb5_context context, - krb5_key key, - krb5_keyusage usage, - const krb5_data *cipher_state, - krb5_crypto_iov *data, - size_t num_data) +krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, + const krb5_data *cipher_state, krb5_crypto_iov *data, + size_t num_data) { const struct krb5_keytypes *ktp; ktp = find_enctype(key->keyblock.enctype); - if (ktp == NULL || ktp->aead == NULL) - return KRB5_BAD_ENCTYPE; + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; if (krb5int_c_locate_iov(data, num_data, - KRB5_CRYPTO_TYPE_STREAM) != NULL) { - return krb5int_c_iov_decrypt_stream(ktp->aead, ktp->enc, ktp->hash, - key, usage, cipher_state, data, - num_data); + KRB5_CRYPTO_TYPE_STREAM) != NULL) { + return krb5int_c_iov_decrypt_stream(ktp, key, usage, cipher_state, + data, num_data); } - return (*ktp->aead->decrypt_iov)(ktp->aead, ktp->enc, ktp->hash, key, - usage, cipher_state, data, num_data); + return ktp->decrypt(ktp, key, usage, cipher_state, data, num_data); } krb5_error_code KRB5_CALLCONV -krb5_c_decrypt_iov(krb5_context context, - const krb5_keyblock *keyblock, - krb5_keyusage usage, - const krb5_data *cipher_state, - krb5_crypto_iov *data, - size_t num_data) +krb5_c_decrypt_iov(krb5_context context, const krb5_keyblock *keyblock, + krb5_keyusage usage, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_decrypt_iov(context, key, usage, cipher_state, data, - num_data); + num_data); krb5_k_free_key(context, key); return ret; } diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c index 9995b27..d44b31f 100644 --- a/src/lib/crypto/krb/default_state.c +++ b/src/lib/crypto/krb/default_state.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2001 by the Massachusetts Institute of Technology. * All rights reserved. @@ -34,27 +35,27 @@ krb5_error_code krb5int_des_init_state (const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state ) { - new_state->length = 8; - new_state->data = (void *) malloc(8); - if (new_state->data) { - memset (new_state->data, 0, new_state->length); - /* We need to copy in the key for des-cbc-cr--ick, but that's how it works*/ - if (key->enctype == ENCTYPE_DES_CBC_CRC) { - memcpy (new_state->data, key->contents, new_state->length); - } - } else { - return ENOMEM; - } - return 0; + new_state->length = 8; + new_state->data = (void *) malloc(8); + if (new_state->data) { + memset (new_state->data, 0, new_state->length); + /* We need to copy in the key for des-cbc-cr--ick, but that's how it works*/ + if (key->enctype == ENCTYPE_DES_CBC_CRC) { + memcpy (new_state->data, key->contents, new_state->length); + } + } else { + return ENOMEM; + } + return 0; } krb5_error_code krb5int_default_free_state (krb5_data *state) { - if (state->data) { - free (state->data); - state-> data = NULL; - state->length = 0; - } - return 0; + if (state->data) { + free (state->data); + state-> data = NULL; + state->length = 0; + } + return 0; } diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps index 7d9005c..5e081f7 100644 --- a/src/lib/crypto/krb/deps +++ b/src/lib/crypto/krb/deps @@ -3,454 +3,455 @@ # aead.so aead.po $(OUTPRE)aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/dk/dk.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/dk/dk.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ aead.c aead.h cksumtypes.h etypes.h block_size.so block_size.po $(OUTPRE)block_size.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ block_size.c etypes.h checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - checksum_length.c cksumtypes.h + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + checksum_length.c cksumtypes.h etypes.h cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtype_to_string.c cksumtypes.h + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtype_to_string.c cksumtypes.h etypes.h cksumtypes.so cksumtypes.po $(OUTPRE)cksumtypes.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/enc_provider/enc_provider.h \ $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/keyhash_provider/keyhash_provider.h cksumtypes.c \ - cksumtypes.h + $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.c cksumtypes.h etypes.h coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtypes.h coll_proof_cksum.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.h coll_proof_cksum.c etypes.h combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/dk/dk.h combine_keys.c etypes.h + $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h combine_keys.c \ + etypes.h crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ aead.h cksumtypes.h crypto_length.c etypes.h crypto_libinit.so crypto_libinit.po $(OUTPRE)crypto_libinit.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ crypto_libinit.c default_state.so default_state.po $(OUTPRE)default_state.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ default_state.c decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ decrypt.c etypes.h decrypt_iov.so decrypt_iov.po $(OUTPRE)decrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ aead.h cksumtypes.h decrypt_iov.c etypes.h encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ encrypt.c etypes.h encrypt_iov.so encrypt_iov.po $(OUTPRE)encrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ encrypt_iov.c etypes.h encrypt_length.so encrypt_length.po $(OUTPRE)encrypt_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ aead.h cksumtypes.h encrypt_length.c etypes.h enctype_compare.so enctype_compare.po $(OUTPRE)enctype_compare.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ enctype_compare.c etypes.h enctype_to_string.so enctype_to_string.po $(OUTPRE)enctype_to_string.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ enctype_to_string.c etypes.h etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/aes/aes_s2k.h \ - $(srcdir)/../builtin/arcfour/arcfour.h $(srcdir)/../builtin/des/des_int.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \ $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/dk/dk.h $(srcdir)/old/old.h $(srcdir)/prf/prf_int.h \ - $(srcdir)/raw/raw.h etypes.c etypes.h + $(srcdir)/arcfour/arcfour.h $(srcdir)/dk/dk.h $(srcdir)/old/old.h \ + $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h etypes.c etypes.h key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h key.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h key.c keyblocks.so keyblocks.po $(OUTPRE)keyblocks.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ keyblocks.c keyed_cksum.so keyed_cksum.po $(OUTPRE)keyed_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtypes.h keyed_cksum.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.h etypes.h keyed_cksum.c keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cksumtypes.h etypes.h keyed_checksum_types.c keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h keylengths.c make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/dk/dk.h cksumtypes.h etypes.h make_checksum.c + $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ + make_checksum.c make_checksum_iov.so make_checksum_iov.po $(OUTPRE)make_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - aead.h cksumtypes.h make_checksum_iov.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aead.h cksumtypes.h etypes.h make_checksum_iov.c make_random_key.so make_random_key.po $(OUTPRE)make_random_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h make_random_key.c mandatory_sumtype.so mandatory_sumtype.po $(OUTPRE)mandatory_sumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h mandatory_sumtype.c nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h nfold.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h nfold.c old_api_glue.so old_api_glue.po $(OUTPRE)old_api_glue.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ old_api_glue.c prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h etypes.h prf.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h etypes.h prf.c cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h cf2.c etypes.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cf2.c etypes.h prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/enc_provider/enc_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/enc_provider/enc_provider.h \ $(srcdir)/../builtin/sha1/shs.h $(srcdir)/../builtin/yhash.h \ $(srcdir)/yarrow/yarrow.h $(srcdir)/yarrow/ycipher.h \ - $(srcdir)/yarrow/ytypes.h prng.c + $(srcdir)/yarrow/ytypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h prng.c random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h random_to_key.c state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h etypes.h state.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h etypes.h state.c string_to_cksumtype.so string_to_cksumtype.po $(OUTPRE)string_to_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtypes.h string_to_cksumtype.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.h etypes.h string_to_cksumtype.c string_to_enctype.so string_to_enctype.po $(OUTPRE)string_to_enctype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h string_to_enctype.c string_to_key.so string_to_key.po $(OUTPRE)string_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h string_to_key.c valid_cksumtype.so valid_cksumtype.po $(OUTPRE)valid_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtypes.h valid_cksumtype.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.h etypes.h valid_cksumtype.c valid_enctype.so valid_enctype.po $(OUTPRE)valid_enctype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ etypes.h valid_enctype.c verify_checksum.so verify_checksum.po $(OUTPRE)verify_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - cksumtypes.h verify_checksum.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + cksumtypes.h etypes.h verify_checksum.c verify_checksum_iov.so verify_checksum_iov.po $(OUTPRE)verify_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - aead.h cksumtypes.h verify_checksum_iov.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aead.h cksumtypes.h etypes.h verify_checksum_iov.c diff --git a/src/lib/crypto/krb/dk/Makefile.in b/src/lib/crypto/krb/dk/Makefile.in index a731cbc..8d65857 100644 --- a/src/lib/crypto/krb/dk/Makefile.in +++ b/src/lib/crypto/krb/dk/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/dk mydir=lib/crypto/krb/dk BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../@CRYPTO_IMPL@ @@ -15,24 +13,18 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS=\ checksum.o \ dk_aead.o \ - dk_decrypt.o \ - dk_encrypt.o \ derive.o \ stringtokey.o OBJS=\ $(OUTPRE)checksum.$(OBJEXT) \ $(OUTPRE)dk_aead.$(OBJEXT) \ - $(OUTPRE)dk_decrypt.$(OBJEXT) \ - $(OUTPRE)dk_encrypt.$(OBJEXT) \ $(OUTPRE)derive.$(OBJEXT) \ $(OUTPRE)stringtokey.$(OBJEXT) SRCS=\ $(srcdir)/checksum.c \ $(srcdir)/dk_aead.c \ - $(srcdir)/dk_decrypt.c \ - $(srcdir)/dk_encrypt.c \ $(srcdir)/derive.c \ $(srcdir)/stringtokey.c diff --git a/src/lib/crypto/krb/dk/checksum.c b/src/lib/crypto/krb/dk/checksum.c index 538060d..3dbde10 100644 --- a/src/lib/crypto/krb/dk/checksum.c +++ b/src/lib/crypto/krb/dk/checksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,14 +28,15 @@ #include "k5-int.h" #include "etypes.h" #include "dk.h" -#include "aead.h" +#include "cksumtypes.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ krb5_error_code -krb5int_dk_make_checksum(const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output) +krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; @@ -43,82 +45,26 @@ krb5int_dk_make_checksum(const struct krb5_hash_provider *hash, krb5_data datain; krb5_key kc; + /* Use the key's enctype (more flexible than setting an enctype in ctp). */ ktp = find_enctype(key->keyblock.enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; enc = ktp->enc; - - /* - * key->length will be tested in enc->encrypt. - * output->length will be tested in krb5int_hmac. - */ + if (key->keyblock.length != enc->keylength) + return KRB5_BAD_KEYSIZE; /* Derive the key. */ - - datain.data = (char *) constantdata; - datain.length = K5CLENGTH; - + datain = make_data(constantdata, K5CLENGTH); store_32_be(usage, constantdata); - - datain.data[4] = (char) 0x99; - + constantdata[4] = (char) 0x99; ret = krb5int_derive_key(enc, key, &kc, &datain); if (ret) - return ret; - - /* hash the data */ - - datain = *input; - - ret = krb5int_hmac(hash, kc, 1, &datain, output); - if (ret) - memset(output->data, 0, output->length); - - krb5_k_free_key(NULL, kc); - return ret; -} - -krb5_error_code -krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) -{ - const struct krb5_keytypes *ktp; - const struct krb5_enc_provider *enc; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data datain; - krb5_key kc; - - ktp = find_enctype(key->keyblock.enctype); - if (ktp == NULL) - return KRB5_BAD_ENCTYPE; - enc = ktp->enc; - - /* - * key->length will be tested in enc->encrypt. - * output->length will be tested in krb5int_hmac. - */ - - /* Derive the key. */ - - datain.data = (char *) constantdata; - datain.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - datain.data[4] = (char) 0x99; - - ret = krb5int_derive_key(enc, key, &kc, &datain); - if (ret) - return ret; + return ret; /* Hash the data. */ - - ret = krb5int_hmac_iov(hash, kc, data, num_data, output); + ret = krb5int_hmac(ctp->hash, kc, data, num_data, output); if (ret) - memset(output->data, 0, output->length); + memset(output->data, 0, output->length); krb5_k_free_key(NULL, kc); return ret; diff --git a/src/lib/crypto/krb/dk/deps b/src/lib/crypto/krb/dk/deps index c41a570..029fe6a 100644 --- a/src/lib/crypto/krb/dk/deps +++ b/src/lib/crypto/krb/dk/deps @@ -4,66 +4,45 @@ checksum.so checksum.po $(OUTPRE)checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ checksum.c dk.h dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h dk.h dk_aead.c -dk_decrypt.so dk_decrypt.po $(OUTPRE)dk_decrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - dk.h dk_decrypt.c -dk_encrypt.so dk_encrypt.po $(OUTPRE)dk_encrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - dk.h dk_encrypt.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ + $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk.h dk_aead.c derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h derive.c dk.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + derive.c dk.h stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - dk.h stringtokey.c + $(COM_ERR_DEPS) $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk.h stringtokey.c diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c index 5019975..384a5e4 100644 --- a/src/lib/crypto/krb/dk/derive.c +++ b/src/lib/crypto/krb/dk/derive.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -31,17 +32,17 @@ static krb5_key find_cached_dkey(struct derived_key *list, const krb5_data *constant) { for (; list; list = list->next) { - if (data_eq(list->constant, *constant)) { - krb5_k_reference_key(NULL, list->dkey); - return list->dkey; - } + if (data_eq(list->constant, *constant)) { + krb5_k_reference_key(NULL, list->dkey); + return list->dkey; + } } return NULL; } static krb5_error_code add_cached_dkey(krb5_key key, const krb5_data *constant, - const krb5_keyblock *dkeyblock, krb5_key *cached_dkey) + const krb5_keyblock *dkeyblock, krb5_key *cached_dkey) { krb5_key dkey; krb5_error_code ret; @@ -51,13 +52,13 @@ add_cached_dkey(krb5_key key, const krb5_data *constant, /* Allocate fields for the new entry. */ dkent = malloc(sizeof(*dkent)); if (dkent == NULL) - goto cleanup; + goto cleanup; data = malloc(constant->length); if (data == NULL) - goto cleanup; + goto cleanup; ret = krb5_k_create_key(NULL, dkeyblock, &dkey); if (ret != 0) - goto cleanup; + goto cleanup; /* Add the new entry to the list. */ memcpy(data, constant->data, constant->length); @@ -78,93 +79,93 @@ cleanup: return ENOMEM; } -/* - * Compute a derived key into the keyblock outkey. This variation on - * krb5int_derive_key does not cache the result, as it is only used - * directly in situations which are not expected to be repeated with - * the same inkey and constant. - */ krb5_error_code -krb5int_derive_keyblock(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_keyblock *outkey, - const krb5_data *in_constant) +krb5int_derive_random(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_data *outrnd, + const krb5_data *in_constant) { size_t blocksize, keybytes, n; - unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL; - krb5_data inblock, outblock; + krb5_crypto_iov iov; krb5_error_code ret; blocksize = enc->block_size; keybytes = enc->keybytes; - if (inkey->keyblock.length != enc->keylength || - outkey->length != enc->keylength) - return KRB5_CRYPTO_INTERNAL; + if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) + return KRB5_CRYPTO_INTERNAL; - /* Allocate and set up buffers. */ - inblockdata = k5alloc(blocksize, &ret); + /* Allocate encryption data buffer. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + ret = alloc_data(&iov.data, blocksize); if (ret) - goto cleanup; - outblockdata = k5alloc(blocksize, &ret); - if (ret) - goto cleanup; - rawkey = k5alloc(keybytes, &ret); - if (ret) - goto cleanup; - - inblock.data = (char *) inblockdata; - inblock.length = blocksize; - - outblock.data = (char *) outblockdata; - outblock.length = blocksize; + return ret; /* Initialize the input block. */ - - if (in_constant->length == inblock.length) { - memcpy(inblock.data, in_constant->data, inblock.length); + if (in_constant->length == blocksize) { + memcpy(iov.data.data, in_constant->data, blocksize); } else { - krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data, - inblock.length*8, (unsigned char *) inblock.data); + krb5int_nfold(in_constant->length * 8, + (unsigned char *) in_constant->data, + blocksize * 8, (unsigned char *) iov.data.data); } - /* Loop encrypting the blocks until enough key bytes are generated */ - + /* Loop encrypting the blocks until enough key bytes are generated. */ n = 0; while (n < keybytes) { - ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock); - if (ret) - goto cleanup; + ret = enc->encrypt(inkey, 0, &iov, 1); + if (ret) + goto cleanup; - if ((keybytes - n) <= outblock.length) { - memcpy(rawkey + n, outblock.data, (keybytes - n)); - break; - } + if ((keybytes - n) <= blocksize) { + memcpy(outrnd->data + n, iov.data.data, (keybytes - n)); + break; + } - memcpy(rawkey+n, outblock.data, outblock.length); - memcpy(inblock.data, outblock.data, outblock.length); - n += outblock.length; + memcpy(outrnd->data + n, iov.data.data, blocksize); + n += blocksize; } - /* postprocess the key */ +cleanup: + zapfree(iov.data.data, blocksize); + return ret; +} + +/* + * Compute a derived key into the keyblock outkey. This variation on + * krb5int_derive_key does not cache the result, as it is only used + * directly in situations which are not expected to be repeated with + * the same inkey and constant. + */ +krb5_error_code +krb5int_derive_keyblock(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_keyblock *outkey, + const krb5_data *in_constant) +{ + krb5_error_code ret; + krb5_data rawkey = empty_data(); - inblock.data = (char *) rawkey; - inblock.length = keybytes; + /* Allocate a buffer for the raw key bytes. */ + ret = alloc_data(&rawkey, enc->keybytes); + if (ret) + goto cleanup; - ret = (*enc->make_key)(&inblock, outkey); + /* Derive pseudo-random data for the key bytes. */ + ret = krb5int_derive_random(enc, inkey, &rawkey, in_constant); if (ret) - goto cleanup; + goto cleanup; + + /* Postprocess the key. */ + ret = enc->make_key(&rawkey, outkey); cleanup: - zapfree(inblockdata, blocksize); - zapfree(outblockdata, blocksize); - zapfree(rawkey, keybytes); + zapfree(rawkey.data, enc->keybytes); return ret; } krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_key *outkey, - const krb5_data *in_constant) + krb5_key inkey, krb5_key *outkey, + const krb5_data *in_constant) { krb5_keyblock keyblock; krb5_error_code ret; @@ -175,23 +176,23 @@ krb5int_derive_key(const struct krb5_enc_provider *enc, /* Check for a cached result. */ dkey = find_cached_dkey(inkey->derived, in_constant); if (dkey != NULL) { - *outkey = dkey; - return 0; + *outkey = dkey; + return 0; } /* Derive into a temporary keyblock. */ keyblock.length = enc->keylength; keyblock.contents = malloc(keyblock.length); if (keyblock.contents == NULL) - return ENOMEM; + return ENOMEM; ret = krb5int_derive_keyblock(enc, inkey, &keyblock, in_constant); if (ret) - goto cleanup; + goto cleanup; /* Cache the derived key. */ ret = add_cached_dkey(inkey, in_constant, &keyblock, &dkey); if (ret != 0) - goto cleanup; + goto cleanup; *outkey = dkey; @@ -199,72 +200,3 @@ cleanup: zapfree(keyblock.contents, keyblock.length); return ret; } - -krb5_error_code -krb5int_derive_random(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant) -{ - size_t blocksize, keybytes, n; - unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL; - krb5_data inblock, outblock; - krb5_error_code ret; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - - if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) - return KRB5_CRYPTO_INTERNAL; - - /* Allocate and set up buffers. */ - - inblockdata = k5alloc(blocksize, &ret); - if (ret) - goto cleanup; - outblockdata = k5alloc(blocksize, &ret); - if (ret) - goto cleanup; - rawkey = k5alloc(keybytes, &ret); - if (ret) - goto cleanup; - - inblock.data = (char *) inblockdata; - inblock.length = blocksize; - - outblock.data = (char *) outblockdata; - outblock.length = blocksize; - - /* Initialize the input block. */ - if (in_constant->length == inblock.length) { - memcpy(inblock.data, in_constant->data, inblock.length); - } else { - krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data, - inblock.length*8, (unsigned char *) inblock.data); - } - - /* Loop encrypting the blocks until enough key bytes are generated. */ - n = 0; - while (n < keybytes) { - ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock); - if (ret) - goto cleanup; - - if ((keybytes - n) <= outblock.length) { - memcpy(rawkey + n, outblock.data, (keybytes - n)); - break; - } - - memcpy(rawkey+n, outblock.data, outblock.length); - memcpy(inblock.data, outblock.data, outblock.length); - n += outblock.length; - } - - /* Postprocess the key. */ - memcpy(outrnd->data, rawkey, keybytes); - -cleanup: - zapfree(inblockdata, blocksize); - zapfree(outblockdata, blocksize); - zapfree(rawkey, keybytes); - return ret; -} diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h index 76937da..0fdd984 100644 --- a/src/lib/crypto/krb/dk/dk.h +++ b/src/lib/crypto/krb/dk/dk.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -25,87 +26,56 @@ */ #include "k5-int.h" +#include "etypes.h" +#include "cksumtypes.h" -void -krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); +unsigned int +krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); -krb5_error_code -krb5int_dk_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); - -void -krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); +unsigned int +krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); krb5_error_code -krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *output); +krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); krb5_error_code -krb5int_dk_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); +krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); krb5_error_code -krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *arg_output); +krb5int_dk_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, const krb5_data *salt, + const krb5_data *params, krb5_keyblock *key); krb5_error_code -krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); +krb5int_aes_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, const krb5_data *salt, + const krb5_data *params, krb5_keyblock *key); krb5_error_code krb5int_derive_keyblock(const struct krb5_enc_provider *enc, - krb5_key inkey, - krb5_keyblock *outkey, - const krb5_data *in_constant); + krb5_key inkey, + krb5_keyblock *outkey, + const krb5_data *in_constant); krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc, - krb5_key inkey, - krb5_key *outkey, - const krb5_data *in_constant); - -krb5_error_code -krb5int_dk_make_checksum(const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *input, - krb5_data *output); + krb5_key inkey, + krb5_key *outkey, + const krb5_data *in_constant); krb5_error_code -krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); +krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output); krb5_error_code krb5int_derive_random(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant); - -/* AEAD */ - -extern const struct krb5_aead_provider krb5int_aead_dk; -extern const struct krb5_aead_provider krb5int_aead_aes; + krb5_key inkey, krb5_data *outrnd, + const krb5_data *in_constant); diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index e35ca55..f44ae84 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/dk/dk_aead.c * @@ -33,99 +34,96 @@ /* AEAD */ -static krb5_error_code -krb5int_dk_crypto_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length) +unsigned int +krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, krb5_cryptotype type) { switch (type) { case KRB5_CRYPTO_TYPE_HEADER: case KRB5_CRYPTO_TYPE_PADDING: - *length = enc->block_size; - break; + return ktp->enc->block_size; case KRB5_CRYPTO_TYPE_TRAILER: case KRB5_CRYPTO_TYPE_CHECKSUM: - *length = hash->hashsize; - break; + return ktp->hash->hashsize; default: - assert(0 && "invalid cryptotype passed to krb5int_dk_crypto_length"); - break; + assert(0 && "invalid cryptotype passed to krb5int_dk_crypto_length"); + return 0; } +} - return 0; +unsigned int +krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type) +{ + switch (type) { + case KRB5_CRYPTO_TYPE_HEADER: + return ktp->enc->block_size; + case KRB5_CRYPTO_TYPE_PADDING: + return 0; + case KRB5_CRYPTO_TYPE_TRAILER: + case KRB5_CRYPTO_TYPE_CHECKSUM: + return 96 / 8; + default: + assert(0 && "invalid cryptotype passed to krb5int_aes_crypto_length"); + return 0; + } } -static krb5_error_code -krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data d1, d2; krb5_crypto_iov *header, *trailer, *padding; krb5_key ke = NULL, ki = NULL; size_t i; - unsigned int blocksize = 0; - unsigned int plainlen = 0; - unsigned int hmacsize = 0; - unsigned int padsize = 0; + unsigned int blocksize, hmacsize, plainlen = 0, padsize = 0; unsigned char *cksum = NULL; /* E(Confounder | Plaintext | Pad) | Checksum */ - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, - &blocksize); - if (ret != 0) - return ret; - - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &hmacsize); - if (ret != 0) - return ret; + blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); + hmacsize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (iov->flags == KRB5_CRYPTO_TYPE_DATA) - plainlen += iov->data.length; + if (iov->flags == KRB5_CRYPTO_TYPE_DATA) + plainlen += iov->data.length; } /* Validate header and trailer lengths. */ header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); if (header == NULL || header->data.length < enc->block_size) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); if (trailer == NULL || trailer->data.length < hmacsize) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; if (blocksize != 0) { - /* Check that the input data is correctly padded. */ - if (plainlen % blocksize) - padsize = blocksize - (plainlen % blocksize); + /* Check that the input data is correctly padded. */ + if (plainlen % blocksize) + padsize = blocksize - (plainlen % blocksize); } padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); if (padsize && (padding == NULL || padding->data.length < padsize)) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; if (padding != NULL) { - memset(padding->data.data, 0, padsize); - padding->data.length = padsize; + memset(padding->data.data, 0, padsize); + padding->data.length = padsize; } cksum = k5alloc(hash->hashsize, &ret); if (ret != 0) - goto cleanup; + goto cleanup; /* Derive the keys. */ @@ -138,13 +136,13 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) - goto cleanup; + goto cleanup; d1.data[4] = 0x55; ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) - goto cleanup; + goto cleanup; /* Generate confounder. */ @@ -152,22 +150,20 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, ret = krb5_c_random_make_octets(/* XXX */ NULL, &header->data); if (ret != 0) - goto cleanup; + goto cleanup; /* Hash the plaintext. */ d2.length = hash->hashsize; d2.data = (char *)cksum; - ret = krb5int_hmac_iov(hash, ki, data, num_data, &d2); + ret = krb5int_hmac(hash, ki, data, num_data, &d2); if (ret != 0) - goto cleanup; + goto cleanup; /* Encrypt the plaintext (header | data | padding) */ - assert(enc->encrypt_iov != NULL); - - ret = (*enc->encrypt_iov)(ke, ivec, data, num_data); /* updates ivec */ + ret = enc->encrypt(ke, ivec, data, num_data); if (ret != 0) - goto cleanup; + goto cleanup; /* Possibly truncate the hash */ assert(hmacsize <= d2.length); @@ -182,75 +178,53 @@ cleanup: return ret; } -static krb5_error_code -krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data d1; krb5_crypto_iov *header, *trailer; krb5_key ke = NULL, ki = NULL; size_t i; - unsigned int blocksize = 0; /* enc block size, not confounder len */ - unsigned int cipherlen = 0; - unsigned int hmacsize = 0; + unsigned int blocksize; /* enc block size, not confounder len */ + unsigned int hmacsize, cipherlen = 0; unsigned char *cksum = NULL; - if (krb5int_c_locate_iov(data, num_data, - KRB5_CRYPTO_TYPE_STREAM) != NULL) { - return krb5int_c_iov_decrypt_stream(aead, enc, hash, key, - usage, ivec, data, num_data); - } - /* E(Confounder | Plaintext | Pad) | Checksum */ - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, - &blocksize); - if (ret != 0) - return ret; - - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &hmacsize); - if (ret != 0) - return ret; - - for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); + hmacsize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); - if (ENCRYPT_DATA_IOV(iov)) - cipherlen += iov->data.length; - } - - if (blocksize == 0) { - /* Check for correct input length in CTS mode */ - if (enc->block_size != 0 && cipherlen < enc->block_size) - return KRB5_BAD_MSIZE; - } else { - /* Check that the input data is correctly padded */ - if ((cipherlen % blocksize) != 0) - return KRB5_BAD_MSIZE; + if (blocksize != 0) { + /* Check that the input data is correctly padded. */ + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (ENCRYPT_DATA_IOV(iov)) + cipherlen += iov->data.length; + } + if (cipherlen % blocksize != 0) + return KRB5_BAD_MSIZE; } /* Validate header and trailer lengths */ header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); if (header == NULL || header->data.length != enc->block_size) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); if (trailer == NULL || trailer->data.length != hmacsize) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; cksum = k5alloc(hash->hashsize, &ret); if (ret != 0) - goto cleanup; + goto cleanup; /* Derive the keys. */ @@ -263,33 +237,31 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) - goto cleanup; + goto cleanup; d1.data[4] = 0x55; ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) - goto cleanup; + goto cleanup; /* Decrypt the plaintext (header | data | padding). */ - assert(enc->decrypt_iov != NULL); - - ret = (*enc->decrypt_iov)(ke, ivec, data, num_data); /* updates ivec */ + ret = enc->decrypt(ke, ivec, data, num_data); if (ret != 0) - goto cleanup; + goto cleanup; /* Verify the hash. */ d1.length = hash->hashsize; /* non-truncated length */ d1.data = (char *)cksum; - ret = krb5int_hmac_iov(hash, ki, data, num_data, &d1); + ret = krb5int_hmac(hash, ki, data, num_data, &d1); if (ret != 0) - goto cleanup; + goto cleanup; /* Compare only the possibly truncated length. */ if (memcmp(cksum, trailer->data.data, hmacsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + goto cleanup; } cleanup: @@ -298,41 +270,3 @@ cleanup: free(cksum); return ret; } - -const struct krb5_aead_provider krb5int_aead_dk = { - krb5int_dk_crypto_length, - krb5int_dk_encrypt_iov, - krb5int_dk_decrypt_iov -}; - -static krb5_error_code -krb5int_aes_crypto_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - *length = enc->block_size; - break; - case KRB5_CRYPTO_TYPE_PADDING: - *length = 0; - break; - case KRB5_CRYPTO_TYPE_TRAILER: - case KRB5_CRYPTO_TYPE_CHECKSUM: - *length = 96 / 8; - break; - default: - assert(0 && "invalid cryptotype passed to krb5int_aes_crypto_length"); - break; - } - - return 0; -} - -const struct krb5_aead_provider krb5int_aead_aes = { - krb5int_aes_crypto_length, - krb5int_dk_encrypt_iov, - krb5int_dk_decrypt_iov -}; diff --git a/src/lib/crypto/krb/dk/dk_decrypt.c b/src/lib/crypto/krb/dk/dk_decrypt.c deleted file mode 100644 index b080d5f..0000000 --- a/src/lib/crypto/krb/dk/dk_decrypt.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "dk.h" - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -static krb5_error_code -krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *output, - size_t hmacsize, - int ivec_mode); - -krb5_error_code -krb5int_dk_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - return krb5_dk_decrypt_maybe_trunc_hmac(enc, hash, key, usage, - ivec, input, output, 0, 0); -} - -krb5_error_code -krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - return krb5_dk_decrypt_maybe_trunc_hmac(enc, hash, key, usage, - ivec, input, output, 96 / 8, 1); -} - -static krb5_error_code -krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output, size_t hmacsize, - int ivec_mode) -{ - krb5_error_code ret; - size_t hashsize, blocksize, enclen, plainlen; - unsigned char *plaindata = NULL, *cksum = NULL, *cn; - krb5_key ke = NULL, ki = NULL; - krb5_data d1, d2; - unsigned char constantdata[K5CLENGTH]; - - hashsize = hash->hashsize; - blocksize = enc->block_size; - - if (hmacsize == 0) - hmacsize = hashsize; - else if (hmacsize > hashsize) - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - - enclen = input->length - hmacsize; - - /* Allocate and set up ciphertext and to-be-derived keys. */ - plaindata = k5alloc(enclen, &ret); - if (ret != 0) - goto cleanup; - cksum = k5alloc(hashsize, &ret); - if (ret != 0) - goto cleanup; - - /* Derive the keys. */ - - d1.data = (char *) constantdata; - d1.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - d1.data[4] = (char) 0xAA; - - ret = krb5int_derive_key(enc, key, &ke, &d1); - if (ret != 0) - goto cleanup; - - d1.data[4] = 0x55; - - ret = krb5int_derive_key(enc, key, &ki, &d1); - if (ret != 0) - goto cleanup; - - /* decrypt the ciphertext */ - - d1.length = enclen; - d1.data = input->data; - - d2.length = enclen; - d2.data = (char *) plaindata; - - ret = (*enc->decrypt)(ke, ivec, &d1, &d2); - if (ret != 0) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) { - if (ivec_mode == 0) - cn = (unsigned char *) d1.data + d1.length - blocksize; - else if (ivec_mode == 1) { - int nblocks = (d1.length + blocksize - 1) / blocksize; - cn = (unsigned char *) d1.data + blocksize * (nblocks - 2); - } else - abort(); - } else - cn = NULL; - - /* Verify the hash. */ - - d1.length = hashsize; - d1.data = (char *) cksum; - - ret = krb5int_hmac(hash, ki, 1, &d2, &d1); - if (ret != 0) - goto cleanup; - - if (memcmp(cksum, input->data+enclen, hmacsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - /* - * Because this encoding isn't self-describing wrt length, the - * best we can do here is to compute the length minus the - * confounder. - */ - - plainlen = enclen - blocksize; - - if (output->length < plainlen) - return KRB5_BAD_MSIZE; - - output->length = plainlen; - - memcpy(output->data, d2.data+blocksize, output->length); - - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - zapfree(plaindata, enclen); - zapfree(cksum, hashsize); - return ret; -} diff --git a/src/lib/crypto/krb/dk/dk_encrypt.c b/src/lib/crypto/krb/dk/dk_encrypt.c deleted file mode 100644 index e84a092..0000000 --- a/src/lib/crypto/krb/dk/dk_encrypt.c +++ /dev/null @@ -1,307 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "dk.h" - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -/* - * The spec says that the confounder size and padding are specific to - * the encryption algorithm. This code (dk_encrypt_length and - * dk_encrypt) assume the confounder is always the blocksize, and the - * padding is always zero bytes up to the blocksize. If these - * assumptions ever fails, the keytype table should be extended to - * include these bits of info. - */ - -void -krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - *length = krb5_roundup(blocksize + inputlen, blocksize) + hashsize; -} - -krb5_error_code -krb5int_dk_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - size_t blocksize, plainlen, enclen; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1, d2; - unsigned char *plaintext = NULL; - char *cn; - krb5_key ke = NULL, ki = NULL; - - blocksize = enc->block_size; - plainlen = krb5_roundup(blocksize + input->length, blocksize); - - krb5int_dk_encrypt_length(enc, hash, input->length, &enclen); - - /* key->length, ivec will be tested in enc->encrypt. */ - - if (output->length < enclen) - return(KRB5_BAD_MSIZE); - - /* Allocate and set up plaintext and to-be-derived keys. */ - - plaintext = malloc(plainlen); - if (plaintext == NULL) - return ENOMEM; - - /* Derive the keys. */ - - d1.data = (char *) constantdata; - d1.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - d1.data[4] = (char) 0xAA; - - ret = krb5int_derive_key(enc, key, &ke, &d1); - if (ret != 0) - goto cleanup; - - d1.data[4] = 0x55; - - ret = krb5int_derive_key(enc, key, &ki, &d1); - if (ret != 0) - goto cleanup; - - /* Put together the plaintext. */ - - d1.length = blocksize; - d1.data = (char *) plaintext; - - ret = krb5_c_random_make_octets(/* XXX */ 0, &d1); - if (ret != 0) - goto cleanup; - - memcpy(plaintext + blocksize, input->data, input->length); - - memset(plaintext + blocksize + input->length, 0, - plainlen - (blocksize + input->length)); - - /* Encrypt the plaintext. */ - - d1.length = plainlen; - d1.data = (char *) plaintext; - - d2.length = plainlen; - d2.data = output->data; - - ret = (*enc->encrypt)(ke, ivec, &d1, &d2); - if (ret != 0) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) - cn = d2.data + d2.length - blocksize; - else - cn = NULL; - - /* Hash the plaintext. */ - - d2.length = enclen - plainlen; - d2.data = output->data+plainlen; - - output->length = enclen; - - ret = krb5int_hmac(hash, ki, 1, &d1, &d2); - if (ret != 0) { - memset(d2.data, 0, d2.length); - goto cleanup; - } - - /* Update ivec. */ - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - zapfree(plaintext, plainlen); - return ret; -} - -/* Not necessarily "AES", per se, but "a CBC+CTS mode block cipher - with a 96-bit truncated HMAC". */ -void -krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = 96 / 8; - - /* No roundup, since CTS requires no padding once we've hit the - block size. */ - *length = blocksize+inputlen + hashsize; -} - -static krb5_error_code -trunc_hmac (const struct krb5_hash_provider *hash, - krb5_key ki, unsigned int num, - const krb5_data *input, const krb5_data *output) -{ - size_t hashsize; - krb5_data tmp; - krb5_error_code ret; - - hashsize = hash->hashsize; - if (hashsize < output->length) - return KRB5_CRYPTO_INTERNAL; - tmp.length = hashsize; - tmp.data = malloc(hashsize); - if (tmp.data == NULL) - return ENOMEM; - ret = krb5int_hmac(hash, ki, num, input, &tmp); - if (ret == 0) - memcpy(output->data, tmp.data, output->length); - memset(tmp.data, 0, hashsize); - free(tmp.data); - return ret; -} - -krb5_error_code -krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - size_t blocksize, keybytes, plainlen, enclen; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1, d2; - unsigned char *plaintext = NULL; - char *cn; - krb5_key ke = NULL, ki = NULL; - - /* allocate and set up plaintext and to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; - plainlen = blocksize+input->length; - - krb5int_aes_encrypt_length(enc, hash, input->length, &enclen); - - /* key->length, ivec will be tested in enc->encrypt */ - - if (output->length < enclen) - return KRB5_BAD_MSIZE; - - plaintext = malloc(plainlen); - if (plaintext == NULL) - return ENOMEM; - - /* Derive the keys. */ - - d1.data = (char *) constantdata; - d1.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - d1.data[4] = (char) 0xAA; - - ret = krb5int_derive_key(enc, key, &ke, &d1); - if (ret != 0) - goto cleanup; - - d1.data[4] = 0x55; - - ret = krb5int_derive_key(enc, key, &ki, &d1); - if (ret != 0) - goto cleanup; - - /* put together the plaintext */ - - d1.length = blocksize; - d1.data = (char *) plaintext; - - ret = krb5_c_random_make_octets(NULL, &d1); - if (ret != 0) - goto cleanup; - - memcpy(plaintext + blocksize, input->data, input->length); - - /* Ciphertext stealing; there should be no more. */ - if (plainlen != blocksize + input->length) - abort(); - - /* Encrypt the plaintext. */ - - d1.length = plainlen; - d1.data = (char *) plaintext; - - d2.length = plainlen; - d2.data = output->data; - - ret = (*enc->encrypt)(ke, ivec, &d1, &d2); - if (ret != 0) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) { - int nblocks = (d2.length + blocksize - 1) / blocksize; - cn = d2.data + blocksize * (nblocks - 2); - } else - cn = NULL; - - /* Hash the plaintext. */ - - d2.length = enclen - plainlen; - d2.data = output->data+plainlen; - if (d2.length != 96 / 8) - abort(); - - ret = trunc_hmac(hash, ki, 1, &d1, &d2); - if (ret != 0) { - memset(d2.data, 0, d2.length); - goto cleanup; - } - - output->length = enclen; - - /* Update ivec. */ - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - zapfree(plaintext, plainlen); - return ret; -} diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 59404e4..9a49187 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,10 +31,11 @@ static const unsigned char kerberos[] = "kerberos"; #define kerberos_len (sizeof(kerberos)-1) krb5_error_code -krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *parms, krb5_keyblock *keyblock) +krb5int_dk_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, const krb5_data *salt, + const krb5_data *parms, krb5_keyblock *keyblock) { + const struct krb5_enc_provider *enc = ktp->enc; krb5_error_code ret; size_t keybytes, keylength, concatlen; unsigned char *concat = NULL, *foldstring = NULL, *foldkeydata = NULL; @@ -50,19 +52,19 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, concat = k5alloc(concatlen, &ret); if (ret != 0) - goto cleanup; + goto cleanup; foldstring = k5alloc(keybytes, &ret); if (ret != 0) - goto cleanup; + goto cleanup; foldkeydata = k5alloc(keylength, &ret); if (ret != 0) - goto cleanup; + goto cleanup; /* construct input string ( = string + salt), fold it, make_key it */ memcpy(concat, string->data, string->length); if (salt) - memcpy(concat + string->length, salt->data, salt->length); + memcpy(concat + string->length, salt->data, salt->length); krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring); @@ -71,13 +73,13 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, foldkeyblock.length = keylength; foldkeyblock.contents = foldkeydata; - ret = (*enc->make_key)(&indata, &foldkeyblock); + ret = enc->make_key(&indata, &foldkeyblock); if (ret != 0) - goto cleanup; + goto cleanup; ret = krb5_k_create_key(NULL, &foldkeyblock, &foldkey); if (ret != 0) - goto cleanup; + goto cleanup; /* now derive the key from this one */ @@ -86,7 +88,7 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, ret = krb5int_derive_keyblock(enc, foldkey, keyblock, &indata); if (ret != 0) - memset(keyblock->contents, 0, keyblock->length); + memset(keyblock->contents, 0, keyblock->length); cleanup: zapfree(concat, concatlen); @@ -95,3 +97,63 @@ cleanup: krb5_k_free_key(NULL, foldkey); return ret; } + + +#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ +#define MAX_ITERATION_COUNT 0x1000000L + +krb5_error_code +krb5int_aes_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key) +{ + unsigned long iter_count; + krb5_data out; + static const krb5_data usage = { KV5M_DATA, 8, "kerberos" }; + krb5_key tempkey = NULL; + krb5_error_code err; + + if (params) { + unsigned char *p = (unsigned char *) params->data; + if (params->length != 4) + return KRB5_ERR_BAD_S2K_PARAMS; + /* The first two need casts in case 'int' is 16 bits. */ + iter_count = load_32_be(p); + if (iter_count == 0) { + iter_count = (1UL << 16) << 16; + if (((iter_count >> 16) >> 16) != 1) + return KRB5_ERR_BAD_S2K_PARAMS; + } + } else + iter_count = DEFAULT_ITERATION_COUNT; + + /* This is not a protocol specification constraint; this is an + implementation limit, which should eventually be controlled by + a config file. */ + if (iter_count >= MAX_ITERATION_COUNT) + return KRB5_ERR_BAD_S2K_PARAMS; + + /* Use the output keyblock contents for temporary space. */ + out.data = (char *) key->contents; + out.length = key->length; + if (out.length != 16 && out.length != 32) + return KRB5_CRYPTO_INTERNAL; + + err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt); + if (err) + goto cleanup; + + err = krb5_k_create_key (NULL, key, &tempkey); + if (err) + goto cleanup; + + err = krb5int_derive_keyblock(ktp->enc, tempkey, key, &usage); + +cleanup: + if (err) + memset (out.data, 0, out.length); + krb5_k_free_key (NULL, tempkey); + return err; +} diff --git a/src/lib/crypto/krb/encrypt.c b/src/lib/crypto/krb/encrypt.c index ee9e0e2..8f5c481 100644 --- a/src/lib/crypto/krb/encrypt.c +++ b/src/lib/crypto/krb/encrypt.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,42 +31,64 @@ krb5_error_code KRB5_CALLCONV krb5_k_encrypt(krb5_context context, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - const krb5_data *input, krb5_enc_data *output) + krb5_keyusage usage, const krb5_data *ivec, + const krb5_data *input, krb5_enc_data *output) { const struct krb5_keytypes *ktp; + krb5_crypto_iov iov[4]; + krb5_error_code ret; + unsigned int header_len, padding_len, trailer_len, total_len; ktp = find_enctype(key->keyblock.enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; output->magic = KV5M_ENC_DATA; output->kvno = 0; output->enctype = key->keyblock.enctype; - if (ktp->encrypt == NULL) { - assert(ktp->aead != NULL); + /* Get the lengths of the token parts and compute the total. */ + header_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER); + padding_len = krb5int_c_padding_length(ktp, input->length); + trailer_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); + total_len = header_len + input->length + padding_len + trailer_len; + if (output->ciphertext.length < total_len) + return KRB5_BAD_MSIZE; + + /* Set up the iov structures for the token parts. */ + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + iov[0].data = make_data(output->ciphertext.data, header_len); + + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data = make_data(output->ciphertext.data + header_len, + input->length); + memcpy(iov[1].data.data, input->data, input->length); - return krb5int_c_encrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash, - key, usage, ivec, input, - &output->ciphertext); - } + iov[2].flags = KRB5_CRYPTO_TYPE_PADDING; + iov[2].data = make_data(iov[1].data.data + input->length, padding_len); - return (*ktp->encrypt)(ktp->enc, ktp->hash, key, usage, ivec, input, - &output->ciphertext); + iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER; + iov[3].data = make_data(iov[2].data.data + padding_len, trailer_len); + + ret = ktp->encrypt(ktp, key, usage, ivec, iov, 4); + if (ret != 0) + zap(iov[1].data.data, iov[1].data.length); + else + output->ciphertext.length = total_len; + return ret; } krb5_error_code KRB5_CALLCONV krb5_c_encrypt(krb5_context context, const krb5_keyblock *keyblock, - krb5_keyusage usage, const krb5_data *ivec, - const krb5_data *input, krb5_enc_data *output) + krb5_keyusage usage, const krb5_data *ivec, + const krb5_data *input, krb5_enc_data *output) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_encrypt(context, key, usage, ivec, input, output); krb5_k_free_key(context, key); return ret; diff --git a/src/lib/crypto/krb/encrypt_iov.c b/src/lib/crypto/krb/encrypt_iov.c index 64cb126..26bb82b 100644 --- a/src/lib/crypto/krb/encrypt_iov.c +++ b/src/lib/crypto/krb/encrypt_iov.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/encrypt_iov.c * @@ -28,39 +29,32 @@ #include "etypes.h" krb5_error_code KRB5_CALLCONV -krb5_k_encrypt_iov(krb5_context context, - krb5_key key, - krb5_keyusage usage, - const krb5_data *cipher_state, - krb5_crypto_iov *data, - size_t num_data) +krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, + const krb5_data *cipher_state, krb5_crypto_iov *data, + size_t num_data) { const struct krb5_keytypes *ktp; ktp = find_enctype(key->keyblock.enctype); - if (ktp == NULL || ktp->aead == NULL) - return KRB5_BAD_ENCTYPE; + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; - return (*ktp->aead->encrypt_iov)(ktp->aead, ktp->enc, ktp->hash, - key, usage, cipher_state, data, num_data); + return ktp->encrypt(ktp, key, usage, cipher_state, data, num_data); } krb5_error_code KRB5_CALLCONV -krb5_c_encrypt_iov(krb5_context context, - const krb5_keyblock *keyblock, - krb5_keyusage usage, - const krb5_data *cipher_state, - krb5_crypto_iov *data, - size_t num_data) +krb5_c_encrypt_iov(krb5_context context, const krb5_keyblock *keyblock, + krb5_keyusage usage, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_encrypt_iov(context, key, usage, cipher_state, data, - num_data); + num_data); krb5_k_free_key(context, key); return ret; } diff --git a/src/lib/crypto/krb/encrypt_length.c b/src/lib/crypto/krb/encrypt_length.c index f2aad02..be99f17 100644 --- a/src/lib/crypto/krb/encrypt_length.c +++ b/src/lib/crypto/krb/encrypt_length.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,22 +31,19 @@ krb5_error_code KRB5_CALLCONV krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, - size_t inputlen, size_t *length) + size_t inputlen, size_t *length) { const struct krb5_keytypes *ktp; + unsigned int header_len = 0, padding_len = 0, trailer_len = 0; ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; - if (ktp->encrypt_len == NULL) { - assert(ktp->aead != NULL); - - krb5int_c_encrypt_length_aead_compat(ktp->aead, ktp->enc, ktp->hash, - inputlen, length); - } else { - (*ktp->encrypt_len)(ktp->enc, ktp->hash, inputlen, length); - } + header_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER); + padding_len = krb5int_c_padding_length(ktp, inputlen); + trailer_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); + *length = header_len + inputlen + padding_len + trailer_len; return 0; } diff --git a/src/lib/crypto/krb/enctype_compare.c b/src/lib/crypto/krb/enctype_compare.c index 6d47f9d..3271880 100644 --- a/src/lib/crypto/krb/enctype_compare.c +++ b/src/lib/crypto/krb/enctype_compare.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,14 +30,14 @@ krb5_error_code KRB5_CALLCONV krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2, - krb5_boolean *similar) + krb5_boolean *similar) { const struct krb5_keytypes *ktp1, *ktp2; ktp1 = find_enctype(e1); ktp2 = find_enctype(e2); if (ktp1 == NULL || ktp2 == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; *similar = (ktp1->enc == ktp2->enc && ktp1->str2key == ktp2->str2key); return 0; diff --git a/src/lib/crypto/krb/enctype_to_string.c b/src/lib/crypto/krb/enctype_to_string.c index c408782..f0e8962 100644 --- a/src/lib/crypto/krb/enctype_to_string.c +++ b/src/lib/crypto/krb/enctype_to_string.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -34,8 +35,8 @@ krb5_enctype_to_string(krb5_enctype enctype, char *buffer, size_t buflen) ktp = find_enctype(enctype); if (ktp == NULL) - return EINVAL; + return EINVAL; if (strlcpy(buffer, ktp->out_string, buflen) >= buflen) - return ENOMEM; + return ENOMEM; return 0; } diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c index a1acdc0..bd0e896 100644 --- a/src/lib/crypto/krb/etypes.c +++ b/src/lib/crypto/krb/etypes.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -33,7 +34,6 @@ #include "dk.h" #include "prf_int.h" #include "arcfour.h" -#include "aes_s2k.h" #include "des/des_int.h" /* these will be linear searched. if they ever get big, a binary @@ -47,51 +47,46 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { "des-cbc-crc", { 0 }, "DES cbc mode with CRC-32", &krb5int_enc_des, &krb5int_hash_crc32, 16, - krb5int_old_encrypt_length, krb5int_old_encrypt, krb5int_old_decrypt, + krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, krb5int_des_string_to_key, krb5int_des_prf, CKSUMTYPE_RSA_MD5, - NULL, /*AEAD*/ ETYPE_WEAK }, { ENCTYPE_DES_CBC_MD4, "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4", &krb5int_enc_des, &krb5int_hash_md4, 16, - krb5int_old_encrypt_length, krb5int_old_encrypt, krb5int_old_decrypt, + krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, krb5int_des_string_to_key, krb5int_des_prf, CKSUMTYPE_RSA_MD4, - NULL, /*AEAD*/ ETYPE_WEAK }, { ENCTYPE_DES_CBC_MD5, "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5", &krb5int_enc_des, &krb5int_hash_md5, 16, - krb5int_old_encrypt_length, krb5int_old_encrypt, krb5int_old_decrypt, + krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, krb5int_des_string_to_key, krb5int_des_prf, CKSUMTYPE_RSA_MD5, - NULL, /*AEAD*/ ETYPE_WEAK }, { ENCTYPE_DES_CBC_RAW, "des-cbc-raw", { 0 }, "DES cbc mode raw", &krb5int_enc_des, NULL, 16, - krb5_raw_encrypt_length, krb5int_raw_encrypt, krb5int_raw_decrypt, + krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt, krb5int_des_string_to_key, krb5int_des_prf, 0, - &krb5int_aead_raw, ETYPE_WEAK }, { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw", &krb5int_enc_des3, NULL, 16, - krb5_raw_encrypt_length, krb5int_raw_encrypt, krb5int_raw_decrypt, + krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt, krb5int_dk_string_to_key, NULL, /*PRF*/ 0, - &krb5int_aead_raw, ETYPE_WEAK }, { ENCTYPE_DES3_CBC_SHA1, @@ -99,22 +94,20 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { "Triple DES cbc mode with HMAC/sha1", &krb5int_enc_des3, &krb5int_hash_sha1, 16, - krb5int_dk_encrypt_length, krb5int_dk_encrypt, krb5int_dk_decrypt, + krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, krb5int_dk_string_to_key, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_DES3, - &krb5int_aead_dk, 0 /*flags*/ }, { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1", { 0 }, "DES with HMAC/sha1", &krb5int_enc_des, &krb5int_hash_sha1, 8, - krb5int_dk_encrypt_length, krb5int_dk_encrypt, krb5int_dk_decrypt, + krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, krb5int_dk_string_to_key, NULL, /*PRF*/ 0, - NULL, ETYPE_WEAK }, { ENCTYPE_ARCFOUR_HMAC, "arcfour-hmac", { "rc4-hmac", "arcfour-hmac-md5" }, @@ -122,11 +115,10 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { &krb5int_enc_arcfour, &krb5int_hash_md5, 20, - krb5int_arcfour_encrypt_length, krb5int_arcfour_encrypt, + krb5int_arcfour_crypto_length, krb5int_arcfour_encrypt, krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key, krb5int_arcfour_prf, /*PRF*/ CKSUMTYPE_HMAC_MD5_ARCFOUR, - &krb5int_aead_arcfour, 0 /*flags*/ }, { ENCTYPE_ARCFOUR_HMAC_EXP, "arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" }, @@ -134,11 +126,10 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { &krb5int_enc_arcfour, &krb5int_hash_md5, 20, - krb5int_arcfour_encrypt_length, krb5int_arcfour_encrypt, + krb5int_arcfour_crypto_length, krb5int_arcfour_encrypt, krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key, krb5int_arcfour_prf, /*PRF*/ CKSUMTYPE_HMAC_MD5_ARCFOUR, - &krb5int_aead_arcfour, ETYPE_WEAK }, @@ -147,22 +138,20 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { "AES-128 CTS mode with 96-bit SHA-1 HMAC", &krb5int_enc_aes128, &krb5int_hash_sha1, 16, - krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt, + krb5int_aes_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, krb5int_aes_string_to_key, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_96_AES128, - &krb5int_aead_aes, 0 /*flags*/ }, { ENCTYPE_AES256_CTS_HMAC_SHA1_96, "aes256-cts-hmac-sha1-96", { "aes256-cts" }, "AES-256 CTS mode with 96-bit SHA-1 HMAC", &krb5int_enc_aes256, &krb5int_hash_sha1, 16, - krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt, + krb5int_aes_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, krb5int_aes_string_to_key, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_96_AES256, - &krb5int_aead_aes, 0 /*flags*/ }, }; diff --git a/src/lib/crypto/krb/etypes.h b/src/lib/crypto/krb/etypes.h index 68dcdd4..be737cb 100644 --- a/src/lib/crypto/krb/etypes.h +++ b/src/lib/crypto/krb/etypes.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -24,32 +25,30 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +#ifndef ETYPES_H +#define ETYPES_H + #include "k5-int.h" -typedef void (*krb5_encrypt_length_func)(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length); +struct krb5_keytypes; + +typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp, + krb5_cryptotype type); -typedef krb5_error_code (*krb5_crypt_func)(const struct krb5_enc_provider *enc, - const struct - krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage keyusage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *output); +typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage keyusage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); -typedef krb5_error_code (*krb5_str2key_func)(const struct - krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *parm, - krb5_keyblock *key); +typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *parm, + krb5_keyblock *key); -typedef krb5_error_code (*krb5_prf_func)(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - const krb5_data *in, krb5_data *out); +typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp, + krb5_key key, + const krb5_data *in, krb5_data *out); struct krb5_keytypes { krb5_enctype etype; @@ -59,13 +58,12 @@ struct krb5_keytypes { const struct krb5_enc_provider *enc; const struct krb5_hash_provider *hash; size_t prf_length; - krb5_encrypt_length_func encrypt_len; - krb5_crypt_func encrypt; - krb5_crypt_func decrypt; - krb5_str2key_func str2key; - krb5_prf_func prf; + crypto_length_func crypto_length; + crypt_func encrypt; + crypt_func decrypt; + str2key_func str2key; + prf_func prf; krb5_cksumtype required_ctype; - const struct krb5_aead_provider *aead; krb5_flags flags; }; @@ -80,11 +78,13 @@ find_enctype(krb5_enctype enctype) int i; for (i = 0; i < krb5int_enctypes_length; i++) { - if (krb5int_enctypes_list[i].etype == enctype) - break; + if (krb5int_enctypes_list[i].etype == enctype) + break; } if (i == krb5int_enctypes_length) - return NULL; + return NULL; return &krb5int_enctypes_list[i]; } + +#endif diff --git a/src/lib/crypto/krb/key.c b/src/lib/crypto/krb/key.c index 43d9ce6..2fabd3a 100644 --- a/src/lib/crypto/krb/key.c +++ b/src/lib/crypto/krb/key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2009 by the Massachusetts Institute of Technology. * All rights reserved. @@ -35,7 +36,7 @@ /* Create a krb5_key from the enctype and key data in a keyblock. */ krb5_error_code KRB5_CALLCONV krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data, - krb5_key *out) + krb5_key *out) { krb5_key key = NULL; krb5_error_code code; @@ -44,10 +45,10 @@ krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data, key = malloc(sizeof(*key)); if (key == NULL) - return ENOMEM; + return ENOMEM; code = krb5int_c_copy_keyblock_contents(context, key_data, &key->keyblock); if (code) - goto cleanup; + goto cleanup; key->refcount = 1; key->derived = NULL; @@ -62,7 +63,8 @@ cleanup: void KRB5_CALLCONV krb5_k_reference_key(krb5_context context, krb5_key key) { - key->refcount++; + if (key) + key->refcount++; } /* Free the memory used by a krb5_key. */ @@ -72,14 +74,14 @@ krb5_k_free_key(krb5_context context, krb5_key key) struct derived_key *dk; if (key == NULL || --key->refcount > 0) - return; + return; /* Free the derived key cache. */ while ((dk = key->derived) != NULL) { - key->derived = dk->next; - free(dk->constant.data); - krb5_k_free_key(context, dk->dkey); - free(dk); + key->derived = dk->next; + free(dk->constant.data); + krb5_k_free_key(context, dk->dkey); + free(dk); } krb5int_c_free_keyblock_contents(context, &key->keyblock); free(key); @@ -88,7 +90,7 @@ krb5_k_free_key(krb5_context context, krb5_key key) /* Retrieve a copy of the keyblock from a krb5_key. */ krb5_error_code KRB5_CALLCONV krb5_k_key_keyblock(krb5_context context, krb5_key key, - krb5_keyblock **key_data) + krb5_keyblock **key_data) { return krb5int_c_copy_keyblock(context, &key->keyblock, key_data); } diff --git a/src/lib/crypto/krb/keyblocks.c b/src/lib/crypto/krb/keyblocks.c index d9db694..732a877 100644 --- a/src/lib/crypto/krb/keyblocks.c +++ b/src/lib/crypto/krb/keyblocks.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/keyblocks.c * @@ -35,7 +36,7 @@ krb5_error_code krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype, - size_t length, krb5_keyblock **out) + size_t length, krb5_keyblock **out) { krb5_keyblock *kb; @@ -44,18 +45,18 @@ krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype, kb = malloc(sizeof(krb5_keyblock)); if (kb == NULL) - return ENOMEM; + return ENOMEM; kb->magic = KV5M_KEYBLOCK; kb->enctype = enctype; kb->length = length; if (length) { - kb->contents = malloc(length); - if (!kb->contents) { - free(kb); - return ENOMEM; - } + kb->contents = malloc(length); + if (!kb->contents) { + free(kb); + return ENOMEM; + } } else { - kb->contents = NULL; + kb->contents = NULL; } *out = kb; @@ -73,14 +74,14 @@ void krb5int_c_free_keyblock_contents(krb5_context context, krb5_keyblock *key) { if (key && key->contents) { - zapfree(key->contents, key->length); - key->contents = NULL; + zapfree(key->contents, key->length); + key->contents = NULL; } } krb5_error_code krb5int_c_copy_keyblock(krb5_context context, const krb5_keyblock *from, - krb5_keyblock **to) + krb5_keyblock **to) { krb5_keyblock *new_key; krb5_error_code code; @@ -88,11 +89,11 @@ krb5int_c_copy_keyblock(krb5_context context, const krb5_keyblock *from, *to = NULL; new_key = malloc(sizeof(*new_key)); if (!new_key) - return ENOMEM; + return ENOMEM; code = krb5int_c_copy_keyblock_contents(context, from, new_key); if (code) { - free(new_key); - return code; + free(new_key); + return code; } *to = new_key; return 0; @@ -100,7 +101,7 @@ krb5int_c_copy_keyblock(krb5_context context, const krb5_keyblock *from, krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context, - const krb5_keyblock *from, krb5_keyblock *to) + const krb5_keyblock *from, krb5_keyblock *to) { *to = *from; if (to->length) { diff --git a/src/lib/crypto/krb/keyed_checksum_types.c b/src/lib/crypto/krb/keyed_checksum_types.c index 4da6e25..3cd1ebc 100644 --- a/src/lib/crypto/krb/keyed_checksum_types.c +++ b/src/lib/crypto/krb/keyed_checksum_types.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,44 +30,46 @@ #include "cksumtypes.h" static krb5_boolean -etype_match(krb5_enctype e1, krb5_enctype e2) +is_keyed_for(const struct krb5_cksumtypes *ctp, + const struct krb5_keytypes *ktp) { - const struct krb5_keytypes *ktp1, *ktp2; - - ktp1 = find_enctype(e1); - ktp2 = find_enctype(e2); - return (ktp1 != NULL && ktp2 != NULL && ktp1->enc == ktp2->enc); + if (ctp->flags & CKSUM_UNKEYED) + return FALSE; + return (!ctp->enc || ktp->enc == ctp->enc); } krb5_error_code KRB5_CALLCONV krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype, - unsigned int *count, krb5_cksumtype **cksumtypes) + unsigned int *count, krb5_cksumtype **cksumtypes) { unsigned int i, c, nctypes; krb5_cksumtype *ctypes; - const struct krb5_cksumtypes *ct; + const struct krb5_cksumtypes *ctp; + const struct krb5_keytypes *ktp; *count = 0; *cksumtypes = NULL; + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + nctypes = 0; for (i = 0; i < krb5int_cksumtypes_length; i++) { - ct = &krb5int_cksumtypes_list[i]; - if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) || - (ct->flags & KRB5_CKSUMFLAG_DERIVE)) - nctypes++; + ctp = &krb5int_cksumtypes_list[i]; + if (is_keyed_for(ctp, ktp)) + nctypes++; } ctypes = malloc(nctypes * sizeof(krb5_cksumtype)); if (ctypes == NULL) - return ENOMEM; + return ENOMEM; c = 0; for (i = 0; i < krb5int_cksumtypes_length; i++) { - ct = &krb5int_cksumtypes_list[i]; - if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) || - (ct->flags & KRB5_CKSUMFLAG_DERIVE)) - ctypes[c++] = krb5int_cksumtypes_list[i].ctype; + ctp = &krb5int_cksumtypes_list[i]; + if (is_keyed_for(ctp, ktp)) + ctypes[c++] = ctp->ctype; } *count = nctypes; diff --git a/src/lib/crypto/krb/keyed_cksum.c b/src/lib/crypto/krb/keyed_cksum.c index ac49ef6..b6d3e3d 100644 --- a/src/lib/crypto/krb/keyed_cksum.c +++ b/src/lib/crypto/krb/keyed_cksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,17 +31,10 @@ krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype) { - unsigned int i; const struct krb5_cksumtypes *ctp; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - ctp = &krb5int_cksumtypes_list[i]; - if (ctp->ctype == ctype) { - return (ctp->keyhash != NULL || - (ctp->flags & KRB5_CKSUMFLAG_DERIVE)); - } - } - - /* Invalid ctype. This is misleading, but better than dumping core. */ - return FALSE; + ctp = find_cksumtype(ctype); + if (ctp == NULL) + return FALSE; + return !(ctp->flags & CKSUM_UNKEYED); } diff --git a/src/lib/crypto/krb/keylengths.c b/src/lib/crypto/krb/keylengths.c index f38a28c..fa65be1 100644 --- a/src/lib/crypto/krb/keylengths.c +++ b/src/lib/crypto/krb/keylengths.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * COPYRIGHT (c) 2006 * The Regents of the University of Michigan @@ -37,21 +38,21 @@ */ krb5_error_code KRB5_CALLCONV krb5_c_keylengths(krb5_context context, krb5_enctype enctype, - size_t *keybytes, size_t *keylength) + size_t *keybytes, size_t *keylength) { const struct krb5_keytypes *ktp; if (keybytes == NULL && keylength == NULL) - return EINVAL; + return EINVAL; ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; if (keybytes) - *keybytes = ktp->enc->keybytes; + *keybytes = ktp->enc->keybytes; if (keylength) - *keylength = ktp->enc->keylength; + *keylength = ktp->enc->keylength; return 0; } diff --git a/src/lib/crypto/krb/make_checksum.c b/src/lib/crypto/krb/make_checksum.c index 06a5247..d0dc622 100644 --- a/src/lib/crypto/krb/make_checksum.c +++ b/src/lib/crypto/krb/make_checksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,105 +30,71 @@ #include "etypes.h" #include "dk.h" +/* A 0 checksum type means use the mandatory checksum. */ + krb5_error_code KRB5_CALLCONV krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype, - krb5_key key, krb5_keyusage usage, - const krb5_data *input, krb5_checksum *cksum) + krb5_key key, krb5_keyusage usage, + const krb5_data *input, krb5_checksum *cksum) { - unsigned int i; const struct krb5_cksumtypes *ctp; - const struct krb5_keytypes *ktp1, *ktp2; - const struct krb5_keyhash_provider *keyhash; - krb5_data data; + krb5_crypto_iov iov; + krb5_data cksum_data; krb5_octet *trunc; krb5_error_code ret; - size_t cksumlen; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksumtype) - break; + if (cksumtype == 0) { + ret = krb5int_c_mandatory_cksumtype(context, key->keyblock.enctype, + &cksumtype); + if (ret != 0) + return ret; } - if (i == krb5int_cksumtypes_length) - return KRB5_BAD_ENCTYPE; - ctp = &krb5int_cksumtypes_list[i]; - - if (ctp->keyhash != NULL) - cksumlen = ctp->keyhash->hashsize; - else - cksumlen = ctp->hash->hashsize; - - cksum->length = cksumlen; - cksum->contents = malloc(cksum->length); - if (cksum->contents == NULL) - return ENOMEM; - - data.length = cksum->length; - data.data = (char *) cksum->contents; - - if (ctp->keyhash) { - /* check if key is compatible */ - if (ctp->keyed_etype) { - ktp1 = find_enctype(ctp->keyed_etype); - ktp2 = key ? find_enctype(key->keyblock.enctype) : NULL; - if (ktp1 == NULL || ktp2 == NULL || ktp1->enc != ktp2->enc) { - ret = KRB5_BAD_ENCTYPE; - goto cleanup; - } - } - - keyhash = ctp->keyhash; - if (keyhash->hash == NULL) { - krb5_crypto_iov iov[1]; - - iov[0].flags = KRB5_CRYPTO_TYPE_DATA; - iov[0].data.data = input->data; - iov[0].data.length = input->length; - - assert(keyhash->hash_iov != NULL); - - ret = (*keyhash->hash_iov)(key, usage, 0, iov, 1, &data); - } else { - ret = (*keyhash->hash)(key, usage, 0, input, &data); - } - } else if (ctp->flags & KRB5_CKSUMFLAG_DERIVE) { - ret = krb5int_dk_make_checksum(ctp->hash, key, usage, input, &data); - } else { - /* No key is used. */ - ret = (*ctp->hash->hash)(1, input, &data); - } - - if (!ret) { - cksum->magic = KV5M_CHECKSUM; - cksum->checksum_type = cksumtype; - if (ctp->trunc_size) { - cksum->length = ctp->trunc_size; - trunc = realloc(cksum->contents, cksum->length); - if (trunc) - cksum->contents = trunc; - } + ctp = find_cksumtype(cksumtype); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; + + ret = verify_key(ctp, key); + if (ret != 0) + return ret; + + ret = alloc_data(&cksum_data, ctp->compute_size); + if (ret != 0) + return ret; + + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *input; + ret = ctp->checksum(ctp, key, usage, &iov, 1, &cksum_data); + if (ret != 0) + goto cleanup; + + cksum->magic = KV5M_CHECKSUM; + cksum->checksum_type = cksumtype; + cksum->length = ctp->output_size; + cksum->contents = (krb5_octet *) cksum_data.data; + cksum_data.data = NULL; + if (ctp->output_size < ctp->compute_size) { + trunc = realloc(cksum->contents, ctp->output_size); + if (trunc != NULL) + cksum->contents = trunc; } cleanup: - if (ret) { - zapfree(cksum->contents, cksum->length); - cksum->contents = NULL; - } - + zapfree(cksum_data.data, ctp->compute_size); return ret; } krb5_error_code KRB5_CALLCONV krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, - const krb5_keyblock *keyblock, krb5_keyusage usage, - const krb5_data *input, krb5_checksum *cksum) + const krb5_keyblock *keyblock, krb5_keyusage usage, + const krb5_data *input, krb5_checksum *cksum) { krb5_key key = NULL; krb5_error_code ret; if (keyblock != NULL) { - ret = krb5_k_create_key(context, keyblock, &key); - if (ret != 0) - return ret; + ret = krb5_k_create_key(context, keyblock, &key); + if (ret != 0) + return ret; } ret = krb5_k_make_checksum(context, cksumtype, key, usage, input, cksum); krb5_k_free_key(context, key); diff --git a/src/lib/crypto/krb/make_checksum_iov.c b/src/lib/crypto/krb/make_checksum_iov.c index 192f910..dcffa48 100644 --- a/src/lib/crypto/krb/make_checksum_iov.c +++ b/src/lib/crypto/krb/make_checksum_iov.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/make_checksum_iov.c * @@ -30,74 +31,61 @@ krb5_error_code KRB5_CALLCONV krb5_k_make_checksum_iov(krb5_context context, - krb5_cksumtype cksumtype, - krb5_key key, - krb5_keyusage usage, - krb5_crypto_iov *data, - size_t num_data) + krb5_cksumtype cksumtype, + krb5_key key, + krb5_keyusage usage, + krb5_crypto_iov *data, + size_t num_data) { - unsigned int i; - size_t cksumlen; krb5_error_code ret; krb5_data cksum_data; krb5_crypto_iov *checksum; const struct krb5_cksumtypes *ctp; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksumtype) - break; - } - if (i == krb5int_cksumtypes_length) - return KRB5_BAD_ENCTYPE; - ctp = &krb5int_cksumtypes_list[i]; + ctp = find_cksumtype(cksumtype); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; - if (ctp->keyhash != NULL) - cksum_data.length = ctp->keyhash->hashsize; - else - cksum_data.length = ctp->hash->hashsize; - - if (ctp->trunc_size != 0) - cksumlen = ctp->trunc_size; - else - cksumlen = cksum_data.length; + ret = verify_key(ctp, key); + if (ret != 0) + return ret; checksum = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM); - if (checksum == NULL || checksum->data.length < cksumlen) - return(KRB5_BAD_MSIZE); + if (checksum == NULL || checksum->data.length < ctp->output_size) + return(KRB5_BAD_MSIZE); - cksum_data.data = malloc(cksum_data.length); - if (cksum_data.data == NULL) - return(ENOMEM); + ret = alloc_data(&cksum_data, ctp->compute_size); + if (ret != 0) + return ret; - ret = krb5int_c_make_checksum_iov(&krb5int_cksumtypes_list[i], - key, usage, data, num_data, - &cksum_data); - if (ret == 0) { - memcpy(checksum->data.data, cksum_data.data, cksumlen); - checksum->data.length = cksumlen; - } + ret = ctp->checksum(ctp, key, usage, data, num_data, &cksum_data); + if (ret != 0) + goto cleanup; - free(cksum_data.data); + memcpy(checksum->data.data, cksum_data.data, ctp->output_size); + checksum->data.length = ctp->output_size; - return(ret); +cleanup: + zapfree(cksum_data.data, ctp->compute_size); + return ret; } krb5_error_code KRB5_CALLCONV krb5_c_make_checksum_iov(krb5_context context, - krb5_cksumtype cksumtype, - const krb5_keyblock *keyblock, - krb5_keyusage usage, - krb5_crypto_iov *data, - size_t num_data) + krb5_cksumtype cksumtype, + const krb5_keyblock *keyblock, + krb5_keyusage usage, + krb5_crypto_iov *data, + size_t num_data) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_make_checksum_iov(context, cksumtype, key, usage, - data, num_data); + data, num_data); krb5_k_free_key(context, key); return ret; } diff --git a/src/lib/crypto/krb/make_random_key.c b/src/lib/crypto/krb/make_random_key.c index de2e6bb..a236844 100644 --- a/src/lib/crypto/krb/make_random_key.c +++ b/src/lib/crypto/krb/make_random_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,7 +30,7 @@ krb5_error_code KRB5_CALLCONV krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, - krb5_keyblock *random_key) + krb5_keyblock *random_key) { krb5_error_code ret; const struct krb5_keytypes *ktp; @@ -40,7 +41,7 @@ krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; enc = ktp->enc; keybytes = enc->keybytes; @@ -48,17 +49,17 @@ krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, bytes = k5alloc(keybytes, &ret); if (ret) - return ret; + return ret; random_key->contents = k5alloc(keylength, &ret); if (ret) - goto cleanup; + goto cleanup; random_data.data = (char *) bytes; random_data.length = keybytes; ret = krb5_c_random_make_octets(context, &random_data); if (ret) - goto cleanup; + goto cleanup; random_key->magic = KV5M_KEYBLOCK; random_key->enctype = enctype; @@ -68,8 +69,8 @@ krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, cleanup: if (ret) { - zapfree(random_key->contents, keylength); - random_key->contents = NULL; + zapfree(random_key->contents, keylength); + random_key->contents = NULL; } zapfree(bytes, keybytes); return ret; diff --git a/src/lib/crypto/krb/mandatory_sumtype.c b/src/lib/crypto/krb/mandatory_sumtype.c index e3e3707..3adeaf2 100644 --- a/src/lib/crypto/krb/mandatory_sumtype.c +++ b/src/lib/crypto/krb/mandatory_sumtype.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2003 by the Massachusetts Institute of Technology. * All rights reserved. @@ -27,13 +28,13 @@ krb5_error_code krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype, - krb5_cksumtype *cksumtype) + krb5_cksumtype *cksumtype) { const struct krb5_keytypes *ktp; ktp = find_enctype(etype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; *cksumtype = ktp->required_ctype; return 0; } diff --git a/src/lib/crypto/krb/nfold.c b/src/lib/crypto/krb/nfold.c index 976e131..11082ac 100644 --- a/src/lib/crypto/krb/nfold.c +++ b/src/lib/crypto/krb/nfold.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,24 +31,24 @@ #endif /* -n-fold(k-bits): - l = lcm(n,k) - r = l/k - s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1) - compute the 1's complement sum: - n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1] -*/ + * n-fold(k-bits): + * l = lcm(n,k) + * r = l/k + * s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1) + * compute the 1's complement sum: + * n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1] + */ /* representation: msb first, assume n and k are multiples of 8, and - that k>=16. this is the case of all the cryptosystems which are - likely to be used. this function can be replaced if that - assumption ever fails. */ + * that k>=16. this is the case of all the cryptosystems which are + * likely to be used. this function can be replaced if that + * assumption ever fails. */ /* input length is in bits */ void krb5int_nfold(unsigned int inbits, const unsigned char *in, unsigned int outbits, - unsigned char *out) + unsigned char *out) { int a,b,c,lcm; int byte, i, msbit; @@ -64,9 +65,9 @@ krb5int_nfold(unsigned int inbits, const unsigned char *in, unsigned int outbits b = inbits; while(b != 0) { - c = b; - b = a%b; - a = c; + c = b; + b = a%b; + a = c; } lcm = outbits*inbits/a; @@ -79,51 +80,51 @@ krb5int_nfold(unsigned int inbits, const unsigned char *in, unsigned int outbits /* this will end up cycling through k lcm(k,n)/k times, which is correct */ for (i=lcm-1; i>=0; i--) { - /* compute the msbit in k which gets added into this byte */ - msbit = (/* first, start with the msbit in the first, unrotated - byte */ - ((inbits<<3)-1) - /* then, for each byte, shift to the right for each - repetition */ - +(((inbits<<3)+13)*(i/inbits)) - /* last, pick out the correct byte within that - shifted repetition */ - +((inbits-(i%inbits))<<3) - )%(inbits<<3); - - /* pull out the byte value itself */ - byte += (((in[((inbits-1)-(msbit>>3))%inbits]<<8)| - (in[((inbits)-(msbit>>3))%inbits])) - >>((msbit&7)+1))&0xff; - - /* do the addition */ - byte += out[i%outbits]; - out[i%outbits] = byte&0xff; + /* compute the msbit in k which gets added into this byte */ + msbit = (/* first, start with the msbit in the first, unrotated + byte */ + ((inbits<<3)-1) + /* then, for each byte, shift to the right for each + repetition */ + +(((inbits<<3)+13)*(i/inbits)) + /* last, pick out the correct byte within that + shifted repetition */ + +((inbits-(i%inbits))<<3) + )%(inbits<<3); + + /* pull out the byte value itself */ + byte += (((in[((inbits-1)-(msbit>>3))%inbits]<<8)| + (in[((inbits)-(msbit>>3))%inbits])) + >>((msbit&7)+1))&0xff; + + /* do the addition */ + byte += out[i%outbits]; + out[i%outbits] = byte&0xff; #if 0 - printf("msbit[%d] = %d\tbyte = %02x\tsum = %03x\n", i, msbit, - (((in[((inbits-1)-(msbit>>3))%inbits]<<8)| - (in[((inbits)-(msbit>>3))%inbits])) - >>((msbit&7)+1))&0xff, byte); + printf("msbit[%d] = %d\tbyte = %02x\tsum = %03x\n", i, msbit, + (((in[((inbits-1)-(msbit>>3))%inbits]<<8)| + (in[((inbits)-(msbit>>3))%inbits])) + >>((msbit&7)+1))&0xff, byte); #endif - /* keep around the carry bit, if any */ - byte >>= 8; + /* keep around the carry bit, if any */ + byte >>= 8; #if 0 - printf("carry=%d\n", byte); + printf("carry=%d\n", byte); #endif } /* if there's a carry bit left over, add it back in */ if (byte) { - for (i=outbits-1; i>=0; i--) { - /* do the addition */ - byte += out[i]; - out[i] = byte&0xff; - - /* keep around the carry bit, if any */ - byte >>= 8; - } + for (i=outbits-1; i>=0; i--) { + /* do the addition */ + byte += out[i]; + out[i] = byte&0xff; + + /* keep around the carry bit, if any */ + byte >>= 8; + } } } diff --git a/src/lib/crypto/krb/old/Makefile.in b/src/lib/crypto/krb/old/Makefile.in index 4370f1f..cc3c7f6 100644 --- a/src/lib/crypto/krb/old/Makefile.in +++ b/src/lib/crypto/krb/old/Makefile.in @@ -1,8 +1,6 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/old mydir=lib/crypto/krb/old BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../../@CRYPTO_IMPL@/des -I$(srcdir) +LOCALINCLUDES = -I$(srcdir)/../../@CRYPTO_IMPL@/des -I$(srcdir)/.. -I$(srcdir) DEFS= ##DOS##BUILDTOP = ..\..\.. @@ -12,14 +10,13 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf +RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(top_srcdir)/config-files/krb5.conf -STLIBOBJS= old_decrypt.o old_encrypt.o des_stringtokey.o +STLIBOBJS= old_aead.o des_stringtokey.o -OBJS= $(OUTPRE)des_stringtokey.$(OBJEXT) $(OUTPRE)old_decrypt.$(OBJEXT) $(OUTPRE)old_encrypt.$(OBJEXT) +OBJS= $(OUTPRE)des_stringtokey.$(OBJEXT) $(OUTPRE)old_aead.$(OBJEXT) -SRCS= $(srcdir)/des_stringtokey.c $(srcdir)/old_decrypt.c \ - $(srcdir)/old_encrypt.c +SRCS= $(srcdir)/des_stringtokey.c $(srcdir)/old_aead.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/krb/old/deps b/src/lib/crypto/krb/old/deps index 14c35f1..448acd9 100644 --- a/src/lib/crypto/krb/old/deps +++ b/src/lib/crypto/krb/old/deps @@ -4,34 +4,25 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../../builtin/des/des_int.h des_stringtokey.c \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_stringtokey.c \ old.h -old_decrypt.so old_decrypt.po $(OUTPRE)old_decrypt.$(OBJEXT): \ +old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - old.h old_decrypt.c -old_encrypt.so old_encrypt.po $(OUTPRE)old_encrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - old.h old_encrypt.c + $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h old.h old_aead.c diff --git a/src/lib/crypto/krb/old/des_stringtokey.c b/src/lib/crypto/krb/old/des_stringtokey.c index 6a5c669..71ee0de 100644 --- a/src/lib/crypto/krb/old/des_stringtokey.c +++ b/src/lib/crypto/krb/old/des_stringtokey.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -31,28 +32,27 @@ /* XXX */ extern krb5_error_code mit_des_string_to_key_int (krb5_keyblock * keyblock, - const krb5_data * data, - const krb5_data * salt); + const krb5_data * data, + const krb5_data * salt); krb5_error_code -krb5int_des_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, const krb5_data *parm, - krb5_keyblock *key) +krb5int_des_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, const krb5_data *salt, + const krb5_data *parm, krb5_keyblock *key) { int type; - if (parm ) { - if (parm->length != 1) - return KRB5_ERR_BAD_S2K_PARAMS; - type = parm->data[0]; + if (parm) { + if (parm->length != 1) + return KRB5_ERR_BAD_S2K_PARAMS; + type = parm->data[0]; } else type = 0; switch(type) { case 0: - return(mit_des_string_to_key_int(key, string, salt)); + return(mit_des_string_to_key_int(key, string, salt)); case 1: - return mit_afs_string_to_key(key, string, salt); + return mit_afs_string_to_key(key, string, salt); default: - return KRB5_ERR_BAD_S2K_PARAMS; + return KRB5_ERR_BAD_S2K_PARAMS; } } diff --git a/src/lib/crypto/krb/old/old.h b/src/lib/crypto/krb/old/old.h index 953e61e..d092686 100644 --- a/src/lib/crypto/krb/old/old.h +++ b/src/lib/crypto/krb/old/old.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -25,28 +26,24 @@ */ #include "k5-int.h" +#include "etypes.h" -void krb5int_old_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); +unsigned int +krb5int_old_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); -krb5_error_code krb5int_old_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output); +krb5_error_code +krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); -krb5_error_code krb5int_old_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); +krb5_error_code +krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); -krb5_error_code krb5int_des_string_to_key -(const struct krb5_enc_provider *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); +krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); diff --git a/src/lib/crypto/krb/old/old_aead.c b/src/lib/crypto/krb/old/old_aead.c new file mode 100644 index 0000000..f7d1f10 --- /dev/null +++ b/src/lib/crypto/krb/old/old_aead.c @@ -0,0 +1,192 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/old/old_aead.c + * + * Copyright 2008 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + + +#include "k5-int.h" +#include "old.h" +#include "aead.h" + +unsigned int +krb5int_old_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type) +{ + switch (type) { + case KRB5_CRYPTO_TYPE_HEADER: + return ktp->enc->block_size + ktp->hash->hashsize; + case KRB5_CRYPTO_TYPE_PADDING: + return ktp->enc->block_size; + case KRB5_CRYPTO_TYPE_TRAILER: + return 0; + case KRB5_CRYPTO_TYPE_CHECKSUM: + return ktp->hash->hashsize; + default: + assert(0 && "invalid cryptotype passed to krb5int_old_crypto_length"); + return 0; + } +} + +krb5_error_code +krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer, *padding; + krb5_data checksum, confounder, crcivec = empty_data(); + unsigned int plainlen, padsize; + size_t i; + + /* E(Confounder | Checksum | Plaintext | Pad) */ + + plainlen = enc->block_size + hash->hashsize; + for (i = 0; i < num_data; i++) { + krb5_crypto_iov *iov = &data[i]; + + if (iov->flags == KRB5_CRYPTO_TYPE_DATA) + plainlen += iov->data.length; + } + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length < enc->block_size + hash->hashsize) + return KRB5_BAD_MSIZE; + + /* Trailer may be absent. */ + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL) + trailer->data.length = 0; + + /* Check that the input data is correctly padded. */ + padsize = krb5_roundup(plainlen, enc->block_size) - plainlen; + padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); + if (padsize > 0 && (padding == NULL || padding->data.length < padsize)) + return KRB5_BAD_MSIZE; + if (padding) { + padding->data.length = padsize; + memset(padding->data.data, 0, padsize); + } + + /* Generate a confounder in the header block. */ + confounder = make_data(header->data.data, enc->block_size); + ret = krb5_c_random_make_octets(0, &confounder); + if (ret != 0) + goto cleanup; + checksum = make_data(header->data.data + enc->block_size, hash->hashsize); + memset(checksum.data, 0, hash->hashsize); + + /* Checksum the plaintext with zeroed checksum and padding. */ + ret = hash->hash(data, num_data, &checksum); + if (ret != 0) + goto cleanup; + + /* Use the key as the ivec for des-cbc-crc if none was provided. */ + if (key->keyblock.enctype == ENCTYPE_DES_CBC_CRC && ivec == NULL) { + ret = alloc_data(&crcivec, key->keyblock.length); + memcpy(crcivec.data, key->keyblock.contents, key->keyblock.length); + ivec = &crcivec; + } + + ret = enc->encrypt(key, ivec, data, num_data); + if (ret != 0) + goto cleanup; + +cleanup: + zapfree(crcivec.data, crcivec.length); + return ret; +} + +krb5_error_code +krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer; + krb5_data checksum, crcivec = empty_data(); + char *saved_checksum = NULL; + size_t i; + unsigned int cipherlen = 0; + + /* Check that the input data is correctly padded. */ + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (ENCRYPT_IOV(iov)) + cipherlen += iov->data.length; + } + if (cipherlen % enc->block_size != 0) + return KRB5_BAD_MSIZE; + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length != enc->block_size + hash->hashsize) + return KRB5_BAD_MSIZE; + + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL && trailer->data.length != 0) + return KRB5_BAD_MSIZE; + + /* Use the key as the ivec for des-cbc-crc if none was provided. */ + if (key->keyblock.enctype == ENCTYPE_DES_CBC_CRC && ivec == NULL) { + ret = alloc_data(&crcivec, key->keyblock.length); + memcpy(crcivec.data, key->keyblock.contents, key->keyblock.length); + ivec = &crcivec; + } + + /* Decrypt the ciphertext. */ + ret = enc->decrypt(key, ivec, data, num_data); + if (ret != 0) + goto cleanup; + + /* Save the checksum, then zero it out in the plaintext. */ + checksum = make_data(header->data.data + enc->block_size, hash->hashsize); + saved_checksum = k5alloc(hash->hashsize, &ret); + if (saved_checksum == NULL) + goto cleanup; + memcpy(saved_checksum, checksum.data, checksum.length); + memset(checksum.data, 0, checksum.length); + + /* + * Checksum the plaintext (with zeroed checksum field), storing the result + * back into the plaintext field we just zeroed out. Then compare it to + * the saved checksum. + */ + ret = hash->hash(data, num_data, &checksum); + if (memcmp(checksum.data, saved_checksum, checksum.length) != 0) { + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + goto cleanup; + } + +cleanup: + zapfree(crcivec.data, crcivec.length); + zapfree(saved_checksum, hash->hashsize); + return ret; +} diff --git a/src/lib/crypto/krb/old/old_decrypt.c b/src/lib/crypto/krb/old/old_decrypt.c deleted file mode 100644 index 97fbe6d..0000000 --- a/src/lib/crypto/krb/old/old_decrypt.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "old.h" - -krb5_error_code -krb5int_old_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *arg_output) -{ - krb5_error_code ret; - size_t blocksize, hashsize, plainsize; - unsigned char *cksumdata, *cn; - krb5_data output, cksum, crcivec; - int alloced; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - - plainsize = input->length - blocksize - hashsize; - - if (arg_output->length < plainsize) - return(KRB5_BAD_MSIZE); - - /* if there's enough space to work in the app buffer, use it, - otherwise allocate our own */ - - if ((cksumdata = (unsigned char *) malloc(hashsize)) == NULL) - return(ENOMEM); - - if (arg_output->length < input->length) { - output.length = input->length; - - if ((output.data = (char *) malloc(output.length)) == NULL) { - free(cksumdata); - return(ENOMEM); - } - - alloced = 1; - } else { - output.length = input->length; - - output.data = arg_output->data; - - alloced = 0; - } - - /* decrypt it */ - - /* save last ciphertext block in case we decrypt in place */ - if (ivec != NULL && ivec->length == blocksize) { - cn = malloc(blocksize); - if (cn == NULL) { - ret = ENOMEM; - goto cleanup; - } - memcpy(cn, input->data + input->length - blocksize, blocksize); - } else - cn = NULL; - - /* XXX this is gross, but I don't have much choice */ - if ((key->keyblock.enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) { - crcivec.length = key->keyblock.length; - crcivec.data = (char *) key->keyblock.contents; - ivec = &crcivec; - } - - if ((ret = ((*(enc->decrypt))(key, ivec, input, &output)))) - goto cleanup; - - /* verify the checksum */ - - memcpy(cksumdata, output.data+blocksize, hashsize); - memset(output.data+blocksize, 0, hashsize); - - cksum.length = hashsize; - cksum.data = output.data+blocksize; - - if ((ret = ((*(hash->hash))(1, &output, &cksum)))) - goto cleanup; - - if (memcmp(cksum.data, cksumdata, cksum.length) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - /* copy the plaintext around */ - - if (alloced) { - memcpy(arg_output->data, output.data+blocksize+hashsize, - plainsize); - } else { - memmove(arg_output->data, arg_output->data+blocksize+hashsize, - plainsize); - } - arg_output->length = plainsize; - - /* update ivec */ - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - - ret = 0; - -cleanup: - if (alloced) { - memset(output.data, 0, output.length); - free(output.data); - } - - if (cn != NULL) - free(cn); - memset(cksumdata, 0, hashsize); - free(cksumdata); - return(ret); -} diff --git a/src/lib/crypto/krb/old/old_encrypt.c b/src/lib/crypto/krb/old/old_encrypt.c deleted file mode 100644 index 137d6ed..0000000 --- a/src/lib/crypto/krb/old/old_encrypt.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "old.h" - -void -krb5int_old_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, - size_t *length) -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - - *length = krb5_roundup(blocksize+hashsize+inputlen, blocksize); -} - -krb5_error_code -krb5int_old_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_data *output) -{ - krb5_error_code ret; - size_t blocksize, hashsize, enclen; - krb5_data datain, crcivec; - int real_ivec; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - - krb5int_old_encrypt_length(enc, hash, input->length, &enclen); - - if (output->length < enclen) - return(KRB5_BAD_MSIZE); - - output->length = enclen; - - /* fill in confounded, padded, plaintext buffer with zero checksum */ - - memset(output->data, 0, output->length); - - datain.length = blocksize; - datain.data = output->data; - - if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &datain))) - return(ret); - memcpy(output->data+blocksize+hashsize, input->data, input->length); - - /* compute the checksum */ - - datain.length = hashsize; - datain.data = output->data+blocksize; - - if ((ret = ((*(hash->hash))(1, output, &datain)))) - goto cleanup; - - /* encrypt it */ - - /* XXX this is gross, but I don't have much choice */ - if ((key->keyblock.enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) { - crcivec.length = key->keyblock.length; - crcivec.data = (char *) key->keyblock.contents; - ivec = &crcivec; - real_ivec = 0; - } else - real_ivec = 1; - - if ((ret = ((*(enc->encrypt))(key, ivec, output, output)))) - goto cleanup; - - /* update ivec */ - if (real_ivec && ivec != NULL && ivec->length == blocksize) - memcpy(ivec->data, output->data + output->length - blocksize, - blocksize); -cleanup: - if (ret) - memset(output->data, 0, output->length); - - return(ret); -} diff --git a/src/lib/crypto/krb/old_api_glue.c b/src/lib/crypto/krb/old_api_glue.c index c4ee596..c705ff5 100644 --- a/src/lib/crypto/krb/old_api_glue.c +++ b/src/lib/crypto/krb/old_api_glue.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -38,16 +39,16 @@ krb5_boolean KRB5_CALLCONV is_coll_proof_cksum(krb5_cksumtype ctype); krb5_boolean KRB5_CALLCONV is_keyed_cksum(krb5_cksumtype ctype); krb5_error_code KRB5_CALLCONV krb5_random_confounder(size_t, krb5_pointer); krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, - krb5_pointer ivec, krb5_data *data, - krb5_enc_data *enc_data); + krb5_pointer ivec, krb5_data *data, + krb5_enc_data *enc_data); krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key, - krb5_pointer ivec, krb5_enc_data *data, - krb5_data *enc_data); + krb5_pointer ivec, krb5_enc_data *data, + krb5_data *enc_data); krb5_error_code KRB5_CALLCONV krb5_encrypt(krb5_context context, krb5_const_pointer inptr, - krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, - krb5_pointer ivec) + krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, + krb5_pointer ivec) { krb5_data inputd, ivecd; krb5_enc_data outputd; @@ -55,12 +56,12 @@ krb5_encrypt(krb5_context context, krb5_const_pointer inptr, krb5_error_code ret; if (ivec) { - ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); - if (ret) - return ret; + ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); + if (ret) + return ret; - ivecd.length = blocksize; - ivecd.data = ivec; + ivecd.length = blocksize; + ivecd.data = ivec; } /* size is the length of the input cleartext data. */ @@ -73,19 +74,19 @@ krb5_encrypt(krb5_context context, krb5_const_pointer inptr, */ ret = krb5_c_encrypt_length(context, eblock->key->enctype, size, &outlen); if (ret) - return ret; + return ret; outputd.ciphertext.length = outlen; outputd.ciphertext.data = outptr; return krb5_c_encrypt(context, eblock->key, 0, ivec ? &ivecd : 0, - &inputd, &outputd); + &inputd, &outputd); } krb5_error_code KRB5_CALLCONV krb5_decrypt(krb5_context context, krb5_const_pointer inptr, - krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, - krb5_pointer ivec) + krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, + krb5_pointer ivec) { krb5_enc_data inputd; krb5_data outputd, ivecd; @@ -93,12 +94,12 @@ krb5_decrypt(krb5_context context, krb5_const_pointer inptr, krb5_error_code ret; if (ivec) { - ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); - if (ret) - return ret; + ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); + if (ret) + return ret; - ivecd.length = blocksize; - ivecd.data = ivec; + ivecd.length = blocksize; + ivecd.data = ivec; } /* size is the length of the input ciphertext data */ @@ -113,12 +114,12 @@ krb5_decrypt(krb5_context context, krb5_const_pointer inptr, outputd.data = outptr; return krb5_c_decrypt(context, eblock->key, 0, ivec ? &ivecd : 0, - &inputd, &outputd); + &inputd, &outputd); } krb5_error_code KRB5_CALLCONV krb5_process_key(krb5_context context, krb5_encrypt_block *eblock, - const krb5_keyblock *key) + const krb5_keyblock *key) { eblock->key = (krb5_keyblock *) key; @@ -133,16 +134,16 @@ krb5_finish_key(krb5_context context, krb5_encrypt_block *eblock) krb5_error_code KRB5_CALLCONV krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock, - krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) + krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { return krb5_c_string_to_key(context, eblock->crypto_entry, data, salt, - keyblock); + keyblock); } krb5_error_code KRB5_CALLCONV krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock, - const krb5_keyblock *keyblock, krb5_pointer *ptr) + const krb5_keyblock *keyblock, krb5_pointer *ptr) { krb5_data data; @@ -154,14 +155,14 @@ krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_error_code KRB5_CALLCONV krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock, - krb5_pointer *ptr) + krb5_pointer *ptr) { return 0; } krb5_error_code KRB5_CALLCONV krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock, - krb5_pointer ptr, krb5_keyblock **keyblock) + krb5_pointer ptr, krb5_keyblock **keyblock) { krb5_keyblock *key; krb5_error_code ret; @@ -170,12 +171,12 @@ krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock, key = malloc(sizeof(krb5_keyblock)); if (key == NULL) - return ENOMEM; + return ENOMEM; ret = krb5_c_make_random_key(context, eblock->crypto_entry, key); if (ret) { - free(key); - return ret; + free(key); + return ret; } *keyblock = key; @@ -190,7 +191,7 @@ krb5_eblock_enctype(krb5_context context, const krb5_encrypt_block *eblock) krb5_error_code KRB5_CALLCONV krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock, - krb5_enctype enctype) + krb5_enctype enctype) { eblock->crypto_entry = enctype; @@ -203,7 +204,7 @@ krb5_encrypt_size(size_t length, krb5_enctype crypto) size_t ret; if (krb5_c_encrypt_length(NULL, crypto, length, &ret)) - return (size_t) -1; /* XXX */ + return (size_t) -1; /* XXX */ return ret; } @@ -214,16 +215,16 @@ krb5_checksum_size(krb5_context context, krb5_cksumtype ctype) size_t ret; if (krb5_c_checksum_length(context, ctype, &ret)) - return (size_t) -1; /* XXX */ + return (size_t) -1; /* XXX */ return ret; } krb5_error_code KRB5_CALLCONV krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype, - krb5_const_pointer in, size_t in_length, - krb5_const_pointer seed, size_t seed_length, - krb5_checksum *outcksum) + krb5_const_pointer in, size_t in_length, + krb5_const_pointer seed, size_t seed_length, + krb5_checksum *outcksum) { krb5_data input; krb5_keyblock key; @@ -239,12 +240,12 @@ krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype, ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum); if (ret) - return ret; + return ret; if (outcksum->length < cksum.length) { - memset(cksum.contents, 0, cksum.length); - free(cksum.contents); - return KRB5_BAD_MSIZE; + memset(cksum.contents, 0, cksum.length); + free(cksum.contents); + return KRB5_BAD_MSIZE; } outcksum->magic = cksum.magic; @@ -259,9 +260,9 @@ krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype, krb5_error_code KRB5_CALLCONV krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, - const krb5_checksum *cksum, krb5_const_pointer in, - size_t in_length, krb5_const_pointer seed, - size_t seed_length) + const krb5_checksum *cksum, krb5_const_pointer in, + size_t in_length, krb5_const_pointer seed, + size_t seed_length) { krb5_data input; krb5_keyblock key; @@ -276,10 +277,10 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum, &valid); if (ret) - return ret; + return ret; if (!valid) - return KRB5KRB_AP_ERR_BAD_INTEGRITY; + return KRB5KRB_AP_ERR_BAD_INTEGRITY; return 0; } @@ -296,8 +297,8 @@ krb5_random_confounder(size_t size, krb5_pointer ptr) } krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, - krb5_pointer ivec, krb5_data *data, - krb5_enc_data *enc_data) + krb5_pointer ivec, krb5_data *data, + krb5_enc_data *enc_data) { krb5_error_code ret; size_t enclen, blocksize; @@ -305,15 +306,15 @@ krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, ret = krb5_c_encrypt_length(context, key->enctype, data->length, &enclen); if (ret) - return ret; + return ret; if (ivec) { - ret = krb5_c_block_size(context, key->enctype, &blocksize); - if (ret) - return ret; + ret = krb5_c_block_size(context, key->enctype, &blocksize); + if (ret) + return ret; - ivecd.length = blocksize; - ivecd.data = ivec; + ivecd.length = blocksize; + ivecd.data = ivec; } enc_data->magic = KV5M_ENC_DATA; @@ -322,40 +323,40 @@ krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, enc_data->ciphertext.length = enclen; enc_data->ciphertext.data = malloc(enclen); if (enc_data->ciphertext.data == NULL) - return ENOMEM; + return ENOMEM; ret = krb5_c_encrypt(context, key, 0, ivec ? &ivecd : 0, data, enc_data); if (ret) - free(enc_data->ciphertext.data); + free(enc_data->ciphertext.data); return ret; } krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key, - krb5_pointer ivec, krb5_enc_data *enc_data, - krb5_data *data) + krb5_pointer ivec, krb5_enc_data *enc_data, + krb5_data *data) { krb5_error_code ret; krb5_data ivecd; size_t blocksize; if (ivec) { - ret = krb5_c_block_size(context, key->enctype, &blocksize); - if (ret) - return ret; + ret = krb5_c_block_size(context, key->enctype, &blocksize); + if (ret) + return ret; - ivecd.length = blocksize; - ivecd.data = ivec; + ivecd.length = blocksize; + ivecd.data = ivec; } data->length = enc_data->ciphertext.length; data->data = malloc(data->length); if (data->data == NULL) - return ENOMEM; + return ENOMEM; ret = krb5_c_decrypt(context, key, 0, ivec ? &ivecd : 0, enc_data, data); if (ret) - free(data->data); + free(data->data); return 0; } diff --git a/src/lib/crypto/krb/prf.c b/src/lib/crypto/krb/prf.c index 141390f..e42d363 100644 --- a/src/lib/crypto/krb/prf.c +++ b/src/lib/crypto/krb/prf.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/prf.c * @@ -44,35 +45,45 @@ krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len) assert(len); ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; *len = ktp->prf_length; return 0; } krb5_error_code KRB5_CALLCONV -krb5_c_prf(krb5_context context, const krb5_keyblock *keyblock, - krb5_data *input, krb5_data *output) +krb5_k_prf(krb5_context context, krb5_key key, + krb5_data *input, krb5_data *output) { const struct krb5_keytypes *ktp; - krb5_key key; krb5_error_code ret; assert(input && output); assert(output->data); - ktp = find_enctype(keyblock->enctype); + ktp = find_enctype(key->keyblock.enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; if (ktp->prf == NULL) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; output->magic = KV5M_DATA; if (ktp->prf_length != output->length) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; + ret = ktp->prf(ktp, key, input, output); + return ret; +} + +krb5_error_code KRB5_CALLCONV +krb5_c_prf(krb5_context context, const krb5_keyblock *keyblock, + krb5_data *input, krb5_data *output) +{ + krb5_key key; + krb5_error_code ret; + ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; - ret = (*ktp->prf)(ktp->enc, ktp->hash, key, input, output); + return ret; + ret = krb5_k_prf(context, key, input, output); krb5_k_free_key(context, key); return ret; } diff --git a/src/lib/crypto/krb/prf/Makefile.in b/src/lib/crypto/krb/prf/Makefile.in index 42b14b9..4bcb867 100644 --- a/src/lib/crypto/krb/prf/Makefile.in +++ b/src/lib/crypto/krb/prf/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/prf mydir=lib/crypto/krb/prf BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/.. \ diff --git a/src/lib/crypto/krb/prf/deps b/src/lib/crypto/krb/prf/deps index 91fbf74..8fbbe60 100644 --- a/src/lib/crypto/krb/prf/deps +++ b/src/lib/crypto/krb/prf/deps @@ -3,33 +3,34 @@ # des_prf.so des_prf.po $(OUTPRE)des_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h des_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_prf.c prf_int.h dk_prf.so dk_prf.po $(OUTPRE)dk_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../dk/dk.h \ - dk_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../dk/dk.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_prf.c prf_int.h rc4_prf.so rc4_prf.po $(OUTPRE)rc4_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - prf_int.h rc4_prf.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h prf_int.h rc4_prf.c diff --git a/src/lib/crypto/krb/prf/des_prf.c b/src/lib/crypto/krb/prf/des_prf.c index 4713086..a111423 100644 --- a/src/lib/crypto/krb/prf/des_prf.c +++ b/src/lib/crypto/krb/prf/des_prf.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/prf//des_prf.c * @@ -30,24 +31,24 @@ */ #include "prf_int.h" -//#include <hash_provider/hash_provider.h> /* XXX is this ok? */ +#include "hash_provider/hash_provider.h" krb5_error_code -krb5int_des_prf (const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out) +krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out) { - krb5_data tmp; - krb5_error_code ret = 0; + const struct krb5_hash_provider *hash = &krb5int_hash_md5; + krb5_crypto_iov iov; + krb5_error_code ret; - hash = &krb5int_hash_md5; /* MD5 is always used. */ - tmp.length = hash->hashsize; - tmp.data = malloc(hash->hashsize); - if (tmp.data == NULL) - return ENOMEM; - ret = hash->hash(1, in, &tmp); - if (ret == 0) - ret = enc->encrypt(key, NULL, &tmp, out); - free(tmp.data); - return ret; + /* Compute a hash of the input, storing into the output buffer. */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *in; + ret = hash->hash(&iov, 1, out); + if (ret != 0) + return ret; + + /* Encrypt the hash in place. */ + iov.data = *out; + return ktp->enc->encrypt(key, NULL, &iov, 1); } diff --git a/src/lib/crypto/krb/prf/dk_prf.c b/src/lib/crypto/krb/prf/dk_prf.c index 80f9d50..9851ce7 100644 --- a/src/lib/crypto/krb/prf/dk_prf.c +++ b/src/lib/crypto/krb/prf/dk_prf.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/prf/dk_prf.c * @@ -33,27 +34,43 @@ #include <dk.h> krb5_error_code -krb5int_dk_prf (const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out) +krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out) { - krb5_data tmp; - krb5_data prfconst; - krb5_key kp = NULL; - krb5_error_code ret = 0; + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_crypto_iov iov; + krb5_data cksum = empty_data(), prfconst = make_data("prf", 3); + krb5_key kp = NULL; + krb5_error_code ret; - prfconst.data = (char *) "prf"; - prfconst.length = 3; - tmp.length = hash->hashsize; - tmp.data = malloc(hash->hashsize); - if (tmp.data == NULL) - return ENOMEM; - hash->hash(1, in, &tmp); - tmp.length = (tmp.length/enc->block_size)*enc->block_size; /*truncate to block size*/ - ret = krb5int_derive_key(enc, key, &kp, &prfconst); - if (ret == 0) - ret = enc->encrypt(kp, NULL, &tmp, out); - krb5_k_free_key(NULL, kp); - free (tmp.data); - return ret; + /* Hash the input data into an allocated buffer. */ + ret = alloc_data(&cksum, hash->hashsize); + if (ret != 0) + goto cleanup; + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *in; + ret = hash->hash(&iov, 1, &cksum); + if (ret != 0) + goto cleanup; + + /* Derive a key using the PRF constant. */ + ret = krb5int_derive_key(ktp->enc, key, &kp, &prfconst); + if (ret != 0) + goto cleanup; + + /* Truncate the hash to the closest multiple of the block size. */ + iov.data.data = cksum.data; + iov.data.length = (hash->hashsize / enc->block_size) * enc->block_size; + + /* Encrypt the truncated hash in the derived key to get the output. */ + ret = ktp->enc->encrypt(kp, NULL, &iov, 1); + if (ret != 0) + goto cleanup; + memcpy(out->data, iov.data.data, out->length); + +cleanup: + zapfree(cksum.data, hash->hashsize); + krb5_k_free_key(NULL, kp); + return ret; } diff --git a/src/lib/crypto/krb/prf/prf_int.h b/src/lib/crypto/krb/prf/prf_int.h index e21035f..865f62b 100644 --- a/src/lib/crypto/krb/prf/prf_int.h +++ b/src/lib/crypto/krb/prf/prf_int.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/prf/prf_int.h * @@ -28,20 +29,18 @@ #define PRF_INTERNAL_DEFS #include "k5-int.h" +#include "etypes.h" krb5_error_code -krb5int_arcfour_prf(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out); +krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out); krb5_error_code -krb5int_des_prf (const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out); +krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out); krb5_error_code -krb5int_dk_prf(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out); +krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out); #endif /*PRF_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/krb/prf/rc4_prf.c b/src/lib/crypto/krb/prf/rc4_prf.c index caeaa44..e34ab26 100644 --- a/src/lib/crypto/krb/prf/rc4_prf.c +++ b/src/lib/crypto/krb/prf/rc4_prf.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/prf/rc4_prf.c * @@ -30,10 +31,13 @@ #include <hash_provider/hash_provider.h> krb5_error_code -krb5int_arcfour_prf(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, const krb5_data *in, krb5_data *out) +krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out) { + krb5_crypto_iov iov; + assert(out->length == 20); - return krb5int_hmac(&krb5int_hash_sha1, key, 1, in, out); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *in; + return krb5int_hmac(&krb5int_hash_sha1, key, &iov, 1, out); } diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index 00534ca..ef32699 100644 --- a/src/lib/crypto/krb/prng.c +++ b/src/lib/crypto/krb/prng.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2001, 2002, 2004, 2007, 2008 by the Massachusetts Institute of Technology. * All rights reserved. @@ -42,17 +43,17 @@ entropy_estimate(unsigned int randsource, size_t length) { switch (randsource) { case KRB5_C_RANDSOURCE_OLDAPI: - return 4 * length; + return 4 * length; case KRB5_C_RANDSOURCE_OSRAND: - return 8 * length; + return 8 * length; case KRB5_C_RANDSOURCE_TRUSTEDPARTY: - return 4 * length; + return 4 * length; case KRB5_C_RANDSOURCE_TIMING: - return 2; + return 2; case KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL: - return 0; + return 0; default: - abort(); + abort(); } return 0; } @@ -64,16 +65,16 @@ int krb5int_prng_init(void) yerr = k5_mutex_finish_init(&yarrow_lock); if (yerr) - return yerr; + return yerr; yerr = krb5int_yarrow_init (&y_ctx, NULL); if (yerr != YARROW_OK && yerr != YARROW_NOT_SEEDED) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; for (i=0; i < KRB5_C_RANDSOURCE_MAX; i++ ) { - if (krb5int_yarrow_new_source(&y_ctx, &source_id) != YARROW_OK) - return KRB5_CRYPTO_INTERNAL; - assert (source_id == i); + if (krb5int_yarrow_new_source(&y_ctx, &source_id) != YARROW_OK) + return KRB5_CRYPTO_INTERNAL; + assert (source_id == i); } return 0; @@ -81,20 +82,20 @@ int krb5int_prng_init(void) krb5_error_code KRB5_CALLCONV krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, - const krb5_data *data) + const krb5_data *data) { int yerr; /* Make sure the mutex got initialized. */ yerr = krb5int_crypto_init(); if (yerr) - return yerr; + return yerr; /* Now, finally, feed in the data. */ yerr = krb5int_yarrow_input(&y_ctx, randsource, - data->data, data->length, - entropy_estimate(randsource, data->length)); + data->data, data->length, + entropy_estimate(randsource, data->length)); if (yerr != YARROW_OK) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; return 0; } @@ -110,12 +111,12 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *data) int yerr; yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length); if (yerr == YARROW_NOT_SEEDED) { - yerr = krb5int_yarrow_reseed(&y_ctx, YARROW_SLOW_POOL); - if (yerr == YARROW_OK) - yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length); + yerr = krb5int_yarrow_reseed(&y_ctx, YARROW_SLOW_POOL); + if (yerr == YARROW_OK) + yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length); } if (yerr != YARROW_OK) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; return 0; } @@ -137,7 +138,7 @@ krb5_error_code KRB5_CALLCONV krb5_c_random_os_entropy(krb5_context context, int strong, int *success) { if (success) - *success = 0; + *success = 0; return 0; } @@ -167,28 +168,28 @@ read_entropy_from_device(krb5_context context, const char *device) fd = open (device, O_RDONLY); if (fd == -1) - return 0; + return 0; set_cloexec_fd(fd); if (fstat(fd, &sb) == -1 || S_ISREG(sb.st_mode)) { - close(fd); - return 0; + close(fd); + return 0; } for (bp = buf, left = sizeof(buf); left > 0;) { - ssize_t count; - count = read(fd, bp, (unsigned) left); - if (count <= 0) { - close(fd); - return 0; - } - left -= count; - bp += count; + ssize_t count; + count = read(fd, bp, (unsigned) left); + if (count <= 0) { + close(fd); + return 0; + } + left -= count; + bp += count; } close(fd); data.length = sizeof (buf); data.data = (char *) buf; return (krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OSRAND, - &data) == 0); + &data) == 0); } krb5_error_code KRB5_CALLCONV @@ -203,11 +204,11 @@ krb5_c_random_os_entropy(krb5_context context, int strong, int *success) we have both /dev/random and /dev/urandom. We want the strong data included in the reseed so we get it first.*/ if (strong) { - if (read_entropy_from_device(context, "/dev/random")) - *oursuccess = 1; + if (read_entropy_from_device(context, "/dev/random")) + *oursuccess = 1; } if (read_entropy_from_device(context, "/dev/urandom")) - *oursuccess = 1; + *oursuccess = 1; return 0; } diff --git a/src/lib/crypto/krb/rand2key/Makefile.in b/src/lib/crypto/krb/rand2key/Makefile.in index ad2ed1f..72f14fe 100644 --- a/src/lib/crypto/krb/rand2key/Makefile.in +++ b/src/lib/crypto/krb/rand2key/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/rand2key mydir=lib/crypto/krb/rand2key BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/. -I$(srcdir)/../../@CRYPTO_IMPL@/des diff --git a/src/lib/crypto/krb/rand2key/aes_rand2key.c b/src/lib/crypto/krb/rand2key/aes_rand2key.c index c5028e5..4b876bc 100644 --- a/src/lib/crypto/krb/rand2key/aes_rand2key.c +++ b/src/lib/crypto/krb/rand2key/aes_rand2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/rand2key/aes_rand2key.c * diff --git a/src/lib/crypto/krb/rand2key/deps b/src/lib/crypto/krb/rand2key/deps index 52ed9e1..58fdd89 100644 --- a/src/lib/crypto/krb/rand2key/deps +++ b/src/lib/crypto/krb/rand2key/deps @@ -4,46 +4,46 @@ aes_rand2key.so aes_rand2key.po $(OUTPRE)aes_rand2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ aes_rand2key.c rand2key.h des_rand2key.so des_rand2key.po $(OUTPRE)des_rand2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../../builtin/des/des_int.h des_rand2key.c \ - rand2key.h + $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_rand2key.c rand2key.h des3_rand2key.so des3_rand2key.po $(OUTPRE)des3_rand2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../../builtin/des/des_int.h des3_rand2key.c \ - rand2key.h + $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des3_rand2key.c rand2key.h rc4_rand2key.so rc4_rand2key.po $(OUTPRE)rc4_rand2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ rand2key.h rc4_rand2key.c diff --git a/src/lib/crypto/krb/rand2key/des3_rand2key.c b/src/lib/crypto/krb/rand2key/des3_rand2key.c index fe84c3a..31f3f4c 100644 --- a/src/lib/crypto/krb/rand2key/des3_rand2key.c +++ b/src/lib/crypto/krb/rand2key/des3_rand2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/rand2key/des3_rand2key.c * diff --git a/src/lib/crypto/krb/rand2key/des_rand2key.c b/src/lib/crypto/krb/rand2key/des_rand2key.c index 1485965..e5cdded 100644 --- a/src/lib/crypto/krb/rand2key/des_rand2key.c +++ b/src/lib/crypto/krb/rand2key/des_rand2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/rand2key/des_rand2key.c * @@ -32,9 +33,9 @@ krb5_error_code krb5int_des_make_key(const krb5_data *randombits, krb5_keyblock *key) { if (key->length != KRB5_MIT_DES_KEYSIZE) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if (randombits->length != 7) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); key->magic = KV5M_KEYBLOCK; @@ -43,9 +44,9 @@ krb5int_des_make_key(const krb5_data *randombits, krb5_keyblock *key) memcpy(key->contents, randombits->data, randombits->length); key->contents[7] = (((key->contents[0]&1)<<1) | ((key->contents[1]&1)<<2) | - ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) | - ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) | - ((key->contents[6]&1)<<7)); + ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) | + ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) | + ((key->contents[6]&1)<<7)); mit_des_fixup_key_parity(key->contents); diff --git a/src/lib/crypto/krb/rand2key/rand2key.h b/src/lib/crypto/krb/rand2key/rand2key.h index 01208f6..321c452 100644 --- a/src/lib/crypto/krb/rand2key/rand2key.h +++ b/src/lib/crypto/krb/rand2key/rand2key.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "k5-int.h" diff --git a/src/lib/crypto/krb/rand2key/rc4_rand2key.c b/src/lib/crypto/krb/rand2key/rc4_rand2key.c index d498f05..2e2ddaa 100644 --- a/src/lib/crypto/krb/rand2key/rc4_rand2key.c +++ b/src/lib/crypto/krb/rand2key/rc4_rand2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/krb/rand2key/rc4_rand2key.c * diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c index f94229a..8b37374 100644 --- a/src/lib/crypto/krb/random_to_key.c +++ b/src/lib/crypto/krb/random_to_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * COPYRIGHT (c) 2006 * The Regents of the University of Michigan @@ -38,27 +39,27 @@ krb5_error_code KRB5_CALLCONV krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, - krb5_data *random_data, krb5_keyblock *random_key) + krb5_data *random_data, krb5_keyblock *random_key) { krb5_error_code ret; const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; if (random_data == NULL || random_key == NULL || - random_key->contents == NULL) - return EINVAL; + random_key->contents == NULL) + return EINVAL; ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; enc = ktp->enc; if (random_key->length != enc->keylength) - return KRB5_BAD_KEYSIZE; + return KRB5_BAD_KEYSIZE; ret = (*enc->make_key)(random_data, random_key); if (ret) - memset(random_key->contents, 0, random_key->length); + memset(random_key->contents, 0, random_key->length); return ret; } diff --git a/src/lib/crypto/krb/raw/Makefile.in b/src/lib/crypto/krb/raw/Makefile.in index f52cb24..147b1d5 100644 --- a/src/lib/crypto/krb/raw/Makefile.in +++ b/src/lib/crypto/krb/raw/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/raw mydir=lib/crypto/krb/raw BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../@CRYPTO_IMPL@ @@ -12,13 +10,13 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf +RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(top_srcdir)/config-files/krb5.conf -STLIBOBJS= raw_decrypt.o raw_encrypt.o raw_aead.o +STLIBOBJS= raw_aead.o -OBJS= $(OUTPRE)raw_decrypt.$(OBJEXT) $(OUTPRE)raw_encrypt.$(OBJEXT) $(OUTPRE)raw_aead.$(OBJEXT) +OBJS= $(OUTPRE)raw_aead.$(OBJEXT) -SRCS= $(srcdir)/raw_decrypt.c $(srcdir)/raw_encrypt.c $(srcdir)/raw_aead.c +SRCS= $(srcdir)/raw_aead.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/krb/raw/deps b/src/lib/crypto/krb/raw/deps index 5b6fef8..654c4c3 100644 --- a/src/lib/crypto/krb/raw/deps +++ b/src/lib/crypto/krb/raw/deps @@ -1,37 +1,15 @@ # # Generated makefile dependencies follow. # -raw_decrypt.so raw_decrypt.po $(OUTPRE)raw_decrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - raw.h raw_decrypt.c -raw_encrypt.so raw_encrypt.po $(OUTPRE)raw_encrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - raw.h raw_encrypt.c raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h raw.h \ - raw_aead.c + $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ + $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h raw.h raw_aead.c diff --git a/src/lib/crypto/krb/raw/raw.h b/src/lib/crypto/krb/raw/raw.h index d5575e1..ee54d58 100644 --- a/src/lib/crypto/krb/raw/raw.h +++ b/src/lib/crypto/krb/raw/raw.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -25,24 +26,18 @@ */ #include "k5-int.h" +#include "etypes.h" -void krb5_raw_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); +unsigned int +krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); -krb5_error_code krb5int_raw_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output); +krb5_error_code +krb5int_raw_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); -krb5_error_code krb5int_raw_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -extern const struct krb5_aead_provider krb5int_aead_raw; +krb5_error_code +krb5int_raw_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); diff --git a/src/lib/crypto/krb/raw/raw_aead.c b/src/lib/crypto/krb/raw/raw_aead.c index f15e486..75f2324 100644 --- a/src/lib/crypto/krb/raw/raw_aead.c +++ b/src/lib/crypto/krb/raw/raw_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/raw/raw_aead.c * @@ -29,135 +30,83 @@ #include "raw.h" #include "aead.h" -/* AEAD */ - -static krb5_error_code -krb5int_raw_crypto_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length) +unsigned int +krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type) { switch (type) { case KRB5_CRYPTO_TYPE_PADDING: - *length = enc->block_size; - break; + return ktp->enc->block_size; default: - *length = 0; - break; + return 0; } - - return 0; } -static krb5_error_code -krb5int_raw_encrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_raw_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { - krb5_error_code ret; krb5_crypto_iov *padding; size_t i; - unsigned int blocksize = 0; - unsigned int plainlen = 0; - unsigned int padsize = 0; + unsigned int blocksize, plainlen = 0, padsize = 0; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize); - if (ret != 0) - return ret; + blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (iov->flags == KRB5_CRYPTO_TYPE_DATA) - plainlen += iov->data.length; + if (iov->flags == KRB5_CRYPTO_TYPE_DATA) + plainlen += iov->data.length; } if (blocksize != 0) { - /* Check that the input data is correctly padded */ - if (plainlen % blocksize) - padsize = blocksize - (plainlen % blocksize); + /* Check that the input data is correctly padded */ + if (plainlen % blocksize) + padsize = blocksize - (plainlen % blocksize); } padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); if (padsize && (padding == NULL || padding->data.length < padsize)) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; if (padding != NULL) { - memset(padding->data.data, 0, padsize); - padding->data.length = padsize; + memset(padding->data.data, 0, padsize); + padding->data.length = padsize; } - assert(enc->encrypt_iov != NULL); - - ret = enc->encrypt_iov(key, ivec, data, num_data); /* will update ivec */ - - return ret; + return ktp->enc->encrypt(key, ivec, data, num_data); } -static krb5_error_code -krb5int_raw_decrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_raw_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { - krb5_error_code ret; size_t i; - unsigned int blocksize = 0; /* careful, this is enc block size not confounder len */ + unsigned int blocksize = 0; /* enc block size, not confounder len */ unsigned int cipherlen = 0; - if (krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM) != NULL) { - return krb5int_c_iov_decrypt_stream(aead, enc, hash, key, - usage, ivec, data, num_data); - } - - /* E(Confounder | Plaintext | Pad) | Checksum */ - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize); - if (ret != 0) - return ret; + blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + const krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_DATA_IOV(iov)) - cipherlen += iov->data.length; + if (ENCRYPT_DATA_IOV(iov)) + cipherlen += iov->data.length; } if (blocksize == 0) { - /* Check for correct input length in CTS mode */ - if (enc->block_size != 0 && cipherlen < enc->block_size) - return KRB5_BAD_MSIZE; + /* Check for correct input length in CTS mode */ + if (ktp->enc->block_size != 0 && cipherlen < ktp->enc->block_size) + return KRB5_BAD_MSIZE; } else { - /* Check that the input data is correctly padded */ - if ((cipherlen % blocksize) != 0) - return KRB5_BAD_MSIZE; + /* Check that the input data is correctly padded */ + if (cipherlen % blocksize != 0) + return KRB5_BAD_MSIZE; } - /* Validate header and trailer lengths */ - - /* derive the keys */ - - /* decrypt the plaintext (header | data | padding) */ - assert(enc->decrypt_iov != NULL); - - ret = enc->decrypt_iov(key, ivec, data, num_data); /* will update ivec */ - - return ret; + return ktp->enc->decrypt(key, ivec, data, num_data); } - -const struct krb5_aead_provider krb5int_aead_raw = { - krb5int_raw_crypto_length, - krb5int_raw_encrypt_iov, - krb5int_raw_decrypt_iov -}; diff --git a/src/lib/crypto/krb/raw/raw_decrypt.c b/src/lib/crypto/krb/raw/raw_decrypt.c deleted file mode 100644 index 34598bb..0000000 --- a/src/lib/crypto/krb/raw/raw_decrypt.c +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "raw.h" - -krb5_error_code -krb5int_raw_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - return((*(enc->decrypt))(key, ivec, input, output)); -} diff --git a/src/lib/crypto/krb/raw/raw_encrypt.c b/src/lib/crypto/krb/raw/raw_encrypt.c deleted file mode 100644 index 6e8516c..0000000 --- a/src/lib/crypto/krb/raw/raw_encrypt.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "raw.h" - -void -krb5_raw_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - size_t blocksize; - - blocksize = enc->block_size; - - *length = krb5_roundup(inputlen, blocksize); -} - -krb5_error_code -krb5int_raw_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - return((*(enc->encrypt))(key, ivec, input, output)); -} diff --git a/src/lib/crypto/krb/state.c b/src/lib/crypto/krb/state.c index 12638a4..ef0b2b6 100644 --- a/src/lib/crypto/krb/state.c +++ b/src/lib/crypto/krb/state.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/state.c * @@ -37,24 +38,24 @@ krb5_error_code KRB5_CALLCONV krb5_c_init_state (krb5_context context, const krb5_keyblock *key, - krb5_keyusage keyusage, krb5_data *new_state) + krb5_keyusage keyusage, krb5_data *new_state) { const struct krb5_keytypes *ktp; ktp = find_enctype(key->enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; return ktp->enc->init_state(key, keyusage, new_state); } krb5_error_code KRB5_CALLCONV krb5_c_free_state(krb5_context context, const krb5_keyblock *key, - krb5_data *state) + krb5_data *state) { const struct krb5_keytypes *ktp; ktp = find_enctype(key->enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; return ktp->enc->free_state(state); } diff --git a/src/lib/crypto/krb/string_to_cksumtype.c b/src/lib/crypto/krb/string_to_cksumtype.c index ae5da6d..b130b6c 100644 --- a/src/lib/crypto/krb/string_to_cksumtype.c +++ b/src/lib/crypto/krb/string_to_cksumtype.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -35,21 +36,21 @@ krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep) const struct krb5_cksumtypes *ctp; for (i=0; i<krb5int_cksumtypes_length; i++) { - ctp = &krb5int_cksumtypes_list[i]; - if (strcasecmp(ctp->name, string) == 0) { - *cksumtypep = ctp->ctype; - return 0; - } + ctp = &krb5int_cksumtypes_list[i]; + if (strcasecmp(ctp->name, string) == 0) { + *cksumtypep = ctp->ctype; + return 0; + } #define MAX_ALIASES (sizeof(ctp->aliases) / sizeof(ctp->aliases[0])) - for (j = 0; j < MAX_ALIASES; j++) { - alias = ctp->aliases[j]; - if (alias == NULL) - break; - if (strcasecmp(alias, string) == 0) { - *cksumtypep = ctp->ctype; - return 0; - } - } + for (j = 0; j < MAX_ALIASES; j++) { + alias = ctp->aliases[j]; + if (alias == NULL) + break; + if (strcasecmp(alias, string) == 0) { + *cksumtypep = ctp->ctype; + return 0; + } + } } return EINVAL; diff --git a/src/lib/crypto/krb/string_to_enctype.c b/src/lib/crypto/krb/string_to_enctype.c index 159c36b..25091fe 100644 --- a/src/lib/crypto/krb/string_to_enctype.c +++ b/src/lib/crypto/krb/string_to_enctype.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -36,21 +37,21 @@ krb5_string_to_enctype(char *string, krb5_enctype *enctypep) const struct krb5_keytypes *ktp; for (i = 0; i < krb5int_enctypes_length; i++) { - ktp = &krb5int_enctypes_list[i]; - if (strcasecmp(ktp->name, string) == 0) { - *enctypep = ktp->etype; - return 0; - } + ktp = &krb5int_enctypes_list[i]; + if (strcasecmp(ktp->name, string) == 0) { + *enctypep = ktp->etype; + return 0; + } #define MAX_ALIASES (sizeof(ktp->aliases) / sizeof(ktp->aliases[0])) - for (j = 0; j < MAX_ALIASES; j++) { - alias = ktp->aliases[j]; - if (alias == NULL) - break; - if (strcasecmp(alias, string) == 0) { - *enctypep = ktp->etype; - return 0; - } - } + for (j = 0; j < MAX_ALIASES; j++) { + alias = ktp->aliases[j]; + if (alias == NULL) + break; + if (strcasecmp(alias, string) == 0) { + *enctypep = ktp->etype; + return 0; + } + } } return EINVAL; diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c index e81568b..3569404 100644 --- a/src/lib/crypto/krb/string_to_key.c +++ b/src/lib/crypto/krb/string_to_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,27 +30,27 @@ krb5_error_code KRB5_CALLCONV krb5_c_string_to_key_with_params(krb5_context context, - krb5_enctype enctype, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); + krb5_enctype enctype, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); krb5_error_code KRB5_CALLCONV krb5_c_string_to_key(krb5_context context, krb5_enctype enctype, - const krb5_data *string, const krb5_data *salt, - krb5_keyblock *key) + const krb5_data *string, const krb5_data *salt, + krb5_keyblock *key) { return krb5_c_string_to_key_with_params(context, enctype, string, salt, - NULL, key); + NULL, key); } krb5_error_code KRB5_CALLCONV krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key) + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, krb5_keyblock *key) { krb5_error_code ret; const struct krb5_keytypes *ktp; @@ -57,7 +58,7 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, ktp = find_enctype(enctype); if (ktp == NULL) - return KRB5_BAD_ENCTYPE; + return KRB5_BAD_ENCTYPE; keylength = ktp->enc->keylength; /* @@ -66,29 +67,29 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, * deal with this. Using s2kparams would be a much better solution. */ if (salt && salt->length == SALT_TYPE_AFS_LENGTH) { - switch (enctype) { - case ENCTYPE_DES_CBC_CRC: - case ENCTYPE_DES_CBC_MD4: - case ENCTYPE_DES_CBC_MD5: - break; - default: - return KRB5_CRYPTO_INTERNAL; - } + switch (enctype) { + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD4: + case ENCTYPE_DES_CBC_MD5: + break; + default: + return KRB5_CRYPTO_INTERNAL; + } } key->contents = malloc(keylength); if (key->contents == NULL) - return ENOMEM; + return ENOMEM; key->magic = KV5M_KEYBLOCK; key->enctype = enctype; key->length = keylength; - ret = (*ktp->str2key)(ktp->enc, string, salt, params, key); + ret = (*ktp->str2key)(ktp, string, salt, params, key); if (ret) { - zapfree(key->contents, keylength); - key->length = 0; - key->contents = NULL; + zapfree(key->contents, keylength); + key->length = 0; + key->contents = NULL; } return ret; diff --git a/src/lib/crypto/krb/valid_cksumtype.c b/src/lib/crypto/krb/valid_cksumtype.c index 2b1e722..07b84fe 100644 --- a/src/lib/crypto/krb/valid_cksumtype.c +++ b/src/lib/crypto/krb/valid_cksumtype.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,12 +31,10 @@ krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype(krb5_cksumtype ctype) { - unsigned int i; + const struct krb5_cksumtypes *ctp; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == ctype) - return TRUE; - } - - return FALSE; + ctp = find_cksumtype(ctype); + if (ctp == NULL) + return FALSE; + return TRUE; } diff --git a/src/lib/crypto/krb/valid_enctype.c b/src/lib/crypto/krb/valid_enctype.c index e6fcb2e..0957219 100644 --- a/src/lib/crypto/krb/valid_enctype.c +++ b/src/lib/crypto/krb/valid_enctype.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c index a4869eb..cb19c23 100644 --- a/src/lib/crypto/krb/verify_checksum.c +++ b/src/lib/crypto/krb/verify_checksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -29,62 +30,42 @@ krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum(krb5_context context, krb5_key key, - krb5_keyusage usage, const krb5_data *data, - const krb5_checksum *cksum, krb5_boolean *valid) + krb5_keyusage usage, const krb5_data *data, + const krb5_checksum *cksum, krb5_boolean *valid) { - unsigned int i; const struct krb5_cksumtypes *ctp; - const struct krb5_keyhash_provider *keyhash; - size_t hashsize; + krb5_crypto_iov iov; krb5_error_code ret; - krb5_data indata; + krb5_data cksum_data; krb5_checksum computed; - for (i=0; i<krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == cksum->checksum_type) - break; - } - if (i == krb5int_cksumtypes_length) - return KRB5_BAD_ENCTYPE; - ctp = &krb5int_cksumtypes_list[i]; - - indata.length = cksum->length; - indata.data = (char *) cksum->contents; + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *data; - /* If there's actually a verify function, call it. */ - if (ctp->keyhash) { - keyhash = ctp->keyhash; + ctp = find_cksumtype(cksum->checksum_type); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; - if (keyhash->verify == NULL && keyhash->verify_iov != NULL) { - krb5_crypto_iov iov[1]; + ret = verify_key(ctp, key); + if (ret != 0) + return ret; - iov[0].flags = KRB5_CRYPTO_TYPE_DATA; - iov[0].data.data = data->data; - iov[0].data.length = data->length; - - return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata, - valid); - } else if (keyhash->verify != NULL) { - return (*keyhash->verify)(key, usage, 0, data, &indata, valid); - } - } + /* If there's actually a verify function, call it. */ + cksum_data = make_data(cksum->contents, cksum->length); + if (ctp->verify != NULL) + return ctp->verify(ctp, key, usage, &iov, 1, &cksum_data, valid); /* Otherwise, make the checksum again, and compare. */ - ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize); - if (ret) - return ret; - - if (cksum->length != hashsize) - return KRB5_BAD_MSIZE; - - computed.length = hashsize; + if (cksum->length != ctp->output_size) + return KRB5_BAD_MSIZE; ret = krb5_k_make_checksum(context, cksum->checksum_type, key, usage, - data, &computed); + data, &computed); if (ret) - return ret; + return ret; - *valid = (memcmp(computed.contents, cksum->contents, hashsize) == 0); + *valid = (memcmp(computed.contents, cksum->contents, + ctp->output_size) == 0); free(computed.contents); return 0; @@ -92,16 +73,16 @@ krb5_k_verify_checksum(krb5_context context, krb5_key key, krb5_error_code KRB5_CALLCONV krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *keyblock, - krb5_keyusage usage, const krb5_data *data, - const krb5_checksum *cksum, krb5_boolean *valid) + krb5_keyusage usage, const krb5_data *data, + const krb5_checksum *cksum, krb5_boolean *valid) { krb5_key key = NULL; krb5_error_code ret; if (keyblock != NULL) { - ret = krb5_k_create_key(context, keyblock, &key); - if (ret != 0) - return ret; + ret = krb5_k_create_key(context, keyblock, &key); + if (ret != 0) + return ret; } ret = krb5_k_verify_checksum(context, key, usage, data, cksum, valid); krb5_k_free_key(context, key); diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c index cbac1db..0934ae5 100644 --- a/src/lib/crypto/krb/verify_checksum_iov.c +++ b/src/lib/crypto/krb/verify_checksum_iov.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/verify_checksum_iov.c * @@ -30,88 +31,68 @@ krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum_iov(krb5_context context, - krb5_cksumtype checksum_type, - krb5_key key, - krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_boolean *valid) + krb5_cksumtype checksum_type, + krb5_key key, + krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_boolean *valid) { - unsigned int i; const struct krb5_cksumtypes *ctp; - size_t cksumlen; krb5_error_code ret; krb5_data computed; krb5_crypto_iov *checksum; - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == checksum_type) - break; - } - if (i == krb5int_cksumtypes_length) - return KRB5_BAD_ENCTYPE; - ctp = &krb5int_cksumtypes_list[i]; + ctp = find_cksumtype(checksum_type); + if (ctp == NULL) + return KRB5_BAD_ENCTYPE; + + ret = verify_key(ctp, key); + if (ret != 0) + return ret; checksum = krb5int_c_locate_iov((krb5_crypto_iov *)data, num_data, - KRB5_CRYPTO_TYPE_CHECKSUM); - if (checksum == NULL) - return(KRB5_BAD_MSIZE); + KRB5_CRYPTO_TYPE_CHECKSUM); + if (checksum == NULL || checksum->data.length != ctp->output_size) + return KRB5_BAD_MSIZE; /* If there's actually a verify function, call it. */ - if (ctp->keyhash && ctp->keyhash->verify_iov) { - return (*ctp->keyhash->verify_iov)(key, usage, 0, data, num_data, - &checksum->data, valid); + if (ctp->verify != NULL) { + return ctp->verify(ctp, key, usage, data, num_data, &checksum->data, + valid); } - /* Otherwise, make the checksum again, and compare. */ - if (ctp->keyhash != NULL) - computed.length = ctp->keyhash->hashsize; - else - computed.length = ctp->hash->hashsize; - - if (ctp->trunc_size != 0) - cksumlen = ctp->trunc_size; - else - cksumlen = computed.length; - - if (checksum->data.length != cksumlen) - return KRB5_BAD_MSIZE; - - computed.data = malloc(computed.length); - if (computed.data == NULL) - return ENOMEM; + ret = alloc_data(&computed, ctp->compute_size); + if (ret != 0) + return ret; - ret = krb5int_c_make_checksum_iov(&krb5int_cksumtypes_list[i], key, usage, - data, num_data, &computed); - if (ret) { - free(computed.data); - return ret; + ret = ctp->checksum(ctp, key, usage, data, num_data, &computed); + if (ret == 0) { + *valid = (memcmp(computed.data, checksum->data.data, + ctp->output_size) == 0); } - *valid = (computed.length == cksumlen) && - (memcmp(computed.data, checksum->data.data, cksumlen) == 0); - - free(computed.data); - return 0; + zapfree(computed.data, ctp->compute_size); + return ret; } krb5_error_code KRB5_CALLCONV krb5_c_verify_checksum_iov(krb5_context context, - krb5_cksumtype checksum_type, - const krb5_keyblock *keyblock, - krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_boolean *valid) + krb5_cksumtype checksum_type, + const krb5_keyblock *keyblock, + krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_boolean *valid) { krb5_key key; krb5_error_code ret; ret = krb5_k_create_key(context, keyblock, &key); if (ret != 0) - return ret; + return ret; ret = krb5_k_verify_checksum_iov(context, checksum_type, key, usage, data, - num_data, valid); + num_data, valid); krb5_k_free_key(context, key); return ret; } diff --git a/src/lib/crypto/krb/yarrow/Makefile.in b/src/lib/crypto/krb/yarrow/Makefile.in index 0a3c1e7..55ae16c 100644 --- a/src/lib/crypto/krb/yarrow/Makefile.in +++ b/src/lib/crypto/krb/yarrow/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/krb/yarrow mydir=lib/crypto/krb/yarrow BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. \ diff --git a/src/lib/crypto/krb/yarrow/deps b/src/lib/crypto/krb/yarrow/deps index d9807fc..9387393 100644 --- a/src/lib/crypto/krb/yarrow/deps +++ b/src/lib/crypto/krb/yarrow/deps @@ -3,25 +3,25 @@ # yarrow.so yarrow.po $(OUTPRE)yarrow.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/sha1/shs.h \ - $(srcdir)/../../builtin/yhash.h yarrow.c yarrow.h ycipher.h \ - yexcep.h ylock.h ystate.h ytypes.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/sha1/shs.h \ + $(srcdir)/../../builtin/yhash.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h yarrow.c yarrow.h \ + ycipher.h yexcep.h ylock.h ystate.h ytypes.h ycipher.so ycipher.po $(OUTPRE)ycipher.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/enc_provider/enc_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/enc_provider/enc_provider.h \ $(srcdir)/../../builtin/sha1/shs.h $(srcdir)/../../builtin/yhash.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ yarrow.h ycipher.c ycipher.h ytypes.h diff --git a/src/lib/crypto/krb/yarrow/yarrow.c b/src/lib/crypto/krb/yarrow/yarrow.c index 66a5fe4..0695cd3 100644 --- a/src/lib/crypto/krb/yarrow/yarrow.c +++ b/src/lib/crypto/krb/yarrow/yarrow.c @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Yarrow - Cryptographic Pseudo-Random Number Generator @@ -106,11 +106,11 @@ static void krb5int_yarrow_init_Limits(Yarrow_CTX* y) limit = min(tmp1, tmp2); if (limit < COUNTER_MAX) { - y->gates_limit = limit; + y->gates_limit = limit; } else { - y->gates_limit = COUNTER_MAX; + y->gates_limit = COUNTER_MAX; } } @@ -122,8 +122,8 @@ static int yarrow_reseed_locked( Yarrow_CTX* y, int pool ); static int yarrow_input_locked( Yarrow_CTX* y, unsigned source_id, - const void *sample, - size_t size, size_t entropy_bits ); + const void *sample, + size_t size, size_t entropy_bits ); static int Yarrow_detect_fork(Yarrow_CTX *y) { @@ -132,21 +132,21 @@ static int Yarrow_detect_fork(Yarrow_CTX *y) /* this does not work for multi-threaded apps if threads have different * pids */ - newpid = getpid(); + newpid = getpid(); if ( y->pid != newpid ) { - /* we input the pid twice, so it will get into the fast pool at least once - * Then we reseed. This doesn't really increase entropy, but does make the - * streams distinct assuming we already have good entropy*/ - y->pid = newpid; - TRY (yarrow_input_locked (y, 0, &newpid, - sizeof (newpid), 0)); - TRY (yarrow_input_locked (y, 0, &newpid, - sizeof (newpid), 0)); - TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL)); + /* we input the pid twice, so it will get into the fast pool at least once + * Then we reseed. This doesn't really increase entropy, but does make the + * streams distinct assuming we already have good entropy*/ + y->pid = newpid; + TRY (yarrow_input_locked (y, 0, &newpid, + sizeof (newpid), 0)); + TRY (yarrow_input_locked (y, 0, &newpid, + sizeof (newpid), 0)); + TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL)); } - CATCH: +CATCH: EXCEP_RET; } @@ -215,41 +215,41 @@ int krb5int_yarrow_init(Yarrow_CTX* y, const char *filename) #if defined( YARROW_SAVE_STATE ) if ( y->entropyfile != NULL ) { - int ret = Yarrow_Load_State( y ); - if ( ret != YARROW_OK && ret != YARROW_NO_STATE ) - { - THROW( ret ); - } - - /* if load suceeded then write new state back immediately - */ - - /* Also check that it's not already saved, because the reseed in - * Yarrow_Load_State may trigger a save - */ - - if ( ret == YARROW_OK && !y->saved ) - { - TRY( Yarrow_Save_State( y ) ); - } + int ret = Yarrow_Load_State( y ); + if ( ret != YARROW_OK && ret != YARROW_NO_STATE ) + { + THROW( ret ); + } + + /* if load suceeded then write new state back immediately + */ + + /* Also check that it's not already saved, because the reseed in + * Yarrow_Load_State may trigger a save + */ + + if ( ret == YARROW_OK && !y->saved ) + { + TRY( Yarrow_Save_State( y ) ); + } } #endif if ( !y->seeded ) { - THROW( YARROW_NOT_SEEDED ); + THROW( YARROW_NOT_SEEDED ); } - CATCH: +CATCH: if ( locked ) { TRY( UNLOCK() ); } EXCEP_RET; } static int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, - const void* sample, - size_t size, size_t entropy_bits, - int do_lock ) + const void* sample, + size_t size, size_t entropy_bits, + int do_lock ) { EXCEP_DECL; int ret; @@ -259,8 +259,8 @@ int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, size_t estimate; if (do_lock) { - TRY( LOCK() ); - locked = 1; + TRY( LOCK() ); + locked = 1; } k5_assert_locked(&krb5int_yarrow_lock); @@ -272,7 +272,7 @@ int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, if(source->pool != YARROW_FAST_POOL && source->pool != YARROW_SLOW_POOL) { - THROW( YARROW_BAD_SOURCE ); + THROW( YARROW_BAD_SOURCE ); } /* hash in the sample */ @@ -282,78 +282,78 @@ int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, /* only update entropy estimate if pool is not full */ if ( (source->pool == YARROW_FAST_POOL && - source->entropy[source->pool] < y->fast_thresh) || - (source->pool == YARROW_SLOW_POOL && - source->entropy[source->pool] < y->slow_thresh) ) + source->entropy[source->pool] < y->fast_thresh) || + (source->pool == YARROW_SLOW_POOL && + source->entropy[source->pool] < y->slow_thresh) ) { - new_entropy = min(entropy_bits, size * 8 * YARROW_ENTROPY_MULTIPLIER); - if (source->estimator) - { - estimate = source->estimator(sample, size); - new_entropy = min(new_entropy, estimate); - } - source->entropy[source->pool] += new_entropy; - if ( source->entropy[source->pool] > YARROW_POOL_SIZE ) - { - source->entropy[source->pool] = YARROW_POOL_SIZE; - } - - if (source->pool == YARROW_FAST_POOL) - { - if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh) - { - ret = yarrow_reseed_locked(y, YARROW_FAST_POOL); - if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) - { - THROW( ret ); - } - } - } - else - { - if (!source->reached_slow_thresh && - source->entropy[YARROW_SLOW_POOL] >= y->slow_thresh) - { - source->reached_slow_thresh = 1; - y->slow_k_of_n++; - if (y->slow_k_of_n >= y->slow_k_of_n_thresh) - { - y->slow_k_of_n = 0; - ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL); - if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) - { - THROW( ret ); - } - } - } - } + new_entropy = min(entropy_bits, size * 8 * YARROW_ENTROPY_MULTIPLIER); + if (source->estimator) + { + estimate = source->estimator(sample, size); + new_entropy = min(new_entropy, estimate); + } + source->entropy[source->pool] += new_entropy; + if ( source->entropy[source->pool] > YARROW_POOL_SIZE ) + { + source->entropy[source->pool] = YARROW_POOL_SIZE; + } + + if (source->pool == YARROW_FAST_POOL) + { + if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh) + { + ret = yarrow_reseed_locked(y, YARROW_FAST_POOL); + if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) + { + THROW( ret ); + } + } + } + else + { + if (!source->reached_slow_thresh && + source->entropy[YARROW_SLOW_POOL] >= y->slow_thresh) + { + source->reached_slow_thresh = 1; + y->slow_k_of_n++; + if (y->slow_k_of_n >= y->slow_k_of_n_thresh) + { + y->slow_k_of_n = 0; + ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL); + if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) + { + THROW( ret ); + } + } + } + } } /* put samples in alternate pools */ source->pool = (source->pool + 1) % 2; - CATCH: +CATCH: if ( locked ) { TRY( UNLOCK() ); } EXCEP_RET; } YARROW_DLL int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, - const void* sample, - size_t size, size_t entropy_bits ) + const void* sample, + size_t size, size_t entropy_bits ) { return yarrow_input_maybe_locking(y, source_id, sample, size, - entropy_bits, 1); + entropy_bits, 1); } static int yarrow_input_locked( Yarrow_CTX* y, unsigned source_id, - const void *sample, - size_t size, size_t entropy_bits ) + const void *sample, + size_t size, size_t entropy_bits ) { return yarrow_input_maybe_locking(y, source_id, sample, size, - entropy_bits, 0); + entropy_bits, 0); } YARROW_DLL @@ -370,7 +370,7 @@ int krb5int_yarrow_new_source(Yarrow_CTX* y, unsigned* source_id) if (y->num_sources + 1 > YARROW_MAX_SOURCES) { - THROW( YARROW_TOO_MANY_SOURCES ); + THROW( YARROW_TOO_MANY_SOURCES ); } *source_id = y->num_sources; @@ -390,7 +390,7 @@ CATCH: } int krb5int_yarrow_register_source_estimator(Yarrow_CTX* y, unsigned source_id, - estimator_fn* fptr) + estimator_fn* fptr) { EXCEP_DECL; Source* source; @@ -402,7 +402,7 @@ int krb5int_yarrow_register_source_estimator(Yarrow_CTX* y, unsigned source_id, source->estimator = fptr; - CATCH: +CATCH: EXCEP_RET; } @@ -419,22 +419,22 @@ static int krb5int_yarrow_output_Block( Yarrow_CTX* y, void* out ) y->out_count++; if (y->out_count >= y->Pg) { - y->out_count = 0; - TRY( yarrow_gate_locked( y ) ); + y->out_count = 0; + TRY( yarrow_gate_locked( y ) ); - /* require new seed after reaching gates_limit */ + /* require new seed after reaching gates_limit */ - y->gate_count++; - if ( y->gate_count >= y->gates_limit ) - { - y->gate_count = 0; + y->gate_count++; + if ( y->gate_count >= y->gates_limit ) + { + y->gate_count = 0; - /* not defined whether to do slow or fast reseed */ + /* not defined whether to do slow or fast reseed */ - TRACE( printf( "OUTPUT LIMIT REACHED," ); ); + TRACE( printf( "OUTPUT LIMIT REACHED," ); ); - TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) ); - } + TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) ); + } } /* C <- (C + 1) mod 2^n */ @@ -451,13 +451,13 @@ static int krb5int_yarrow_output_Block( Yarrow_CTX* y, void* out ) hex_print( stdout, "output: K", y->K, CIPHER_KEY_SIZE ); hex_print( stdout, "output: O", out, CIPHER_BLOCK_SIZE ); #endif - CATCH: +CATCH: EXCEP_RET; } YARROW_DLL int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id, - size_t *entropy_bits, size_t *entropy_max ) + size_t *entropy_bits, size_t *entropy_max ) { EXCEP_DECL; int num = y->slow_k_of_n_thresh; @@ -476,22 +476,22 @@ int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id, if (y->seeded) { - if (num_sources) { *num_sources = 0; } - if (entropy_bits) { *entropy_bits = emax; } - THROW( YARROW_OK ); + if (num_sources) { *num_sources = 0; } + if (entropy_bits) { *entropy_bits = emax; } + THROW( YARROW_OK ); } for (i = 0; i < y->num_sources; i++) { - if (y->source[i].entropy[YARROW_SLOW_POOL] >= y->slow_thresh) - { - num--; - } - else if (y->source[i].entropy[YARROW_SLOW_POOL] > entropy) - { - source = i; - entropy = y->source[i].entropy[YARROW_SLOW_POOL]; - } + if (y->source[i].entropy[YARROW_SLOW_POOL] >= y->slow_thresh) + { + num--; + } + else if (y->source[i].entropy[YARROW_SLOW_POOL] > entropy) + { + source = i; + entropy = y->source[i].entropy[YARROW_SLOW_POOL]; + } } if (num_sources) { *num_sources = num; } @@ -499,7 +499,7 @@ int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id, if (entropy_bits) { *entropy_bits = entropy; } THROW( YARROW_NOT_SEEDED ); - CATCH: +CATCH: EXCEP_RET; } @@ -534,28 +534,28 @@ int yarrow_output_locked( Yarrow_CTX* y, void* out, size_t size ) if (y->out_left > 0) { - use = min(left, y->out_left); - mem_copy(outp, y->out + CIPHER_BLOCK_SIZE - y->out_left, use); - left -= use; - y->out_left -= use; - outp += use; + use = min(left, y->out_left); + mem_copy(outp, y->out + CIPHER_BLOCK_SIZE - y->out_left, use); + left -= use; + y->out_left -= use; + outp += use; } for ( ; - left >= CIPHER_BLOCK_SIZE; - left -= CIPHER_BLOCK_SIZE, outp += CIPHER_BLOCK_SIZE) + left >= CIPHER_BLOCK_SIZE; + left -= CIPHER_BLOCK_SIZE, outp += CIPHER_BLOCK_SIZE) { - TRY( krb5int_yarrow_output_Block(y, outp) ); + TRY( krb5int_yarrow_output_Block(y, outp) ); } if (left > 0) { - TRY( krb5int_yarrow_output_Block(y, y->out) ); - mem_copy(outp, y->out, left); - y->out_left = CIPHER_BLOCK_SIZE - left; + TRY( krb5int_yarrow_output_Block(y, y->out) ); + mem_copy(outp, y->out, left); + y->out_left = CIPHER_BLOCK_SIZE - left; } - CATCH: +CATCH: EXCEP_RET; } @@ -577,7 +577,7 @@ static int yarrow_gate_locked(Yarrow_CTX* y) TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K)); - CATCH: +CATCH: TRACE( printf( "]," ); ); mem_zero(new_K, sizeof(new_K)); EXCEP_RET; @@ -601,7 +601,7 @@ int krb5int_yarrow_gate(Yarrow_CTX* y) TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K)); - CATCH: +CATCH: TRACE( printf( "]," ); ); mem_zero(new_K, sizeof(new_K)); EXCEP_RET; @@ -617,24 +617,24 @@ static int Yarrow_Load_State( Yarrow_CTX *y ) if ( y->entropyfile ) { - TRY( STATE_Load(y->entropyfile, &state) ); - TRACE( printf( "LOAD STATE," ); ); + TRY( STATE_Load(y->entropyfile, &state) ); + TRACE( printf( "LOAD STATE," ); ); #if defined( YARROW_DEBUG ) - hex_print( stderr, "state.load", state.seed, sizeof(state.seed)); + hex_print( stderr, "state.load", state.seed, sizeof(state.seed)); #endif - /* what to do here is not defined by the Yarrow paper */ - /* this is a place holder until we get some clarification */ + /* what to do here is not defined by the Yarrow paper */ + /* this is a place holder until we get some clarification */ - HASH_Update( &y->pool[YARROW_FAST_POOL], - state.seed, sizeof(state.seed) ); + HASH_Update( &y->pool[YARROW_FAST_POOL], + state.seed, sizeof(state.seed) ); - Yarrow_Make_Seeded( y ); + Yarrow_Make_Seeded( y ); - TRY( krb5int_yarrow_reseed(y, YARROW_FAST_POOL) ); + TRY( krb5int_yarrow_reseed(y, YARROW_FAST_POOL) ); } - CATCH: +CATCH: mem_zero(state.seed, sizeof(state.seed)); EXCEP_RET; } @@ -648,16 +648,16 @@ static int Yarrow_Save_State( Yarrow_CTX *y ) if ( y->entropyfile && y->seeded ) { - TRACE( printf( "SAVE STATE[" ); ); - TRY( krb5int_yarrow_output( y, state.seed, sizeof(state.seed) ) ); - TRY( STATE_Save(y->entropyfile, &state) ); + TRACE( printf( "SAVE STATE[" ); ); + TRY( krb5int_yarrow_output( y, state.seed, sizeof(state.seed) ) ); + TRY( STATE_Save(y->entropyfile, &state) ); } y->saved = 1; # if defined(YARROW_DEBUG) hex_print(stdout, "state.save", state.seed, sizeof(state.seed)); # endif - CATCH: +CATCH: TRACE( printf( "]," ); ); mem_zero(state.seed, sizeof(state.seed)); EXCEP_RET; @@ -683,33 +683,33 @@ static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) slow_pool = &y->pool[YARROW_SLOW_POOL]; if( pool != YARROW_FAST_POOL && pool != YARROW_SLOW_POOL ) { - THROW( YARROW_BAD_ARG ); + THROW( YARROW_BAD_ARG ); } TRACE( printf( "%s RESEED,", - pool == YARROW_SLOW_POOL ? "SLOW" : "FAST" ); ); + pool == YARROW_SLOW_POOL ? "SLOW" : "FAST" ); ); if (pool == YARROW_SLOW_POOL) { - /* SLOW RESEED */ + /* SLOW RESEED */ - /* feed hash of slow pool into the fast pool */ + /* feed hash of slow pool into the fast pool */ - HASH_Final(slow_pool, digest); + HASH_Final(slow_pool, digest); - /* Each pool contains the running hash of all inputs fed into it - * since it was last used to carry out a reseed -- this implies - * that the pool must be reinitialized after a reseed - */ + /* Each pool contains the running hash of all inputs fed into it + * since it was last used to carry out a reseed -- this implies + * that the pool must be reinitialized after a reseed + */ - HASH_Init(slow_pool); /* reinitialize slow pool */ - HASH_Update(fast_pool, digest, sizeof(digest)); + HASH_Init(slow_pool); /* reinitialize slow pool */ + HASH_Update(fast_pool, digest, sizeof(digest)); - if (y->seeded == 0) - { - Yarrow_Make_Seeded( y ); - } + if (y->seeded == 0) + { + Yarrow_Make_Seeded( y ); + } } /* step 1. v_0 <- hash of all inputs into fast pool */ @@ -727,14 +727,14 @@ static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) for ( i = 0; i < y->Pt[pool]; i++ ) { - HASH_Init(&hash); - HASH_Update(&hash, v_i, sizeof(v_i)); - HASH_Update(&hash, v_0, sizeof(v_0)); - big_endian_int32 = make_big_endian32(0); /* MS word */ - HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4)); - big_endian_int32 = make_big_endian32(i & 0xFFFFFFFF); /* LS word */ - HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4)); - HASH_Final(&hash, &v_i); + HASH_Init(&hash); + HASH_Update(&hash, v_i, sizeof(v_i)); + HASH_Update(&hash, v_0, sizeof(v_0)); + big_endian_int32 = make_big_endian32(0); /* MS word */ + HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4)); + big_endian_int32 = make_big_endian32(i & 0xFFFFFFFF); /* LS word */ + HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4)); + HASH_Final(&hash, &v_i); } /* step3. K = h'(h(v_Pt|K)) */ @@ -781,15 +781,15 @@ static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) for (i = 0; i < y->num_sources; i++) { - y->source[i].entropy[pool] = 0; - if (pool == YARROW_SLOW_POOL) - { - /* if this is a slow reseed, reset the fast pool entropy - * accumulator also - */ - y->source[i].entropy[YARROW_FAST_POOL] = 0; - y->source[i].reached_slow_thresh = 0; - } + y->source[i].entropy[pool] = 0; + if (pool == YARROW_SLOW_POOL) + { + /* if this is a slow reseed, reset the fast pool entropy + * accumulator also + */ + y->source[i].entropy[YARROW_FAST_POOL] = 0; + y->source[i].reached_slow_thresh = 0; + } } /* step 7. If a seed file is in use, the next 2k bits of output @@ -799,11 +799,11 @@ static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) #if defined( YARROW_SAVE_STATE ) if ( y->seeded && y->entropyfile ) { - TRY( Yarrow_Save_State( y ) ); + TRY( Yarrow_Save_State( y ) ); } #endif - CATCH: +CATCH: /* step 6. Wipe the memory of all intermediate values * */ @@ -817,11 +817,11 @@ static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) } int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool) { - int r; - LOCK(); - r = yarrow_reseed_locked(y, pool); - UNLOCK(); - return r; + int r; + LOCK(); + r = yarrow_reseed_locked(y, pool); + UNLOCK(); + return r; } int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_size) @@ -836,7 +836,7 @@ int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_siz if (m == NULL || size == 0 || out == NULL || out_size == 0) { - THROW( YARROW_BAD_ARG ); + THROW( YARROW_BAD_ARG ); } /* @@ -859,28 +859,28 @@ int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_siz HASH_Init(&hash); for ( ; - left > 0; - left -= HASH_DIGEST_SIZE) + left > 0; + left -= HASH_DIGEST_SIZE) { - HASH_Update(&hash, s_i, use); + HASH_Update(&hash, s_i, use); - /* have to save hash state to one side as HASH_final changes state */ + /* have to save hash state to one side as HASH_final changes state */ - mem_copy(&save, &hash, sizeof(hash)); - HASH_Final(&hash, digest); + mem_copy(&save, &hash, sizeof(hash)); + HASH_Final(&hash, digest); - use = min(HASH_DIGEST_SIZE, left); - mem_copy(outp, digest, use); + use = min(HASH_DIGEST_SIZE, left); + mem_copy(outp, digest, use); - /* put state back for next time */ + /* put state back for next time */ - mem_copy(&hash, &save, sizeof(hash)); + mem_copy(&hash, &save, sizeof(hash)); - s_i = outp; /* retain pointer to s_i */ - outp += use; + s_i = outp; /* retain pointer to s_i */ + outp += use; } - CATCH: +CATCH: mem_zero(&hash, sizeof(hash)); mem_zero(digest, sizeof(digest)); @@ -894,7 +894,7 @@ static void block_increment(void* block, const int sz) for (i = sz-1; (++b[i]) == 0 && i > 0; i--) { - ; /* nothing */ + ; /* nothing */ } } @@ -911,15 +911,15 @@ int krb5int_yarrow_final(Yarrow_CTX* y) #if defined( YARROW_SAVE_STATE ) if ( y->seeded && y->entropyfile ) { - TRY( Yarrow_Save_State( y ) ); + TRY( Yarrow_Save_State( y ) ); } #endif - CATCH: +CATCH: if ( y ) { - krb5int_yarrow_cipher_final(&y->cipher); - mem_zero( y, sizeof(Yarrow_CTX) ); + krb5int_yarrow_cipher_final(&y->cipher); + mem_zero( y, sizeof(Yarrow_CTX) ); } if ( locked ) { TRY( UNLOCK() ); } EXCEP_RET; @@ -930,9 +930,9 @@ const char* krb5int_yarrow_str_error( int err ) { err = 1-err; if ( err < 0 || - (unsigned int) err >= sizeof( yarrow_str_error ) / sizeof( char* ) ) + (unsigned int) err >= sizeof( yarrow_str_error ) / sizeof( char* ) ) { - err = 1-YARROW_FAIL; + err = 1-YARROW_FAIL; } return yarrow_str_error[ err ]; } @@ -949,9 +949,9 @@ static void hex_print(FILE* f, const char* var, void* data, size_t size) fprintf(f, " = "); for (i = 0; i < size; i++) { - c = conv[(p[i] >> 4) & 0xf]; - d = conv[p[i] & 0xf]; - fprintf(f, "%c%c", c, d); + c = conv[(p[i] >> 4) & 0xf]; + d = conv[p[i] & 0xf]; + fprintf(f, "%c%c", c, d); } fprintf(f, "\n"); } diff --git a/src/lib/crypto/krb/yarrow/yarrow.h b/src/lib/crypto/krb/yarrow/yarrow.h index 3cf50fd..4f7cd51 100644 --- a/src/lib/crypto/krb/yarrow/yarrow.h +++ b/src/lib/crypto/krb/yarrow/yarrow.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YARROW_H #define YARROW_H @@ -135,12 +135,12 @@ int krb5int_yarrow_init( Yarrow_CTX* y, const char *filename ); YARROW_DLL int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, - const void* sample, - size_t size, size_t entropy_bits ); + const void* sample, + size_t size, size_t entropy_bits ); YARROW_DLL int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id, - size_t *entropy_bits, size_t *entropy_max ); + size_t *entropy_bits, size_t *entropy_max ); YARROW_DLL int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size ); @@ -150,7 +150,7 @@ int krb5int_yarrow_new_source( Yarrow_CTX* y, unsigned* source_id ); YARROW_DLL int krb5int_yarrow_register_source_estimator( Yarrow_CTX* y, unsigned source_id, - estimator_fn* fptr ); + estimator_fn* fptr ); YARROW_DLL int krb5int_yarrow_stretch( const byte* m, size_t size, byte* out, size_t out_size ); diff --git a/src/lib/crypto/krb/yarrow/ycipher.c b/src/lib/crypto/krb/yarrow/ycipher.c index 8da7b71..71b89b0 100644 --- a/src/lib/crypto/krb/yarrow/ycipher.c +++ b/src/lib/crypto/krb/yarrow/ycipher.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/yarrow/ycipher.c * @@ -34,60 +35,54 @@ #include "assert.h" int -krb5int_yarrow_cipher_init -(CIPHER_CTX *ctx, - unsigned const char * key) +krb5int_yarrow_cipher_init(CIPHER_CTX *ctx, unsigned const char * key) { - size_t keybytes, keylength; - const struct krb5_enc_provider *enc = &yarrow_enc_provider; - krb5_error_code ret; - krb5_data randombits; - krb5_keyblock keyblock; + size_t keybytes, keylength; + const struct krb5_enc_provider *enc = &yarrow_enc_provider; + krb5_error_code ret; + krb5_data randombits; + krb5_keyblock keyblock; - keybytes = enc->keybytes; - keylength = enc->keylength; - assert (keybytes == CIPHER_KEY_SIZE); - krb5_k_free_key(NULL, ctx->key); - ctx->key = NULL; - keyblock.contents = malloc(keylength); - keyblock.length = keylength; - if (keyblock.contents == NULL) - return (YARROW_NOMEM); - randombits.data = (char *) key; - randombits.length = keybytes; - ret = enc->make_key(&randombits, &keyblock); - if (ret != 0) - goto cleanup; - ret = krb5_k_create_key(NULL, &keyblock, &ctx->key); + keybytes = enc->keybytes; + keylength = enc->keylength; + assert (keybytes == CIPHER_KEY_SIZE); + krb5_k_free_key(NULL, ctx->key); + ctx->key = NULL; + keyblock.contents = malloc(keylength); + keyblock.length = keylength; + if (keyblock.contents == NULL) + return (YARROW_NOMEM); + randombits.data = (char *) key; + randombits.length = keybytes; + ret = enc->make_key(&randombits, &keyblock); + if (ret != 0) + goto cleanup; + ret = krb5_k_create_key(NULL, &keyblock, &ctx->key); cleanup: - free(keyblock.contents); - if (ret) - return YARROW_FAIL; - return YARROW_OK; + free(keyblock.contents); + if (ret) + return YARROW_FAIL; + return YARROW_OK; } -int krb5int_yarrow_cipher_encrypt_block -(CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out) +int krb5int_yarrow_cipher_encrypt_block(CIPHER_CTX *ctx, + const unsigned char *in, + unsigned char *out) { - krb5_error_code ret; - krb5_data ind, outd; - const struct krb5_enc_provider *enc = &yarrow_enc_provider; - ind.data = (char *) in; - ind.length = CIPHER_BLOCK_SIZE; - outd.data = (char *) out; - outd.length = CIPHER_BLOCK_SIZE; - ret = enc->encrypt(ctx->key, 0, &ind, &outd); - if (ret) - return YARROW_FAIL; - return YARROW_OK; + krb5_error_code ret; + krb5_crypto_iov iov; + const struct krb5_enc_provider *enc = &yarrow_enc_provider; + + memcpy(out, in, CIPHER_BLOCK_SIZE); + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = make_data(out, CIPHER_BLOCK_SIZE); + ret = enc->encrypt(ctx->key, 0, &iov, 1); + return (ret == 0) ? YARROW_OK : YARROW_FAIL; } void -krb5int_yarrow_cipher_final -(CIPHER_CTX *ctx) - +krb5int_yarrow_cipher_final(CIPHER_CTX *ctx) { - krb5_k_free_key(NULL, ctx->key); - ctx->key = NULL; + krb5_k_free_key(NULL, ctx->key); + ctx->key = NULL; } diff --git a/src/lib/crypto/krb/yarrow/ycipher.h b/src/lib/crypto/krb/yarrow/ycipher.h index 554cf9a..21151bd 100644 --- a/src/lib/crypto/krb/yarrow/ycipher.h +++ b/src/lib/crypto/krb/yarrow/ycipher.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YCIPHER_H #define YCIPHER_H diff --git a/src/lib/crypto/krb/yarrow/yexcep.h b/src/lib/crypto/krb/yarrow/yexcep.h index b066c91..f76f650 100644 --- a/src/lib/crypto/krb/yarrow/yexcep.h +++ b/src/lib/crypto/krb/yarrow/yexcep.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YEXCEP_H #define YEXCEP_H @@ -85,16 +85,16 @@ #define EXCEP_OK 1 #define EXCEP_DECL int _thr = 0, _ret2 = 0, _ret = _ret2+EXCEP_OK -#define THROW( x ) \ - do { \ - _ret = (x); \ - if( !_thr ) { goto _catch; } \ +#define THROW( x ) \ + do { \ + _ret = (x); \ + if( !_thr ) { goto _catch; } \ } while ( 0 ) -#define TRY( x ) \ - do { \ - _ret2 = (x); \ - if ( _ret > 0 && _ret2 <= 0 ) { THROW( _ret2 ); } \ +#define TRY( x ) \ + do { \ + _ret2 = (x); \ + if ( _ret > 0 && _ret2 <= 0 ) { THROW( _ret2 ); } \ } while ( 0 ) #define SET( x ) (_ret = (x)) diff --git a/src/lib/crypto/krb/yarrow/ylock.h b/src/lib/crypto/krb/yarrow/ylock.h index 9c032dc..aacf786 100644 --- a/src/lib/crypto/krb/yarrow/ylock.h +++ b/src/lib/crypto/krb/yarrow/ylock.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YLOCK_H #define YLOCK_H @@ -17,7 +17,7 @@ static int UNLOCK( void ) { return (YARROW_OK); } #else #include "k5-thread.h" extern k5_mutex_t krb5int_yarrow_lock; -#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK) +#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK) #define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK) #endif diff --git a/src/lib/crypto/krb/yarrow/ystate.h b/src/lib/crypto/krb/yarrow/ystate.h index 2886ca3..fd277d2 100644 --- a/src/lib/crypto/krb/yarrow/ystate.h +++ b/src/lib/crypto/krb/yarrow/ystate.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YSTATE_H #define YSTATE_H diff --git a/src/lib/crypto/krb/yarrow/ytypes.h b/src/lib/crypto/krb/yarrow/ytypes.h index 23c1bdf..9abbf8c 100644 --- a/src/lib/crypto/krb/yarrow/ytypes.h +++ b/src/lib/crypto/krb/yarrow/ytypes.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YTYPES_H #define YTYPES_H diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports index 291c2f0..b6d7353 100644 --- a/src/lib/crypto/libk5crypto.exports +++ b/src/lib/crypto/libk5crypto.exports @@ -65,7 +65,6 @@ krb5int_c_free_keyblock_contents krb5int_c_free_keyblock krb5int_c_init_keyblock krb5int_hash_md5 -krb5int_hmac_keyblock krb5int_enc_arcfour krb5int_hmac mit_des_fixup_key_parity @@ -80,10 +79,10 @@ krb5_k_key_enctype krb5_k_key_keyblock krb5_k_make_checksum krb5_k_make_checksum_iov +krb5_k_prf +krb5_k_reference_key krb5_k_verify_checksum krb5_k_verify_checksum_iov -krb5int_keyhash_md4des -krb5int_keyhash_md5des mit_crc32 krb5int_aes_encrypt krb5int_MD4Init @@ -94,3 +93,4 @@ krb5int_MD5Update krb5int_MD5Final krb5int_aes_decrypt krb5int_enc_des3 +krb5int_arcfour_gsscrypt diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in index 79372ee..a008d57 100644 --- a/src/lib/crypto/openssl/Makefile.in +++ b/src/lib/crypto/openssl/Makefile.in @@ -1,13 +1,10 @@ -thisconfigdir=../../.. -myfulldir=lib/crypto/openssl mydir=lib/crypto/openssl BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS=des arcfour aes md4 md5 sha1 enc_provider hash_provider +SUBDIRS=des aes md4 md5 sha1 enc_provider hash_provider LOCALINCLUDES = -I$(srcdir)/../krb \ -I$(srcdir)/../krb/hash_provider \ -I$(srcdir)/des \ -I$(srcdir)/aes \ - -I$(srcdir)/arcfour \ -I$(srcdir)/sha1 \ -I$(srcdir)/md4 \ -I$(srcdir)/md5 \ @@ -17,14 +14,11 @@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= -EXTRADEPSRCS= $(srcdir)/t_cf2.c - - ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=$(OUTPRE)crypto.lib ##DOSOBJFILE=$(OUTPRE)crypto.lst -##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst -##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst STLIBOBJS=\ hmac.o \ @@ -42,7 +36,6 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST \ OBJS.ST @@ -50,7 +43,6 @@ SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -61,18 +53,6 @@ includes:: depend depend:: $(SRCS) clean-unix:: clean-libobjs -check-unix:: t_cf2 - $(RUN_SETUP) $(VALGRIND) ./t_cf2 <$(srcdir)/t_cf2.in >t_cf2.output - diff t_cf2.output $(srcdir)/t_cf2.expected - -t_cf2$(EXEEXT): t_cf2.$(OBJEXT) $(SUPPORT_DEPLIB) - $(CC_LINK) -o $@ t_cf2.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) - -clean:: - $(RM) t_cf2 t_cf2.o t_cf2.output - - - all-windows:: cd ..\des @@ -93,9 +73,6 @@ all-windows:: cd ..\enc_provider @echo Making in crypto\enc_provider $(MAKE) -$(MFLAGS) - cd ..\arcfour - @echo Making in crypto\arcfour - $(MAKE) -$(MFLAGS) cd ..\aes @echo Making in crypto\aes $(MAKE) -$(MFLAGS) @@ -120,9 +97,6 @@ clean-windows:: cd ..\enc_provider @echo Making clean in crypto\enc_provider $(MAKE) -$(MFLAGS) clean - cd ..\arcfour - @echo Making clean in crypto\arcfour - $(MAKE) -$(MFLAGS) clean cd ..\aes @echo Making clean in crypto\aes $(MAKE) -$(MFLAGS) clean @@ -147,9 +121,6 @@ check-windows:: cd ..\enc_provider @echo Making check in crypto\enc_provider $(MAKE) -$(MFLAGS) check - cd ..\arcfour - @echo Making check in crypto\arcfour - $(MAKE) -$(MFLAGS) check cd ..\aes @echo Making check in crypto\aes $(MAKE) -$(MFLAGS) check diff --git a/src/lib/crypto/openssl/aes/Makefile.in b/src/lib/crypto/openssl/aes/Makefile.in index 72af752..6352c3d 100644 --- a/src/lib/crypto/openssl/aes/Makefile.in +++ b/src/lib/crypto/openssl/aes/Makefile.in @@ -1,5 +1,7 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/aes +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + mydir=lib/crypto/openssl/aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include @@ -12,14 +14,11 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -STLIBOBJS=\ - aes_s2k.o +STLIBOBJS= -OBJS=\ - $(OUTPRE)aes_s2k.$(OBJEXT) +OBJS= -SRCS=\ - $(srcdir)/aes_s2k.c +SRCS= ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/openssl/aes/aes_s2k.c b/src/lib/crypto/openssl/aes/aes_s2k.c deleted file mode 100644 index 9dd1402..0000000 --- a/src/lib/crypto/openssl/aes/aes_s2k.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * lib/crypto/openssl/aes/aes_s2k.c - * - * Copyright 2003, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5int_aes_string_to_key - */ - -#include "k5-int.h" -#include "dk.h" -#include "aes_s2k.h" - -#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ -#define MAX_ITERATION_COUNT 0x1000000L - -krb5_error_code -krb5int_aes_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) -{ - unsigned long iter_count; - krb5_data out; - static const krb5_data usage = { KV5M_DATA, 8, "kerberos" }; - krb5_key tempkey = NULL; - krb5_error_code err; - - if (params) { - unsigned char *p = (unsigned char *) params->data; - if (params->length != 4) - return KRB5_ERR_BAD_S2K_PARAMS; - /* The first two need casts in case 'int' is 16 bits. */ - iter_count = load_32_be(p); - if (iter_count == 0) { - iter_count = (1UL << 16) << 16; - if (((iter_count >> 16) >> 16) != 1) - return KRB5_ERR_BAD_S2K_PARAMS; - } - } else - iter_count = DEFAULT_ITERATION_COUNT; - - /* This is not a protocol specification constraint; this is an - implementation limit, which should eventually be controlled by - a config file. */ - if (iter_count >= MAX_ITERATION_COUNT) - return KRB5_ERR_BAD_S2K_PARAMS; - - /* Use the output keyblock contents for temporary space. */ - out.data = (char *) key->contents; - out.length = key->length; - if (out.length != 16 && out.length != 32) - return KRB5_CRYPTO_INTERNAL; - - err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt); - if (err) - goto cleanup; - - err = krb5_k_create_key (NULL, key, &tempkey); - if (err) - goto cleanup; - - err = krb5int_derive_keyblock (enc, tempkey, key, &usage); - -cleanup: - if (err) - memset (out.data, 0, out.length); - krb5_k_free_key (NULL, tempkey); - return err; -} diff --git a/src/lib/crypto/openssl/aes/aes_s2k.h b/src/lib/crypto/openssl/aes/aes_s2k.h deleted file mode 100644 index f39b95a..0000000 --- a/src/lib/crypto/openssl/aes/aes_s2k.h +++ /dev/null @@ -1,9 +0,0 @@ -/* - * lib/crypto/openssl/aes/aes_s2k.h - */ - - -extern krb5_error_code -krb5int_aes_string_to_key (const struct krb5_enc_provider *, - const krb5_data *, const krb5_data *, - const krb5_data *, krb5_keyblock *key); diff --git a/src/lib/crypto/openssl/aes/deps b/src/lib/crypto/openssl/aes/deps index 3503d1c..2feac3c 100644 --- a/src/lib/crypto/openssl/aes/deps +++ b/src/lib/crypto/openssl/aes/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -aes_s2k.so aes_s2k.po $(OUTPRE)aes_s2k.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/aes_s2k.c \ - $(srcdir)/aes_s2k.h $(srcdir)/../../krb/dk/dk.h +# No dependencies here. diff --git a/src/lib/crypto/openssl/arcfour/arcfour-int.h b/src/lib/crypto/openssl/arcfour/arcfour-int.h deleted file mode 100644 index bb4cf42..0000000 --- a/src/lib/crypto/openssl/arcfour/arcfour-int.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - -ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). -This cipher is widely believed and has been tested to be equivalent -with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark -of RSA Data Security) - -*/ -#ifndef ARCFOUR_INT_H -#define ARCFOUR_INT_H - -#include "arcfour.h" -#include <openssl/evp.h> - -#define CONFOUNDERLENGTH 8 - -typedef struct -{ - EVP_CIPHER_CTX evp_ctx; - unsigned int x; - unsigned int y; - unsigned char state[256]; - -} ArcfourContext; - -typedef struct { - int initialized; - ArcfourContext ctx; -} ArcFourCipherState; - -krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); - -extern const char *const krb5int_arcfour_l40; - -#endif /* ARCFOUR_INT_H */ diff --git a/src/lib/crypto/openssl/arcfour/arcfour.c b/src/lib/crypto/openssl/arcfour/arcfour.c deleted file mode 100644 index ac96c86..0000000 --- a/src/lib/crypto/openssl/arcfour/arcfour.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - -ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). -This cipher is widely believed and has been tested to be equivalent -with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark -of RSA Data Security) - -*/ -#include "k5-int.h" -#include "arcfour-int.h" -#include "hash_provider/hash_provider.h" - -const char *const krb5int_arcfour_l40 = "fortybits"; - -void -krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - - /* checksum + (confounder + inputlen, in even blocksize) */ - *length = hashsize + krb5_roundup(8 + inputlen, blocksize); -} - - krb5_keyusage - krb5int_arcfour_translate_usage(krb5_keyusage usage) -{ - switch (usage) { - case 1: /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */ - return 1; - case 2: /* ticket from kdc */ - return 2; - case 3: /* as-rep encrypted part */ - return 8; - case 4: /* tgs-req authz data */ - return 4; - case 5: /* tgs-req authz data in subkey */ - return 5; - case 6: /* tgs-req authenticator cksum */ - return 6; -case 7: /* tgs-req authenticator */ - return 7; - case 8: - return 8; - case 9: /* tgs-rep encrypted with subkey */ - return 9; - case 10: /* ap-rep authentication cksum */ - return 10; /* xxx Microsoft never uses this*/ - case 11: /* app-req authenticator */ - return 11; - case 12: /* app-rep encrypted part */ - return 12; - case 23: /* sign wrap token*/ - return 13; - default: - return usage; -} -} - -/* RFC 4757 */ -krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3, salt, plaintext, checksum, ciphertext, confounder; - krb5_keyusage ms_usage; - size_t keylength, keybytes, blocksize, hashsize; - krb5_error_code ret; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - hashsize = hash->hashsize; - - d1.length=keybytes; - d1.data=malloc(d1.length); - if (d1.data == NULL) - return (ENOMEM); - k1 = key->keyblock; - k1.length=d1.length; - k1.contents= (void *) d1.data; - - d2.length=keybytes; - d2.data=malloc(d2.length); - if (d2.data == NULL) { - free(d1.data); - return (ENOMEM); - } - k2 = key->keyblock; - k2.length=d2.length; - k2.contents=(void *) d2.data; - - d3.length=keybytes; - d3.data=malloc(d3.length); - if (d3.data == NULL) { - free(d1.data); - free(d2.data); - return (ENOMEM); - } - k3 = key->keyblock; - k3.length=d3.length; - k3.contents= (void *) d3.data; - - salt.length=14; - salt.data=malloc(salt.length); - if (salt.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - return (ENOMEM); - } - - /* is "input" already blocksize aligned? if it is, then we need this - step, otherwise we do not */ - plaintext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize); - plaintext.data=malloc(plaintext.length); - if (plaintext.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - return(ENOMEM); - } - - /* setup convienient pointers into the allocated data */ - checksum.length=hashsize; - checksum.data=output->data; - ciphertext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize); - ciphertext.data=output->data+hashsize; - confounder.length=CONFOUNDERLENGTH; - confounder.data=plaintext.data; - output->length = plaintext.length+hashsize; - - /* begin the encryption, computer K1 */ - ms_usage=krb5int_arcfour_translate_usage(usage); - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data+10); - } else { - salt.length=4; - store_32_le(ms_usage, salt.data); - } - krb5int_hmac(hash, key, 1, &salt, &d1); - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype==ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents+7, 0xab, 9); - - ret=krb5_c_random_make_octets(/* XXX */ 0, &confounder); - memcpy(plaintext.data+confounder.length, input->data, input->length); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &checksum); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret) - goto cleanup; - - ret=(*(enc->encrypt))(k3key, ivec, &plaintext, &ciphertext); - - cleanup: - memset(d1.data, 0, d1.length); - memset(d2.data, 0, d2.length); - memset(d3.data, 0, d3.length); - memset(salt.data, 0, salt.length); - memset(plaintext.data, 0, plaintext.length); - - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - free(plaintext.data); - krb5_k_free_key(NULL, k3key); - return (ret); -} - -/* This is the arcfour-hmac decryption routine */ -krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_keyblock k1,k2,k3; - krb5_key k3key; - krb5_data d1,d2,d3,salt,ciphertext,plaintext,checksum; - krb5_keyusage ms_usage; - size_t keybytes, keylength, hashsize, blocksize; - krb5_error_code ret; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - hashsize = hash->hashsize; - - d1.length=keybytes; - d1.data=malloc(d1.length); - if (d1.data == NULL) - return (ENOMEM); - k1 = key->keyblock; - k1.length=d1.length; - k1.contents= (void *) d1.data; - - d2.length=keybytes; - d2.data=malloc(d2.length); - if (d2.data == NULL) { - free(d1.data); - return (ENOMEM); - } - k2 = key->keyblock; - k2.length=d2.length; - k2.contents= (void *) d2.data; - - d3.length=keybytes; - d3.data=malloc(d3.length); - if (d3.data == NULL) { - free(d1.data); - free(d2.data); - return (ENOMEM); - } - k3 = key->keyblock; - k3.length=d3.length; - k3.contents= (void *) d3.data; - - salt.length=14; - salt.data=malloc(salt.length); - if(salt.data==NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - return (ENOMEM); - } - - ciphertext.length=input->length-hashsize; - ciphertext.data=input->data+hashsize; - plaintext.length=ciphertext.length; - plaintext.data=malloc(plaintext.length); - if (plaintext.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - return (ENOMEM); - } - - checksum.length=hashsize; - checksum.data=input->data; - - ms_usage=krb5int_arcfour_translate_usage(usage); - - /* We may have to try two ms_usage values; see below. */ - do { - /* compute the salt */ - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xab, 9); - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret) - goto cleanup; - ret = (*(enc->decrypt))(k3key, ivec, &ciphertext, &plaintext); - krb5_k_free_key(NULL, k3key); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &d1); - if (ret) - goto cleanup; - - if (memcmp(checksum.data, d1.data, hashsize) != 0) { - if (ms_usage == 9) { - /* - * RFC 4757 specifies usage 8 for TGS-REP encrypted - * parts encrypted in a subkey, but the value used by MS - * is actually 9. We now use 9 to start with, but fall - * back to 8 on failure in case we are communicating - * with a KDC using the value from the RFC. - */ - ms_usage = 8; - continue; - } - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - break; - } while (1); - - memcpy(output->data, plaintext.data+CONFOUNDERLENGTH, - (plaintext.length-CONFOUNDERLENGTH)); - output->length=plaintext.length-CONFOUNDERLENGTH; - - cleanup: - memset(d1.data, 0, d1.length); - memset(d2.data, 0, d2.length); - memset(d3.data, 0, d2.length); - memset(salt.data, 0, salt.length); - memset(plaintext.data, 0, plaintext.length); - - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - free(plaintext.data); - return (ret); -} diff --git a/src/lib/crypto/openssl/arcfour/arcfour.h b/src/lib/crypto/openssl/arcfour/arcfour.h deleted file mode 100644 index e00708a..0000000 --- a/src/lib/crypto/openssl/arcfour/arcfour.h +++ /dev/null @@ -1,39 +0,0 @@ -#ifndef ARCFOUR_H -#define ARCFOUR_H - -extern void -krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - size_t, - size_t *); - -extern krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - krb5_key, - krb5_keyusage, - const krb5_data *, - const krb5_data *, - krb5_data *); - -extern krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - krb5_key, - krb5_keyusage, - const krb5_data *, - const krb5_data *, - krb5_data *); - -extern krb5_error_code -krb5int_arcfour_string_to_key( - const struct krb5_enc_provider *, - const krb5_data *, - const krb5_data *, - const krb5_data *, - krb5_keyblock *); - -extern const struct krb5_enc_provider krb5int_enc_arcfour; -extern const struct krb5_aead_provider krb5int_aead_arcfour; - -#endif /* ARCFOUR_H */ diff --git a/src/lib/crypto/openssl/arcfour/arcfour_aead.c b/src/lib/crypto/openssl/arcfour/arcfour_aead.c deleted file mode 100644 index 66eb357..0000000 --- a/src/lib/crypto/openssl/arcfour/arcfour_aead.c +++ /dev/null @@ -1,336 +0,0 @@ -/* - * lib/crypto/arcfour/arcfour_aead.c - * - * Copyright 2008, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include "k5-int.h" -#include "arcfour.h" -#include "arcfour-int.h" -#include "aead.h" - -/* AEAD */ - -static krb5_error_code -krb5int_arcfour_crypto_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - *length = hash->hashsize + CONFOUNDERLENGTH; - break; - case KRB5_CRYPTO_TYPE_PADDING: - *length = 0; - break; - case KRB5_CRYPTO_TYPE_TRAILER: - *length = 0; - break; - case KRB5_CRYPTO_TYPE_CHECKSUM: - *length = hash->hashsize; - break; - default: - assert(0 && "invalid cryptotype passed to krb5int_arcfour_crypto_length"); - break; - } - - return 0; -} - -static krb5_error_code -alloc_derived_key(const struct krb5_enc_provider *enc, - krb5_keyblock *dst, - krb5_data *data, - const krb5_keyblock *src) -{ - data->length = enc->keybytes; - data->data = malloc(data->length); - if (data->data == NULL) - return ENOMEM; - - *dst = *src; - dst->length = data->length; - dst->contents = (void *)data->data; - - return 0; -} - -static krb5_error_code -krb5int_arcfour_encrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3; - krb5_data checksum, confounder, header_data; - krb5_keyusage ms_usage; - char salt_data[14]; - krb5_data salt; - size_t i; - - d1.length = d2.length = d3.length = 0; - d1.data = d2.data = d3.data = NULL; - - /* - * Caller must have provided space for the header, padding - * and trailer; per RFC 4757 we will arrange it as: - * - * Checksum | E(Confounder | Plaintext) - */ - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length < hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - /* Trailer may be absent */ - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL) - trailer->data.length = 0; - - /* Ensure that there is no padding */ - for (i = 0; i < num_data; i++) { - if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) - data[i].data.length = 0; - } - - ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock); - if (ret != 0) - goto cleanup; - - /* Begin the encryption, compute K1 */ - salt.data = salt_data; - salt.length = sizeof(salt_data); - - ms_usage = krb5int_arcfour_translate_usage(usage); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret != 0) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xAB, 9); - - header->data.length = hash->hashsize + CONFOUNDERLENGTH; - - confounder.data = header->data.data + hash->hashsize; - confounder.length = CONFOUNDERLENGTH; - - ret = krb5_c_random_make_octets(0, &confounder); - if (ret != 0) - goto cleanup; - - checksum.data = header->data.data; - checksum.length = hash->hashsize; - - /* Adjust pointers so confounder is at start of header */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &checksum); - if (ret != 0) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret != 0) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret != 0) - goto cleanup; - - ret = enc->encrypt_iov(k3key, ivec, data, num_data); - if (ret != 0) - goto cleanup; - -cleanup: - header->data = header_data; /* restore header pointers */ - - if (d1.data != NULL) { - memset(d1.data, 0, d1.length); - free(d1.data); - } - if (d2.data != NULL) { - memset(d2.data, 0, d2.length); - free(d2.data); - } - if (d3.data != NULL) { - memset(d3.data, 0, d3.length); - free(d3.data); - } - - krb5_k_free_key(NULL, k3key); - return ret; -} - -static krb5_error_code -krb5int_arcfour_decrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3; - krb5_data checksum, header_data; - krb5_keyusage ms_usage; - char salt_data[14]; - krb5_data salt; - - d1.length = d2.length = d3.length = 0; - d1.data = d2.data = d3.data = NULL; - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length != hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL && trailer->data.length != 0) - return KRB5_BAD_MSIZE; - - ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock); - if (ret != 0) - goto cleanup; - - /* Begin the decryption, compute K1 */ - salt.data = salt_data; - salt.length = sizeof(salt_data); - - ms_usage = krb5int_arcfour_translate_usage(usage); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, (unsigned char *)salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, (unsigned char *)salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret != 0) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xAB, 9); - - checksum.data = header->data.data; - checksum.length = hash->hashsize; - - /* Adjust pointers so confounder is at start of header */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret != 0) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret != 0) - goto cleanup; - - ret = enc->decrypt_iov(k3key, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &d1); - if (ret != 0) - goto cleanup; - - if (memcmp(checksum.data, d1.data, hash->hashsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - -cleanup: - header->data = header_data; /* restore header pointers */ - - if (d1.data != NULL) { - memset(d1.data, 0, d1.length); - free(d1.data); - } - if (d2.data != NULL) { - memset(d2.data, 0, d2.length); - free(d2.data); - } - if (d3.data != NULL) { - memset(d3.data, 0, d3.length); - free(d3.data); - } - - krb5_k_free_key(NULL, k3key); - return ret; -} - -const struct krb5_aead_provider krb5int_aead_arcfour = { - krb5int_arcfour_crypto_length, - krb5int_arcfour_encrypt_iov, - krb5int_arcfour_decrypt_iov -}; diff --git a/src/lib/crypto/openssl/arcfour/arcfour_s2k.c b/src/lib/crypto/openssl/arcfour/arcfour_s2k.c deleted file mode 100644 index 1aaaa1c..0000000 --- a/src/lib/crypto/openssl/arcfour/arcfour_s2k.c +++ /dev/null @@ -1,59 +0,0 @@ -#include "k5-int.h" -#include "k5-utf8.h" -#include "rsa-md4.h" -#include "arcfour-int.h" - -#if TARGET_OS_MAC && !defined(DEPEND) -#include <CoreFoundation/CFString.h> -#endif - -krb5_error_code -krb5int_arcfour_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key) -{ - krb5_error_code err = 0; - krb5_MD4_CTX md4_context; - unsigned char *copystr; - size_t copystrlen; - - if (params != NULL) - return KRB5_ERR_BAD_S2K_PARAMS; - - if (key->length != 16) - return (KRB5_BAD_MSIZE); - - /* We ignore salt per the Microsoft spec*/ - - /* compute the space needed for the new string. - Since the password must be stored in unicode, we need to increase - that number by 2x. - */ - - err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, ©strlen); - if (err) - return err; - - /* the actual MD4 hash of the data */ - krb5int_MD4Init(&md4_context); - krb5int_MD4Update(&md4_context, copystr, copystrlen); - krb5int_MD4Final(&md4_context); - memcpy(key->contents, md4_context.digest, 16); - -#if 0 - /* test the string_to_key function */ - printf("Hash="); - { - int counter; - for(counter=0;counter<16;counter++) - printf("%02x", md4_context.digest[counter]); - printf("\n"); - } -#endif /* 0 */ - - /* Zero out the data behind us */ - memset(copystr, 0, copystrlen); - memset(&md4_context, 0, sizeof(md4_context)); - free(copystr); - return err; -} diff --git a/src/lib/crypto/openssl/arcfour/deps b/src/lib/crypto/openssl/arcfour/deps deleted file mode 100644 index f3653b2..0000000 --- a/src/lib/crypto/openssl/arcfour/deps +++ /dev/null @@ -1,41 +0,0 @@ -# -# Generated makefile dependencies follow. -# -arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/arcfour-int.h \ - $(srcdir)/arcfour.c $(srcdir)/arcfour.h \ - $(srcdir)/../hash_provider/hash_provider.h -arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/arcfour-int.h $(srcdir)/arcfour.h \ - $(srcdir)/arcfour_aead.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h -arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/k5-utf8.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/arcfour-int.h \ - $(srcdir)/arcfour.h $(srcdir)/arcfour_s2k.c \ - $(srcdir)/../md4/rsa-md4.h diff --git a/src/lib/crypto/openssl/deps b/src/lib/crypto/openssl/deps index 2552b78..dba4cf8 100644 --- a/src/lib/crypto/openssl/deps +++ b/src/lib/crypto/openssl/deps @@ -3,23 +3,24 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/hmac.c \ - $(srcdir)/../krb/aead.h $(srcdir)/../krb/cksumtypes.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ + $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hmac.c pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/hash_provider/hash_provider.h \ - $(srcdir)/pbkdf2.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + pbkdf2.c diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in index 4e88598..627b5cc 100644 --- a/src/lib/crypto/openssl/des/Makefile.in +++ b/src/lib/crypto/openssl/des/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/des mydir=lib/crypto/openssl/des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps index bf83f01..3c0891e 100644 --- a/src/lib/crypto/openssl/des/deps +++ b/src/lib/crypto/openssl/des/deps @@ -4,44 +4,44 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/f_parity.c -des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/des_int.h \ - $(srcdir)/des_oldapis.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h f_parity.c +des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h des_oldapis.c weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/weak_key.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h weak_key.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/string2key.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h string2key.c diff --git a/src/lib/crypto/openssl/des/des_int.h b/src/lib/crypto/openssl/des/des_int.h index 84d678c..6cb54fd 100644 --- a/src/lib/crypto/openssl/des/des_int.h +++ b/src/lib/crypto/openssl/des/des_int.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/des_int.h * @@ -53,7 +54,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -/* only do the whole thing once */ +/* only do the whole thing once */ #ifndef DES_INTERNAL_DEFS #define DES_INTERNAL_DEFS @@ -91,7 +92,7 @@ #define DES_UINT32 unsigned long #endif -typedef unsigned char des_cblock[8] /* crypto-block size */ +typedef unsigned char des_cblock[8] /* crypto-block size */ KRB5INT_DES_DEPRECATED; /* @@ -119,11 +120,11 @@ typedef des_cblock mit_des_cblock; typedef des_key_schedule mit_des_key_schedule; /* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; +typedef mit_des_cblock mit_des3_cblock[3]; +typedef mit_des_key_schedule mit_des3_key_schedule[3]; -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 +#define MIT_DES_ENCRYPT 1 +#define MIT_DES_DECRYPT 0 typedef struct mit_des_ran_key_seed { krb5_encrypt_block eblock; @@ -132,22 +133,22 @@ typedef struct mit_des_ran_key_seed { /* the first byte of the key is already in the keyblock */ -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH +#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH /* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 +#define MIT_DES_KEYSIZE 8 -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) +#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) /* * Check if k5-int.h has been included before us. If so, then check to see * that our view of the DES key size is the same as k5-int.h's. */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE +#ifdef KRB5_MIT_DES_KEYSIZE +#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ +#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ +#endif /* KRB5_MIT_DES_KEYSIZE */ #endif /* KRB5_MIT_DES__ */ /* * End "mit-des.h" @@ -162,10 +163,10 @@ extern int mit_des_check_key_parity (mit_des_cblock ); /* string2key.c */ extern krb5_error_code mit_des_string_to_key - ( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); +( const krb5_encrypt_block *, + krb5_keyblock *, const krb5_data *, const krb5_data *); extern krb5_error_code mit_des_string_to_key_int - (krb5_keyblock *, const krb5_data *, const krb5_data *); +(krb5_keyblock *, const krb5_data *, const krb5_data *); /* weak_key.c */ extern int mit_des_is_weak_key (mit_des_cblock ); @@ -185,4 +186,4 @@ extern unsigned long swap_long_bytes_bit_number (unsigned long ); /* XXX depends on FILE being a #define! */ extern void test_set (FILE *, const char *, int, const char *, int); #endif -#endif /*DES_INTERNAL_DEFS*/ +#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/openssl/des/des_oldapis.c b/src/lib/crypto/openssl/des/des_oldapis.c index c931efc..eb1e586 100644 --- a/src/lib/crypto/openssl/des/des_oldapis.c +++ b/src/lib/crypto/openssl/des/des_oldapis.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/des/des_oldapis.c * @@ -33,8 +34,8 @@ const mit_des_cblock mit_des_zeroblock /* = all zero */; unsigned long mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) + unsigned long length, const mit_des_key_schedule schedule, + const krb5_octet *ivec) { /* Unsupported operation */ return KRB5_CRYPTO_INTERNAL; diff --git a/src/lib/crypto/openssl/des/f_parity.c b/src/lib/crypto/openssl/des/f_parity.c index bc33eb8..b8baac9 100644 --- a/src/lib/crypto/openssl/des/f_parity.c +++ b/src/lib/crypto/openssl/des/f_parity.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/des/f_parity.c * @@ -30,7 +31,7 @@ void mit_des_fixup_key_parity(mit_des_cblock key) { - DES_set_odd_parity(key); + DES_set_odd_parity(key); } /* @@ -42,6 +43,6 @@ int mit_des_check_key_parity(mit_des_cblock key) { if (!DES_check_key_parity(key)) - return(0); + return(0); return (1); } diff --git a/src/lib/crypto/openssl/des/string2key.c b/src/lib/crypto/openssl/des/string2key.c index 6034e86..c192734 100644 --- a/src/lib/crypto/openssl/des/string2key.c +++ b/src/lib/crypto/openssl/des/string2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/des/string2key.c * @@ -30,7 +31,7 @@ krb5_error_code mit_des_string_to_key_int (krb5_keyblock *key, - const krb5_data *pw, const krb5_data *salt) + const krb5_data *pw, const krb5_data *salt) { DES_cblock outkey; DES_string_to_key(pw->data, &outkey); diff --git a/src/lib/crypto/openssl/des/weak_key.c b/src/lib/crypto/openssl/des/weak_key.c index 4d7e99b..eb49d58 100644 --- a/src/lib/crypto/openssl/des/weak_key.c +++ b/src/lib/crypto/openssl/des/weak_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/des/weak_key.c * @@ -76,11 +77,11 @@ mit_des_is_weak_key(mit_des_cblock key) const mit_des_cblock *weak_p = weak; for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; + if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) + return 1; } if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */ - return 1; + return 1; return 0; } diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in index 991ef4a..0ed82cb 100644 --- a/src/lib/crypto/openssl/enc_provider/Makefile.in +++ b/src/lib/crypto/openssl/enc_provider/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/enc_provider mydir=lib/crypto/openssl/enc_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../des \ diff --git a/src/lib/crypto/openssl/enc_provider/aes.c b/src/lib/crypto/openssl/enc_provider/aes.c index 51ba8af..7ba1f52 100644 --- a/src/lib/crypto/openssl/enc_provider/aes.c +++ b/src/lib/crypto/openssl/enc_provider/aes.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/enc_provider/aes.c * @@ -35,23 +36,17 @@ /* proto's */ static krb5_error_code -cts_enc(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); static krb5_error_code -cbc_enc(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); static krb5_error_code -cts_decr(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data, size_t dlen); static krb5_error_code -cbc_decr(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); -static krb5_error_code -cts_encr_iov(krb5_key key, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data, size_t dlen); -static krb5_error_code -cts_decr_iov(krb5_key key, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data, size_t dlen); +cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data, size_t dlen); #define BLOCK_SIZE 16 #define NUM_BITS 8 @@ -68,194 +63,78 @@ map_mode(unsigned int len) return NULL; } +/* Encrypt one block using CBC. */ static krb5_error_code -cbc_enc(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0, tmp_len = 0; - unsigned char *tmp_buf = NULL; + int ret, olen = BLOCK_SIZE; + unsigned char iblock[BLOCK_SIZE], oblock[BLOCK_SIZE]; EVP_CIPHER_CTX ciph_ctx; - - tmp_len = input->length; - tmp_buf = OPENSSL_malloc(input->length); - if (!tmp_buf){ - return ENOMEM; - } + struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX_init(&ciph_ctx); - ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length), - NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); - - if (ret == 1){ - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - output->length = tmp_len; - if(ret) - ret = EVP_EncryptFinal_ex(&ciph_ctx,tmp_buf+tmp_len,&tmp_len); - } + NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); + if (ret == 0) + return KRB5_CRYPTO_INTERNAL; - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret == 1){ - memcpy(output->data, tmp_buf, output->length); - ret = 0; - } else { - ret = KRB5_CRYPTO_INTERNAL; + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + krb5int_c_iov_get_block(iblock, BLOCK_SIZE, data, num_data, &input_pos); + EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); + ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, iblock, BLOCK_SIZE); + if (ret == 1) { + krb5int_c_iov_put_block(data, num_data, oblock, BLOCK_SIZE, + &output_pos); } + EVP_CIPHER_CTX_cleanup(&ciph_ctx); - memset(tmp_buf, 0, input->length); - OPENSSL_free(tmp_buf); - - return ret; + zap(iblock, BLOCK_SIZE); + zap(oblock, BLOCK_SIZE); + return (ret == 1) ? 0 : KRB5_CRYPTO_INTERNAL; } +/* Decrypt one block using CBC. */ static krb5_error_code -cbc_decr(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0, tmp_len = 0; - unsigned char *tmp_buf = NULL; + int ret = 0, olen = BLOCK_SIZE; + unsigned char iblock[BLOCK_SIZE], oblock[BLOCK_SIZE]; EVP_CIPHER_CTX ciph_ctx; - - tmp_len = input->length; - tmp_buf = OPENSSL_malloc(input->length); - if (!tmp_buf){ - return ENOMEM; - } + struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX_init(&ciph_ctx); - ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length), - NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); - if (ret == 1) { - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - output->length = tmp_len; - if (ret == 1) - ret = EVP_DecryptFinal_ex(&ciph_ctx,tmp_buf+tmp_len,&tmp_len); - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); + NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); + if (ret == 0) + return KRB5_CRYPTO_INTERNAL; + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + krb5int_c_iov_get_block(iblock, BLOCK_SIZE, data, num_data, &input_pos); + EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); + ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, iblock, BLOCK_SIZE); if (ret == 1) { - output->length += tmp_len; - memcpy(output->data, tmp_buf, output->length); - ret = 0; - } else { - ret = KRB5_CRYPTO_INTERNAL; - } - - memset(tmp_buf, 0, input->length); - OPENSSL_free(tmp_buf); - - return ret; -} - -static krb5_error_code -cts_enc(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0, tmp_len = 0; - size_t size = 0; - unsigned char iv_cts[IV_CTS_BUF_SIZE]; - unsigned char *tmp_buf = NULL; - AES_KEY enck; - - memset(iv_cts,0,sizeof(iv_cts)); - if (ivec && ivec->data){ - if (ivec->length != sizeof(iv_cts)) - return KRB5_CRYPTO_INTERNAL; - memcpy(iv_cts, ivec->data,ivec->length); - } - - tmp_buf = OPENSSL_malloc(input->length); - if (!tmp_buf) - return ENOMEM; - tmp_len = input->length; - - AES_set_encrypt_key(key->keyblock.contents, - NUM_BITS * key->keyblock.length, &enck); - - size = CRYPTO_cts128_encrypt((unsigned char *)input->data, tmp_buf, - input->length, &enck, - iv_cts, (cbc128_f)AES_cbc_encrypt); - if (size <= 0 || output->length < size) { - ret = KRB5_CRYPTO_INTERNAL; - } else { - output->length = size; - memcpy(output->data, tmp_buf, output->length); - ret = 0; - } - - if (!ret && ivec && ivec->data) - memcpy(ivec->data, iv_cts, sizeof(iv_cts)); - - memset(tmp_buf, 0, input->length); - OPENSSL_free(tmp_buf); - - return ret; -} - -static krb5_error_code -cts_decr(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0, tmp_len = 0; - size_t size = 0; - unsigned char iv_cts[IV_CTS_BUF_SIZE]; - unsigned char *tmp_buf = NULL; - AES_KEY deck; - - memset(iv_cts,0,sizeof(iv_cts)); - if (ivec && ivec->data){ - if (ivec->length != sizeof(iv_cts)) - return KRB5_CRYPTO_INTERNAL; - memcpy(iv_cts, ivec->data,ivec->length); + krb5int_c_iov_put_block(data, num_data, oblock, BLOCK_SIZE, + &output_pos); } + EVP_CIPHER_CTX_cleanup(&ciph_ctx); - tmp_buf = OPENSSL_malloc(input->length); - if (!tmp_buf) - return ENOMEM; - tmp_len = input->length; - - AES_set_decrypt_key(key->keyblock.contents, - NUM_BITS * key->keyblock.length, &deck); - - size = CRYPTO_cts128_decrypt((unsigned char *)input->data, tmp_buf, - input->length, &deck, - iv_cts, (cbc128_f)AES_cbc_encrypt); - if (size <= 0 || output->length < size) { - ret = KRB5_CRYPTO_INTERNAL; - } else { - output->length = size + 16; - memcpy(output->data, tmp_buf, output->length); - ret = 0; - } - - if (!ret && ivec && ivec->data) - memcpy(ivec->data, iv_cts, sizeof(iv_cts)); - - memset(tmp_buf, 0, input->length); - OPENSSL_free(tmp_buf); - - return ret; + zap(iblock, BLOCK_SIZE); + zap(oblock, BLOCK_SIZE); + return (ret == 1) ? 0 : KRB5_CRYPTO_INTERNAL; } static krb5_error_code -cts_encr_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data, size_t dlen) +cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data, size_t dlen) { int ret = 0; - int oblock_len = BLOCK_SIZE * num_data; - size_t size = 0, tlen = 0; + size_t size = 0; unsigned char *oblock = NULL, *dbuf = NULL; unsigned char iv_cts[IV_CTS_BUF_SIZE]; - unsigned char iblock[BLOCK_SIZE]; struct iov_block_state input_pos, output_pos; AES_KEY enck; @@ -266,7 +145,7 @@ cts_encr_iov(krb5_key key, memcpy(iv_cts, ivec->data,ivec->length); } - oblock = OPENSSL_malloc(oblock_len); + oblock = OPENSSL_malloc(dlen); if (!oblock){ return ENOMEM; } @@ -276,29 +155,13 @@ cts_encr_iov(krb5_key key, return ENOMEM; } - memset(oblock, 0, oblock_len); - memset(dbuf, 0, dlen); - IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - tlen = 0; - for (;;) { - if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE, - data, num_data, &input_pos)){ - memcpy(dbuf+tlen,iblock, BLOCK_SIZE); - - tlen += BLOCK_SIZE; - } else { - memcpy(dbuf+tlen,iblock, dlen - tlen); - break; - } - - if (tlen > dlen) break; - } + krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos); AES_set_encrypt_key(key->keyblock.contents, - NUM_BITS * key->keyblock.length, &enck); + NUM_BITS * key->keyblock.length, &enck); size = CRYPTO_cts128_encrypt((unsigned char *)dbuf, oblock, dlen, &enck, iv_cts, (cbc128_f)AES_cbc_encrypt); @@ -312,8 +175,8 @@ cts_encr_iov(krb5_key key, if (!ret && ivec && ivec->data) memcpy(ivec->data, iv_cts, sizeof(iv_cts)); - memset(oblock,0,oblock_len); - memset(dbuf,0,dlen); + zap(oblock, dlen); + zap(dbuf, dlen); OPENSSL_free(oblock); OPENSSL_free(dbuf); @@ -321,24 +184,20 @@ cts_encr_iov(krb5_key key, } static krb5_error_code -cts_decr_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data, size_t dlen) +cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data, size_t dlen) { int ret = 0; - int oblock_len = BLOCK_SIZE*num_data; - size_t size = 0, tlen = 0; + size_t size = 0; unsigned char *oblock = NULL; unsigned char *dbuf = NULL; - unsigned char iblock[BLOCK_SIZE]; unsigned char iv_cts[IV_CTS_BUF_SIZE]; struct iov_block_state input_pos, output_pos; AES_KEY deck; memset(iv_cts,0,sizeof(iv_cts)); if (ivec && ivec->data){ - if (ivec->length <= sizeof(iv_cts)) + if (ivec->length != sizeof(iv_cts)) return KRB5_CRYPTO_INTERNAL; memcpy(iv_cts, ivec->data,ivec->length); } @@ -346,7 +205,7 @@ cts_decr_iov(krb5_key key, IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - oblock = OPENSSL_malloc(oblock_len); + oblock = OPENSSL_malloc(dlen); if (!oblock) return ENOMEM; dbuf = OPENSSL_malloc(dlen); @@ -355,26 +214,10 @@ cts_decr_iov(krb5_key key, return ENOMEM; } - memset(oblock, 0, oblock_len); - memset(dbuf, 0, dlen); - AES_set_decrypt_key(key->keyblock.contents, - NUM_BITS * key->keyblock.length, &deck); - - tlen = 0; - for (;;) { - if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE, - data, num_data, &input_pos)){ - memcpy(dbuf+tlen,iblock, BLOCK_SIZE); + NUM_BITS * key->keyblock.length, &deck); - tlen += BLOCK_SIZE; - } else { - memcpy(dbuf+tlen,iblock, dlen - tlen); - break; - } - - if (tlen > dlen) break; - } + krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos); size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock, dlen, &deck, @@ -388,8 +231,8 @@ cts_decr_iov(krb5_key key, if (!ret && ivec && ivec->data) memcpy(ivec->data, iv_cts, sizeof(iv_cts)); - memset(oblock,0,oblock_len); - memset(dbuf,0,dlen); + zap(oblock, dlen); + zap(dbuf, dlen); OPENSSL_free(oblock); OPENSSL_free(dbuf); @@ -398,43 +241,7 @@ cts_decr_iov(krb5_key key, krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0; - - if (input->length <= BLOCK_SIZE){ - ret = cbc_enc(key, ivec, input, output); - } else { - ret = cts_enc(key, ivec, input, output); - } - - return ret; -} - -krb5_error_code -krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0; - int nblocks = 0; - - if (input->length < BLOCK_SIZE) - abort(); - - if (input->length == BLOCK_SIZE){ - ret = cbc_decr(key, ivec, input, output); - } else { - ret = cts_decr(key, ivec, input, output); - } - - return ret; -} - -static krb5_error_code -krb5int_aes_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + krb5_crypto_iov *data, size_t num_data) { int ret = 0; int nblocks = 0; @@ -448,18 +255,20 @@ krb5int_aes_encrypt_iov(krb5_key key, } nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; - assert(nblocks > 1); - - ret = cts_encr_iov(key, ivec, data, num_data, input_length); + if (nblocks == 1) { + if (input_length != BLOCK_SIZE) + return KRB5_BAD_MSIZE; + ret = cbc_enc(key, ivec, data, num_data); + } else if (nblocks > 1) { + ret = cts_encr(key, ivec, data, num_data, input_length); + } return ret; } -static krb5_error_code -krb5int_aes_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +krb5_error_code +krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) { int ret = 0; int nblocks = 0; @@ -473,22 +282,25 @@ krb5int_aes_decrypt_iov(krb5_key key, } nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; - - assert(nblocks > 1); - - ret = cts_decr_iov(key, ivec, data, num_data, input_length); + if (nblocks == 1) { + if (input_length != BLOCK_SIZE) + return KRB5_BAD_MSIZE; + ret = cbc_decr(key, ivec, data, num_data); + } else if (nblocks > 1) { + ret = cts_decr(key, ivec, data, num_data, input_length); + } return ret; } static krb5_error_code krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage, - krb5_data *state) + krb5_data *state) { state->length = 16; state->data = (void *) malloc(16); if (state->data == NULL) - return ENOMEM; + return ENOMEM; memset(state->data, 0, state->length); return 0; } @@ -497,11 +309,10 @@ const struct krb5_enc_provider krb5int_enc_aes128 = { 16, 16, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, krb5int_aes_init_state, - krb5int_default_free_state, - krb5int_aes_encrypt_iov, - krb5int_aes_decrypt_iov + krb5int_default_free_state }; const struct krb5_enc_provider krb5int_enc_aes256 = { @@ -509,9 +320,8 @@ const struct krb5_enc_provider krb5int_enc_aes256 = { 32, 32, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, krb5int_aes_init_state, - krb5int_default_free_state, - krb5int_aes_encrypt_iov, - krb5int_aes_decrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps index 5ac919d..739c8dd 100644 --- a/src/lib/crypto/openssl/enc_provider/deps +++ b/src/lib/crypto/openssl/enc_provider/deps @@ -3,53 +3,52 @@ # des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../des/des_int.h \ - $(srcdir)/des.c $(srcdir)/enc_provider.h \ - $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/rand2key/rand2key.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des.c des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../des/des_int.h \ - $(srcdir)/des3.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../des/des_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/aes.c \ - $(srcdir)/enc_provider.h \ - $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/rand2key/rand2key.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(srcdir)/../hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aes.c enc_provider.h rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../arcfour/arcfour-int.h \ - $(srcdir)/../arcfour/arcfour.h $(srcdir)/enc_provider.h \ - $(srcdir)/rc4.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(srcdir)/../../krb/rand2key/rand2key.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc4.c diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c index 9c30ef1..a1a5245 100644 --- a/src/lib/crypto/openssl/enc_provider/des.c +++ b/src/lib/crypto/openssl/enc_provider/des.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/enc_provider/des.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. @@ -60,24 +61,7 @@ static krb5_error_code validate(krb5_key key, const krb5_data *ivec, - const krb5_data *input, const krb5_data *output) -{ - /* key->keyblock.enctype was checked by the caller */ - if (key->keyblock.length != KRB5_MIT_DES_KEYSIZE) - return(KRB5_BAD_KEYSIZE); - if ((input->length%8) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); - - return 0; -} - -static krb5_error_code -validate_iov(krb5_key key, const krb5_data *ivec, - const krb5_crypto_iov *data, size_t num_data) + const krb5_crypto_iov *data, size_t num_data) { size_t i, input_length; @@ -87,7 +71,7 @@ validate_iov(krb5_key key, const krb5_data *ivec, input_length += iov->data.length; } - if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE) + if (key->keyblock.length != KRB5_MIT_DES_KEYSIZE) return(KRB5_BAD_KEYSIZE); if ((input_length%DES_BLOCK_SIZE) != 0) return(KRB5_BAD_MSIZE); @@ -98,215 +82,79 @@ validate_iov(krb5_key key, const krb5_data *ivec, } static krb5_error_code -k5_des_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) +k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0, tmp_len = 0; - unsigned int tmp_buf_len = 0; - unsigned char *tmp_buf = NULL; - EVP_CIPHER_CTX ciph_ctx; - - ret = validate(key, ivec, input, output); - if (ret) - return ret; - - tmp_buf_len = output->length*2; - tmp_buf=OPENSSL_malloc(tmp_buf_len); - if (!tmp_buf) - return ENOMEM; - memset(tmp_buf,0,output->length); - - EVP_CIPHER_CTX_init(&ciph_ctx); - - ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents, - (ivec) ? (unsigned char*)ivec->data : NULL); - if (ret) { - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - if (!ret || output->length < (unsigned int)tmp_len) { - ret = KRB5_CRYPTO_INTERNAL; - } else { - output->length = tmp_len; - ret = EVP_EncryptFinal_ex(&ciph_ctx, tmp_buf + tmp_len, &tmp_len); - } - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret == 1) - memcpy(output->data,tmp_buf, output->length); - - memset(tmp_buf, 0, tmp_buf_len); - OPENSSL_free(tmp_buf); - - if (ret != 1) - return KRB5_CRYPTO_INTERNAL; - return 0; -} - - -static krb5_error_code -k5_des_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - /* key->keyblock.enctype was checked by the caller */ - int ret = 0, tmp_len = 0; - unsigned char *tmp_buf; - EVP_CIPHER_CTX ciph_ctx; - - ret = validate(key, ivec, input, output); - if (ret) - return ret; - - - tmp_buf=OPENSSL_malloc(output->length); - if (!tmp_buf) - return ENOMEM; - memset(tmp_buf,0,output->length); - - EVP_CIPHER_CTX_init(&ciph_ctx); - - ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents, - (ivec) ? (unsigned char*)ivec->data : NULL); - if (ret) { - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_DecryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - if (ret) { - output->length = tmp_len; - ret = EVP_DecryptFinal_ex(&ciph_ctx, tmp_buf+tmp_len, &tmp_len); - } - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret == 1) - memcpy(output->data,tmp_buf, output->length); - - memset(tmp_buf,0,output->length); - OPENSSL_free(tmp_buf); - - if ( ret != 1) - return KRB5_CRYPTO_INTERNAL; - return 0; -} - -static krb5_error_code -k5_des_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - int ret = 0, tmp_len = MIT_DES_BLOCK_LENGTH; - int oblock_len = MIT_DES_BLOCK_LENGTH * num_data; - unsigned char *iblock = NULL, *oblock = NULL; + int ret, olen = MIT_DES_BLOCK_LENGTH; + unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; struct iov_block_state input_pos, output_pos; - EVP_CIPHER_CTX ciph_ctx; - - iblock = OPENSSL_malloc(MIT_DES_BLOCK_LENGTH); - if (!iblock) - return ENOMEM; - oblock = OPENSSL_malloc(oblock_len); - if (!oblock){ - OPENSSL_free(iblock); - return ENOMEM; - } + EVP_CIPHER_CTX ciph_ctx; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - ret = validate_iov(key, ivec, data, num_data); + ret = validate(key, ivec, data, num_data); if (ret) return ret; - memset(oblock, 0, oblock_len); - EVP_CIPHER_CTX_init(&ciph_ctx); ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL); - if (!ret){ - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + if (!ret) return KRB5_CRYPTO_INTERNAL; - } EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); for (;;) { - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) + if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, + num_data, &input_pos)) break; - if (input_pos.iov_pos == num_data) + ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, + (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + if (!ret) break; - ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &tmp_len, - (unsigned char *)iblock, input_pos.data_pos); - if (!ret) break; - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if(ret) - ret = EVP_EncryptFinal_ex(&ciph_ctx, oblock+16, &tmp_len); - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - memset(iblock,0,sizeof(iblock)); - memset(oblock,0,sizeof(oblock)); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + zap(iblock, sizeof(iblock)); + zap(oblock, sizeof(oblock)); - if ( ret != 1) + if (ret != 1) return KRB5_CRYPTO_INTERNAL; return 0; } static krb5_error_code -k5_des_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0; - int tmp_len = MIT_DES_BLOCK_LENGTH; - int oblock_len = MIT_DES_BLOCK_LENGTH*num_data; - unsigned char *iblock = NULL, *oblock = NULL; + int ret, olen = MIT_DES_BLOCK_LENGTH; + unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; struct iov_block_state input_pos, output_pos; - EVP_CIPHER_CTX ciph_ctx; - - iblock = OPENSSL_malloc(MIT_DES_BLOCK_LENGTH); - if (!iblock) - return ENOMEM; - oblock = OPENSSL_malloc(oblock_len); - if (!oblock){ - OPENSSL_free(iblock); - return ENOMEM; - } + EVP_CIPHER_CTX ciph_ctx; IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - ret = validate_iov(key, ivec, data, num_data); + ret = validate(key, ivec, data, num_data); if (ret) return ret; - memset(oblock, 0, oblock_len); - EVP_CIPHER_CTX_init(&ciph_ctx); ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, - key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); - if (!ret){ - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + key->keyblock.contents, + (ivec) ? (unsigned char*)ivec->data : NULL); + if (!ret) return KRB5_CRYPTO_INTERNAL; - } EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); @@ -316,27 +164,18 @@ k5_des_decrypt_iov(krb5_key key, data, num_data, &input_pos)) break; - if (input_pos.iov_pos == num_data) - break; - - ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &tmp_len, - (unsigned char *)iblock, - input_pos.data_pos); + ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, + iblock, MIT_DES_BLOCK_LENGTH); if (!ret) break; krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } - if(ret) - ret = EVP_DecryptFinal_ex(&ciph_ctx, oblock+16, &tmp_len); - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - memset(iblock,0,sizeof(iblock)); - memset(oblock,0,sizeof(oblock)); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + zap(iblock, sizeof(iblock)); + zap(oblock, sizeof(oblock)); if (ret != 1) return KRB5_CRYPTO_INTERNAL; @@ -348,9 +187,8 @@ const struct krb5_enc_provider krb5int_enc_des = { DES_KEY_BYTES, KRB5_MIT_DES_KEYSIZE, k5_des_encrypt, k5_des_decrypt, + NULL, krb5int_des_make_key, krb5int_des_init_state, - krb5int_default_free_state, - k5_des_encrypt_iov, - k5_des_decrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c index 7228a46..3f0d213 100644 --- a/src/lib/crypto/openssl/enc_provider/des3.c +++ b/src/lib/crypto/openssl/enc_provider/des3.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/enc_provider/des3.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. @@ -59,183 +60,49 @@ static krb5_error_code validate(krb5_key key, const krb5_data *ivec, - const krb5_data *input, const krb5_data *output) -{ - /* key->keyblock.enctype was checked by the caller */ - - if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE) - return(KRB5_BAD_KEYSIZE); - if ((input->length%DES_BLOCK_SIZE) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); - - return 0; -} - -static krb5_error_code -validate_iov(krb5_key key, const krb5_data *ivec, - const krb5_crypto_iov *data, size_t num_data) + const krb5_crypto_iov *data, size_t num_data) { size_t i, input_length; for (i = 0, input_length = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + const krb5_crypto_iov *iov = &data[i]; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if ((input_length%DES_BLOCK_SIZE) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); - - return 0; -} - -static krb5_error_code -k5_des3_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0, tmp_len = 0; - unsigned int tmp_buf_len = 0; - unsigned char *tmp_buf = NULL; - EVP_CIPHER_CTX ciph_ctx; - - ret = validate(key, ivec, input, output); - if (ret) - return ret; - - tmp_buf_len = output->length * 2; - tmp_buf = OPENSSL_malloc(tmp_buf_len); - if (!tmp_buf) - return ENOMEM; - - EVP_CIPHER_CTX_init(&ciph_ctx); - - ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents, - (ivec) ? (unsigned char*)ivec->data : NULL); - if (ret) { - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - if (!ret || output->length < (unsigned int)tmp_len) { - ret = KRB5_CRYPTO_INTERNAL; - } else { - output->length = tmp_len; - ret = EVP_EncryptFinal_ex(&ciph_ctx, tmp_buf+tmp_len, &tmp_len); - } - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret == 1) - memcpy(output->data,tmp_buf, output->length); - - memset(tmp_buf, 0, tmp_buf_len); - OPENSSL_free(tmp_buf); - - if (ret != 1) - return KRB5_CRYPTO_INTERNAL; - - return 0; - -} + return(KRB5_BAD_MSIZE); -static krb5_error_code -k5_des3_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) -{ - int ret = 0, tmp_len = 0; - unsigned int tmp_buf_len = 0; - unsigned char *tmp_buf = NULL; - EVP_CIPHER_CTX ciph_ctx; - - ret = validate(key, ivec, input, output); - if (ret) - return ret; - - - tmp_buf_len = output->length; - tmp_buf=OPENSSL_malloc(tmp_buf_len); - if (!tmp_buf) - return ENOMEM; - - EVP_CIPHER_CTX_init(&ciph_ctx); - - ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents, - (ivec) ? (unsigned char*)ivec->data: NULL); - if (ret) { - EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); - ret = EVP_DecryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - if (!ret || output->length < (unsigned int)tmp_len) { - ret = KRB5_CRYPTO_INTERNAL; - } else { - output->length = tmp_len; - ret = EVP_DecryptFinal_ex(&ciph_ctx, tmp_buf+tmp_len, &tmp_len); - } - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret == 1) - memcpy(output->data,tmp_buf, output->length); - - memset(tmp_buf,0,tmp_buf_len); - OPENSSL_free(tmp_buf); - - if (ret != 1) - return KRB5_CRYPTO_INTERNAL; return 0; - } static krb5_error_code -k5_des3_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0; - int tmp_len = MIT_DES_BLOCK_LENGTH; - int oblock_len = MIT_DES_BLOCK_LENGTH*num_data; - unsigned char *iblock = NULL, *oblock = NULL; + int ret, olen = MIT_DES_BLOCK_LENGTH; + unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; struct iov_block_state input_pos, output_pos; - EVP_CIPHER_CTX ciph_ctx; + EVP_CIPHER_CTX ciph_ctx; - ret = validate_iov(key, ivec, data, num_data); + ret = validate(key, ivec, data, num_data); if (ret) return ret; - iblock = OPENSSL_malloc(MIT_DES_BLOCK_LENGTH); - if (!iblock) - return ENOMEM; - oblock = OPENSSL_malloc(oblock_len); - if (!oblock){ - OPENSSL_free(iblock); - return ENOMEM; - } - IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - memset(oblock, 0, oblock_len); - EVP_CIPHER_CTX_init(&ciph_ctx); ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, - key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); - if (!ret){ - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + key->keyblock.contents, + (ivec) ? (unsigned char*)ivec->data : NULL); + if (!ret) return KRB5_CRYPTO_INTERNAL; - } EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); @@ -245,29 +112,22 @@ k5_des3_encrypt_iov(krb5_key key, data, num_data, &input_pos)) break; - if (input_pos.iov_pos == num_data) + ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, + (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + if (!ret) break; - ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &tmp_len, - (unsigned char *)iblock, input_pos.data_pos); - if (!ret) break; - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } - if(ret) { - /*if (ivec != NULL && ivec->data) - memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */ - ret = EVP_EncryptFinal_ex(&ciph_ctx, oblock+input_pos.data_pos, &tmp_len); - } + /*if (ivec != NULL && ivec->data) + memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */ EVP_CIPHER_CTX_cleanup(&ciph_ctx); - memset(iblock,0,sizeof(iblock)); - memset(oblock,0,sizeof(oblock)); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + zap(iblock, sizeof(iblock)); + zap(oblock, sizeof(oblock)); if (ret != 1) return KRB5_CRYPTO_INTERNAL; @@ -275,46 +135,28 @@ k5_des3_encrypt_iov(krb5_key key, } static krb5_error_code -k5_des3_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) +k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - int ret = 0; - int tmp_len = MIT_DES_BLOCK_LENGTH; - int oblock_len = MIT_DES_BLOCK_LENGTH * num_data; - unsigned char *iblock = NULL, *oblock = NULL; + int ret, olen = MIT_DES_BLOCK_LENGTH; + unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; struct iov_block_state input_pos, output_pos; - EVP_CIPHER_CTX ciph_ctx; + EVP_CIPHER_CTX ciph_ctx; - ret = validate_iov(key, ivec, data, num_data); + ret = validate(key, ivec, data, num_data); if (ret) return ret; - iblock = OPENSSL_malloc(MIT_DES_BLOCK_LENGTH); - if (!iblock) - return ENOMEM; - oblock = OPENSSL_malloc(oblock_len); - if (!oblock){ - OPENSSL_free(iblock); - return ENOMEM; - } - IOV_BLOCK_STATE_INIT(&input_pos); IOV_BLOCK_STATE_INIT(&output_pos); - memset(oblock, 0, oblock_len); - EVP_CIPHER_CTX_init(&ciph_ctx); ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, - key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL); - if (!ret){ - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + key->keyblock.contents, + (ivec) ? (unsigned char*)ivec->data : NULL); + if (!ret) return KRB5_CRYPTO_INTERNAL; - } EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); @@ -324,30 +166,22 @@ k5_des3_decrypt_iov(krb5_key key, data, num_data, &input_pos)) break; - if (input_pos.iov_pos == num_data) + ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, + (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + if (!ret) break; - ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &tmp_len, - (unsigned char *)iblock, input_pos.data_pos); - if (!ret) break; - - krb5int_c_iov_put_block(data, num_data, - oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, + &output_pos); } - if(ret) { - /*if (ivec != NULL && ivec->data) - memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */ - ret = EVP_DecryptFinal_ex(&ciph_ctx, - oblock + input_pos.data_pos, &tmp_len); - } + /*if (ivec != NULL && ivec->data) + memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */ EVP_CIPHER_CTX_cleanup(&ciph_ctx); - memset(iblock,0,sizeof(iblock)); - memset(oblock,0,sizeof(oblock)); - OPENSSL_free(iblock); - OPENSSL_free(oblock); + zap(iblock, sizeof(iblock)); + zap(oblock, sizeof(oblock)); if (ret != 1) return KRB5_CRYPTO_INTERNAL; @@ -359,9 +193,8 @@ const struct krb5_enc_provider krb5int_enc_des3 = { KRB5_MIT_DES3_KEY_BYTES, KRB5_MIT_DES3_KEYSIZE, k5_des3_encrypt, k5_des3_decrypt, + NULL, krb5int_des3_make_key, krb5int_des_init_state, - krb5int_default_free_state, - k5_des3_encrypt_iov, - k5_des3_decrypt_iov + krb5int_default_free_state }; diff --git a/src/lib/crypto/openssl/enc_provider/enc_provider.h b/src/lib/crypto/openssl/enc_provider/enc_provider.h index 49ffaaf..8144b65 100644 --- a/src/lib/crypto/openssl/enc_provider/enc_provider.h +++ b/src/lib/crypto/openssl/enc_provider/enc_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c index a7c3020..7ce9436 100644 --- a/src/lib/crypto/openssl/enc_provider/rc4.c +++ b/src/lib/crypto/openssl/enc_provider/rc4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/enc_provider/rc4.c * * #include STD_DISCLAIMER @@ -39,6 +40,20 @@ #include <rand2key.h> #include <openssl/evp.h> +typedef struct +{ + EVP_CIPHER_CTX evp_ctx; + unsigned int x; + unsigned int y; + unsigned char state[256]; + +} ArcfourContext; + +typedef struct { + int initialized; + ArcfourContext ctx; +} ArcFourCipherState; + #define RC4_KEY_SIZE 16 #define RC4_BLOCK_SIZE 1 @@ -46,63 +61,19 @@ /* prototypes */ static krb5_error_code -k5_arcfour_docrypt(krb5_key, const krb5_data *, - const krb5_data *, krb5_data *); -static krb5_error_code k5_arcfour_free_state ( krb5_data *state); static krb5_error_code k5_arcfour_init_state (const krb5_keyblock *key, - krb5_keyusage keyusage, krb5_data *new_state); + krb5_keyusage keyusage, krb5_data *new_state); /* The workhorse of the arcfour system, * this impliments the cipher */ -/* In-place rc4 crypto */ -static krb5_error_code -k5_arcfour_docrypt(krb5_key key, const krb5_data *state, - const krb5_data *input, krb5_data *output) -{ - int ret = 0, tmp_len = 0; - unsigned char *tmp_buf = NULL; - EVP_CIPHER_CTX ciph_ctx; - - if (key->keyblock.length != RC4_KEY_SIZE) - return(KRB5_BAD_KEYSIZE); - - if (input->length != output->length) - return(KRB5_BAD_MSIZE); - - EVP_CIPHER_CTX_init(&ciph_ctx); - - ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, key->keyblock.contents, NULL); - if (ret) { - tmp_buf=(unsigned char *)output->data; - ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len, - (unsigned char *)input->data, input->length); - output->length = tmp_len; - } - if (ret) { - tmp_buf += tmp_len; - ret = EVP_EncryptFinal_ex(&ciph_ctx, tmp_buf, &tmp_len); - } - - EVP_CIPHER_CTX_cleanup(&ciph_ctx); - - if (ret != 1) - return KRB5_CRYPTO_INTERNAL; - - output->length += tmp_len; - - return 0; -} - /* In-place IOV crypto */ static krb5_error_code -k5_arcfour_docrypt_iov(krb5_key key, - const krb5_data *state, - krb5_crypto_iov *data, - size_t num_data) +k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data, + size_t num_data) { size_t i; int ret = 0, tmp_len = 0; @@ -127,8 +98,8 @@ k5_arcfour_docrypt_iov(krb5_key key, if (ENCRYPT_IOV(iov)) { tmp_buf=(unsigned char *)iov->data.data; ret = EVP_EncryptUpdate(&ciph_ctx, - tmp_buf, &tmp_len, - (unsigned char *)iov->data.data, iov->data.length); + tmp_buf, &tmp_len, + (unsigned char *)iov->data.data, iov->data.length); if (!ret) break; iov->data.length = tmp_len; } @@ -149,14 +120,14 @@ k5_arcfour_docrypt_iov(krb5_key key, static krb5_error_code k5_arcfour_free_state ( krb5_data *state) { - return 0; /* not implemented */ + return 0; /* not implemented */ } static krb5_error_code k5_arcfour_init_state (const krb5_keyblock *key, krb5_keyusage keyusage, krb5_data *new_state) { - return 0; /* not implemented */ + return 0; /* not implemented */ } @@ -174,9 +145,8 @@ const struct krb5_enc_provider krb5int_enc_arcfour = { RC4_KEY_SIZE, RC4_KEY_SIZE, k5_arcfour_docrypt, k5_arcfour_docrypt, + NULL, krb5int_arcfour_make_key, k5_arcfour_init_state, /*xxx not implemented */ - k5_arcfour_free_state, /*xxx not implemented */ - k5_arcfour_docrypt_iov, - k5_arcfour_docrypt_iov + k5_arcfour_free_state /*xxx not implemented */ }; diff --git a/src/lib/crypto/openssl/hash_provider/Makefile.in b/src/lib/crypto/openssl/hash_provider/Makefile.in index 1c6bdd1..b5a7dcf 100644 --- a/src/lib/crypto/openssl/hash_provider/Makefile.in +++ b/src/lib/crypto/openssl/hash_provider/Makefile.in @@ -1,9 +1,7 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/hash_provider mydir=lib/crypto/openssl/hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/../md5 -I$(srcdir)/../sha1 + -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/openssl/hash_provider/deps b/src/lib/crypto/openssl/hash_provider/deps index aae0b98..99e024e 100644 --- a/src/lib/crypto/openssl/hash_provider/deps +++ b/src/lib/crypto/openssl/hash_provider/deps @@ -4,49 +4,52 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/hash_crc32.c \ - $(srcdir)/hash_provider.h \ - $(srcdir)/../../krb/crc32/crc-32.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_crc32.c hash_provider.h hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/hash_md4.c $(srcdir)/hash_provider.h \ - $(srcdir)/../md4/rsa-md4.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md4.c hash_provider.h hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/hash_md5.c $(srcdir)/hash_provider.h \ - $(srcdir)/../md5/rsa-md5.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md5.c hash_provider.h hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/hash_provider.h \ - $(srcdir)/hash_sha1.c $(srcdir)/../sha1/shs.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_provider.h hash_sha1.c diff --git a/src/lib/crypto/openssl/hash_provider/hash_crc32.c b/src/lib/crypto/openssl/hash_provider/hash_crc32.c index 771a7d6..68a01cb 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_crc32.c +++ b/src/lib/crypto/openssl/hash_provider/hash_crc32.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,21 +28,23 @@ #include "k5-int.h" #include "crc-32.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_crc32_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - unsigned long c, cn; + unsigned long c; unsigned int i; if (output->length != CRC32_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); c = 0; - for (i=0; i<icount; i++) { - mit_crc32(input[i].data, input[i].length, &cn); - c ^= cn; + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) + mit_crc32(iov->data.data, iov->data.length, &c); } store_32_le(c, output->data); diff --git a/src/lib/crypto/openssl/hash_provider/hash_md4.c b/src/lib/crypto/openssl/hash_provider/hash_md4.c index 916da0f..85f18f6 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_md4.c +++ b/src/lib/crypto/openssl/hash_provider/hash_md4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,20 +28,26 @@ #include "k5-int.h" #include "rsa-md4.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_md4_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { krb5_MD4_CTX ctx; unsigned int i; if (output->length != RSA_MD4_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); krb5int_MD4Init(&ctx); - for (i=0; i<icount; i++) - krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + krb5int_MD4Update(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } krb5int_MD4Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH); diff --git a/src/lib/crypto/openssl/hash_provider/hash_md5.c b/src/lib/crypto/openssl/hash_provider/hash_md5.c index e1e29f0..182e6c0 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_md5.c +++ b/src/lib/crypto/openssl/hash_provider/hash_md5.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -27,20 +28,26 @@ #include "k5-int.h" #include "rsa-md5.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_md5_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { krb5_MD5_CTX ctx; unsigned int i; if (output->length != RSA_MD5_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); krb5int_MD5Init(&ctx); - for (i=0; i<icount; i++) - krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + krb5int_MD5Update(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } krb5int_MD5Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH); diff --git a/src/lib/crypto/openssl/hash_provider/hash_provider.h b/src/lib/crypto/openssl/hash_provider/hash_provider.h index 1023d1a..eebe845 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_provider.h +++ b/src/lib/crypto/openssl/hash_provider/hash_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/openssl/hash_provider/hash_sha1.c b/src/lib/crypto/openssl/hash_provider/hash_sha1.c index 18ee830..f602411 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_sha1.c +++ b/src/lib/crypto/openssl/hash_provider/hash_sha1.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/hash/yhash.h * * Copyright (C) 1998 by the FundsXpress, INC. @@ -28,20 +29,26 @@ #include "k5-int.h" #include "shs.h" #include "hash_provider.h" +#include "aead.h" static krb5_error_code -k5_sha1_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) +k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { SHS_INFO ctx; unsigned int i; if (output->length != SHS_DIGESTSIZE) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); shsInit(&ctx); - for (i=0; i<icount; i++) - shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length); + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + shsUpdate(&ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } shsFinal(&ctx); if (ctx.digestLen > 0 && ctx.digestLen <= output->length){ diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c index b1768e0..7ef3d3f 100644 --- a/src/lib/crypto/openssl/hmac.c +++ b/src/lib/crypto/openssl/hmac.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/hmac.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. @@ -82,8 +83,9 @@ map_digest(const struct krb5_hash_provider *hash) krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, unsigned int icount, - const krb5_data *input, krb5_data *output) + const krb5_keyblock *keyblock, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { unsigned int i = 0, md_len = 0; unsigned char md[EVP_MAX_MD_SIZE]; @@ -93,22 +95,21 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, hashsize = hash->hashsize; blocksize = hash->blocksize; - if (key->length > blocksize) + if (keyblock->length > blocksize) return(KRB5_CRYPTO_INTERNAL); if (output->length < hashsize) return(KRB5_BAD_MSIZE); - /* if this isn't > 0, then there won't be enough space in this - array to compute the outer hash */ - if (icount == 0) - return(KRB5_CRYPTO_INTERNAL); if (!map_digest(hash)) return(KRB5_CRYPTO_INTERNAL); // unsupported alg HMAC_CTX_init(&c); - HMAC_Init(&c, key->contents, key->length, map_digest(hash)); - for ( i = 0; i < icount; i++ ) { - HMAC_Update(&c,(const unsigned char*)input[i].data, input[i].length); + HMAC_Init(&c, keyblock->contents, keyblock->length, map_digest(hash)); + for (i = 0; i < num_data; i++) { + krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) + HMAC_Update(&c, (unsigned char*) iov->data.data, iov->data.length); } HMAC_Final(&c,(unsigned char *)md, &md_len); if ( md_len <= output->length) { @@ -122,56 +123,9 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, } krb5_error_code -krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) -{ - krb5_data *sign_data; - size_t num_sign_data; - krb5_error_code ret; - size_t i, j; - - /* Create a checksum over all the data to be signed */ - for (i = 0, num_sign_data = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - num_sign_data++; - } - - /* XXX cleanup to avoid alloc */ - sign_data = (krb5_data *)calloc(num_sign_data, sizeof(krb5_data)); - if (sign_data == NULL) - return ENOMEM; - - for (i = 0, j = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) - sign_data[j++] = iov->data; - } - - /* caller must store checksum in iov as it may be TYPE_TRAILER or TYPE_CHECKSUM */ - ret = krb5int_hmac_keyblock(hash, key, num_sign_data, sign_data, output); - - free(sign_data); - - return ret; -} - -krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key, - unsigned int icount, const krb5_data *input, krb5_data *output) -{ - return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output); -} - -krb5_error_code -krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { - return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data, - output); + return krb5int_hmac_keyblock(hash, &key->keyblock, data, num_data, output); } diff --git a/src/lib/crypto/openssl/md4/Makefile.in b/src/lib/crypto/openssl/md4/Makefile.in index 0bf0ffe..f212c6d 100644 --- a/src/lib/crypto/openssl/md4/Makefile.in +++ b/src/lib/crypto/openssl/md4/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/md4 mydir=lib/crypto/openssl/md4 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir) diff --git a/src/lib/crypto/openssl/md4/deps b/src/lib/crypto/openssl/md4/deps index dfb1d70..a28d9da 100644 --- a/src/lib/crypto/openssl/md4/deps +++ b/src/lib/crypto/openssl/md4/deps @@ -3,12 +3,11 @@ # md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/md4.c \ - $(srcdir)/rsa-md4.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h md4.c rsa-md4.h diff --git a/src/lib/crypto/openssl/md4/md4.c b/src/lib/crypto/openssl/md4/md4.c index cd7684d..8d2cd48 100644 --- a/src/lib/crypto/openssl/md4/md4.c +++ b/src/lib/crypto/openssl/md4/md4.c @@ -1,5 +1,6 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - * lib/crypto/openssl/md4/md4.c + * lib/crypto/openssl/md4/md4.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. * All rights reserved. diff --git a/src/lib/crypto/openssl/md4/rsa-md4.h b/src/lib/crypto/openssl/md4/rsa-md4.h index 93737e6..3d32f08 100644 --- a/src/lib/crypto/openssl/md4/rsa-md4.h +++ b/src/lib/crypto/openssl/md4/rsa-md4.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/md4/rsa-md4.h * @@ -45,37 +46,37 @@ #define RSA_MD4_DES_CONFOUND_LENGTH 8 /* - ********************************************************************** - ** md4.h -- Header file for implementation of MD4 ** - ** RSA Data Security, Inc. MD4 Message Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ********************************************************************** - */ +********************************************************************** +** md4.h -- Header file for implementation of MD4 ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +********************************************************************** +*/ /* - ********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD4 Message ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD4 Message Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - ********************************************************************** - */ +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ /* Data structure for MD4 (Message Digest) computation */ typedef struct { @@ -92,8 +93,8 @@ extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned in extern void krb5int_MD4Final(krb5_MD4_CTX *); /* - ********************************************************************** - ** End of md4.h ** - ******************************* (cut) ******************************** - */ +********************************************************************** +** End of md4.h ** +******************************* (cut) ******************************** +*/ #endif /* __KRB5_RSA_MD4_H__ */ diff --git a/src/lib/crypto/openssl/md5/Makefile.in b/src/lib/crypto/openssl/md5/Makefile.in index 073ab73..1b693c4 100644 --- a/src/lib/crypto/openssl/md5/Makefile.in +++ b/src/lib/crypto/openssl/md5/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/md5 mydir=lib/crypto/openssl/md5 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= diff --git a/src/lib/crypto/openssl/md5/deps b/src/lib/crypto/openssl/md5/deps index abfc549..876368d 100644 --- a/src/lib/crypto/openssl/md5/deps +++ b/src/lib/crypto/openssl/md5/deps @@ -3,12 +3,11 @@ # md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/md5.c \ - $(srcdir)/rsa-md5.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h diff --git a/src/lib/crypto/openssl/md5/md5.c b/src/lib/crypto/openssl/md5/md5.c index 84c6d49..41a8498 100644 --- a/src/lib/crypto/openssl/md5/md5.c +++ b/src/lib/crypto/openssl/md5/md5.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/md5/md5.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. @@ -30,7 +31,7 @@ /* The routine krb5int_MD5Init initializes the message-digest context mdContext. All fields are set to zero. - */ +*/ void krb5int_MD5Init (krb5_MD5_CTX *mdContext) { @@ -41,7 +42,7 @@ krb5int_MD5Init (krb5_MD5_CTX *mdContext) /* The routine krb5int_MD5Update updates the message-digest context to account for the presence of each of the characters inBuf[0..inLen-1] in the message whose digest is being computed. - */ +*/ void krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) { @@ -50,7 +51,7 @@ krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned /* The routine krb5int_MD5Final terminates the message-digest computation and ends with the desired message digest in mdContext->digest[0...15]. - */ +*/ void krb5int_MD5Final (krb5_MD5_CTX *mdContext) { diff --git a/src/lib/crypto/openssl/md5/rsa-md5.h b/src/lib/crypto/openssl/md5/rsa-md5.h index c9a5f90..a8380f4 100644 --- a/src/lib/crypto/openssl/md5/rsa-md5.h +++ b/src/lib/crypto/openssl/md5/rsa-md5.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/md5/rsa-md5.h * * Copyright (C) 2009 by the Massachusetts Institute of Technology. @@ -24,43 +25,43 @@ */ /* - *********************************************************************** - ** md5.h -- header file for implementation of MD5 ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ** Revised (for MD5): RLR 4/27/91 ** - ** -- G modified to have y&~z instead of y&z ** - ** -- FF, GG, HH modified to add in last register done ** - ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** - ** -- distinct additive constant for each step ** - ** -- round 4 added, working mod 7 ** - *********************************************************************** - */ +*********************************************************************** +** md5.h -- header file for implementation of MD5 ** +** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +** Revised (for MD5): RLR 4/27/91 ** +** -- G modified to have y&~z instead of y&z ** +** -- FF, GG, HH modified to add in last register done ** +** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** +** -- distinct additive constant for each step ** +** -- round 4 added, working mod 7 ** +*********************************************************************** +*/ /* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ +*********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD5 Message- ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +*********************************************************************** +*/ #ifndef KRB5_RSA_MD5__ diff --git a/src/lib/crypto/openssl/pbkdf2.c b/src/lib/crypto/openssl/pbkdf2.c index 2681739..e64e562 100644 --- a/src/lib/crypto/openssl/pbkdf2.c +++ b/src/lib/crypto/openssl/pbkdf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/openssl/pbkdf2.c * @@ -39,13 +40,13 @@ krb5_error_code krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count, - const krb5_data *pass, const krb5_data *salt) + const krb5_data *pass, const krb5_data *salt) { /* * This is an implementation of PKCS#5 v2.0 * Does not return an error */ - PKCS5_PBKDF2_HMAC_SHA1(pass->data, pass->length, + PKCS5_PBKDF2_HMAC_SHA1(pass->data, pass->length, (unsigned char *)salt->data, salt->length, count, out->length, (unsigned char *)out->data); return 0; diff --git a/src/lib/crypto/openssl/sha1/Makefile.in b/src/lib/crypto/openssl/sha1/Makefile.in index 249ab77..0ec2587 100644 --- a/src/lib/crypto/openssl/sha1/Makefile.in +++ b/src/lib/crypto/openssl/sha1/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../../.. -myfulldir=lib/crypto/openssl/sha1 mydir=lib/crypto/openssl/sha1 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= @@ -24,25 +22,8 @@ all-unix:: all-libobjs includes:: depend depend:: $(SRCS) -t_shs: t_shs.o shs.o $(SUPPORT_DEPLIB) - $(CC_LINK) -o t_shs t_shs.o shs.o $(SUPPORT_LIB) - -$(OUTPRE)t_shs.exe: $(OUTPRE)t_shs.obj $(OUTPRE)shs.obj - link -out:$@ $** - -t_shs3: t_shs3.o shs.o $(SUPPORT_DEPLIB) - $(CC_LINK) -o t_shs3 t_shs3.o shs.o $(SUPPORT_LIB) - -check-unix:: t_shs t_shs3 - $(RUN_SETUP) $(VALGRIND) $(C)t_shs -x - $(RUN_SETUP) $(VALGRIND) $(C)t_shs3 - -check-windows:: $(OUTPRE)t_shs.exe $(OUTPRE)t_shs3.exe - $(OUTPRE)$(C)t_shs.exe -x - $(OUTPRE)$(C)t_shs3.exe clean:: - $(RM) t_shs$(EXEEXT) t_shs.$(OBJEXT) t_shs3$(EXEEXT) t_shs3.$(OBJEXT) clean-unix:: clean-libobjs diff --git a/src/lib/crypto/openssl/sha1/deps b/src/lib/crypto/openssl/sha1/deps index a5e424d..40fa5fa 100644 --- a/src/lib/crypto/openssl/sha1/deps +++ b/src/lib/crypto/openssl/sha1/deps @@ -3,12 +3,11 @@ # shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/shs.c \ - $(srcdir)/shs.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h shs.c shs.h diff --git a/src/lib/crypto/openssl/sha1/shs.c b/src/lib/crypto/openssl/sha1/shs.c index 98eeef3..42d260d 100644 --- a/src/lib/crypto/openssl/sha1/shs.c +++ b/src/lib/crypto/openssl/sha1/shs.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/sha1/shs.c * * Copyright (C) 2009 by the Massachusetts Institute of Technology. diff --git a/src/lib/crypto/openssl/sha1/shs.h b/src/lib/crypto/openssl/sha1/shs.h index 88ab172..60cf2ad 100644 --- a/src/lib/crypto/openssl/sha1/shs.h +++ b/src/lib/crypto/openssl/sha1/shs.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef _SHS_DEFINED #include "k5-int.h" @@ -8,8 +9,8 @@ /* Some useful types */ -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; +typedef krb5_octet SHS_BYTE; +typedef krb5_ui_4 SHS_LONG; /* Define the following to use the updated SHS implementation */ #define NEW_SHS /**/ @@ -35,13 +36,13 @@ void shsFinal(SHS_INFO *shsInfo); /* Keyed Message digest functions (hmac_sha.c) */ krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); + int text_len, + krb5_octet *key, + int key_len, + krb5_octet *digest); -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE #endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/openssl/yhash.h b/src/lib/crypto/openssl/yhash.h index 95fee18..151818f 100644 --- a/src/lib/crypto/openssl/yhash.h +++ b/src/lib/crypto/openssl/yhash.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/openssl/hash/yhash.h */ @@ -16,13 +16,13 @@ #define HASH_Init(x) shsInit(x) #define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz) -#define HASH_Final(x, tdigest) do { \ - int loopvar; \ - unsigned char *out2 = (void *)(tdigest); \ - HASH_CTX *ctx = (x); \ - shsFinal(ctx); \ - memcpy(out2, ctx->digestBuf, ctx->digestLen); \ - } while(0) +#define HASH_Final(x, tdigest) do { \ + int loopvar; \ + unsigned char *out2 = (void *)(tdigest); \ + HASH_CTX *ctx = (x); \ + shsFinal(ctx); \ + memcpy(out2, ctx->digestBuf, ctx->digestLen); \ + } while(0) #define HASH_DIGEST_SIZE SHS_DIGESTSIZE diff --git a/src/lib/gssapi/Makefile.in b/src/lib/gssapi/Makefile.in index 0a8c61e..1316c29 100644 --- a/src/lib/gssapi/Makefile.in +++ b/src/lib/gssapi/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../.. -myfulldir=lib/gssapi mydir=lib/gssapi BUILDTOP=$(REL)..$(S).. SUBDIRS= generic krb5 spnego mechglue @@ -56,7 +54,7 @@ merged-gssapi-header.h: $(EXPORTED_HEADERS) cat $(EXPORTED_HEADERS) > merged.tmp $(MV) merged.tmp merged-gssapi-header.h verify-calling-conventions-gssapi: merged-gssapi-header.h - $(PERL) -w $(SRCTOP)/util/def-check.pl merged-gssapi-header.h $(srcdir)/../gssapi32.def + $(PERL) -w $(top_srcdir)/util/def-check.pl merged-gssapi-header.h $(srcdir)/../gssapi32.def all-windows:: cd generic diff --git a/src/lib/gssapi/generic/Makefile.in b/src/lib/gssapi/generic/Makefile.in index 42b4030..e4a0d58 100644 --- a/src/lib/gssapi/generic/Makefile.in +++ b/src/lib/gssapi/generic/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/gssapi/generic mydir=lib/gssapi/generic BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I. -I$(srcdir) -I$(srcdir)/.. @@ -122,18 +120,20 @@ $(OBJS): $(EXPORTED_HEADERS) $(ETHDRS) all-unix:: $(EXPORTED_HEADERS) $(ETHDRS) $(HDRS) all-unix:: all-libobjs -errmap.h: $(SRCTOP)/util/gen.pl $(SRCTOP)/util/t_array.pm \ - $(SRCTOP)/util/t_bimap.pm - $(PERL) -w -I$(SRCTOP)/util $(SRCTOP)/util/gen.pl bimap errmap.h \ +errmap.h: $(top_srcdir)/util/gen.pl $(top_srcdir)/util/t_array.pm \ + $(top_srcdir)/util/t_bimap.pm + $(PERL) -w -I$(top_srcdir)/util $(top_srcdir)/util/gen.pl bimap \ + errmap.h \ NAME=mecherrmap LEFT=OM_uint32 RIGHT="struct mecherror" \ LEFTPRINT=print_OM_uint32 RIGHTPRINT=mecherror_print \ LEFTCMP=cmp_OM_uint32 RIGHTCMP=mecherror_cmp -maptest.h: $(SRCTOP)/util/gen.pl $(SRCTOP)/util/t_array.pm \ - $(SRCTOP)/util/t_bimap.pm - $(PERL) -w -I$(SRCTOP)/util $(SRCTOP)/util/gen.pl bimap maptest.h \ - NAME=foo LEFT=int RIGHT=elt LEFTPRINT=intprt RIGHTPRINT=eltprt \ - LEFTCMP=intcmp RIGHTCMP=eltcmp +maptest.h: $(top_srcdir)/util/gen.pl $(top_srcdir)/util/t_array.pm \ + $(top_srcdir)/util/t_bimap.pm + $(PERL) -w -I$(top_srcdir)/util $(top_srcdir)/util/gen.pl bimap \ + maptest.h \ + NAME=foo LEFT=int RIGHT=elt LEFTPRINT=intprt \ + RIGHTPRINT=eltprt LEFTCMP=intcmp RIGHTCMP=eltcmp maptest.o: maptest.c maptest.h maptest: maptest.o $(CC_LINK) -o maptest maptest.o diff --git a/src/lib/gssapi/generic/deps b/src/lib/gssapi/generic/deps index 652f808..16860d0 100644 --- a/src/lib/gssapi/generic/deps +++ b/src/lib/gssapi/generic/deps @@ -3,71 +3,82 @@ # disp_com_err_status.so disp_com_err_status.po $(OUTPRE)disp_com_err_status.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h disp_com_err_status.c \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h disp_com_err_status.c \ gssapiP_generic.h gssapi_err_generic.h gssapi_ext.h \ gssapi_generic.h disp_major_status.so disp_major_status.po $(OUTPRE)disp_major_status.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h disp_major_status.c gssapiP_generic.h \ - gssapi_err_generic.h gssapi_ext.h gssapi_generic.h + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h disp_major_status.c \ + gssapiP_generic.h gssapi_err_generic.h gssapi_ext.h \ + gssapi_generic.h gssapi_generic.so gssapi_generic.po $(OUTPRE)gssapi_generic.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.c gssapi_generic.h + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.c \ + gssapi_generic.h oid_ops.so oid_ops.po $(OUTPRE)oid_ops.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h oid_ops.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + oid_ops.c rel_buffer.so rel_buffer.po $(OUTPRE)rel_buffer.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h rel_buffer.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + rel_buffer.c rel_oid_set.so rel_oid_set.po $(OUTPRE)rel_oid_set.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h rel_oid_set.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + rel_oid_set.c util_buffer.so util_buffer.po $(OUTPRE)util_buffer.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_buffer.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_buffer.c util_buffer_set.so util_buffer_set.po $(OUTPRE)util_buffer_set.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_buffer_set.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_buffer_set.c util_errmap.so util_errmap.po $(OUTPRE)util_errmap.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h errmap.h gssapiP_generic.h \ + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h errmap.h gssapiP_generic.h \ gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ util_errmap.c util_ordering.so util_ordering.po $(OUTPRE)util_ordering.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_ordering.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_ordering.c util_set.so util_set.po $(OUTPRE)util_set.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_set.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_set.c util_token.so util_token.po $(OUTPRE)util_token.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_token.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_token.c util_validate.so util_validate.po $(OUTPRE)util_validate.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h gssapiP_generic.h gssapi_err_generic.h \ - gssapi_ext.h gssapi_generic.h util_validate.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h gssapiP_generic.h \ + gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \ + util_validate.c gssapi_err_generic.so gssapi_err_generic.po $(OUTPRE)gssapi_err_generic.$(OBJEXT): \ $(COM_ERR_DEPS) gssapi_err_generic.c diff --git a/src/lib/gssapi/generic/disp_com_err_status.c b/src/lib/gssapi/generic/disp_com_err_status.c index d7a2e1d..4c410cc 100644 --- a/src/lib/gssapi/generic/disp_com_err_status.c +++ b/src/lib/gssapi/generic/disp_com_err_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/disp_major_status.c b/src/lib/gssapi/generic/disp_major_status.c index f9ff281..5098e3a 100644 --- a/src/lib/gssapi/generic/disp_major_status.c +++ b/src/lib/gssapi/generic/disp_major_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -32,9 +32,9 @@ /* This code has knowledge of the min and max errors of each type within the gssapi major status */ -#define GSS_ERROR_STR(value, array, select, min, max, num) \ - (((select(value) < (min)) || (select(value) > (max))) ? NULL : \ - (array)[num(value)]) +#define GSS_ERROR_STR(value, array, select, min, max, num) \ + (((select(value) < (min)) || (select(value) > (max))) ? NULL : \ + (array)[num(value)]) /**/ @@ -47,10 +47,10 @@ static const char * const calling_error_string[] = { static const char * const calling_error = "calling error"; -#define GSS_CALLING_ERROR_STR(x) \ - GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR, \ - GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \ - GSS_CALLING_ERROR_FIELD) +#define GSS_CALLING_ERROR_STR(x) \ + GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR, \ + GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \ + GSS_CALLING_ERROR_FIELD) /**/ @@ -76,10 +76,10 @@ static const char * const routine_error_string[] = { static const char * const routine_error = "routine error"; -#define GSS_ROUTINE_ERROR_STR(x) \ - GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \ - GSS_S_BAD_MECH, GSS_S_FAILURE, \ - GSS_ROUTINE_ERROR_FIELD) +#define GSS_ROUTINE_ERROR_STR(x) \ + GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \ + GSS_S_BAD_MECH, GSS_S_FAILURE, \ + GSS_ROUTINE_ERROR_FIELD) /**/ @@ -97,9 +97,9 @@ static const char * const sinfo_code = "supplementary info code"; #define LSBGET(x) ((((x)^((x)-1))+1)>>1) #define LSBMASK(n) ((1<<(n))^((1<<(n))-1)) -#define GSS_SINFO_STR(x) \ - ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \ - /**/NULL:sinfo_string[(x)]) +#define GSS_SINFO_STR(x) \ + ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \ + /**/NULL:sinfo_string[(x)]) /**/ diff --git a/src/lib/gssapi/generic/gssapi_generic.c b/src/lib/gssapi/generic/gssapi_generic.c index 4973784..827cb6b 100644 --- a/src/lib/gssapi/generic/gssapi_generic.c +++ b/src/lib/gssapi/generic/gssapi_generic.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/gssapi_generic.h b/src/lib/gssapi/generic/gssapi_generic.h index c5399dc..e11f938 100644 --- a/src/lib/gssapi/generic/gssapi_generic.h +++ b/src/lib/gssapi/generic/gssapi_generic.h @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -38,8 +38,8 @@ #define GSSAPIGENERIC_END_DECLS #endif -#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL ||\ - (buf)->value == NULL || (buf)->length == 0) +#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL || \ + (buf)->value == NULL || (buf)->length == 0) GSSAPIGENERIC_BEGIN_DECLS diff --git a/src/lib/gssapi/generic/maptest.c b/src/lib/gssapi/generic/maptest.c index ce59421..566d88c 100644 --- a/src/lib/gssapi/generic/maptest.c +++ b/src/lib/gssapi/generic/maptest.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include <stdio.h> #include <stdarg.h> #include <assert.h> diff --git a/src/lib/gssapi/generic/oid_ops.c b/src/lib/gssapi/generic/oid_ops.c index bda3a5a..d7cd5a4 100644 --- a/src/lib/gssapi/generic/oid_ops.c +++ b/src/lib/gssapi/generic/oid_ops.c @@ -1,4 +1,4 @@ -/* #pragma ident "@(#)oid_ops.c 1.19 04/02/23 SMI" */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/generic/oid_ops.c * @@ -42,15 +42,13 @@ #include <ctype.h> OM_uint32 -generic_gss_release_oid(minor_status, oid) - OM_uint32 *minor_status; - gss_OID *oid; +generic_gss_release_oid(OM_uint32 *minor_status, gss_OID *oid) { if (minor_status) - *minor_status = 0; + *minor_status = 0; if (oid == NULL || *oid == GSS_C_NO_OID) - return(GSS_S_COMPLETE); + return(GSS_S_COMPLETE); /* * The V2 API says the following! @@ -70,107 +68,103 @@ generic_gss_release_oid(minor_status, oid) */ if ((*oid != GSS_C_NT_USER_NAME) && - (*oid != GSS_C_NT_MACHINE_UID_NAME) && - (*oid != GSS_C_NT_STRING_UID_NAME) && - (*oid != GSS_C_NT_HOSTBASED_SERVICE) && - (*oid != GSS_C_NT_ANONYMOUS) && - (*oid != GSS_C_NT_EXPORT_NAME) && - (*oid != gss_nt_service_name)) { - free((*oid)->elements); - free(*oid); + (*oid != GSS_C_NT_MACHINE_UID_NAME) && + (*oid != GSS_C_NT_STRING_UID_NAME) && + (*oid != GSS_C_NT_HOSTBASED_SERVICE) && + (*oid != GSS_C_NT_ANONYMOUS) && + (*oid != GSS_C_NT_EXPORT_NAME) && + (*oid != gss_nt_service_name)) { + free((*oid)->elements); + free(*oid); } *oid = GSS_C_NO_OID; return(GSS_S_COMPLETE); } OM_uint32 -generic_gss_copy_oid(minor_status, oid, new_oid) - OM_uint32 *minor_status; - const gss_OID_desc * const oid; - gss_OID *new_oid; +generic_gss_copy_oid(OM_uint32 *minor_status, + const gss_OID_desc * const oid, + gss_OID *new_oid) { - gss_OID p; - - *minor_status = 0; - - p = (gss_OID) malloc(sizeof(gss_OID_desc)); - if (!p) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - p->length = oid->length; - p->elements = malloc(p->length); - if (!p->elements) { - free(p); - return GSS_S_FAILURE; - } - memcpy(p->elements, oid->elements, p->length); - *new_oid = p; - return(GSS_S_COMPLETE); + gss_OID p; + + *minor_status = 0; + + p = (gss_OID) malloc(sizeof(gss_OID_desc)); + if (!p) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + p->length = oid->length; + p->elements = malloc(p->length); + if (!p->elements) { + free(p); + return GSS_S_FAILURE; + } + memcpy(p->elements, oid->elements, p->length); + *new_oid = p; + return(GSS_S_COMPLETE); } OM_uint32 -generic_gss_create_empty_oid_set(minor_status, oid_set) - OM_uint32 *minor_status; - gss_OID_set *oid_set; +generic_gss_create_empty_oid_set(OM_uint32 *minor_status, gss_OID_set *oid_set) { *minor_status = 0; if ((*oid_set = (gss_OID_set) malloc(sizeof(gss_OID_set_desc)))) { - memset(*oid_set, 0, sizeof(gss_OID_set_desc)); - return(GSS_S_COMPLETE); + memset(*oid_set, 0, sizeof(gss_OID_set_desc)); + return(GSS_S_COMPLETE); } else { - *minor_status = ENOMEM; - return(GSS_S_FAILURE); + *minor_status = ENOMEM; + return(GSS_S_FAILURE); } } OM_uint32 -generic_gss_add_oid_set_member(minor_status, member_oid, oid_set) - OM_uint32 *minor_status; - const gss_OID_desc * const member_oid; - gss_OID_set *oid_set; +generic_gss_add_oid_set_member(OM_uint32 *minor_status, + const gss_OID_desc * const member_oid, + gss_OID_set *oid_set) { - gss_OID elist; - gss_OID lastel; + gss_OID elist; + gss_OID lastel; *minor_status = 0; if (member_oid == NULL || member_oid->length == 0 || - member_oid->elements == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); + member_oid->elements == NULL) + return (GSS_S_CALL_INACCESSIBLE_READ); elist = (*oid_set)->elements; /* Get an enlarged copy of the array */ if (((*oid_set)->elements = (gss_OID) malloc(((*oid_set)->count+1) * - sizeof(gss_OID_desc)))) { - /* Copy in the old junk */ - if (elist) - memcpy((*oid_set)->elements, - elist, - ((*oid_set)->count * sizeof(gss_OID_desc))); - - /* Duplicate the input element */ - lastel = &(*oid_set)->elements[(*oid_set)->count]; - if ((lastel->elements = - (void *) malloc((size_t) member_oid->length))) { - /* Success - copy elements */ - memcpy(lastel->elements, member_oid->elements, - (size_t) member_oid->length); - /* Set length */ - lastel->length = member_oid->length; - - /* Update count */ - (*oid_set)->count++; - if (elist) - free(elist); - *minor_status = 0; - return(GSS_S_COMPLETE); - } - else - free((*oid_set)->elements); + sizeof(gss_OID_desc)))) { + /* Copy in the old junk */ + if (elist) + memcpy((*oid_set)->elements, + elist, + ((*oid_set)->count * sizeof(gss_OID_desc))); + + /* Duplicate the input element */ + lastel = &(*oid_set)->elements[(*oid_set)->count]; + if ((lastel->elements = + (void *) malloc((size_t) member_oid->length))) { + /* Success - copy elements */ + memcpy(lastel->elements, member_oid->elements, + (size_t) member_oid->length); + /* Set length */ + lastel->length = member_oid->length; + + /* Update count */ + (*oid_set)->count++; + if (elist) + free(elist); + *minor_status = 0; + return(GSS_S_COMPLETE); + } + else + free((*oid_set)->elements); } /* Failure - restore old contents of list */ (*oid_set)->elements = elist; @@ -179,32 +173,31 @@ generic_gss_add_oid_set_member(minor_status, member_oid, oid_set) } OM_uint32 -generic_gss_test_oid_set_member(minor_status, member, set, present) - OM_uint32 *minor_status; - const gss_OID_desc * const member; - gss_OID_set set; - int *present; +generic_gss_test_oid_set_member(OM_uint32 *minor_status, + const gss_OID_desc * const member, + gss_OID_set set, + int * present) { - OM_uint32 i; - int result; + OM_uint32 i; + int result; *minor_status = 0; if (member == NULL || set == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); + return (GSS_S_CALL_INACCESSIBLE_READ); if (present == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); result = 0; for (i=0; i<set->count; i++) { - if ((set->elements[i].length == member->length) && - !memcmp(set->elements[i].elements, - member->elements, - (size_t) member->length)) { - result = 1; - break; - } + if ((set->elements[i].length == member->length) && + !memcmp(set->elements[i].elements, + member->elements, + (size_t) member->length)) { + result = 1; + break; + } } *present = result; return(GSS_S_COMPLETE); @@ -214,30 +207,29 @@ generic_gss_test_oid_set_member(minor_status, member, set, present) * OID<->string routines. These are uuuuugly. */ OM_uint32 -generic_gss_oid_to_str(minor_status, oid, oid_str) - OM_uint32 *minor_status; - const gss_OID_desc * const oid; - gss_buffer_t oid_str; +generic_gss_oid_to_str(OM_uint32 *minor_status, + const gss_OID_desc * const oid, + gss_buffer_t oid_str) { - OM_uint32 number; + OM_uint32 number; OM_uint32 i; - unsigned char *cp; - char *bp; - struct k5buf buf; + unsigned char *cp; + char *bp; + struct k5buf buf; if (minor_status != NULL) - *minor_status = 0; + *minor_status = 0; if (oid_str != GSS_C_NO_BUFFER) { - oid_str->length = 0; - oid_str->value = NULL; + oid_str->length = 0; + oid_str->value = NULL; } if (oid == NULL || oid->length == 0 || oid->elements == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); + return (GSS_S_CALL_INACCESSIBLE_READ); if (oid_str == GSS_C_NO_BUFFER) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); /* Decoded according to krb5/gssapi_krb5.c */ @@ -245,21 +237,21 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) number = (unsigned long) cp[0]; krb5int_buf_init_dynamic(&buf); krb5int_buf_add_fmt(&buf, "{ %lu %lu ", (unsigned long)number/40, - (unsigned long)number%40); + (unsigned long)number%40); number = 0; cp = (unsigned char *) oid->elements; for (i=1; i<oid->length; i++) { - number = (number << 7) | (cp[i] & 0x7f); - if ((cp[i] & 0x80) == 0) { - krb5int_buf_add_fmt(&buf, "%lu ", (unsigned long)number); - number = 0; - } + number = (number << 7) | (cp[i] & 0x7f); + if ((cp[i] & 0x80) == 0) { + krb5int_buf_add_fmt(&buf, "%lu ", (unsigned long)number); + number = 0; + } } krb5int_buf_add(&buf, "}"); bp = krb5int_buf_data(&buf); if (bp == NULL) { - *minor_status = ENOMEM; - return(GSS_S_FAILURE); + *minor_status = ENOMEM; + return(GSS_S_FAILURE); } oid_str->length = krb5int_buf_len(&buf)+1; oid_str->value = (void *) bp; @@ -267,43 +259,42 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) } OM_uint32 -generic_gss_str_to_oid(minor_status, oid_str, oid) - OM_uint32 *minor_status; - gss_buffer_t oid_str; - gss_OID *oid; +generic_gss_str_to_oid(OM_uint32 *minor_status, + gss_buffer_t oid_str, + gss_OID * oid) { - unsigned char *cp, *bp, *startp; - int brace; - long numbuf; - long onumbuf; - OM_uint32 nbytes; - int i; + unsigned char *cp, *bp, *startp; + int brace; + long numbuf; + long onumbuf; + OM_uint32 nbytes; + int i; unsigned char *op; if (minor_status != NULL) - *minor_status = 0; + *minor_status = 0; if (oid != NULL) - *oid = GSS_C_NO_OID; + *oid = GSS_C_NO_OID; if (GSS_EMPTY_BUFFER(oid_str)) - return (GSS_S_CALL_INACCESSIBLE_READ); + return (GSS_S_CALL_INACCESSIBLE_READ); if (oid == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); brace = 0; bp = oid_str->value; cp = bp; /* Skip over leading space */ while ((bp < &cp[oid_str->length]) && isspace(*bp)) - bp++; + bp++; if (*bp == '{') { - brace = 1; - bp++; + brace = 1; + bp++; } while ((bp < &cp[oid_str->length]) && isspace(*bp)) - bp++; + bp++; startp = bp; nbytes = 0; @@ -311,118 +302,117 @@ generic_gss_str_to_oid(minor_status, oid_str, oid) * The first two numbers are chewed up by the first octet. */ if (sscanf((char *)bp, "%ld", &numbuf) != 1) { - *minor_status = EINVAL; - return(GSS_S_FAILURE); + *minor_status = EINVAL; + return(GSS_S_FAILURE); } while ((bp < &cp[oid_str->length]) && isdigit(*bp)) - bp++; + bp++; while ((bp < &cp[oid_str->length]) && - (isspace(*bp) || *bp == '.')) - bp++; + (isspace(*bp) || *bp == '.')) + bp++; if (sscanf((char *)bp, "%ld", &numbuf) != 1) { - *minor_status = EINVAL; - return(GSS_S_FAILURE); + *minor_status = EINVAL; + return(GSS_S_FAILURE); } while ((bp < &cp[oid_str->length]) && isdigit(*bp)) - bp++; + bp++; while ((bp < &cp[oid_str->length]) && - (isspace(*bp) || *bp == '.')) - bp++; + (isspace(*bp) || *bp == '.')) + bp++; nbytes++; while (isdigit(*bp)) { - if (sscanf((char *)bp, "%ld", &numbuf) != 1) { - return(GSS_S_FAILURE); - } - while (numbuf) { - nbytes++; - numbuf >>= 7; - } - while ((bp < &cp[oid_str->length]) && isdigit(*bp)) - bp++; - while ((bp < &cp[oid_str->length]) && - (isspace(*bp) || *bp == '.')) - bp++; + if (sscanf((char *)bp, "%ld", &numbuf) != 1) { + return(GSS_S_FAILURE); + } + while (numbuf) { + nbytes++; + numbuf >>= 7; + } + while ((bp < &cp[oid_str->length]) && isdigit(*bp)) + bp++; + while ((bp < &cp[oid_str->length]) && + (isspace(*bp) || *bp == '.')) + bp++; } if (brace && (*bp != '}')) { - return(GSS_S_FAILURE); + return(GSS_S_FAILURE); } /* * Phew! We've come this far, so the syntax is good. */ if ((*oid = (gss_OID) malloc(sizeof(gss_OID_desc)))) { - if (((*oid)->elements = (void *) malloc(nbytes))) { - (*oid)->length = nbytes; - op = (unsigned char *) (*oid)->elements; - bp = startp; - (void) sscanf((char *)bp, "%ld", &numbuf); - while (isdigit(*bp)) - bp++; - while (isspace(*bp) || *bp == '.') - bp++; - onumbuf = 40*numbuf; - (void) sscanf((char *)bp, "%ld", &numbuf); - onumbuf += numbuf; - *op = (unsigned char) onumbuf; - op++; - while (isdigit(*bp)) - bp++; - while (isspace(*bp) || *bp == '.') - bp++; - while (isdigit(*bp)) { - (void) sscanf((char *)bp, "%ld", &numbuf); - nbytes = 0; - /* Have to fill in the bytes msb-first */ - onumbuf = numbuf; - while (numbuf) { - nbytes++; - numbuf >>= 7; - } - numbuf = onumbuf; - op += nbytes; - i = -1; - while (numbuf) { - op[i] = (unsigned char) numbuf & 0x7f; - if (i != -1) - op[i] |= 0x80; - i--; - numbuf >>= 7; - } - while (isdigit(*bp)) - bp++; - while (isspace(*bp) || *bp == '.') - bp++; - } - return(GSS_S_COMPLETE); - } - else { - free(*oid); - *oid = GSS_C_NO_OID; - } + if (((*oid)->elements = (void *) malloc(nbytes))) { + (*oid)->length = nbytes; + op = (unsigned char *) (*oid)->elements; + bp = startp; + (void) sscanf((char *)bp, "%ld", &numbuf); + while (isdigit(*bp)) + bp++; + while (isspace(*bp) || *bp == '.') + bp++; + onumbuf = 40*numbuf; + (void) sscanf((char *)bp, "%ld", &numbuf); + onumbuf += numbuf; + *op = (unsigned char) onumbuf; + op++; + while (isdigit(*bp)) + bp++; + while (isspace(*bp) || *bp == '.') + bp++; + while (isdigit(*bp)) { + (void) sscanf((char *)bp, "%ld", &numbuf); + nbytes = 0; + /* Have to fill in the bytes msb-first */ + onumbuf = numbuf; + while (numbuf) { + nbytes++; + numbuf >>= 7; + } + numbuf = onumbuf; + op += nbytes; + i = -1; + while (numbuf) { + op[i] = (unsigned char) numbuf & 0x7f; + if (i != -1) + op[i] |= 0x80; + i--; + numbuf >>= 7; + } + while (isdigit(*bp)) + bp++; + while (isspace(*bp) || *bp == '.') + bp++; + } + return(GSS_S_COMPLETE); + } + else { + free(*oid); + *oid = GSS_C_NO_OID; + } } return(GSS_S_FAILURE); } /* Compose an OID of a prefix and an integer suffix */ OM_uint32 -generic_gss_oid_compose( - OM_uint32 *minor_status, - const char *prefix, - size_t prefix_len, - int suffix, - gss_OID_desc *oid) +generic_gss_oid_compose(OM_uint32 *minor_status, + const char *prefix, + size_t prefix_len, + int suffix, + gss_OID_desc *oid) { int osuffix, i; size_t nbytes; unsigned char *op; if (oid == GSS_C_NO_OID) { - *minor_status = EINVAL; - return GSS_S_FAILURE; + *minor_status = EINVAL; + return GSS_S_FAILURE; } if (oid->length < prefix_len) { - *minor_status = ERANGE; - return GSS_S_FAILURE; + *minor_status = ERANGE; + return GSS_S_FAILURE; } memcpy(oid->elements, prefix, prefix_len); @@ -430,24 +420,24 @@ generic_gss_oid_compose( nbytes = 0; osuffix = suffix; while (suffix) { - nbytes++; - suffix >>= 7; + nbytes++; + suffix >>= 7; } suffix = osuffix; if (oid->length < prefix_len + nbytes) { - *minor_status = ERANGE; - return GSS_S_FAILURE; + *minor_status = ERANGE; + return GSS_S_FAILURE; } op = (unsigned char *) oid->elements + prefix_len + nbytes; i = -1; while (suffix) { - op[i] = (unsigned char)suffix & 0x7f; - if (i != -1) - op[i] |= 0x80; - i--; - suffix >>= 7; + op[i] = (unsigned char)suffix & 0x7f; + if (i != -1) + op[i] |= 0x80; + i--; + suffix >>= 7; } oid->length = prefix_len + nbytes; @@ -457,19 +447,18 @@ generic_gss_oid_compose( } OM_uint32 -generic_gss_oid_decompose( - OM_uint32 *minor_status, - const char *prefix, - size_t prefix_len, - gss_OID_desc *oid, - int *suffix) +generic_gss_oid_decompose(OM_uint32 *minor_status, + const char *prefix, + size_t prefix_len, + gss_OID_desc *oid, + int *suffix) { size_t i, slen; unsigned char *op; if (oid->length < prefix_len || - memcmp(oid->elements, prefix, prefix_len) != 0) { - return GSS_S_BAD_MECH; + memcmp(oid->elements, prefix, prefix_len) != 0) { + return GSS_S_BAD_MECH; } op = (unsigned char *) oid->elements + prefix_len; @@ -479,11 +468,11 @@ generic_gss_oid_decompose( slen = oid->length - prefix_len; for (i = 0; i < slen; i++) { - *suffix = (*suffix << 7) | (op[i] & 0x7f); - if (i + 1 != slen && (op[i] & 0x80) == 0) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } + *suffix = (*suffix << 7) | (op[i] & 0x7f); + if (i + 1 != slen && (op[i] & 0x80) == 0) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } } return GSS_S_COMPLETE; @@ -511,11 +500,9 @@ generic_gss_oid_decompose( * PERFORMANCE OF THIS SOFTWARE. */ OM_uint32 -generic_gss_copy_oid_set( - OM_uint32 *minor_status, - const gss_OID_set_desc * const oidset, - gss_OID_set *new_oidset - ) +generic_gss_copy_oid_set(OM_uint32 *minor_status, + const gss_OID_set_desc * const oidset, + gss_OID_set *new_oidset) { gss_OID_set_desc *copy; OM_uint32 minor = 0; @@ -523,45 +510,45 @@ generic_gss_copy_oid_set( OM_uint32 i; if (minor_status != NULL) - *minor_status = 0; + *minor_status = 0; if (new_oidset != NULL) - *new_oidset = GSS_C_NO_OID_SET; + *new_oidset = GSS_C_NO_OID_SET; if (oidset == GSS_C_NO_OID_SET) - return (GSS_S_CALL_INACCESSIBLE_READ); + return (GSS_S_CALL_INACCESSIBLE_READ); if (new_oidset == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); if ((copy = (gss_OID_set_desc *) calloc(1, sizeof (*copy))) == NULL) { - major = GSS_S_FAILURE; - goto done; + major = GSS_S_FAILURE; + goto done; } if ((copy->elements = (gss_OID_desc *) - calloc(oidset->count, sizeof (*copy->elements))) == NULL) { - major = GSS_S_FAILURE; - goto done; + calloc(oidset->count, sizeof (*copy->elements))) == NULL) { + major = GSS_S_FAILURE; + goto done; } copy->count = oidset->count; for (i = 0; i < copy->count; i++) { - gss_OID_desc *out = ©->elements[i]; - gss_OID_desc *in = &oidset->elements[i]; - - if ((out->elements = (void *) malloc(in->length)) == NULL) { - major = GSS_S_FAILURE; - goto done; - } - (void) memcpy(out->elements, in->elements, in->length); - out->length = in->length; + gss_OID_desc *out = ©->elements[i]; + gss_OID_desc *in = &oidset->elements[i]; + + if ((out->elements = (void *) malloc(in->length)) == NULL) { + major = GSS_S_FAILURE; + goto done; + } + (void) memcpy(out->elements, in->elements, in->length); + out->length = in->length; } *new_oidset = copy; done: if (major != GSS_S_COMPLETE) { - (void) gss_release_oid_set(&minor, ©); + (void) gss_release_oid_set(&minor, ©); } return (major); diff --git a/src/lib/gssapi/generic/rel_buffer.c b/src/lib/gssapi/generic/rel_buffer.c index 8b35e80..fb67123 100644 --- a/src/lib/gssapi/generic/rel_buffer.c +++ b/src/lib/gssapi/generic/rel_buffer.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* #ident "@(#)g_rel_buffer.c 1.2 96/02/06 SMI" */ /* diff --git a/src/lib/gssapi/generic/rel_oid_set.c b/src/lib/gssapi/generic/rel_oid_set.c index 137a513..61c15cd 100644 --- a/src/lib/gssapi/generic/rel_oid_set.c +++ b/src/lib/gssapi/generic/rel_oid_set.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* #ident "@(#)gss_release_oid_set.c 1.12 95/08/23 SMI" */ /* diff --git a/src/lib/gssapi/generic/util_buffer.c b/src/lib/gssapi/generic/util_buffer.c index b707d15..cd16862 100644 --- a/src/lib/gssapi/generic/util_buffer.c +++ b/src/lib/gssapi/generic/util_buffer.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_buffer_set.c b/src/lib/gssapi/generic/util_buffer_set.c index 1e506e7..46ec66c 100644 --- a/src/lib/gssapi/generic/util_buffer_set.c +++ b/src/lib/gssapi/generic/util_buffer_set.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -31,16 +32,16 @@ #include <string.h> #include <errno.h> -OM_uint32 generic_gss_create_empty_buffer_set - (OM_uint32 * minor_status, - gss_buffer_set_t *buffer_set) +OM_uint32 +generic_gss_create_empty_buffer_set(OM_uint32 * minor_status, + gss_buffer_set_t *buffer_set) { gss_buffer_set_t set; set = (gss_buffer_set_desc *) malloc(sizeof(*set)); if (set == GSS_C_NO_BUFFER_SET) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; + *minor_status = ENOMEM; + return GSS_S_FAILURE; } set->count = 0; @@ -52,38 +53,38 @@ OM_uint32 generic_gss_create_empty_buffer_set return GSS_S_COMPLETE; } -OM_uint32 generic_gss_add_buffer_set_member - (OM_uint32 * minor_status, - const gss_buffer_t member_buffer, - gss_buffer_set_t *buffer_set) +OM_uint32 +generic_gss_add_buffer_set_member(OM_uint32 * minor_status, + const gss_buffer_t member_buffer, + gss_buffer_set_t *buffer_set) { gss_buffer_set_t set; gss_buffer_t p; OM_uint32 ret; if (*buffer_set == GSS_C_NO_BUFFER_SET) { - ret = generic_gss_create_empty_buffer_set(minor_status, - buffer_set); - if (ret) { - return ret; - } + ret = generic_gss_create_empty_buffer_set(minor_status, + buffer_set); + if (ret) { + return ret; + } } set = *buffer_set; set->elements = (gss_buffer_desc *)realloc(set->elements, - (set->count + 1) * - sizeof(gss_buffer_desc)); + (set->count + 1) * + sizeof(gss_buffer_desc)); if (set->elements == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; + *minor_status = ENOMEM; + return GSS_S_FAILURE; } p = &set->elements[set->count]; p->value = malloc(member_buffer->length); if (p->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; + *minor_status = ENOMEM; + return GSS_S_FAILURE; } memcpy(p->value, member_buffer->value, member_buffer->length); p->length = member_buffer->length; @@ -94,9 +95,9 @@ OM_uint32 generic_gss_add_buffer_set_member return GSS_S_COMPLETE; } -OM_uint32 generic_gss_release_buffer_set - (OM_uint32 * minor_status, - gss_buffer_set_t *buffer_set) +OM_uint32 +generic_gss_release_buffer_set(OM_uint32 * minor_status, + gss_buffer_set_t *buffer_set) { size_t i; OM_uint32 minor; @@ -104,16 +105,16 @@ OM_uint32 generic_gss_release_buffer_set *minor_status = 0; if (*buffer_set == GSS_C_NO_BUFFER_SET) { - return GSS_S_COMPLETE; + return GSS_S_COMPLETE; } for (i = 0; i < (*buffer_set)->count; i++) { - generic_gss_release_buffer(&minor, &((*buffer_set)->elements[i])); + generic_gss_release_buffer(&minor, &((*buffer_set)->elements[i])); } if ((*buffer_set)->elements != NULL) { - free((*buffer_set)->elements); - (*buffer_set)->elements = NULL; + free((*buffer_set)->elements); + (*buffer_set)->elements = NULL; } (*buffer_set)->count = 0; diff --git a/src/lib/gssapi/generic/util_canonhost.c b/src/lib/gssapi/generic/util_canonhost.c index 6e95318..e27d656 100644 --- a/src/lib/gssapi/generic/util_canonhost.c +++ b/src/lib/gssapi/generic/util_canonhost.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_errmap.c b/src/lib/gssapi/generic/util_errmap.c index 2634e66..5a863b6 100644 --- a/src/lib/gssapi/generic/util_errmap.c +++ b/src/lib/gssapi/generic/util_errmap.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/generic/util_localhost.c b/src/lib/gssapi/generic/util_localhost.c index 85e0980..7956a07 100644 --- a/src/lib/gssapi/generic/util_localhost.c +++ b/src/lib/gssapi/generic/util_localhost.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_ordering.c b/src/lib/gssapi/generic/util_ordering.c index 274790e..95609a9 100644 --- a/src/lib/gssapi/generic/util_ordering.c +++ b/src/lib/gssapi/generic/util_ordering.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -133,8 +133,8 @@ g_order_check(void **vqueue, gssint_uint64 seqnum) seqnum -= q->firstnum; /* If we're only doing 32-bit values, adjust for that again. - Note that this will probably be the wrong thing to if we get - 2**32 messages sent with 32-bit sequence numbers. */ + Note that this will probably be the wrong thing to if we get + 2**32 messages sent with 32-bit sequence numbers. */ seqnum &= q->mask; /* rule 1: expected sequence number */ @@ -160,16 +160,16 @@ g_order_check(void **vqueue, gssint_uint64 seqnum) if ((seqnum < QELEM(q,q->start)) && /* Is top bit of whatever width we're using set? - We used to check for greater than or equal to firstnum, but - (1) we've since switched to compute values relative to - firstnum, so the lowest we can have is 0, and (2) the effect - of the original scheme was highly dependent on whether - firstnum was close to either side of 0. (Consider - firstnum==0xFFFFFFFE and we miss three packets; the next - packet is *new* but would look old.) + We used to check for greater than or equal to firstnum, but + (1) we've since switched to compute values relative to + firstnum, so the lowest we can have is 0, and (2) the effect + of the original scheme was highly dependent on whether + firstnum was close to either side of 0. (Consider + firstnum==0xFFFFFFFE and we miss three packets; the next + packet is *new* but would look old.) - This check should give us 2**31 or 2**63 messages "new", and - just as many "old". That's not quite right either. */ + This check should give us 2**31 or 2**63 messages "new", and + just as many "old". That's not quite right either. */ (seqnum & (1 + (q->mask >> 1))) ) { if (q->do_replay && !q->do_sequence) diff --git a/src/lib/gssapi/generic/util_set.c b/src/lib/gssapi/generic/util_set.c index d437f1e..8866f52 100644 --- a/src/lib/gssapi/generic/util_set.c +++ b/src/lib/gssapi/generic/util_set.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_token.c b/src/lib/gssapi/generic/util_token.c index b597788..3acbd8e 100644 --- a/src/lib/gssapi/generic/util_token.c +++ b/src/lib/gssapi/generic/util_token.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_validate.c b/src/lib/gssapi/generic/util_validate.c index 00dac32..afb47ea 100644 --- a/src/lib/gssapi/generic/util_validate.c +++ b/src/lib/gssapi/generic/util_validate.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/utl_nohash_validate.c b/src/lib/gssapi/generic/utl_nohash_validate.c index d221b37..066780a 100644 --- a/src/lib/gssapi/generic/utl_nohash_validate.c +++ b/src/lib/gssapi/generic/utl_nohash_validate.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1990,1994 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/Makefile.in b/src/lib/gssapi/krb5/Makefile.in index 601acc5..01591b2 100644 --- a/src/lib/gssapi/krb5/Makefile.in +++ b/src/lib/gssapi/krb5/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/gssapi/krb5 mydir=lib/gssapi/krb5 BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I. -I$(srcdir) -I$(srcdir)/.. -I../generic -I$(srcdir)/../generic -I../mechglue -I$(srcdir)/../mechglue @@ -230,8 +228,10 @@ $(GSSAPI_KRB5_HDR): gssapi_krb5.h all-unix:: $(SRCS) $(HDRS) $(GSSAPI_KRB5_HDR) includes all-unix:: all-libobjs -error_map.h: $(SRCTOP)/util/gen-map.pl $(SRCTOP)/util/ktemplate.pm Makefile - $(PERL) -I$(SRCTOP)/util $(SRCTOP)/util/gen-map.pl -oerror_map.new \ +error_map.h: $(top_srcdir)/util/gen-map.pl \ + $(top_srcdir)/util/ktemplate.pm Makefile + $(PERL) -I$(top_srcdir)/util $(top_srcdir)/util/gen-map.pl \ + -oerror_map.new \ NAME=gsserrmap \ KEY=OM_uint32 \ VALUE="char *" \ diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index ccfdb5c..ce3075f 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2004, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -292,104 +292,104 @@ static OM_uint32 kg_accept_dce(minor_status, context_handle, verifier_cred_handle, input_token, input_chan_bindings, src_name, mech_type, output_token, ret_flags, time_rec, delegated_cred_handle) - OM_uint32 *minor_status; - gss_ctx_id_t *context_handle; - gss_cred_id_t verifier_cred_handle; - gss_buffer_t input_token; - gss_channel_bindings_t input_chan_bindings; - gss_name_t *src_name; - gss_OID *mech_type; - gss_buffer_t output_token; - OM_uint32 *ret_flags; - OM_uint32 *time_rec; - gss_cred_id_t *delegated_cred_handle; + OM_uint32 *minor_status; + gss_ctx_id_t *context_handle; + gss_cred_id_t verifier_cred_handle; + gss_buffer_t input_token; + gss_channel_bindings_t input_chan_bindings; + gss_name_t *src_name; + gss_OID *mech_type; + gss_buffer_t output_token; + OM_uint32 *ret_flags; + OM_uint32 *time_rec; + gss_cred_id_t *delegated_cred_handle; { - krb5_error_code code; - krb5_gss_ctx_id_rec *ctx = 0; - krb5_timestamp now; - krb5_gss_name_t name = NULL; - krb5_ui_4 nonce = 0; - krb5_data ap_rep; - OM_uint32 major_status = GSS_S_FAILURE; - - output_token->length = 0; - output_token->value = NULL; - - if (mech_type) - *mech_type = GSS_C_NULL_OID; - /* return a bogus cred handle */ - if (delegated_cred_handle) - *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - ctx = (krb5_gss_ctx_id_rec *)*context_handle; - - code = krb5_timeofday(ctx->k5_context, &now); - if (code != 0) { - major_status = GSS_S_FAILURE; - goto fail; - } - - if (ctx->krb_times.endtime < now) { - code = 0; - major_status = GSS_S_CREDENTIALS_EXPIRED; - goto fail; - } - - ap_rep.data = input_token->value; - ap_rep.length = input_token->length; - - code = krb5_rd_rep_dce(ctx->k5_context, - ctx->auth_context, - &ap_rep, - &nonce); - if (code != 0) { - major_status = GSS_S_FAILURE; - goto fail; - } - - ctx->established = 1; - - if (src_name) { - if ((code = kg_duplicate_name(ctx->k5_context, ctx->there, - KG_INIT_NAME_INTERN, &name))) { - major_status = GSS_S_FAILURE; - goto fail; - } - *src_name = (gss_name_t) name; - } - - if (mech_type) - *mech_type = ctx->mech_used; - - if (time_rec) - *time_rec = ctx->krb_times.endtime - now; - - if (ret_flags) - *ret_flags = ctx->gss_flags; - - /* XXX no support for delegated credentials yet */ - - *minor_status = 0; - - return GSS_S_COMPLETE; - - fail: - /* real failure code follows */ - - (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx, - NULL); - *context_handle = GSS_C_NO_CONTEXT; - *minor_status = code; - - return major_status; + krb5_error_code code; + krb5_gss_ctx_id_rec *ctx = 0; + krb5_timestamp now; + krb5_gss_name_t name = NULL; + krb5_ui_4 nonce = 0; + krb5_data ap_rep; + OM_uint32 major_status = GSS_S_FAILURE; + + output_token->length = 0; + output_token->value = NULL; + + if (mech_type) + *mech_type = GSS_C_NULL_OID; + /* return a bogus cred handle */ + if (delegated_cred_handle) + *delegated_cred_handle = GSS_C_NO_CREDENTIAL; + + ctx = (krb5_gss_ctx_id_rec *)*context_handle; + + code = krb5_timeofday(ctx->k5_context, &now); + if (code != 0) { + major_status = GSS_S_FAILURE; + goto fail; + } + + if (ctx->krb_times.endtime < now) { + code = 0; + major_status = GSS_S_CREDENTIALS_EXPIRED; + goto fail; + } + + ap_rep.data = input_token->value; + ap_rep.length = input_token->length; + + code = krb5_rd_rep_dce(ctx->k5_context, + ctx->auth_context, + &ap_rep, + &nonce); + if (code != 0) { + major_status = GSS_S_FAILURE; + goto fail; + } + + ctx->established = 1; + + if (src_name) { + if ((code = kg_duplicate_name(ctx->k5_context, ctx->there, + KG_INIT_NAME_INTERN, &name))) { + major_status = GSS_S_FAILURE; + goto fail; + } + *src_name = (gss_name_t) name; + } + + if (mech_type) + *mech_type = ctx->mech_used; + + if (time_rec) + *time_rec = ctx->krb_times.endtime - now; + + if (ret_flags) + *ret_flags = ctx->gss_flags; + + /* XXX no support for delegated credentials yet */ + + *minor_status = 0; + + return GSS_S_COMPLETE; + +fail: + /* real failure code follows */ + + (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx, + NULL); + *context_handle = GSS_C_NO_CONTEXT; + *minor_status = code; + + return major_status; } static OM_uint32 kg_accept_krb5(minor_status, context_handle, - verifier_cred_handle, input_token, - input_chan_bindings, src_name, mech_type, - output_token, ret_flags, time_rec, - delegated_cred_handle) + verifier_cred_handle, input_token, + input_chan_bindings, src_name, mech_type, + output_token, ret_flags, time_rec, + delegated_cred_handle) OM_uint32 *minor_status; gss_ctx_id_t *context_handle; gss_cred_id_t verifier_cred_handle; @@ -437,7 +437,6 @@ kg_accept_krb5(minor_status, context_handle, int no_encap = 0; krb5_flags ap_req_options = 0; krb5_enctype negotiated_etype; - krb5_keyblock *keyblock = NULL; krb5_authdata_context ad_context = NULL; code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); @@ -608,39 +607,37 @@ kg_accept_krb5(minor_status, context_handle, } #endif - if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) { - /* Samba does not send 0x8003 GSS-API checksums */ - krb5_boolean valid; - krb5_keyblock *subkey; - krb5_data zero; - - code = krb5_auth_con_getkey(context, auth_context, &subkey); - if (code) { - major_status = GSS_S_FAILURE; - goto fail; - } - - zero.length = 0; - zero.data = ""; - - code = krb5_c_verify_checksum(context, - subkey, - KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, - &zero, - authdat->checksum, - &valid); - if (code || !valid) { - major_status = GSS_S_BAD_SIG; - krb5_free_keyblock(context, subkey); - goto fail; - } - - gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; - bigend = 0; - decode_req_message = 0; - - krb5_free_keyblock(context, subkey); - } else { + if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) { + /* Samba does not send 0x8003 GSS-API checksums */ + krb5_boolean valid; + krb5_key subkey; + krb5_data zero; + + code = krb5_auth_con_getkey_k(context, auth_context, &subkey); + if (code) { + major_status = GSS_S_FAILURE; + goto fail; + } + + zero.length = 0; + zero.data = ""; + + code = krb5_k_verify_checksum(context, + subkey, + KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, + &zero, + authdat->checksum, + &valid); + krb5_k_free_key(context, subkey); + if (code || !valid) { + major_status = GSS_S_BAD_SIG; + goto fail; + } + + gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + bigend = 0; + decode_req_message = 0; + } else { /* gss krb5 v1 */ /* stash this now, for later. */ @@ -859,9 +856,9 @@ kg_accept_krb5(minor_status, context_handle, /* XXX move this into gss_name_t */ if ( (code = krb5_merge_authdata(context, - ticket->enc_part2->authorization_data, + ticket->enc_part2->authorization_data, authdat->authorization_data, - &ctx->authdata))) { + &ctx->authdata))) { major_status = GSS_S_FAILURE; goto fail; } @@ -883,22 +880,23 @@ kg_accept_krb5(minor_status, context_handle, authdat->client = NULL; krb5_auth_con_set_authdata_context(context, auth_context, NULL); - if ((code = krb5_auth_con_getrecvsubkey(context, auth_context, - &keyblock))) { + if ((code = krb5_auth_con_getrecvsubkey_k(context, auth_context, + &ctx->subkey))) { major_status = GSS_S_FAILURE; goto fail; } /* use the session key if the subkey isn't present */ - if (keyblock == NULL) { - if ((code = krb5_auth_con_getkey(context, auth_context, &keyblock))) { + if (ctx->subkey == NULL) { + if ((code = krb5_auth_con_getkey_k(context, auth_context, + &ctx->subkey))) { major_status = GSS_S_FAILURE; goto fail; } } - if (keyblock == NULL) { + if (ctx->subkey == NULL) { /* this isn't a very good error, but it's not clear to me this can actually happen */ major_status = GSS_S_FAILURE; @@ -906,12 +904,6 @@ kg_accept_krb5(minor_status, context_handle, goto fail; } - code = krb5_k_create_key(context, keyblock, &ctx->subkey); - if (code) { - major_status = GSS_S_FAILURE; - goto fail; - } - ctx->enc = NULL; ctx->seq = NULL; ctx->have_acceptor_subkey = 0; @@ -1038,20 +1030,13 @@ kg_accept_krb5(minor_status, context_handle, if (cfx_generate_subkey) { /* Get the new acceptor subkey. With the code above, there should always be one if we make it to this point. */ - code = krb5_auth_con_getsendsubkey(context, auth_context, - &keyblock); - if (code != 0) { - major_status = GSS_S_FAILURE; - goto fail; - } - code = krb5_k_create_key(context, keyblock, &ctx->acceptor_subkey); + code = krb5_auth_con_getsendsubkey_k(context, auth_context, + &ctx->acceptor_subkey); if (code != 0) { major_status = GSS_S_FAILURE; goto fail; } ctx->have_acceptor_subkey = 1; - krb5_free_keyblock(context, keyblock); - keyblock = NULL; code = kg_setup_keys(context, ctx, ctx->acceptor_subkey, &ctx->acceptor_subkey_cksumtype); @@ -1135,7 +1120,7 @@ kg_accept_krb5(minor_status, context_handle, *src_name = (gss_name_t) name; if (delegated_cred_handle) { - if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) { + if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) { major_status = GSS_S_FAILURE; code = G_VALIDATE_FAILED; goto fail; @@ -1163,8 +1148,6 @@ fail: xfree(reqcksum.contents); if (ap_rep.data) krb5_free_data_contents(context, &ap_rep); - if (keyblock) - krb5_free_keyblock(context, keyblock); if (major_status == GSS_S_COMPLETE || (major_status == GSS_S_CONTINUE_NEEDED && code != KRB5KRB_AP_ERR_MSG_TYPE)) { ctx->k5_context = context; @@ -1305,8 +1288,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, } return kg_accept_krb5(minor_status, context_handle, - verifier_cred_handle, input_token, - input_chan_bindings, src_name, mech_type, - output_token, ret_flags, time_rec, - delegated_cred_handle); + verifier_cred_handle, input_token, + input_chan_bindings, src_name, mech_type, + output_token, ret_flags, time_rec, + delegated_cred_handle); } diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 2c5ca9a..64efa1b 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -724,45 +724,45 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, OM_uint32 gss_krb5int_set_cred_rcache(OM_uint32 *minor_status, - gss_cred_id_t cred_handle, - const gss_OID desired_oid, - const gss_buffer_t value) + gss_cred_id_t cred_handle, + const gss_OID desired_oid, + const gss_buffer_t value) { - krb5_gss_cred_id_t cred; - krb5_error_code code; - krb5_context context; - krb5_rcache rcache; + krb5_gss_cred_id_t cred; + krb5_error_code code; + krb5_context context; + krb5_rcache rcache; - assert(value->length == sizeof(rcache)); + assert(value->length == sizeof(rcache)); - if (value->length != sizeof(rcache)) - return GSS_S_FAILURE; + if (value->length != sizeof(rcache)) + return GSS_S_FAILURE; - rcache = (krb5_rcache)value->value; + rcache = (krb5_rcache)value->value; - if (cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_NO_CRED; + if (cred_handle == GSS_C_NO_CREDENTIAL) + return GSS_S_NO_CRED; - cred = (krb5_gss_cred_id_t)cred_handle; + cred = (krb5_gss_cred_id_t)cred_handle; - code = krb5_gss_init_context(&context); - if (code) { - *minor_status = code; - return GSS_S_FAILURE; - } - if (cred->rcache != NULL) { - code = krb5_rc_close(context, cred->rcache); - if (code) { - *minor_status = code; - krb5_free_context(context); - return GSS_S_FAILURE; - } - } + code = krb5_gss_init_context(&context); + if (code) { + *minor_status = code; + return GSS_S_FAILURE; + } + if (cred->rcache != NULL) { + code = krb5_rc_close(context, cred->rcache); + if (code) { + *minor_status = code; + krb5_free_context(context); + return GSS_S_FAILURE; + } + } - cred->rcache = rcache; + cred->rcache = rcache; - krb5_free_context(context); + krb5_free_context(context); - *minor_status = 0; - return GSS_S_COMPLETE; + *minor_status = 0; + return GSS_S_COMPLETE; } diff --git a/src/lib/gssapi/krb5/add_cred.c b/src/lib/gssapi/krb5/add_cred.c index cb14a5c..6f6707c 100644 --- a/src/lib/gssapi/krb5/add_cred.c +++ b/src/lib/gssapi/krb5/add_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/canon_name.c b/src/lib/gssapi/krb5/canon_name.c index b4f4d4b..3dd01dc 100644 --- a/src/lib/gssapi/krb5/canon_name.c +++ b/src/lib/gssapi/krb5/canon_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/canon_name.c * diff --git a/src/lib/gssapi/krb5/compare_name.c b/src/lib/gssapi/krb5/compare_name.c index 1e106da..14f7076 100644 --- a/src/lib/gssapi/krb5/compare_name.c +++ b/src/lib/gssapi/krb5/compare_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/context_time.c b/src/lib/gssapi/krb5/context_time.c index b263b50..df8e088 100644 --- a/src/lib/gssapi/krb5/context_time.c +++ b/src/lib/gssapi/krb5/context_time.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/copy_ccache.c b/src/lib/gssapi/krb5/copy_ccache.c index 19fe1d7..632c866 100644 --- a/src/lib/gssapi/krb5/copy_ccache.c +++ b/src/lib/gssapi/krb5/copy_ccache.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "gssapiP_krb5.h" OM_uint32 KRB5_CALLCONV diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c index 2032d55..d6b49a0 100644 --- a/src/lib/gssapi/krb5/delete_sec_context.c +++ b/src/lib/gssapi/krb5/delete_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/deps b/src/lib/gssapi/krb5/deps index 3b1953b..d12ddba 100644 --- a/src/lib/gssapi/krb5/deps +++ b/src/lib/gssapi/krb5/deps @@ -5,692 +5,730 @@ accept_sec_context.so accept_sec_context.po $(OUTPRE)accept_sec_context.$(OBJEXT $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - accept_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \ - gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h accept_sec_context.c \ + gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h acquire_cred.so acquire_cred.po $(OUTPRE)acquire_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - acquire_cred.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h acquire_cred.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h add_cred.so add_cred.po $(OUTPRE)add_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - add_cred.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h add_cred.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h canon_name.so canon_name.po $(OUTPRE)canon_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - canon_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h canon_name.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h compare_name.so compare_name.po $(OUTPRE)compare_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - compare_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h compare_name.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h context_time.so context_time.po $(OUTPRE)context_time.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - context_time.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h context_time.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h copy_ccache.so copy_ccache.po $(OUTPRE)copy_ccache.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - copy_ccache.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h copy_ccache.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h delete_sec_context.so delete_sec_context.po $(OUTPRE)delete_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - delete_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \ - gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h delete_sec_context.c \ + gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h disp_name.so disp_name.po $(OUTPRE)disp_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - disp_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h disp_name.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h disp_status.so disp_status.po $(OUTPRE)disp_status.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - disp_status.c error_map.h gssapiP_krb5.h gssapi_err_krb5.h \ - gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h disp_status.c error_map.h \ + gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h duplicate_name.so duplicate_name.po $(OUTPRE)duplicate_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - duplicate_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h duplicate_name.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h export_name.so export_name.po $(OUTPRE)export_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - export_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h export_name.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h export_sec_context.so export_sec_context.po $(OUTPRE)export_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - export_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \ - gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h export_sec_context.c \ + gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h get_tkt_flags.so get_tkt_flags.po $(OUTPRE)get_tkt_flags.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - get_tkt_flags.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h get_tkt_flags.c gssapiP_krb5.h \ + gssapi_err_krb5.h gssapi_krb5.h gssapi_krb5.so gssapi_krb5.po $(OUTPRE)gssapi_krb5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \ - $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.c gssapi_krb5.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.c gssapi_krb5.h import_name.so import_name.po $(OUTPRE)import_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h import_name.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h import_name.c import_sec_context.so import_sec_context.po $(OUTPRE)import_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h import_sec_context.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h import_sec_context.c indicate_mechs.so indicate_mechs.po $(OUTPRE)indicate_mechs.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \ - $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h indicate_mechs.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h indicate_mechs.c init_sec_context.so init_sec_context.po $(OUTPRE)init_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h init_sec_context.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h init_sec_context.c inq_context.so inq_context.po $(OUTPRE)inq_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_context.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h inq_context.c inq_cred.so inq_cred.po $(OUTPRE)inq_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_cred.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h inq_cred.c inq_names.so inq_names.po $(OUTPRE)inq_names.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_names.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h inq_names.c k5seal.so k5seal.po $(OUTPRE)k5seal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h k5seal.c k5sealiov.so k5sealiov.po $(OUTPRE)k5sealiov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealiov.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h k5sealiov.c k5sealv3.so k5sealv3.po $(OUTPRE)k5sealv3.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealv3.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h k5sealv3.c k5sealv3iov.so k5sealv3iov.po $(OUTPRE)k5sealv3iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealv3iov.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h k5sealv3iov.c k5unseal.so k5unseal.po $(OUTPRE)k5unseal.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5unseal.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h k5unseal.c k5unsealiov.so k5unsealiov.po $(OUTPRE)k5unsealiov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5unsealiov.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h k5unsealiov.c krb5_gss_glue.so krb5_gss_glue.po $(OUTPRE)krb5_gss_glue.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h krb5_gss_glue.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h krb5_gss_glue.c lucid_context.so lucid_context.po $(OUTPRE)lucid_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h lucid_context.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h lucid_context.c naming_exts.so naming_exts.po $(OUTPRE)naming_exts.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h naming_exts.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h naming_exts.c process_context_token.so process_context_token.po $(OUTPRE)process_context_token.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h process_context_token.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h process_context_token.c rel_cred.so rel_cred.po $(OUTPRE)rel_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h rel_cred.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h rel_cred.c rel_oid.so rel_oid.po $(OUTPRE)rel_oid.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h rel_oid.c rel_name.so rel_name.po $(OUTPRE)rel_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h rel_name.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h rel_name.c s4u_gss_glue.so s4u_gss_glue.po $(OUTPRE)s4u_gss_glue.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h s4u_gss_glue.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h s4u_gss_glue.c seal.so seal.po $(OUTPRE)seal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h seal.c set_allowable_enctypes.so set_allowable_enctypes.po \ $(OUTPRE)set_allowable_enctypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h set_allowable_enctypes.c ser_sctx.so ser_sctx.po $(OUTPRE)ser_sctx.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h ser_sctx.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h ser_sctx.c set_ccache.so set_ccache.po $(OUTPRE)set_ccache.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h set_ccache.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h set_ccache.c sign.so sign.po $(OUTPRE)sign.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h sign.c unseal.so unseal.po $(OUTPRE)unseal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h unseal.c util_cksum.so util_cksum.po $(OUTPRE)util_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_cksum.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h util_cksum.c util_crypt.so util_crypt.po $(OUTPRE)util_crypt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_crypt.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h util_crypt.c util_seed.so util_seed.po $(OUTPRE)util_seed.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_seed.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h util_seed.c util_seqnum.so util_seqnum.po $(OUTPRE)util_seqnum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_seqnum.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h util_seqnum.c val_cred.so val_cred.po $(OUTPRE)val_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h val_cred.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h val_cred.c verify.so verify.po $(OUTPRE)verify.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ gssapi_krb5.h verify.c wrap_size_limit.so wrap_size_limit.po $(OUTPRE)wrap_size_limit.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \ - gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h wrap_size_limit.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \ + gssapi_krb5.h wrap_size_limit.c diff --git a/src/lib/gssapi/krb5/disp_name.c b/src/lib/gssapi/krb5/disp_name.c index 676dc4d..ac576f5 100644 --- a/src/lib/gssapi/krb5/disp_name.c +++ b/src/lib/gssapi/krb5/disp_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/disp_status.c b/src/lib/gssapi/krb5/disp_status.c index 6cc1bc1..6b164c2 100644 --- a/src/lib/gssapi/krb5/disp_status.c +++ b/src/lib/gssapi/krb5/disp_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c index 6783493..c054d74 100644 --- a/src/lib/gssapi/krb5/duplicate_name.c +++ b/src/lib/gssapi/krb5/duplicate_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/duplicate_name.c * diff --git a/src/lib/gssapi/krb5/export_name.c b/src/lib/gssapi/krb5/export_name.c index 67d9ce0..52c2440 100644 --- a/src/lib/gssapi/krb5/export_name.c +++ b/src/lib/gssapi/krb5/export_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/export_name.c * diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index f408d09..271c58c 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/export_sec_context.c * diff --git a/src/lib/gssapi/krb5/get_tkt_flags.c b/src/lib/gssapi/krb5/get_tkt_flags.c index 29126d6..07f0c97 100644 --- a/src/lib/gssapi/krb5/get_tkt_flags.c +++ b/src/lib/gssapi/krb5/get_tkt_flags.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h index fae3c83..2ac4b3a 100644 --- a/src/lib/gssapi/krb5/gssapiP_krb5.h +++ b/src/lib/gssapi/krb5/gssapiP_krb5.h @@ -299,14 +299,14 @@ krb5_error_code kg_encrypt_iov (krb5_context context, int iov_count); krb5_error_code -kg_arcfour_docrypt (const krb5_keyblock *longterm_key , int ms_usage, +kg_arcfour_docrypt (const krb5_keyblock *keyblock, int usage, const unsigned char *kd_data, size_t kd_data_len, const unsigned char *input_buf, size_t input_len, unsigned char *output_buf); krb5_error_code kg_arcfour_docrypt_iov (krb5_context context, - const krb5_keyblock *longterm_key , int ms_usage, + const krb5_keyblock *keyblock, int usage, const unsigned char *kd_data, size_t kd_data_len, gss_iov_buffer_desc *iov, int iov_count); diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index a6a9fad..b68bc9a 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -306,9 +306,9 @@ kg_set_ccache_name (OM_uint32 *minor_status, const char *name) return GSS_S_COMPLETE; } -#define g_OID_prefix_equal(o1, o2) \ - (((o1)->length >= (o2)->length) && \ - (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0)) +#define g_OID_prefix_equal(o1, o2) \ + (((o1)->length >= (o2)->length) && \ + (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0)) /* * gss_inquire_sec_context_by_oid() methods @@ -370,7 +370,7 @@ krb5_gss_inquire_sec_context_by_oid (OM_uint32 *minor_status, return GSS_S_NO_CONTEXT; for (i = 0; i < sizeof(krb5_gss_inquire_sec_context_by_oid_ops)/ - sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) { + sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_sec_context_by_oid_ops[i].oid)) { return (*krb5_gss_inquire_sec_context_by_oid_ops[i].func)(minor_status, context_handle, @@ -432,7 +432,7 @@ krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status, #if 0 for (i = 0; i < sizeof(krb5_gss_inquire_cred_by_oid_ops)/ - sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) { + sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_cred_by_oid_ops[i].oid)) { return (*krb5_gss_inquire_cred_by_oid_ops[i].func)(minor_status, cred_handle, @@ -488,7 +488,7 @@ krb5_gss_set_sec_context_option (OM_uint32 *minor_status, #if 0 for (i = 0; i < sizeof(krb5_gss_set_sec_context_option_ops)/ - sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) { + sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_set_sec_context_option_ops[i].oid)) { return (*krb5_gss_set_sec_context_option_ops[i].func)(minor_status, context_handle, @@ -551,7 +551,7 @@ krb5_gssspi_set_cred_option(OM_uint32 *minor_status, return major_status; for (i = 0; i < sizeof(krb5_gssspi_set_cred_option_ops)/ - sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) { + sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gssspi_set_cred_option_ops[i].oid)) { return (*krb5_gssspi_set_cred_option_ops[i].func)(minor_status, cred_handle, @@ -610,7 +610,7 @@ krb5_gssspi_mech_invoke (OM_uint32 *minor_status, return GSS_S_CALL_INACCESSIBLE_READ; for (i = 0; i < sizeof(krb5_gssspi_mech_invoke_ops)/ - sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) { + sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gssspi_mech_invoke_ops[i].oid)) { return (*krb5_gssspi_mech_invoke_ops[i].func)(minor_status, desired_mech, diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index b336195..cd2748b 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index b31d7ac..d4ef1e3 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/import_sec_context.c * diff --git a/src/lib/gssapi/krb5/indicate_mechs.c b/src/lib/gssapi/krb5/indicate_mechs.c index d744af7..7707f65 100644 --- a/src/lib/gssapi/krb5/indicate_mechs.c +++ b/src/lib/gssapi/krb5/indicate_mechs.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index e04818f..9b6f3ec 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2002, 2003, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -152,8 +152,8 @@ static krb5_error_code get_credentials(context, cred, server, now, krb5_creds mcreds; flags |= KRB5_GC_CANONICALIZE | - KRB5_GC_NO_STORE | - KRB5_GC_CONSTRAINED_DELEGATION; + KRB5_GC_NO_STORE | + KRB5_GC_CONSTRAINED_DELEGATION; memset(&mcreds, 0, sizeof(mcreds)); @@ -765,9 +765,9 @@ mutual_auth( ap_rep.length = input_token->length; ap_rep.data = (char *)input_token->value; } else if (g_verify_token_header(ctx->mech_used, - &(ap_rep.length), - &ptr, KG_TOK_CTX_AP_REP, - input_token->length, 1)) { + &(ap_rep.length), + &ptr, KG_TOK_CTX_AP_REP, + input_token->length, 1)) { if (g_verify_token_header((gss_OID) ctx->mech_used, &(ap_rep.length), &ptr, KG_TOK_CTX_ERROR, @@ -1006,11 +1006,11 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, /*SUPPRESS 29*/ if (*context_handle == GSS_C_NO_CONTEXT) { major_status = kg_new_connection(minor_status, cred, context_handle, - target_name, mech_type, req_flags, - time_req, input_chan_bindings, - input_token, actual_mech_type, - output_token, ret_flags, time_rec, - context, default_mech); + target_name, mech_type, req_flags, + time_req, input_chan_bindings, + input_token, actual_mech_type, + output_token, ret_flags, time_rec, + context, default_mech); k5_mutex_unlock(&cred->lock); if (*context_handle == GSS_C_NO_CONTEXT) { save_error_info (*minor_status, context); diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c index eaf1c4d..64604c4 100644 --- a/src/lib/gssapi/krb5/inq_context.c +++ b/src/lib/gssapi/krb5/inq_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -235,10 +235,10 @@ cleanup: OM_uint32 gss_krb5int_extract_authz_data_from_sec_context( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) + OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_OID desired_object, + gss_buffer_set_t *data_set) { OM_uint32 major_status; krb5_gss_ctx_id_rec *ctx; diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c index 5c358eb..9af0e4e 100644 --- a/src/lib/gssapi/krb5/inq_cred.c +++ b/src/lib/gssapi/krb5/inq_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2007 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/inq_names.c b/src/lib/gssapi/krb5/inq_names.c index 5db0ae0..a3de420 100644 --- a/src/lib/gssapi/krb5/inq_names.c +++ b/src/lib/gssapi/krb5/inq_names.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/inq_names.c * diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c index d071462..51faaaa 100644 --- a/src/lib/gssapi/krb5/k5seal.c +++ b/src/lib/gssapi/krb5/k5seal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -336,10 +336,10 @@ kg_seal(minor_status, context_handle, conf_req_flag, qop_req, /* Only default qop or matching established cryptosystem is allowed. - There are NO EXTENSIONS to this set for AES and friends! The - new spec says "just use 0". The old spec plus extensions would - actually allow for certain non-zero values. Fix this to handle - them later. */ + There are NO EXTENSIONS to this set for AES and friends! The + new spec says "just use 0". The old spec plus extensions would + actually allow for certain non-zero values. Fix this to handle + them later. */ if (qop_req != 0) { *minor_status = (OM_uint32) G_UNKNOWN_QOP; return GSS_S_FAILURE; diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c index 8eb5310..9ff823e 100644 --- a/src/lib/gssapi/krb5/k5sealiov.c +++ b/src/lib/gssapi/krb5/k5sealiov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealiov.c * @@ -336,9 +336,9 @@ kg_seal_iov(OM_uint32 *minor_status, return (ctx->krb_times.endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; } -#define INIT_IOV_DATA(_iov) do { (_iov)->buffer.value = NULL; \ - (_iov)->buffer.length = 0; } \ - while (0) +#define INIT_IOV_DATA(_iov) do { (_iov)->buffer.value = NULL; \ + (_iov)->buffer.length = 0; } \ + while (0) OM_uint32 kg_seal_iov_length(OM_uint32 *minor_status, @@ -418,7 +418,7 @@ kg_seal_iov_length(OM_uint32 *minor_status, code = krb5_c_crypto_length(context, enctype, conf_req_flag ? - KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM, + KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM, &k5_trailerlen); if (code != 0) { *minor_status = code; diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c index ad5c03a..0e9b359 100644 --- a/src/lib/gssapi/krb5/k5sealv3.c +++ b/src/lib/gssapi/krb5/k5sealv3.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealv3.c * @@ -178,7 +178,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, #ifdef CFX_EXERCISE rrc = rand() & 0xffff; if (gss_krb5int_rotate_left(outbuf+16, bufsize-16, - (bufsize-16) - (rrc % (bufsize - 16)))) + (bufsize-16) - (rrc % (bufsize - 16)))) store_16_be(rrc, outbuf+6); /* If the rotate fails, don't worry about it. */ #endif @@ -267,7 +267,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, rrc = rand() & 0xffff; /* If the rotate fails, don't worry about it. */ if (gss_krb5int_rotate_left(outbuf+16, bufsize-16, - (bufsize-16) - (rrc % (bufsize - 16)))) + (bufsize-16) - (rrc % (bufsize - 16)))) store_16_be(rrc, outbuf+6); #endif /* Fix up EC field. */ @@ -352,19 +352,19 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr, /* Two things to note here. - First, we can't really enforce the use of the acceptor's subkey, - if we're the acceptor; the initiator may have sent messages - before getting the subkey. We could probably enforce it if - we're the initiator. - - Second, if someone tweaks the code to not set the flag telling - the krb5 library to generate a new subkey in the AP-REP - message, the MIT library may include a subkey anyways -- - namely, a copy of the AP-REQ subkey, if it was provided. So - the initiator may think we wanted a subkey, and set the flag, - even though we weren't trying to set the subkey. The "other" - key, the one not asserted by the acceptor, will have the same - value in that case, though, so we can just ignore the flag. */ + First, we can't really enforce the use of the acceptor's subkey, + if we're the acceptor; the initiator may have sent messages + before getting the subkey. We could probably enforce it if + we're the initiator. + + Second, if someone tweaks the code to not set the flag telling + the krb5 library to generate a new subkey in the AP-REP + message, the MIT library may include a subkey anyways -- + namely, a copy of the AP-REQ subkey, if it was provided. So + the initiator may think we wanted a subkey, and set the flag, + even though we weren't trying to set the subkey. The "other" + key, the one not asserted by the acceptor, will have the same + value in that case, though, so we can just ignore the flag. */ if (ctx->have_acceptor_subkey && (ptr[2] & FLAG_ACCEPTOR_SUBKEY)) { key = ctx->acceptor_subkey; cksumtype = ctx->acceptor_subkey_cksumtype; @@ -396,8 +396,8 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr, *conf_state = 1; /* Do we have no decrypt_size function? - For all current cryptosystems, the ciphertext size will - be larger than the plaintext size. */ + For all current cryptosystems, the ciphertext size will + be larger than the plaintext size. */ cipher.enctype = key->keyblock.enctype; cipher.ciphertext.length = bodysize - 16; cipher.ciphertext.data = (char *)ptr + 16; diff --git a/src/lib/gssapi/krb5/k5sealv3iov.c b/src/lib/gssapi/krb5/k5sealv3iov.c index b5b9793..f977d9b 100644 --- a/src/lib/gssapi/krb5/k5sealv3iov.c +++ b/src/lib/gssapi/krb5/k5sealv3iov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealv3iov.c * @@ -363,7 +363,7 @@ gss_krb5int_unseal_v3_iov(krb5_context context, code = krb5_c_crypto_length(context, key->keyblock.enctype, conf_flag ? KRB5_CRYPTO_TYPE_TRAILER : - KRB5_CRYPTO_TYPE_CHECKSUM, + KRB5_CRYPTO_TYPE_CHECKSUM, &k5_trailerlen); if (code != 0) { *minor_status = code; diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c index e96dce8..b56cd2d 100644 --- a/src/lib/gssapi/krb5/k5unseal.c +++ b/src/lib/gssapi/krb5/k5unseal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2007 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c index a9896c5..a489f0d 100644 --- a/src/lib/gssapi/krb5/k5unsealiov.c +++ b/src/lib/gssapi/krb5/k5unsealiov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5unsealiov.c * @@ -551,7 +551,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, ttrailer->buffer.length = ec + (conf_req_flag ? 16 : 0 /* E(Header) */) + k5_trailerlen; ttrailer->buffer.value = (unsigned char *)stream->buffer.value + - stream->buffer.length - ttrailer->buffer.length; + stream->buffer.length - ttrailer->buffer.length; break; } case KG_TOK_MIC_MSG: @@ -586,8 +586,8 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, /* validate lengths */ if (stream->buffer.length < theader->buffer.length + - tpadding->buffer.length + - ttrailer->buffer.length) + tpadding->buffer.length + + ttrailer->buffer.length) { code = (OM_uint32)KRB5_BAD_MSIZE; major_status = GSS_S_DEFECTIVE_TOKEN; @@ -596,7 +596,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, /* setup data */ tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length - - tpadding->buffer.length - theader->buffer.length; + tpadding->buffer.length - theader->buffer.length; assert(data != NULL); diff --git a/src/lib/gssapi/krb5/krb5_gss_glue.c b/src/lib/gssapi/krb5/krb5_gss_glue.c index f9bf030..0d87f90 100644 --- a/src/lib/gssapi/krb5/krb5_gss_glue.c +++ b/src/lib/gssapi/krb5/krb5_gss_glue.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -55,10 +55,9 @@ #include "gssapiP_krb5.h" OM_uint32 KRB5_CALLCONV -gss_krb5_get_tkt_flags( - OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - krb5_flags *ticket_flags) +gss_krb5_get_tkt_flags(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + krb5_flags *ticket_flags) { static const gss_OID_desc req_oid = { GSS_KRB5_GET_TKT_FLAGS_OID_LENGTH, @@ -93,10 +92,9 @@ gss_krb5_get_tkt_flags( } OM_uint32 KRB5_CALLCONV -gss_krb5_copy_ccache( - OM_uint32 *minor_status, - gss_cred_id_t cred_handle, - krb5_ccache out_ccache) +gss_krb5_copy_ccache(OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + krb5_ccache out_ccache) { static const gss_OID_desc req_oid = { GSS_KRB5_COPY_CCACHE_OID_LENGTH, @@ -119,11 +117,10 @@ gss_krb5_copy_ccache( } OM_uint32 KRB5_CALLCONV -gss_krb5_export_lucid_sec_context( - OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - OM_uint32 version, - void **kctx) +gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + OM_uint32 version, + void **kctx) { unsigned char oid_buf[GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH + 6]; gss_OID_desc req_oid; @@ -174,11 +171,10 @@ gss_krb5_export_lucid_sec_context( } OM_uint32 KRB5_CALLCONV -gss_krb5_set_allowable_enctypes( - OM_uint32 *minor_status, - gss_cred_id_t cred, - OM_uint32 num_ktypes, - krb5_enctype *ktypes) +gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, + gss_cred_id_t cred, + OM_uint32 num_ktypes, + krb5_enctype *ktypes) { static const gss_OID_desc req_oid = { GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID_LENGTH, @@ -202,10 +198,9 @@ gss_krb5_set_allowable_enctypes( } OM_uint32 KRB5_CALLCONV -gss_krb5_ccache_name( - OM_uint32 *minor_status, - const char *name, - const char **out_name) +gss_krb5_ccache_name(OM_uint32 *minor_status, + const char *name, + const char **out_name) { static const gss_OID_desc req_oid = { GSS_KRB5_CCACHE_NAME_OID_LENGTH, @@ -229,9 +224,7 @@ gss_krb5_ccache_name( } OM_uint32 KRB5_CALLCONV -gss_krb5_free_lucid_sec_context( - OM_uint32 *minor_status, - void *kctx) +gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, void *kctx) { static const gss_OID_desc req_oid = { GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID_LENGTH, @@ -306,11 +299,10 @@ krb5_gss_use_kdc_context(void) * into a gss_name_t. */ OM_uint32 KRB5_CALLCONV -gsskrb5_extract_authz_data_from_sec_context( - OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - int ad_type, - gss_buffer_t ad_data) +gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int ad_type, + gss_buffer_t ad_data) { gss_OID_desc req_oid; unsigned char oid_buf[GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH + 6]; @@ -358,10 +350,9 @@ gsskrb5_extract_authz_data_from_sec_context( } OM_uint32 KRB5_CALLCONV -gss_krb5_set_cred_rcache( - OM_uint32 *minor_status, - gss_cred_id_t cred, - krb5_rcache rcache) +gss_krb5_set_cred_rcache(OM_uint32 *minor_status, + gss_cred_id_t cred, + krb5_rcache rcache) { static const gss_OID_desc req_oid = { GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH, diff --git a/src/lib/gssapi/krb5/lucid_context.c b/src/lib/gssapi/krb5/lucid_context.c index fb5a8e7..b1454cf 100644 --- a/src/lib/gssapi/krb5/lucid_context.c +++ b/src/lib/gssapi/krb5/lucid_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/lucid_context.c * diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 4e7247e..8cb21bf 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/naming_exts.c * diff --git a/src/lib/gssapi/krb5/process_context_token.c b/src/lib/gssapi/krb5/process_context_token.c index 9a4d282..ac41ad6 100644 --- a/src/lib/gssapi/krb5/process_context_token.c +++ b/src/lib/gssapi/krb5/process_context_token.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c index b6b2588..05e24b2 100644 --- a/src/lib/gssapi/krb5/rel_cred.c +++ b/src/lib/gssapi/krb5/rel_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_name.c b/src/lib/gssapi/krb5/rel_name.c index 5490b8a..8975865 100644 --- a/src/lib/gssapi/krb5/rel_name.c +++ b/src/lib/gssapi/krb5/rel_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_oid.c b/src/lib/gssapi/krb5/rel_oid.c index 7a08da2..dfa2738 100644 --- a/src/lib/gssapi/krb5/rel_oid.c +++ b/src/lib/gssapi/krb5/rel_oid.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/rel_oid.c * diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c index 866159f..c47a15d 100644 --- a/src/lib/gssapi/krb5/s4u_gss_glue.c +++ b/src/lib/gssapi/krb5/s4u_gss_glue.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2009 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -103,7 +103,7 @@ static int kg_is_initiator_cred(krb5_gss_cred_id_t cred) { return (cred->usage == GSS_C_INITIATE || cred->usage == GSS_C_BOTH) && - (cred->ccache != NULL); + (cred->ccache != NULL); } static OM_uint32 @@ -311,7 +311,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status, code = krb5_cc_initialize(context, cred->ccache, cred->proxy_cred ? impersonator_cred->name->princ : - subject_creds->client); + subject_creds->client); if (code != 0) goto cleanup; diff --git a/src/lib/gssapi/krb5/seal.c b/src/lib/gssapi/krb5/seal.c index 7bdcb34..7f48c7a 100644 --- a/src/lib/gssapi/krb5/seal.c +++ b/src/lib/gssapi/krb5/seal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c index 4987b2e..f5c1081 100644 --- a/src/lib/gssapi/krb5/ser_sctx.c +++ b/src/lib/gssapi/krb5/ser_sctx.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/ser_sctx.c * @@ -364,7 +364,7 @@ kg_ctx_size(kcontext, arg, sizep) &required); } } - *sizep += required; + *sizep += required; } return(kret); } @@ -665,8 +665,8 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) /* Now get substructure data */ kret = krb5_internalize_opaque(kcontext, KV5M_PRINCIPAL, - (krb5_pointer *) &princ, - &bp, &remain); + (krb5_pointer *) &princ, + &bp, &remain); if (kret == 0) { kret = kg_init_name(kcontext, princ, NULL, KG_INIT_NAME_NO_COPY, &ctx->here); diff --git a/src/lib/gssapi/krb5/set_allowable_enctypes.c b/src/lib/gssapi/krb5/set_allowable_enctypes.c index 5cc72df..cdfc965 100644 --- a/src/lib/gssapi/krb5/set_allowable_enctypes.c +++ b/src/lib/gssapi/krb5/set_allowable_enctypes.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/set_allowable_enctypes.c * diff --git a/src/lib/gssapi/krb5/set_ccache.c b/src/lib/gssapi/krb5/set_ccache.c index 2731826..7d52608 100644 --- a/src/lib/gssapi/krb5/set_ccache.c +++ b/src/lib/gssapi/krb5/set_ccache.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/set_ccache.c * diff --git a/src/lib/gssapi/krb5/sign.c b/src/lib/gssapi/krb5/sign.c index 069768c..028423b 100644 --- a/src/lib/gssapi/krb5/sign.c +++ b/src/lib/gssapi/krb5/sign.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/unseal.c b/src/lib/gssapi/krb5/unseal.c index 4b612a2..a764a45 100644 --- a/src/lib/gssapi/krb5/unseal.c +++ b/src/lib/gssapi/krb5/unseal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_cksum.c b/src/lib/gssapi/krb5/util_cksum.c index 88a55bb..5228df3 100644 --- a/src/lib/gssapi/krb5/util_cksum.c +++ b/src/lib/gssapi/krb5/util_cksum.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c index e097086..9699c26 100644 --- a/src/lib/gssapi/krb5/util_crypt.c +++ b/src/lib/gssapi/krb5/util_crypt.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2008 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. @@ -282,73 +282,23 @@ kg_decrypt(krb5_context context, krb5_key key, int usage, krb5_pointer iv, } krb5_error_code -kg_arcfour_docrypt(const krb5_keyblock *longterm_key , int ms_usage, +kg_arcfour_docrypt(const krb5_keyblock *keyblock, int usage, const unsigned char *kd_data, size_t kd_data_len, const unsigned char *input_buf, size_t input_len, unsigned char *output_buf) { krb5_error_code code; - krb5_data input, output; + krb5_data kd = make_data((char *) kd_data, kd_data_len); + krb5_crypto_iov kiov; krb5int_access kaccess; - krb5_key key; - krb5_keyblock seq_enc_key, usage_key; - unsigned char t[14]; - size_t i = 0; - int exportable = (longterm_key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP); - - usage_key.length = longterm_key->length; - usage_key.contents = malloc(usage_key.length); - if (usage_key.contents == NULL) - return (ENOMEM); - seq_enc_key.length = longterm_key->length; - seq_enc_key.contents = malloc(seq_enc_key.length); - if (seq_enc_key.contents == NULL) { - free ((void *) usage_key.contents); - return (ENOMEM); - } - code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); - if (code) - goto cleanup_arcfour; - if (exportable) { - memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40)); - i += sizeof(kg_arcfour_l40); - } - store_32_le(ms_usage, &t[i]); - i += 4; - input.data = (void *) &t; - input.length = i; - output.data = (void *) usage_key.contents; - output.length = usage_key.length; - code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1, - &input, &output); - if (code) - goto cleanup_arcfour; - if (exportable) - memset(usage_key.contents + 7, 0xab, 9); - - input.data = ( void *) kd_data; - input.length = kd_data_len; - output.data = (void *) seq_enc_key.contents; - code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1, - &input, &output); - if (code) - goto cleanup_arcfour; - input.data = ( void * ) input_buf; - input.length = input_len; - output.data = (void * ) output_buf; - output.length = input_len; - code = krb5_k_create_key(NULL, &seq_enc_key, &key); + code = krb5int_accessor(&kaccess, KRB5INT_ACCESS_VERSION); if (code) - goto cleanup_arcfour; - code = (*kaccess.arcfour_enc_provider->encrypt)(key, 0, &input, &output); - krb5_k_free_key(NULL, key); -cleanup_arcfour: - memset (seq_enc_key.contents, 0, seq_enc_key.length); - memset (usage_key.contents, 0, usage_key.length); - free (usage_key.contents); - free (seq_enc_key.contents); - return (code); + return code; + memcpy(output_buf, input_buf, input_len); + kiov.flags = KRB5_CRYPTO_TYPE_DATA; + kiov.data = make_data(output_buf, input_len); + return (*kaccess.arcfour_gsscrypt)(keyblock, usage, &kd, &kiov, 1); } /* AEAD */ @@ -626,81 +576,28 @@ kg_decrypt_iov(krb5_context context, int proto, int dce_style, size_t ec, } krb5_error_code -kg_arcfour_docrypt_iov(krb5_context context, - const krb5_keyblock *longterm_key, int ms_usage, - const unsigned char *kd_data, size_t kd_data_len, - gss_iov_buffer_desc *iov, int iov_count) +kg_arcfour_docrypt_iov(krb5_context context, const krb5_keyblock *keyblock, + int usage, const unsigned char *kd_data, + size_t kd_data_len, gss_iov_buffer_desc *iov, + int iov_count) { krb5_error_code code; - krb5_data input, output; + krb5_data kd = make_data((char *) kd_data, kd_data_len); krb5int_access kaccess; - krb5_key key; - krb5_keyblock seq_enc_key, usage_key; - unsigned char t[14]; - size_t i = 0; - int exportable = (longterm_key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP); krb5_crypto_iov *kiov = NULL; size_t kiov_count = 0; - usage_key.length = longterm_key->length; - usage_key.contents = malloc(usage_key.length); - if (usage_key.contents == NULL) - return (ENOMEM); - seq_enc_key.length = longterm_key->length; - seq_enc_key.contents = malloc(seq_enc_key.length); - if (seq_enc_key.contents == NULL) { - free ((void *) usage_key.contents); - return (ENOMEM); - } code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); if (code) - goto cleanup_arcfour; - - if (exportable) { - memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40)); - i += sizeof(kg_arcfour_l40); - } - store_32_le(ms_usage, &t[i]); - i += 4; - input.data = (void *) &t; - input.length = i; - output.data = (void *) usage_key.contents; - output.length = usage_key.length; - code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1, - &input, &output); - if (code) - goto cleanup_arcfour; - if (exportable) - memset(usage_key.contents + 7, 0xab, 9); - - input.data = ( void *) kd_data; - input.length = kd_data_len; - output.data = (void *) seq_enc_key.contents; - code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1, - &input, &output); - if (code) - goto cleanup_arcfour; - + return code; code = kg_translate_iov(context, 0 /* proto */, 0 /* dce_style */, - 0 /* ec */, 0 /* rrc */, longterm_key->enctype, + 0 /* ec */, 0 /* rrc */, keyblock->enctype, iov, iov_count, &kiov, &kiov_count); if (code) - goto cleanup_arcfour; - - code = krb5_k_create_key(context, &seq_enc_key, &key); - if (code) - goto cleanup_arcfour; - code = (*kaccess.arcfour_enc_provider->encrypt_iov)(key, 0, kiov, - kiov_count); - krb5_k_free_key(context, key); -cleanup_arcfour: - memset (seq_enc_key.contents, 0, seq_enc_key.length); - memset (usage_key.contents, 0, usage_key.length); - free (usage_key.contents); - free (seq_enc_key.contents); - if (kiov != NULL) - free(kiov); - return (code); + return code; + code = (*kaccess.arcfour_gsscrypt)(keyblock, usage, &kd, kiov, kiov_count); + free(kiov); + return code; } krb5_cryptotype diff --git a/src/lib/gssapi/krb5/util_seed.c b/src/lib/gssapi/krb5/util_seed.c index 5c696ea..6e1c9ac 100644 --- a/src/lib/gssapi/krb5/util_seed.c +++ b/src/lib/gssapi/krb5/util_seed.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_seqnum.c b/src/lib/gssapi/krb5/util_seqnum.c index 388990a..bef631d 100644 --- a/src/lib/gssapi/krb5/util_seqnum.c +++ b/src/lib/gssapi/krb5/util_seqnum.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2009 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c index 747d822..2351d9f 100644 --- a/src/lib/gssapi/krb5/val_cred.c +++ b/src/lib/gssapi/krb5/val_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1997, 2007 by Massachusetts Institute of Technology * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/verify.c b/src/lib/gssapi/krb5/verify.c index 033a489..e443353 100644 --- a/src/lib/gssapi/krb5/verify.c +++ b/src/lib/gssapi/krb5/verify.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/wrap_size_limit.c b/src/lib/gssapi/krb5/wrap_size_limit.c index 2b62386..b047483 100644 --- a/src/lib/gssapi/krb5/wrap_size_limit.c +++ b/src/lib/gssapi/krb5/wrap_size_limit.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -118,7 +118,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, krb5_enctype enctype; key = ctx->have_acceptor_subkey ? ctx->acceptor_subkey - : ctx->subkey; + : ctx->subkey; enctype = key->keyblock.enctype; while (sz > 0 && krb5_encrypt_size(sz, enctype) + 16 > req_output_size) @@ -142,7 +142,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, size_t cksumsize; cksumtype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey_cksumtype - : ctx->cksumtype; + : ctx->cksumtype; err = krb5_c_checksum_length(ctx->k5_context, cksumtype, &cksumsize); if (err) { diff --git a/src/lib/gssapi/mechglue/Makefile.in b/src/lib/gssapi/mechglue/Makefile.in index 8edacf6..0858a4a 100644 --- a/src/lib/gssapi/mechglue/Makefile.in +++ b/src/lib/gssapi/mechglue/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/gssapi/mechglue mydir=lib/gssapi/mechglue BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I. -I$(srcdir) -I$(srcdir)/.. -I../generic -I$(srcdir)/../generic -I../krb5 -I$(srcdir)/../krb5 -I../spnego -I$(srcdir)/../spnego diff --git a/src/lib/gssapi/mechglue/deps b/src/lib/gssapi/mechglue/deps index 34dd43e..e4b69a3 100644 --- a/src/lib/gssapi/mechglue/deps +++ b/src/lib/gssapi/mechglue/deps @@ -4,413 +4,413 @@ g_accept_sec_context.so g_accept_sec_context.po $(OUTPRE)g_accept_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_accept_sec_context.c \ mechglue.h mglueP.h g_acquire_cred.so g_acquire_cred.po $(OUTPRE)g_acquire_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_acquire_cred.c mechglue.h \ mglueP.h g_acquire_cred_imp_name.so g_acquire_cred_imp_name.po \ $(OUTPRE)g_acquire_cred_imp_name.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ - ../generic/gssapi_err_generic.h g_acquire_cred_imp_name.c \ - mechglue.h mglueP.h + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h ../generic/gssapi_err_generic.h \ + g_acquire_cred_imp_name.c mechglue.h mglueP.h g_buffer_set.so g_buffer_set.po $(OUTPRE)g_buffer_set.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_buffer_set.c mechglue.h \ mglueP.h g_canon_name.so g_canon_name.po $(OUTPRE)g_canon_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_canon_name.c mechglue.h \ mglueP.h g_compare_name.so g_compare_name.po $(OUTPRE)g_compare_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_compare_name.c mechglue.h \ mglueP.h g_complete_auth_token.so g_complete_auth_token.po $(OUTPRE)g_complete_auth_token.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_complete_auth_token.c \ mechglue.h mglueP.h g_context_time.so g_context_time.po $(OUTPRE)g_context_time.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_context_time.c mechglue.h \ mglueP.h g_delete_sec_context.so g_delete_sec_context.po $(OUTPRE)g_delete_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_delete_sec_context.c \ mechglue.h mglueP.h g_del_name_attr.so g_del_name_attr.po $(OUTPRE)g_del_name_attr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_del_name_attr.c mechglue.h \ mglueP.h g_dsp_name.so g_dsp_name.po $(OUTPRE)g_dsp_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_dsp_name.c mechglue.h \ mglueP.h g_dsp_name_ext.so g_dsp_name_ext.po $(OUTPRE)g_dsp_name_ext.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_dsp_name_ext.c mechglue.h \ mglueP.h g_dsp_status.so g_dsp_status.po $(OUTPRE)g_dsp_status.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_dsp_status.c mechglue.h \ mglueP.h g_dup_name.so g_dup_name.po $(OUTPRE)g_dup_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_dup_name.c mechglue.h \ mglueP.h g_exp_sec_context.so g_exp_sec_context.po $(OUTPRE)g_exp_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_exp_sec_context.c \ mechglue.h mglueP.h g_export_name.so g_export_name.po $(OUTPRE)g_export_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_export_name.c mechglue.h \ mglueP.h g_export_name_comp.so g_export_name_comp.po $(OUTPRE)g_export_name_comp.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_export_name_comp.c \ mechglue.h mglueP.h g_get_name_attr.so g_get_name_attr.po $(OUTPRE)g_get_name_attr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_get_name_attr.c mechglue.h \ mglueP.h g_glue.so g_glue.po $(OUTPRE)g_glue.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ - ../generic/gssapi_err_generic.h g_glue.c mechglue.h \ - mglueP.h + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h ../generic/gssapi_err_generic.h \ + g_glue.c mechglue.h mglueP.h g_imp_name.so g_imp_name.po $(OUTPRE)g_imp_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_imp_name.c mechglue.h \ mglueP.h g_imp_sec_context.so g_imp_sec_context.po $(OUTPRE)g_imp_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_imp_sec_context.c \ mechglue.h mglueP.h g_init_sec_context.so g_init_sec_context.po $(OUTPRE)g_init_sec_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_init_sec_context.c \ mechglue.h mglueP.h g_initialize.so g_initialize.po $(OUTPRE)g_initialize.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../krb5/gssapiP_krb5.h \ - $(srcdir)/../spnego/gssapiP_spnego.h ../generic/gssapi_err_generic.h \ - ../krb5/gssapi_err_krb5.h ../krb5/gssapi_krb5.h g_initialize.c \ - mechglue.h mglueP.h + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../krb5/gssapiP_krb5.h $(srcdir)/../spnego/gssapiP_spnego.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h ../krb5/gssapi_err_krb5.h \ + ../krb5/gssapi_krb5.h g_initialize.c mechglue.h mglueP.h g_inq_context.so g_inq_context.po $(OUTPRE)g_inq_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_context.c mechglue.h \ mglueP.h g_inq_context_oid.so g_inq_context_oid.po $(OUTPRE)g_inq_context_oid.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_context_oid.c \ mechglue.h mglueP.h g_inq_cred.so g_inq_cred.po $(OUTPRE)g_inq_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_cred.c mechglue.h \ mglueP.h g_inq_cred_oid.so g_inq_cred_oid.po $(OUTPRE)g_inq_cred_oid.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_cred_oid.c mechglue.h \ mglueP.h g_inq_name.so g_inq_name.po $(OUTPRE)g_inq_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_name.c mechglue.h \ mglueP.h g_inq_names.so g_inq_names.po $(OUTPRE)g_inq_names.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_inq_names.c mechglue.h \ mglueP.h g_map_name_to_any.so g_map_name_to_any.po $(OUTPRE)g_map_name_to_any.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_map_name_to_any.c \ mechglue.h mglueP.h g_mech_invoke.so g_mech_invoke.po $(OUTPRE)g_mech_invoke.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_mech_invoke.c mechglue.h \ mglueP.h g_mechname.so g_mechname.po $(OUTPRE)g_mechname.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_mechname.c mechglue.h \ mglueP.h g_oid_ops.so g_oid_ops.po $(OUTPRE)g_oid_ops.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_oid_ops.c mechglue.h \ mglueP.h g_process_context.so g_process_context.po $(OUTPRE)g_process_context.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_process_context.c \ mechglue.h mglueP.h g_rel_buffer.so g_rel_buffer.po $(OUTPRE)g_rel_buffer.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_rel_buffer.c mechglue.h \ mglueP.h g_rel_cred.so g_rel_cred.po $(OUTPRE)g_rel_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_rel_cred.c mechglue.h \ mglueP.h g_rel_name.so g_rel_name.po $(OUTPRE)g_rel_name.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_rel_name.c mechglue.h \ mglueP.h g_rel_name_mapping.so g_rel_name_mapping.po $(OUTPRE)g_rel_name_mapping.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_rel_name_mapping.c \ mechglue.h mglueP.h g_rel_oid_set.so g_rel_oid_set.po $(OUTPRE)g_rel_oid_set.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_rel_oid_set.c mechglue.h \ mglueP.h g_seal.so g_seal.po $(OUTPRE)g_seal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ - ../generic/gssapi_err_generic.h g_seal.c mechglue.h \ - mglueP.h + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h ../generic/gssapi_err_generic.h \ + g_seal.c mechglue.h mglueP.h g_set_context_option.so g_set_context_option.po $(OUTPRE)g_set_context_option.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_set_context_option.c \ mechglue.h mglueP.h g_set_cred_option.so g_set_cred_option.po $(OUTPRE)g_set_cred_option.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_set_cred_option.c \ mechglue.h mglueP.h g_set_name_attr.so g_set_name_attr.po $(OUTPRE)g_set_name_attr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_set_name_attr.c mechglue.h \ mglueP.h g_sign.so g_sign.po $(OUTPRE)g_sign.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ - ../generic/gssapi_err_generic.h g_sign.c mechglue.h \ - mglueP.h + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h ../generic/gssapi_err_generic.h \ + g_sign.c mechglue.h mglueP.h g_store_cred.so g_store_cred.po $(OUTPRE)g_store_cred.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_store_cred.c mechglue.h \ mglueP.h g_unseal.so g_unseal.po $(OUTPRE)g_unseal.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_unseal.c mechglue.h \ mglueP.h g_unwrap_aead.so g_unwrap_aead.po $(OUTPRE)g_unwrap_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_unwrap_aead.c mechglue.h \ mglueP.h g_unwrap_iov.so g_unwrap_iov.po $(OUTPRE)g_unwrap_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_unwrap_iov.c mechglue.h \ mglueP.h g_verify.so g_verify.po $(OUTPRE)g_verify.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_verify.c mechglue.h \ mglueP.h g_wrap_aead.so g_wrap_aead.po $(OUTPRE)g_wrap_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_wrap_aead.c mechglue.h \ mglueP.h g_wrap_iov.so g_wrap_iov.po $(OUTPRE)g_wrap_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \ - $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ + $(srcdir)/../generic/gssapi_generic.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ ../generic/gssapi_err_generic.h g_wrap_iov.c mechglue.h \ mglueP.h diff --git a/src/lib/gssapi/mechglue/g_seal.c b/src/lib/gssapi/mechglue/g_seal.c index acb4c36..f17241c 100644 --- a/src/lib/gssapi/mechglue/g_seal.c +++ b/src/lib/gssapi/mechglue/g_seal.c @@ -1,5 +1,4 @@ -/* #pragma ident "@(#)g_seal.c 1.19 98/04/21 SMI" */ - +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1996 by Sun Microsystems, Inc. * @@ -29,72 +28,63 @@ #include "mglueP.h" static OM_uint32 -val_wrap_args( - OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - gss_buffer_t input_message_buffer, - int *conf_state, - gss_buffer_t output_message_buffer) +val_wrap_args(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) { - /* Initialize outputs. */ if (minor_status != NULL) - *minor_status = 0; + *minor_status = 0; if (output_message_buffer != GSS_C_NO_BUFFER) { - output_message_buffer->length = 0; - output_message_buffer->value = NULL; + output_message_buffer->length = 0; + output_message_buffer->value = NULL; } /* Validate arguments. */ if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); if (context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); if (input_message_buffer == GSS_C_NO_BUFFER) - return (GSS_S_CALL_INACCESSIBLE_READ); + return (GSS_S_CALL_INACCESSIBLE_READ); if (output_message_buffer == GSS_C_NO_BUFFER) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); return (GSS_S_COMPLETE); } OM_uint32 KRB5_CALLCONV -gss_wrap (minor_status, - context_handle, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer) - -OM_uint32 * minor_status; -gss_ctx_id_t context_handle; -int conf_req_flag; -gss_qop_t qop_req; -gss_buffer_t input_message_buffer; -int * conf_state; -gss_buffer_t output_message_buffer; +gss_wrap( OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) { - /* EXPORT DELETE START */ - OM_uint32 status; - gss_union_ctx_id_t ctx; - gss_mechanism mech; + /* EXPORT DELETE START */ + + OM_uint32 status; + gss_union_ctx_id_t ctx; + gss_mechanism mech; status = val_wrap_args(minor_status, context_handle, - conf_req_flag, qop_req, - input_message_buffer, conf_state, - output_message_buffer); + conf_req_flag, qop_req, + input_message_buffer, conf_state, + output_message_buffer); if (status != GSS_S_COMPLETE) - return (status); + return (status); /* * select the approprate underlying mechanism routine and @@ -105,60 +95,51 @@ gss_buffer_t output_message_buffer; mech = gssint_get_mechanism (ctx->mech_type); if (mech) { - if (mech->gss_wrap) { - status = mech->gss_wrap( - minor_status, - ctx->internal_ctx_id, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer); - if (status != GSS_S_COMPLETE) - map_error(minor_status, mech); - } else if (mech->gss_wrap_aead || - (mech->gss_wrap_iov && mech->gss_wrap_iov_length)) { - status = gssint_wrap_aead(mech, - minor_status, - ctx, - conf_req_flag, - (gss_qop_t)qop_req, - GSS_C_NO_BUFFER, - input_message_buffer, - conf_state, - output_message_buffer); - } else - status = GSS_S_UNAVAILABLE; - - return(status); + if (mech->gss_wrap) { + status = mech->gss_wrap(minor_status, + ctx->internal_ctx_id, + conf_req_flag, + qop_req, + input_message_buffer, + conf_state, + output_message_buffer); + if (status != GSS_S_COMPLETE) + map_error(minor_status, mech); + } else if (mech->gss_wrap_aead || + (mech->gss_wrap_iov && mech->gss_wrap_iov_length)) { + status = gssint_wrap_aead(mech, + minor_status, + ctx, + conf_req_flag, + (gss_qop_t)qop_req, + GSS_C_NO_BUFFER, + input_message_buffer, + conf_state, + output_message_buffer); + } else + status = GSS_S_UNAVAILABLE; + + return(status); } - /* EXPORT DELETE END */ + /* EXPORT DELETE END */ return (GSS_S_BAD_MECH); } OM_uint32 KRB5_CALLCONV -gss_seal (minor_status, - context_handle, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer) - -OM_uint32 * minor_status; -gss_ctx_id_t context_handle; -int conf_req_flag; -int qop_req; -gss_buffer_t input_message_buffer; -int * conf_state; -gss_buffer_t output_message_buffer; - +gss_seal(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + int qop_req, + gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) { + return gss_wrap(minor_status, context_handle, - conf_req_flag, (gss_qop_t) qop_req, - input_message_buffer, conf_state, - output_message_buffer); + conf_req_flag, (gss_qop_t) qop_req, + input_message_buffer, conf_state, + output_message_buffer); } /* @@ -168,16 +149,16 @@ gss_buffer_t output_message_buffer; */ static OM_uint32 gssint_wrap_size_limit_iov_shim(gss_mechanism mech, - OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 *max_input_size) + OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 *max_input_size) { - gss_iov_buffer_desc iov[4]; - OM_uint32 status; - OM_uint32 ohlen; + gss_iov_buffer_desc iov[4]; + OM_uint32 status; + OM_uint32 ohlen; iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER; iov[0].buffer.value = NULL; @@ -198,20 +179,20 @@ gssint_wrap_size_limit_iov_shim(gss_mechanism mech, assert(mech->gss_wrap_iov_length); status = mech->gss_wrap_iov_length(minor_status, context_handle, - conf_req_flag, qop_req, - NULL, iov, - sizeof(iov)/sizeof(iov[0])); + conf_req_flag, qop_req, + NULL, iov, + sizeof(iov)/sizeof(iov[0])); if (status != GSS_S_COMPLETE) { - map_error(minor_status, mech); - return status; + map_error(minor_status, mech); + return status; } ohlen = iov[0].buffer.length + iov[3].buffer.length; if (iov[2].buffer.length == 0 && ohlen < req_output_size) - *max_input_size = req_output_size - ohlen; + *max_input_size = req_output_size - ohlen; else - *max_input_size = 0; + *max_input_size = 0; return GSS_S_COMPLETE; } @@ -220,28 +201,24 @@ gssint_wrap_size_limit_iov_shim(gss_mechanism mech, * New for V2 */ OM_uint32 KRB5_CALLCONV -gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, - qop_req, req_output_size, max_input_size) - OM_uint32 *minor_status; - gss_ctx_id_t context_handle; - int conf_req_flag; - gss_qop_t qop_req; - OM_uint32 req_output_size; - OM_uint32 *max_input_size; +gss_wrap_size_limit(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, OM_uint32 req_output_size, OM_uint32 *max_input_size) { - gss_union_ctx_id_t ctx; - gss_mechanism mech; - OM_uint32 major_status; + gss_union_ctx_id_t ctx; + gss_mechanism mech; + OM_uint32 major_status; if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); *minor_status = 0; if (context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); if (max_input_size == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + return (GSS_S_CALL_INACCESSIBLE_WRITE); /* * select the approprate underlying mechanism routine and @@ -252,21 +229,21 @@ gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, mech = gssint_get_mechanism (ctx->mech_type); if (!mech) - return (GSS_S_BAD_MECH); + return (GSS_S_BAD_MECH); if (mech->gss_wrap_size_limit) - major_status = mech->gss_wrap_size_limit(minor_status, - ctx->internal_ctx_id, - conf_req_flag, qop_req, - req_output_size, max_input_size); + major_status = mech->gss_wrap_size_limit(minor_status, + ctx->internal_ctx_id, + conf_req_flag, qop_req, + req_output_size, max_input_size); else if (mech->gss_wrap_iov_length) - major_status = gssint_wrap_size_limit_iov_shim(mech, minor_status, - ctx->internal_ctx_id, - conf_req_flag, qop_req, - req_output_size, max_input_size); + major_status = gssint_wrap_size_limit_iov_shim(mech, minor_status, + ctx->internal_ctx_id, + conf_req_flag, qop_req, + req_output_size, max_input_size); else - major_status = GSS_S_UNAVAILABLE; + major_status = GSS_S_UNAVAILABLE; if (major_status != GSS_S_COMPLETE) - map_error(minor_status, mech); + map_error(minor_status, mech); return major_status; } diff --git a/src/lib/gssapi/spnego/Makefile.in b/src/lib/gssapi/spnego/Makefile.in index 95bfd1a..16741eb 100644 --- a/src/lib/gssapi/spnego/Makefile.in +++ b/src/lib/gssapi/spnego/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/gssapi/spnego mydir=lib/gssapi/spnego BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I. -I$(srcdir) -I$(srcdir)/.. -I../generic -I$(srcdir)/../generic -I../mechglue -I$(srcdir)/../mechglue diff --git a/src/lib/gssapi/spnego/deps b/src/lib/gssapi/spnego/deps index 744da4f..3f0b907 100644 --- a/src/lib/gssapi/spnego/deps +++ b/src/lib/gssapi/spnego/deps @@ -5,14 +5,14 @@ spnego_mech.so spnego_mech.po $(OUTPRE)spnego_mech.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \ - $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \ - $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \ - gssapiP_spnego.h spnego_mech.c + $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \ + $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \ + $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + ../generic/gssapi_err_generic.h gssapiP_spnego.h spnego_mech.c diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in index 4c502eb..24da565 100644 --- a/src/lib/kadm5/Makefile.in +++ b/src/lib/kadm5/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../.. -myfulldir=lib/kadm5 mydir=lib/kadm5 BUILDTOP=$(REL)..$(S).. SUBDIRS = clnt srv unit-test diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 13006c7..aceb949 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/kadm5/clnt mydir=lib/kadm5/clnt BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I$(BUILDTOP)/include/kadm5 diff --git a/src/lib/kadm5/clnt/deps b/src/lib/kadm5/clnt/deps index be6dc26..7d78d4e 100644 --- a/src/lib/kadm5/clnt/deps +++ b/src/lib/kadm5/clnt/deps @@ -6,36 +6,36 @@ clnt_policy.so clnt_policy.po $(OUTPRE)clnt_policy.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h client_internal.h \ - clnt_policy.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h client_internal.h clnt_policy.c client_rpc.so client_rpc.po $(OUTPRE)client_rpc.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h client_rpc.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h client_rpc.c client_principal.so client_principal.po $(OUTPRE)client_principal.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h client_internal.h \ - client_principal.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h client_internal.h client_principal.c client_init.so client_init.po $(OUTPRE)client_init.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \ @@ -43,41 +43,42 @@ client_init.so client_init.po $(OUTPRE)client_init.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_gssapi.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/iprop.h $(SRCTOP)/include/iprop_hdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - client_init.c client_internal.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_gssapi.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/iprop.h $(top_srcdir)/include/iprop_hdr.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h client_init.c \ + client_internal.h clnt_privs.so clnt_privs.po $(OUTPRE)clnt_privs.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h client_internal.h \ - clnt_privs.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h client_internal.h clnt_privs.c clnt_chpass_util.so clnt_chpass_util.po $(OUTPRE)clnt_chpass_util.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h client_internal.h clnt_chpass_util.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h client_internal.h clnt_chpass_util.c diff --git a/src/lib/kadm5/deps b/src/lib/kadm5/deps index 8ebc1a8..a5c07b0 100644 --- a/src/lib/kadm5/deps +++ b/src/lib/kadm5/deps @@ -9,13 +9,13 @@ misc_free.so misc_free.po $(OUTPRE)misc_free.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h admin_internal.h misc_free.c \ + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h admin_internal.h misc_free.c \ server_internal.h kadm_rpc_xdr.so kadm_rpc_xdr.po $(OUTPRE)kadm_rpc_xdr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ @@ -23,72 +23,73 @@ kadm_rpc_xdr.so kadm_rpc_xdr.po $(OUTPRE)kadm_rpc_xdr.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/admin_xdr.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h kadm_rpc_xdr.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h kadm_rpc_xdr.c chpass_util.so chpass_util.po $(OUTPRE)chpass_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h admin_internal.h chpass_util.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h admin_internal.h chpass_util.c alt_prof.so alt_prof.po $(OUTPRE)alt_prof.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/iprop.h $(SRCTOP)/include/iprop_hdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/iprop.h $(top_srcdir)/include/iprop_hdr.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/kdb_log.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ alt_prof.c str_conv.so str_conv.po $(OUTPRE)str_conv.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - admin_internal.h str_conv.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h admin_internal.h \ + str_conv.c logger.so logger.po $(OUTPRE)logger.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ logger.c diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c index b8da209..a3f4339 100644 --- a/src/lib/kadm5/logger.c +++ b/src/lib/kadm5/logger.c @@ -668,8 +668,11 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do log_control.log_whoami = strdup(whoami); log_control.log_hostname = (char *) malloc(MAXHOSTNAMELEN + 1); if (log_control.log_hostname) { - gethostname(log_control.log_hostname, MAXHOSTNAMELEN); - log_control.log_hostname[MAXHOSTNAMELEN] = '\0'; + if (gethostname(log_control.log_hostname, MAXHOSTNAMELEN) == -1) { + free(log_control.log_hostname); + log_control.log_hostname = NULL; + } else + log_control.log_hostname[MAXHOSTNAMELEN] = '\0'; } #ifdef HAVE_OPENLOG if (do_openlog) { diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in index d49e37b..e813830 100644 --- a/src/lib/kadm5/srv/Makefile.in +++ b/src/lib/kadm5/srv/Makefile.in @@ -1,9 +1,7 @@ -thisconfigdir=../../.. -myfulldir=lib/kadm5/srv mydir=lib/kadm5/srv BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I$(BUILDTOP)/include/kadm5 \ - -I$(SRCTOP)/lib/gssapi/krb5 -I$(SRCTOP)/lib/gssapi/generic \ + -I$(top_srcdir)/lib/gssapi/krb5 -I$(top_srcdir)/lib/gssapi/generic \ -I$(BUILDTOP)/lib/gssapi/krb5 -I$(BUILDTOP)/lib/gssapi/generic DEFINES = @HESIOD_DEFS@ DEFS= diff --git a/src/lib/kadm5/srv/deps b/src/lib/kadm5/srv/deps index 9dcc661..45977a5 100644 --- a/src/lib/kadm5/srv/deps +++ b/src/lib/kadm5/srv/deps @@ -6,25 +6,25 @@ svr_policy.so svr_policy.po $(OUTPRE)svr_policy.$(OBJEXT): \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h svr_policy.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h svr_policy.c svr_principal.so svr_principal.po $(OUTPRE)svr_principal.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h svr_principal.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h svr_principal.c server_acl.so server_acl.po $(OUTPRE)server_acl.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_generic.h $(BUILDTOP)/include/gssrpc/types.h \ @@ -32,19 +32,19 @@ server_acl.so server_acl.po $(OUTPRE)server_acl.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ $(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ server_acl.c server_acl.h server_kdb.so server_kdb.po $(OUTPRE)server_kdb.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ @@ -52,19 +52,19 @@ server_kdb.so server_kdb.po $(OUTPRE)server_kdb.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ server_kdb.c server_misc.so server_misc.po $(OUTPRE)server_misc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ @@ -72,19 +72,19 @@ server_misc.so server_misc.po $(OUTPRE)server_misc.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ server_misc.c server_init.so server_init.po $(OUTPRE)server_init.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ @@ -95,69 +95,71 @@ server_init.so server_init.po $(OUTPRE)server_init.$(OBJEXT): \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(BUILDTOP)/lib/gssapi/generic/gssapi_err_generic.h \ $(BUILDTOP)/lib/gssapi/krb5/gssapi_err_krb5.h $(BUILDTOP)/lib/gssapi/krb5/gssapi_krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/iprop.h $(SRCTOP)/include/iprop_hdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../../gssapi/generic/gssapiP_generic.h $(srcdir)/../../gssapi/generic/gssapi_ext.h \ - $(srcdir)/../../gssapi/generic/gssapi_generic.h $(srcdir)/../../gssapi/krb5/gssapiP_krb5.h \ - server_init.c + $(COM_ERR_DEPS) $(srcdir)/../../gssapi/generic/gssapiP_generic.h \ + $(srcdir)/../../gssapi/generic/gssapi_ext.h $(srcdir)/../../gssapi/generic/gssapi_generic.h \ + $(srcdir)/../../gssapi/krb5/gssapiP_krb5.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \ + $(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/kdb_log.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h server_init.c server_dict.so server_dict.po $(OUTPRE)server_dict.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h server_dict.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + server_dict.c svr_iters.so svr_iters.po $(OUTPRE)svr_iters.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h svr_iters.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h svr_iters.c svr_chpass_util.so svr_chpass_util.po $(OUTPRE)svr_chpass_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h svr_chpass_util.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h svr_chpass_util.c adb_xdr.so adb_xdr.po $(OUTPRE)adb_xdr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ $(BUILDTOP)/include/kadm5/admin_xdr.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h adb_xdr.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h adb_xdr.c diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in index caa4e2d..ecd64c1 100644 --- a/src/lib/kadm5/unit-test/Makefile.in +++ b/src/lib/kadm5/unit-test/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/kadm5/unit-test mydir=lib/kadm5/unit-test BUILDTOP=$(REL)..$(S)..$(S).. DEFINES = diff --git a/src/lib/kadm5/unit-test/deps b/src/lib/kadm5/unit-test/deps index 5d831c7..16448dd 100644 --- a/src/lib/kadm5/unit-test/deps +++ b/src/lib/kadm5/unit-test/deps @@ -4,80 +4,82 @@ $(OUTPRE)init-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h init-test.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h init-test.c $(OUTPRE)destroy-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/client_internal.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h destroy-test.c -$(OUTPRE)handle-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ - $(BUILDTOP)/include/kadm5/client_internal.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h handle-test.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h destroy-test.c +$(OUTPRE)handle-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ + $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ + $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ + $(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h handle-test.c $(OUTPRE)iter-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h iter-test.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h iter-test.c $(OUTPRE)setkey-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ setkey-test.c $(OUTPRE)randkey-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h randkey-test.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h randkey-test.c $(OUTPRE)lock-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h lock-test.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h lock-test.c diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in index 2946ba9..c450a98 100644 --- a/src/lib/kdb/Makefile.in +++ b/src/lib/kdb/Makefile.in @@ -1,9 +1,7 @@ -thisconfigdir=../.. -myfulldir=lib/kdb mydir=lib/kdb BUILDTOP=$(REL)..$(S).. KRB5_RUN_ENV = @KRB5_RUN_ENV@ -KRB5_CONFIG_SETUP = KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; export KRB5_CONFIG ; +KRB5_CONFIG_SETUP = KRB5_CONFIG=$(top_srcdir)/config-files/krb5.conf ; export KRB5_CONFIG ; PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) CFLAGS=@CFLAGS@ -DKDB5_USE_LIB_KDB_DB2 diff --git a/src/lib/kdb/deps b/src/lib/kdb/deps index e3bdfc8..2e3baaf 100644 --- a/src/lib/kdb/deps +++ b/src/lib/kdb/deps @@ -4,122 +4,122 @@ kdb5.so kdb5.po $(OUTPRE)kdb5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/iprop.h \ - $(SRCTOP)/include/iprop_hdr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/kdb_log.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \ + $(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/kdb_ext.h $(top_srcdir)/include/kdb_log.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ adb_err.h kdb5.c kdb5.h kdb5int.h encrypt_key.so encrypt_key.po $(OUTPRE)encrypt_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - encrypt_key.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h encrypt_key.c decrypt_key.so decrypt_key.po $(OUTPRE)decrypt_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - decrypt_key.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h decrypt_key.c kdb_default.so kdb_default.po $(OUTPRE)kdb_default.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - kdb_default.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kdb_default.c kdb_cpw.so kdb_cpw.po $(OUTPRE)kdb_cpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ kdb_cpw.c adb_err.so adb_err.po $(OUTPRE)adb_err.$(OBJEXT): $(COM_ERR_DEPS) \ adb_err.c iprop_xdr.so iprop_xdr.po $(OUTPRE)iprop_xdr.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/iprop.h iprop_xdr.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/iprop.h iprop_xdr.c kdb_convert.so kdb_convert.po $(OUTPRE)kdb_convert.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/iprop.h $(SRCTOP)/include/iprop_hdr.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - kdb_convert.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \ + $(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/kdb_log.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kdb_convert.c kdb_log.so kdb_log.po $(OUTPRE)kdb_log.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/iprop.h \ - $(SRCTOP)/include/iprop_hdr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/kdb_log.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \ + $(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/kdb_ext.h $(top_srcdir)/include/kdb_log.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ kdb5.h kdb5int.h kdb_log.c keytab.so keytab.po $(OUTPRE)keytab.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/kdb_kt.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h keytab.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \ + $(top_srcdir)/include/kdb_kt.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h keytab.c diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index 81c70f3..ea24d36 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -98,7 +98,7 @@ krb5_dbe_def_search_enctype(kcontext, dbentp, start, ktype, stype, kvno, kdatap) } - if (ktype > 0) { + if (ktype != -1) { if ((ret = krb5_c_enctype_compare(kcontext, (krb5_enctype) ktype, dbentp->key_data[i].key_data_type[0], &similar))) @@ -106,7 +106,7 @@ krb5_dbe_def_search_enctype(kcontext, dbentp, start, ktype, stype, kvno, kdatap) return(ret); } - if (((ktype <= 0) || similar) && + if (((ktype == -1) || similar) && ((db_stype == stype) || (stype < 0))) { if (kvno >= 0) { if (kvno == dbentp->key_data[i].key_data_kvno) { diff --git a/src/lib/krb5/Makefile.in b/src/lib/krb5/Makefile.in index 9e6cbf2..adaba32 100644 --- a/src/lib/krb5/Makefile.in +++ b/src/lib/krb5/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../.. -myfulldir=lib/krb5 mydir=lib/krb5 BUILDTOP=$(REL)..$(S).. LOCALINCLUDES = -I$(srcdir)/ccache -I$(srcdir)/keytab -I$(srcdir)/rcache -I$(srcdir)/os -I$(srcdir)/unicode diff --git a/src/lib/krb5/asn.1/Makefile.in b/src/lib/krb5/asn.1/Makefile.in index f7f1b21..d0566c1 100644 --- a/src/lib/krb5/asn.1/Makefile.in +++ b/src/lib/krb5/asn.1/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/asn.1 mydir=lib/krb5/asn.1 BUILDTOP=$(REL)..$(S)..$(S).. DEFS= diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c index b73e769..a328306 100644 --- a/src/lib/krb5/asn.1/asn1_encode.c +++ b/src/lib/krb5/asn.1/asn1_encode.c @@ -325,11 +325,11 @@ asn1_encode_opaque(asn1buf *buf, unsigned int len, const void *val, */ #ifdef POINTERS_ARE_ALL_THE_SAME -#define LOADPTR(PTR,TYPE) \ - (assert((TYPE)->loadptr != NULL), (TYPE)->loadptr(PTR)) -#else #define LOADPTR(PTR,TYPE) \ (*(const void *const *)(PTR)) +#else +#define LOADPTR(PTR,TYPE) \ + (assert((TYPE)->loadptr != NULL), (TYPE)->loadptr(PTR)) #endif static int diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c index 0257a8b..60d9455 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.c +++ b/src/lib/krb5/asn.1/asn1_k_decode.c @@ -658,6 +658,7 @@ asn1_decode_enc_kdc_rep_part(asn1buf *buf, krb5_enc_kdc_rep_part *val) val->last_req = NULL; val->server = NULL; val->caddrs = NULL; + val->enc_padata = NULL; { begin_structure(); get_field(val->session,0,asn1_decode_encryption_key_ptr); get_field(val->last_req,1,asn1_decode_last_req); diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c index 1cd6c8c..a35f561 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.c +++ b/src/lib/krb5/asn.1/asn1_k_encode.c @@ -1424,6 +1424,8 @@ MAKE_FULL_ENCODER(encode_krb5_safe_with_body, krb5_safe_with_body); MAKE_FULL_ENCODER(encode_krb5_priv, krb5_priv); MAKE_FULL_ENCODER(encode_krb5_enc_priv_part, priv_enc_part); +MAKE_FULL_ENCODER(encode_krb5_checksum, checksum); + MAKE_FULL_ENCODER(encode_krb5_cred, krb5_cred); MAKE_FULL_ENCODER(encode_krb5_enc_cred_part, enc_cred_part); MAKE_FULL_ENCODER(encode_krb5_error, krb5_error); diff --git a/src/lib/krb5/asn.1/deps b/src/lib/krb5/asn.1/deps index 098559b..6267f8d 100644 --- a/src/lib/krb5/asn.1/deps +++ b/src/lib/krb5/asn.1/deps @@ -4,126 +4,127 @@ asn1_decode.so asn1_decode.po $(OUTPRE)asn1_decode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_decode.c asn1_decode.h asn1_get.h asn1buf.h krbasn1.h asn1_k_decode.so asn1_k_decode.po $(OUTPRE)asn1_k_decode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_decode.h asn1_get.h asn1_k_decode.c asn1_k_decode.h \ asn1_misc.h asn1buf.h krbasn1.h asn1_encode.so asn1_encode.po $(OUTPRE)asn1_encode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_encode.c asn1_encode.h asn1_make.h asn1buf.h krbasn1.h asn1_get.so asn1_get.po $(OUTPRE)asn1_get.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_get.c asn1_get.h asn1buf.h krbasn1.h asn1_make.so asn1_make.po $(OUTPRE)asn1_make.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_make.c asn1_make.h asn1buf.h krbasn1.h asn1buf.so asn1buf.po $(OUTPRE)asn1buf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h asn1_get.h asn1buf.c \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h asn1_get.h asn1buf.c \ asn1buf.h krbasn1.h krb5_decode.so krb5_decode.po $(OUTPRE)krb5_decode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_decode.h asn1_get.h asn1_k_decode.h asn1buf.h \ krb5_decode.c krbasn1.h krb5_encode.so krb5_encode.po $(OUTPRE)krb5_encode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_encode.h asn1_k_encode.h asn1_make.h asn1buf.h \ krb5_encode.c krbasn1.h asn1_k_encode.so asn1_k_encode.po $(OUTPRE)asn1_k_encode.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_encode.h asn1_k_encode.c asn1_k_encode.h asn1_make.h \ asn1buf.h krbasn1.h ldap_key_seq.so ldap_key_seq.po $(OUTPRE)ldap_key_seq.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - asn1_decode.h asn1_encode.h asn1_get.h asn1_k_encode.h \ - asn1_make.h asn1buf.h krbasn1.h ldap_key_seq.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h asn1_decode.h \ + asn1_encode.h asn1_get.h asn1_k_encode.h asn1_make.h \ + asn1buf.h krbasn1.h ldap_key_seq.c asn1_misc.so asn1_misc.po $(OUTPRE)asn1_misc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ asn1_misc.c asn1_misc.h krbasn1.h diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index e255551..542a626 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -703,6 +703,16 @@ error_out: } krb5_error_code +decode_krb5_checksum(const krb5_data *code, krb5_checksum **repptr) +{ + setup_buf_only(krb5_checksum *); + alloc_field(rep); + retval = asn1_decode_checksum(&buf, rep); + if (retval) clean_return(retval); + cleanup(free); +} + +krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **repptr) { setup(krb5_cred *); diff --git a/src/lib/krb5/ccache/Makefile.in b/src/lib/krb5/ccache/Makefile.in index 731505d..b421c03 100644 --- a/src/lib/krb5/ccache/Makefile.in +++ b/src/lib/krb5/ccache/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/ccache mydir=lib/krb5/ccache BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS = # ccapi @@ -11,7 +9,7 @@ PROG_RPATH=$(KRB5_LIBDIR) LOCALINCLUDES = -I$(srcdir)$(S)ccapi $(WIN_INCLUDES) -##DOS##WIN_INCLUDES = -I$(SRCTOP)\windows\lib +##DOS##WIN_INCLUDES = -I$(top_srcdir)\windows\lib ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=ccache @@ -109,7 +107,7 @@ check-unix:: t_cc t_cccursor clean-unix:: $(RM) t_cc t_cc.o t_cccursor t_cccursor.o -##WIN32## $(OUTPRE)cc_mslsa.$(OBJEXT): cc_mslsa.c $(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) +##WIN32## $(OUTPRE)cc_mslsa.$(OBJEXT): cc_mslsa.c $(top_srcdir)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) @libobj_frag@ diff --git a/src/lib/krb5/ccache/ccapi/Makefile.in b/src/lib/krb5/ccache/ccapi/Makefile.in index 503a2c6..135672b 100644 --- a/src/lib/krb5/ccache/ccapi/Makefile.in +++ b/src/lib/krb5/ccache/ccapi/Makefile.in @@ -1,12 +1,10 @@ -thisconfigdir=../../../.. -myfulldir=lib/krb5/ccache/ccapi mydir=lib/krb5/ccache/ccapi BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = $(WIN_INCLUDES) DEFS= -DUSE_CCAPI -DUSE_CCAPI_V3 ##DOS##DEFS= -##DOS##WIN_INCLUDES = -I$(SRCTOP)\windows\lib +##DOS##WIN_INCLUDES = -I$(top_srcdir)\windows\lib ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = ccache\file diff --git a/src/lib/krb5/ccache/ccapi/deps b/src/lib/krb5/ccache/ccapi/deps index db881ca..7df6d68 100644 --- a/src/lib/krb5/ccache/ccapi/deps +++ b/src/lib/krb5/ccache/ccapi/deps @@ -3,16 +3,16 @@ # stdcc.so stdcc.po $(OUTPRE)stdcc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/CredentialsCache.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h stdcc.c stdcc.h stdcc_util.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/CredentialsCache.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h stdcc.c stdcc.h stdcc_util.h stdcc_util.so stdcc_util.po $(OUTPRE)stdcc_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/CredentialsCache.h \ - $(SRCTOP)/include/krb5.h stdcc_util.c stdcc_util.h + $(COM_ERR_DEPS) $(top_srcdir)/include/CredentialsCache.h \ + $(top_srcdir)/include/krb5.h stdcc_util.c stdcc_util.h winccld.so winccld.po $(OUTPRE)winccld.$(OBJEXT): winccld.c diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index 33fb97c..de2bc9d 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -805,7 +805,7 @@ krb5_stdccv3_get_flags (krb5_context context, krb5_error_code KRB5_CALLCONV krb5_stdccv3_remove (krb5_context context, krb5_ccache id, - krb5_flags flags, + krb5_flags whichfields, krb5_creds *in_creds) { krb5_error_code err = 0; @@ -836,7 +836,10 @@ krb5_stdccv3_remove (krb5_context context, credentials->data, &creds); if (!err) { - found = krb5_creds_compare (context, in_creds, &creds); + found = krb5int_cc_creds_match_request(context, + whichfields, + in_creds, + &creds); krb5_free_cred_contents (context, &creds); } diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index fb3d7ec..7deb0a1 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -245,10 +245,9 @@ krb5_cc_resolve (krb5_context context, const char *name, krb5_ccache *cache) * prefix string. */ static krb5_error_code -krb5int_cc_getops( - krb5_context context, - const char *pfx, - const krb5_cc_ops **ops) +krb5int_cc_getops(krb5_context context, + const char *pfx, + const krb5_cc_ops **ops) { krb5_error_code err; struct krb5_cc_typelist *tlist; @@ -331,10 +330,9 @@ errout: } krb5_error_code -krb5int_cc_typecursor_next( - krb5_context context, - krb5_cc_typecursor t, - const krb5_cc_ops **ops) +krb5int_cc_typecursor_next(krb5_context context, + krb5_cc_typecursor t, + const krb5_cc_ops **ops) { krb5_error_code err = 0; @@ -364,7 +362,7 @@ krb5int_cc_typecursor_free(krb5_context context, krb5_cc_typecursor *t) } krb5_error_code KRB5_CALLCONV -krb5_cc_move (krb5_context context, krb5_ccache src, krb5_ccache dst) +krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst) { krb5_error_code ret = 0; krb5_principal princ = NULL; diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c index 852eff8..4272c04 100644 --- a/src/lib/krb5/ccache/cccursor.c +++ b/src/lib/krb5/ccache/cccursor.c @@ -65,9 +65,8 @@ static krb5_error_code cccol_pertype_next(krb5_context, krb5_cccol_cursor, krb5_ccache *); krb5_error_code KRB5_CALLCONV -krb5_cccol_cursor_new( - krb5_context context, - krb5_cccol_cursor *cursor) +krb5_cccol_cursor_new(krb5_context context, + krb5_cccol_cursor *cursor) { krb5_error_code ret = 0; krb5_cccol_cursor n = NULL; @@ -111,10 +110,9 @@ errout: } krb5_error_code KRB5_CALLCONV -krb5_cccol_cursor_next( - krb5_context context, - krb5_cccol_cursor cursor, - krb5_ccache *ccache) +krb5_cccol_cursor_next(krb5_context context, + krb5_cccol_cursor cursor, + krb5_ccache *ccache) { krb5_error_code ret = 0; char *name; @@ -173,9 +171,8 @@ errout: } krb5_error_code KRB5_CALLCONV -krb5_cccol_cursor_free( - krb5_context context, - krb5_cccol_cursor *cursor) +krb5_cccol_cursor_free(krb5_context context, + krb5_cccol_cursor *cursor) { krb5_cccol_cursor c = *cursor; int i; @@ -200,9 +197,8 @@ krb5_cccol_cursor_free( } krb5_error_code KRB5_CALLCONV -krb5_cccol_last_change_time( - krb5_context context, - krb5_timestamp *change_time) +krb5_cccol_last_change_time(krb5_context context, + krb5_timestamp *change_time) { krb5_error_code ret = 0; krb5_cccol_cursor c = NULL; @@ -240,10 +236,9 @@ krb5_cccol_last_change_time( * higher-priority defaults. */ static int -cccol_already( - krb5_context context, - krb5_cccol_cursor c, - krb5_ccache *ccache) +cccol_already(krb5_context context, + krb5_cccol_cursor c, + krb5_ccache *ccache) { const char *name = NULL, *prefix = NULL; int i; @@ -270,10 +265,9 @@ cccol_already( * Compare {prefix, name} against a cc_fullname. */ static int -cccol_cmpname( - const char *prefix, - const char *name, - struct cc_fullname *fullname) +cccol_cmpname(const char *prefix, + const char *name, + struct cc_fullname *fullname) { if (fullname->pfx == NULL || fullname->res == NULL) return 0; @@ -292,11 +286,10 @@ cccol_cmpname( * name we're given. */ static krb5_error_code -cccol_do_resolve( - krb5_context context, - krb5_cccol_cursor cursor, - const char *name, - krb5_ccache *ccache) +cccol_do_resolve(krb5_context context, + krb5_cccol_cursor cursor, + const char *name, + krb5_ccache *ccache) { krb5_error_code ret = 0; struct cc_fullname *fullname; @@ -321,10 +314,9 @@ cccol_do_resolve( * ccache list of the current backend is exhausted. */ static krb5_error_code -cccol_pertype_next( - krb5_context context, - krb5_cccol_cursor cursor, - krb5_ccache *ccache) +cccol_pertype_next(krb5_context context, + krb5_cccol_cursor cursor, + krb5_ccache *ccache) { krb5_error_code ret = 0; diff --git a/src/lib/krb5/ccache/ccfns.c b/src/lib/krb5/ccache/ccfns.c index e12dd56..f08bfb9 100644 --- a/src/lib/krb5/ccache/ccfns.c +++ b/src/lib/krb5/ccache/ccfns.c @@ -191,3 +191,162 @@ krb5_cc_unlock (krb5_context context, krb5_ccache ccache) { return ccache->ops->unlock(context, ccache); } + +static const char conf_realm[] = "X-CACHECONF:"; +static const char conf_name[] = "krb5_ccache_conf_data"; + +static krb5_error_code +build_conf_principals (krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *name, krb5_creds *cred) +{ + krb5_principal client; + krb5_error_code ret; + char *pname = NULL; + + memset(cred, 0, sizeof(*cred)); + + ret = krb5_cc_get_principal(context, id, &client); + if (ret) + return ret; + + if (principal) { + ret = krb5_unparse_name(context, principal, &pname); + if (ret) + return ret; + } + + ret = krb5_build_principal(context, &cred->server, + sizeof(conf_realm) - 1, conf_realm, + conf_name, name, pname, (char *)NULL); + free(pname); + if (ret) { + krb5_free_principal(context, client); + return ret; + } + ret = krb5_copy_principal(context, client, &cred->client); + krb5_free_principal(context, client); + return ret; +} + +/*! + * \param context a Keberos context + * \param principal principal to check if it a configuration principal + * + * \brief Return TRUE (non zero) if the principal is a configuration + * principal (generated part of krb5_cc_set_config()). Returns + * FALSE (zero) if not a configuration principal. + * + */ + +krb5_boolean KRB5_CALLCONV +krb5_is_config_principal (krb5_context context, + krb5_const_principal principal) +{ + const krb5_data *realm; + + realm = krb5_princ_realm(context, principal); + + if (realm->length != sizeof(conf_realm) - 1 || + memcmp(realm->data, conf_realm, sizeof(conf_realm) - 1) != 0) + return FALSE; + + if (principal->length == 0 || + principal->data[0].length != (sizeof(conf_name) - 1) || + memcmp(principal->data[0].data, conf_name, sizeof(conf_name) - 1) != 0) + return FALSE; + + return TRUE; +} + +/*! + * \param context a Keberos context + * \param id the credential cache to store the data for + * \param principal configuration for a specific principal, if + * NULL, global for the whole cache. + * \param key name under which the configuraion is stored. + * \param data data to store + * + * \brief Store some configuration for the credential cache in the + * cache. Existing configuration under the same key is + * over-written. + * + */ + +krb5_error_code KRB5_CALLCONV +krb5_cc_set_config (krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *key, krb5_data *data) +{ + krb5_error_code ret; + krb5_creds cred; + memset(&cred, 0, sizeof(cred)); + + ret = build_conf_principals(context, id, principal, key, &cred); + if (ret) + goto out; + + ret = krb5_cc_remove_cred(context, id, 0, &cred); + if (ret && ret != KRB5_CC_NOTFOUND && ret != KRB5_CC_NOSUPP) + goto out; + + cred.ticket.data = malloc(data->length); + if (cred.ticket.data == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + cred.ticket.length = data->length; + memcpy(cred.ticket.data, data->data, data->length); + + ret = krb5_cc_store_cred(context, id, &cred); + +out: + krb5_free_cred_contents(context, &cred); + return ret; +} + +/*! + * \param context a Keberos context + * \param id the credential cache to store the data for + * \param principal configuration for a specific principal, if + * NULL, global for the whole cache. + * \param key name under which the configuraion is stored. + * \param data data to fetched, free with krb5_data_free() + * + * \brief Get some configuration for the credential cache in the cache. + */ + + +krb5_error_code KRB5_CALLCONV +krb5_cc_get_config (krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *key, krb5_data *data) +{ + krb5_creds mcred, cred; + krb5_error_code ret; + + memset(&cred, 0, sizeof(cred)); + memset(data, 0, sizeof(*data)); + + ret = build_conf_principals(context, id, principal, key, &mcred); + if (ret) + goto out; + + ret = krb5_cc_retrieve_cred(context, id, 0, &mcred, &cred); + if (ret) + goto out; + + data->data = malloc(cred.ticket.length); + if (data->data == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + goto out; + } + data->length = cred.ticket.length; + memcpy(data->data, cred.ticket.data, data->length); + +out: + krb5_free_cred_contents(context, &cred); + krb5_free_cred_contents(context, &mcred); + return ret; +} diff --git a/src/lib/krb5/ccache/deps b/src/lib/krb5/ccache/deps index b841dcb..6e07abe 100644 --- a/src/lib/krb5/ccache/deps +++ b/src/lib/krb5/ccache/deps @@ -3,130 +3,130 @@ # ccbase.so ccbase.po $(OUTPRE)ccbase.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h cc-int.h ccbase.c \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cc-int.h ccbase.c \ fcc.h cccopy.so cccopy.po $(OUTPRE)cccopy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h cccopy.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cccopy.c cccursor.so cccursor.po $(OUTPRE)cccursor.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cc-int.h cccursor.c ccdefault.so ccdefault.po $(OUTPRE)ccdefault.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ccdefault.c ccdefops.so ccdefops.po $(OUTPRE)ccdefops.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ccdefops.c fcc.h cc_retr.so cc_retr.po $(OUTPRE)cc_retr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h cc-int.h cc_retr.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cc-int.h cc_retr.c cc_file.so cc_file.po $(OUTPRE)cc_file.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h cc-int.h cc_file.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cc-int.h cc_file.c cc_memory.so cc_memory.po $(OUTPRE)cc_memory.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cc-int.h cc_memory.c cc_keyring.so cc_keyring.po $(OUTPRE)cc_keyring.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cc-int.h cc_keyring.c ccfns.so ccfns.po $(OUTPRE)ccfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ccfns.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ccfns.c ser_cc.so ser_cc.po $(OUTPRE)ser_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ser_cc.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ser_cc.c t_cc.so t_cc.po $(OUTPRE)t_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h t_cc.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_cc.c t_cccursor.so t_cccursor.po $(OUTPRE)t_cccursor.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h t_cccursor.c + $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h t_cccursor.c diff --git a/src/lib/krb5/deps b/src/lib/krb5/deps index 7e3a9e7..04b1fa6 100644 --- a/src/lib/krb5/deps +++ b/src/lib/krb5/deps @@ -4,13 +4,13 @@ krb5_libinit.so krb5_libinit.po $(OUTPRE)krb5_libinit.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/ccache/cc-int.h $(srcdir)/keytab/kt-int.h \ - $(srcdir)/os/os-proto.h $(srcdir)/rcache/rc-int.h krb5_libinit.c \ + $(COM_ERR_DEPS) $(srcdir)/ccache/cc-int.h $(srcdir)/keytab/kt-int.h \ + $(srcdir)/os/os-proto.h $(srcdir)/rcache/rc-int.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h krb5_libinit.c \ krb5_libinit.h diff --git a/src/lib/krb5/error_tables/Makefile.in b/src/lib/krb5/error_tables/Makefile.in index ec4c920..4972363 100644 --- a/src/lib/krb5/error_tables/Makefile.in +++ b/src/lib/krb5/error_tables/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/error_tables mydir=lib/krb5/error_tables BUILDTOP=$(REL)..$(S)..$(S).. DEFS= @@ -10,6 +8,7 @@ DEFS= THDRDIR=$(BUILDTOP)$(S)include EHDRDIR=$(BUILDTOP)$(S)include +ETDIR=$(top_srcdir)$(S)util$(S)et STLIBOBJS= asn1_err.o kdb5_err.o krb5_err.o \ kv5m_err.o krb524_err.o @@ -28,16 +27,16 @@ all-libobjs: $(HDRS) includes: $(HDRS) awk-windows: - $(AWK) -f $(SRCTOP)/util/et/et_h.awk outfile=asn1_err.h asn1_err.et - $(AWK) -f $(SRCTOP)/util/et/et_h.awk outfile=kdb5_err.h kdb5_err.et - $(AWK) -f $(SRCTOP)/util/et/et_h.awk outfile=krb5_err.h krb5_err.et - $(AWK) -f $(SRCTOP)/util/et/et_h.awk outfile=kv5m_err.h kv5m_err.et - $(AWK) -f $(SRCTOP)/util/et/et_h.awk outfile=krb524_err.h krb524_err.et - $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=asn1_err.c asn1_err.et - $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=kdb5_err.c kdb5_err.et - $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=krb5_err.c krb5_err.et - $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=kv5m_err.c kv5m_err.et - $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=krb524_err.c krb524_err.et + $(AWK) -f $(ETDIR)/et_h.awk outfile=asn1_err.h asn1_err.et + $(AWK) -f $(ETDIR)/et_h.awk outfile=kdb5_err.h kdb5_err.et + $(AWK) -f $(ETDIR)/et_h.awk outfile=krb5_err.h krb5_err.et + $(AWK) -f $(ETDIR)/et_h.awk outfile=kv5m_err.h kv5m_err.et + $(AWK) -f $(ETDIR)/et_h.awk outfile=krb524_err.h krb524_err.et + $(AWK) -f $(ETDIR)/et_c.awk outfile=asn1_err.c asn1_err.et + $(AWK) -f $(ETDIR)/et_c.awk outfile=kdb5_err.c kdb5_err.et + $(AWK) -f $(ETDIR)/et_c.awk outfile=krb5_err.c krb5_err.et + $(AWK) -f $(ETDIR)/et_c.awk outfile=kv5m_err.c kv5m_err.et + $(AWK) -f $(ETDIR)/et_c.awk outfile=krb524_err.c krb524_err.et if exist asn1_err.h copy asn1_err.h "$(EHDRDIR)" if exist kdb5_err.h copy kdb5_err.h "$(EHDRDIR)" if exist krb5_err.h copy krb5_err.h "$(EHDRDIR)" diff --git a/src/lib/krb5/keytab/Makefile.in b/src/lib/krb5/keytab/Makefile.in index c422e9c..258eac7 100644 --- a/src/lib/krb5/keytab/Makefile.in +++ b/src/lib/krb5/keytab/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/keytab mydir=lib/krb5/keytab BUILDTOP=$(REL)..$(S)..$(S).. DEFS= diff --git a/src/lib/krb5/keytab/deps b/src/lib/krb5/keytab/deps index 0056439..403a5f0 100644 --- a/src/lib/krb5/keytab/deps +++ b/src/lib/krb5/keytab/deps @@ -3,118 +3,118 @@ # ktadd.so ktadd.po $(OUTPRE)ktadd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ktadd.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ktadd.c ktbase.so ktbase.po $(OUTPRE)ktbase.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h kt-int.h ktbase.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kt-int.h ktbase.c ktdefault.so ktdefault.po $(OUTPRE)ktdefault.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ktdefault.c ktfr_entry.so ktfr_entry.po $(OUTPRE)ktfr_entry.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ktfr_entry.c ktremove.so ktremove.po $(OUTPRE)ktremove.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ktremove.c ktfns.so ktfns.po $(OUTPRE)ktfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ktfns.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ktfns.c kt_file.so kt_file.po $(OUTPRE)kt_file.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h kt_file.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kt_file.c kt_memory.so kt_memory.po $(OUTPRE)kt_memory.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ kt-int.h kt_memory.c kt_srvtab.so kt_srvtab.po $(OUTPRE)kt_srvtab.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ kt_srvtab.c read_servi.so read_servi.po $(OUTPRE)read_servi.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ read_servi.c t_keytab.so t_keytab.po $(OUTPRE)t_keytab.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ t_keytab.c diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in index 3746746..a837797 100644 --- a/src/lib/krb5/krb/Makefile.in +++ b/src/lib/krb5/krb/Makefile.in @@ -1,11 +1,9 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/krb mydir=lib/krb5/krb BUILDTOP=$(REL)..$(S)..$(S).. RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -LOCALINCLUDES = -I$(srcdir)/../os -I$(SRCTOP) +LOCALINCLUDES = -I$(srcdir)/../os -I$(top_srcdir) DEFS=-DLIBDIR=\"$(KRB5_LIBDIR)\" ##DOS##BUILDTOP = ..\..\.. diff --git a/src/lib/krb5/krb/auth_con.c b/src/lib/krb5/krb/auth_con.c index e6bbac1..a53b7d5 100644 --- a/src/lib/krb5/krb/auth_con.c +++ b/src/lib/krb5/krb/auth_con.c @@ -176,6 +176,15 @@ krb5_auth_con_getkey(krb5_context context, krb5_auth_context auth_context, krb5_ } krb5_error_code KRB5_CALLCONV +krb5_auth_con_getkey_k(krb5_context context, krb5_auth_context auth_context, + krb5_key *key) +{ + krb5_k_reference_key(context, auth_context->key); + *key = auth_context->key; + return 0; +} + +krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) { return krb5_auth_con_getsendsubkey(context, auth_context, keyblock); @@ -221,6 +230,15 @@ krb5_auth_con_getsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keybloc } krb5_error_code KRB5_CALLCONV +krb5_auth_con_getsendsubkey_k(krb5_context ctx, krb5_auth_context ac, + krb5_key *key) +{ + krb5_k_reference_key(ctx, ac->send_subkey); + *key = ac->send_subkey; + return 0; +} + +krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock) { if (ac->recv_subkey != NULL) @@ -230,6 +248,15 @@ krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keybloc } krb5_error_code KRB5_CALLCONV +krb5_auth_con_getrecvsubkey_k(krb5_context ctx, krb5_auth_context ac, + krb5_key *key) +{ + krb5_k_reference_key(ctx, ac->recv_subkey); + *key = ac->recv_subkey; + return 0; +} + +krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype(krb5_context context, krb5_auth_context auth_context, krb5_cksumtype cksumtype) { auth_context->req_cksumtype = cksumtype; diff --git a/src/lib/krb5/krb/copy_auth.c b/src/lib/krb5/krb/copy_auth.c index d4c2700..88bc3fa 100644 --- a/src/lib/krb5/krb/copy_auth.c +++ b/src/lib/krb5/krb/copy_auth.c @@ -229,7 +229,7 @@ find_authdata_1(krb5_context context, krb5_authdata *const *in_authdat, int i = 0; krb5_error_code retval = 0; - for (i = 0; in_authdat[i]; i++) { + for (i = 0; in_authdat[i] && retval == 0; i++) { krb5_authdata *ad = in_authdat[i]; krb5_authdata **decoded_container; diff --git a/src/lib/krb5/krb/deps b/src/lib/krb5/krb/deps index 8bbef35..b94967d 100644 --- a/src/lib/krb5/krb/deps +++ b/src/lib/krb5/krb/deps @@ -4,1043 +4,1045 @@ addr_comp.so addr_comp.po $(OUTPRE)addr_comp.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ addr_comp.c addr_order.so addr_order.po $(OUTPRE)addr_order.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ addr_order.c addr_srch.so addr_srch.po $(OUTPRE)addr_srch.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ addr_srch.c appdefault.so appdefault.po $(OUTPRE)appdefault.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ appdefault.c auth_con.so auth_con.po $(OUTPRE)auth_con.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.c auth_con.h authdata.so authdata.po $(OUTPRE)authdata.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h authdata.c authdata.h int-proto.h bld_pr_ext.so bld_pr_ext.po $(OUTPRE)bld_pr_ext.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ bld_pr_ext.c bld_princ.so bld_princ.po $(OUTPRE)bld_princ.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ bld_princ.c -brand.so brand.po $(OUTPRE)brand.$(OBJEXT): $(SRCTOP)/patchlevel.h \ +brand.so brand.po $(OUTPRE)brand.$(OBJEXT): $(top_srcdir)/patchlevel.h \ brand.c chk_trans.so chk_trans.po $(OUTPRE)chk_trans.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ chk_trans.c chpw.so chpw.po $(OUTPRE)chpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h chpw.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h chpw.c conv_creds.so conv_creds.po $(OUTPRE)conv_creds.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ conv_creds.c conv_princ.so conv_princ.po $(OUTPRE)conv_princ.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ conv_princ.c copy_addrs.so copy_addrs.po $(OUTPRE)copy_addrs.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_addrs.c copy_auth.so copy_auth.po $(OUTPRE)copy_auth.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_auth.c copy_athctr.so copy_athctr.po $(OUTPRE)copy_athctr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_athctr.c copy_cksum.so copy_cksum.po $(OUTPRE)copy_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_cksum.c copy_creds.so copy_creds.po $(OUTPRE)copy_creds.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_creds.c copy_data.so copy_data.po $(OUTPRE)copy_data.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_data.c copy_key.so copy_key.po $(OUTPRE)copy_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_key.c copy_princ.so copy_princ.po $(OUTPRE)copy_princ.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_princ.c copy_tick.so copy_tick.po $(OUTPRE)copy_tick.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ copy_tick.c cp_key_cnt.so cp_key_cnt.po $(OUTPRE)cp_key_cnt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cp_key_cnt.c decode_kdc.so decode_kdc.po $(OUTPRE)decode_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - decode_kdc.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + decode_kdc.c int-proto.h decrypt_tk.so decrypt_tk.po $(OUTPRE)decrypt_tk.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ decrypt_tk.c deltat.so deltat.po $(OUTPRE)deltat.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h deltat.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h deltat.c enc_helper.so enc_helper.po $(OUTPRE)enc_helper.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ enc_helper.c encode_kdc.so encode_kdc.po $(OUTPRE)encode_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ encode_kdc.c encrypt_tk.so encrypt_tk.po $(OUTPRE)encrypt_tk.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ encrypt_tk.c fast.so fast.po $(OUTPRE)fast.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h fast.c fast.h int-proto.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h fast.c fast.h \ + int-proto.h free_rtree.so free_rtree.po $(OUTPRE)free_rtree.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ free_rtree.c fwd_tgt.so fwd_tgt.po $(OUTPRE)fwd_tgt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h fwd_tgt.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h fwd_tgt.c gc_frm_kdc.so gc_frm_kdc.po $(OUTPRE)gc_frm_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gc_frm_kdc.c int-proto.h gc_via_tkt.so gc_via_tkt.po $(OUTPRE)gc_via_tkt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gc_via_tkt.c int-proto.h gen_seqnum.so gen_seqnum.po $(OUTPRE)gen_seqnum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gen_seqnum.c gen_subkey.so gen_subkey.po $(OUTPRE)gen_subkey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gen_subkey.c get_creds.so get_creds.po $(OUTPRE)get_creds.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ get_creds.c int-proto.h get_in_tkt.so get_in_tkt.po $(OUTPRE)get_in_tkt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../os/os-proto.h fast.h get_in_tkt.c int-proto.h + $(COM_ERR_DEPS) $(srcdir)/../os/os-proto.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h fast.h get_in_tkt.c \ + init_creds_ctx.h int-proto.h gic_keytab.so gic_keytab.po $(OUTPRE)gic_keytab.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - gic_keytab.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + gic_keytab.c init_creds_ctx.h gic_opt.so gic_opt.po $(OUTPRE)gic_opt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h gic_opt.c int-proto.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h gic_opt.c int-proto.h gic_pwd.so gic_pwd.po $(OUTPRE)gic_pwd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h gic_pwd.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h gic_pwd.c init_creds_ctx.h in_tkt_sky.so in_tkt_sky.po $(OUTPRE)in_tkt_sky.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ in_tkt_sky.c init_ctx.so init_ctx.po $(OUTPRE)init_ctx.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/patchlevel.h $(srcdir)/../krb5_libinit.h \ + $(COM_ERR_DEPS) $(srcdir)/../krb5_libinit.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(top_srcdir)/patchlevel.h \ brand.c init_ctx.c init_keyblock.so init_keyblock.po $(OUTPRE)init_keyblock.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ init_keyblock.c kdc_rep_dc.so kdc_rep_dc.po $(OUTPRE)kdc_rep_dc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ kdc_rep_dc.c kerrs.so kerrs.po $(OUTPRE)kerrs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h kerrs.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kerrs.c kfree.so kfree.po $(OUTPRE)kfree.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h kfree.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kfree.c mk_cred.so mk_cred.po $(OUTPRE)mk_cred.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ mk_cred.c mk_error.so mk_error.po $(OUTPRE)mk_error.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ mk_error.c mk_priv.so mk_priv.po $(OUTPRE)mk_priv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ mk_priv.c mk_rep.so mk_rep.po $(OUTPRE)mk_rep.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h mk_rep.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h mk_rep.c mk_req.so mk_req.po $(OUTPRE)mk_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h mk_req.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h mk_req.c mk_req_ext.so mk_req_ext.po $(OUTPRE)mk_req_ext.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h mk_req_ext.c mk_safe.so mk_safe.po $(OUTPRE)mk_safe.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ mk_safe.c pac.so pac.po $(OUTPRE)pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-utf8.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-utf8.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ authdata.h pac.c parse.so parse.po $(OUTPRE)parse.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h parse.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h parse.c pr_to_salt.so pr_to_salt.po $(OUTPRE)pr_to_salt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ pr_to_salt.c preauth.so preauth.po $(OUTPRE)preauth.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h preauth.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h preauth.c preauth2.so preauth2.po $(OUTPRE)preauth2.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ fast.h int-proto.h preauth2.c princ_comp.so princ_comp.po $(OUTPRE)princ_comp.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/k5-unicode.h $(SRCTOP)/include/k5-utf8.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-unicode.h $(top_srcdir)/include/k5-utf8.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ princ_comp.c rd_cred.so rd_cred.po $(OUTPRE)rd_cred.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ rd_cred.c rd_error.so rd_error.po $(OUTPRE)rd_error.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ rd_error.c rd_priv.so rd_priv.po $(OUTPRE)rd_priv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ rd_priv.c rd_rep.so rd_rep.po $(OUTPRE)rd_rep.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h rd_rep.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h rd_rep.c rd_req.so rd_req.po $(OUTPRE)rd_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h rd_req.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h rd_req.c rd_req_dec.so rd_req_dec.po $(OUTPRE)rd_req_dec.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h authdata.h int-proto.h rd_req_dec.c rd_safe.so rd_safe.po $(OUTPRE)rd_safe.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h cleanup.h \ rd_safe.c recvauth.so recvauth.po $(OUTPRE)recvauth.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h recvauth.c s4u_creds.so s4u_creds.po $(OUTPRE)s4u_creds.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h s4u_creds.c sendauth.so sendauth.po $(OUTPRE)sendauth.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h sendauth.c send_tgs.so send_tgs.po $(OUTPRE)send_tgs.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - send_tgs.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + int-proto.h send_tgs.c ser_actx.so ser_actx.po $(OUTPRE)ser_actx.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ auth_con.h int-proto.h ser_actx.c ser_adata.so ser_adata.po $(OUTPRE)ser_adata.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h ser_adata.c ser_addr.so ser_addr.po $(OUTPRE)ser_addr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h ser_addr.c ser_auth.so ser_auth.po $(OUTPRE)ser_auth.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h ser_auth.c ser_cksum.so ser_cksum.po $(OUTPRE)ser_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h ser_cksum.c ser_ctx.so ser_ctx.po $(OUTPRE)ser_ctx.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ser_ctx.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ser_ctx.c ser_key.so ser_key.po $(OUTPRE)ser_key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h int-proto.h ser_key.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h int-proto.h ser_key.c ser_princ.so ser_princ.po $(OUTPRE)ser_princ.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h ser_princ.c serialize.so serialize.po $(OUTPRE)serialize.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ serialize.c set_realm.so set_realm.po $(OUTPRE)set_realm.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ set_realm.c srv_dec_tkt.so srv_dec_tkt.po $(OUTPRE)srv_dec_tkt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ srv_dec_tkt.c srv_rcache.so srv_rcache.po $(OUTPRE)srv_rcache.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ srv_rcache.c str_conv.so str_conv.po $(OUTPRE)str_conv.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - str_conv.c + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h str_conv.c t_ad_fx_armor.so t_ad_fx_armor.po $(OUTPRE)t_ad_fx_armor.$(OBJEXT): \ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) t_ad_fx_armor.c tgtname.so tgtname.po $(OUTPRE)tgtname.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h int-proto.h tgtname.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h int-proto.h tgtname.c unparse.so unparse.po $(OUTPRE)unparse.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h unparse.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h unparse.c valid_times.so valid_times.po $(OUTPRE)valid_times.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ valid_times.c vfy_increds.so vfy_increds.po $(OUTPRE)vfy_increds.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h vfy_increds.c vic_opt.so vic_opt.po $(OUTPRE)vic_opt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h vic_opt.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h vic_opt.c walk_rtree.so walk_rtree.po $(OUTPRE)walk_rtree.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ int-proto.h walk_rtree.c t_walk_rtree.so t_walk_rtree.po $(OUTPRE)t_walk_rtree.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ t_walk_rtree.c t_kerb.so t_kerb.po $(OUTPRE)t_kerb.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \ + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \ t_kerb.c t_ser.so t_ser.po $(OUTPRE)t_ser.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h auth_con.h t_ser.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h auth_con.h t_ser.c t_deltat.so t_deltat.po $(OUTPRE)t_deltat.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ t_deltat.c t_expand.so t_expand.po $(OUTPRE)t_expand.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ chk_trans.c t_expand.c t_pac.so t_pac.po $(OUTPRE)t_pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h t_pac.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_pac.c t_princ.so t_princ.po $(OUTPRE)t_princ.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h t_princ.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_princ.c t_etypes.so t_etypes.po $(OUTPRE)t_etypes.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ t_etypes.c diff --git a/src/lib/krb5/krb/fast.c b/src/lib/krb5/krb/fast.c index 7d6bc27..2791651 100644 --- a/src/lib/krb5/krb/fast.c +++ b/src/lib/krb5/krb/fast.c @@ -56,7 +56,7 @@ static krb5_error_code fast_armor_ap_request(krb5_context context, struct krb5int_fast_request_state *state, - krb5_ccache ccache, krb5_data *target_realm) + krb5_ccache ccache, krb5_principal target_principal) { krb5_error_code retval = 0; krb5_creds creds, *out_creds = NULL; @@ -66,9 +66,8 @@ fast_armor_ap_request(krb5_context context, krb5_keyblock *subkey = NULL, *armor_key = NULL; encoded_authenticator.data = NULL; memset(&creds, 0, sizeof(creds)); - retval = krb5_tgtname(context, target_realm, target_realm, &creds.server); - if (retval ==0) - retval = krb5_cc_get_principal(context, ccache, &creds.client); + creds.server = target_principal; + retval = krb5_cc_get_principal(context, ccache, &creds.client); if (retval == 0) retval = krb5_get_credentials(context, 0, ccache, &creds, &out_creds); if (retval == 0) @@ -98,6 +97,8 @@ fast_armor_ap_request(krb5_context context, krb5_free_keyblock(context, subkey); if (out_creds) krb5_free_creds(context, out_creds); + /* target_principal is owned by caller. */ + creds.server = NULL; krb5_free_cred_contents(context, &creds); if (encoded_authenticator.data) krb5_free_data_contents(context, &encoded_authenticator); @@ -138,13 +139,34 @@ krb5int_fast_as_armor(krb5_context context, { krb5_error_code retval = 0; krb5_ccache ccache = NULL; + krb5_principal target_principal = NULL; + krb5_data *target_realm; krb5_clear_error_message(context); + target_realm = krb5_princ_realm(context, request->server); if (opte->opt_private->fast_ccache_name) { + state->fast_state_flags |= KRB5INT_FAST_ARMOR_AVAIL; retval = krb5_cc_resolve(context, opte->opt_private->fast_ccache_name, &ccache); - if (retval==0) + if (retval == 0) { + retval = krb5_tgtname(context, target_realm, target_realm, + &target_principal); + } + if (retval == 0) { + krb5_data config_data; + config_data.data = NULL; + retval = krb5_cc_get_config(context, ccache, target_principal, + KRB5_CONF_FAST_AVAIL, &config_data); + if ((retval == 0) && config_data.data ) + state->fast_state_flags |= KRB5INT_FAST_DO_FAST; + krb5_free_data_contents(context, &config_data); + retval = 0; + } + if (opte->opt_private->fast_flags& KRB5_FAST_REQUIRED) + state->fast_state_flags |= KRB5INT_FAST_DO_FAST; + if (retval == 0 && (state->fast_state_flags & KRB5INT_FAST_DO_FAST)) { retval = fast_armor_ap_request(context, state, ccache, - krb5_princ_realm(context, request->server)); + target_principal); + } if (retval != 0) { const char * errmsg; errmsg = krb5_get_error_message(context, retval); @@ -156,6 +178,8 @@ krb5int_fast_as_armor(krb5_context context, } if (ccache) krb5_cc_close(context, ccache); + if (target_principal) + krb5_free_principal(context, target_principal); return retval; } @@ -373,7 +397,7 @@ krb5int_fast_process_error(krb5_context context, * ever changed then this will need to be a copy not a cast. */ if (retval == 0) - retval = encode_krb5_typed_data( (krb5_typed_data **) fast_response->padata, + retval = encode_krb5_typed_data( (const krb5_typed_data **)fast_response->padata, &encoded_td); if (retval == 0) { fx_error->e_data = *encoded_td; @@ -528,3 +552,61 @@ krb5int_find_pa_data(krb5_context context, krb5_pa_data *const *padata, return *tmppa; } + + +krb5_error_code +krb5int_fast_verify_nego(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_kdc_rep *rep, krb5_data *request, + krb5_keyblock *decrypting_key, + krb5_boolean *fast_avail) +{ + krb5_error_code retval = 0; + krb5_checksum *checksum = NULL; + krb5_pa_data *pa; + krb5_data scratch; + krb5_boolean valid; + + if (rep->enc_part2->flags& TKT_FLG_ENC_PA_REP) { + pa = krb5int_find_pa_data(context, rep->enc_part2->enc_padata, + KRB5_ENCPADATA_REQ_ENC_PA_REP); + if (pa == NULL) + retval = KRB5_KDCREP_MODIFIED; + else { + scratch.data = (char *) pa->contents; + scratch.length = pa->length; + } + if (retval == 0) + retval = decode_krb5_checksum(&scratch, &checksum); + if (retval == 0) + retval = krb5_c_verify_checksum(context, decrypting_key, + KRB5_KEYUSAGE_AS_REQ, + request, checksum, &valid); + if (retval == 0 &&valid == 0) + retval = KRB5_KDCREP_MODIFIED; + if (retval == 0) { + pa = krb5int_find_pa_data(context, rep->enc_part2->enc_padata, + KRB5_PADATA_FX_FAST); + *fast_avail = (pa != NULL); + } + } + if (checksum) + krb5_free_checksum(context, checksum); + return retval; +} + +krb5_boolean +krb5int_upgrade_to_fast_p(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_pa_data **padata) +{ + if (state->armor_key != NULL) + return 0; /*already using FAST*/ + if (!(state->fast_state_flags & KRB5INT_FAST_ARMOR_AVAIL)) + return 0; + if (krb5int_find_pa_data(context, padata, KRB5_PADATA_FX_FAST) != NULL) { + state->fast_state_flags |= KRB5INT_FAST_DO_FAST; + return 1; + } + return 0; +} diff --git a/src/lib/krb5/krb/fast.h b/src/lib/krb5/krb/fast.h index 443f3e1..66dc985 100644 --- a/src/lib/krb5/krb/fast.h +++ b/src/lib/krb5/krb/fast.h @@ -42,6 +42,9 @@ struct krb5int_fast_request_state { krb5_int32 nonce; }; +#define KRB5INT_FAST_DO_FAST (1l<<0) /* Perform FAST */ +#define KRB5INT_FAST_ARMOR_AVAIL (1l<<1) + krb5_error_code krb5int_fast_prep_req_body(krb5_context context, struct krb5int_fast_request_state *state, krb5_kdc_req *request, krb5_data **encoded_req_body); @@ -79,5 +82,16 @@ krb5_error_code krb5int_fast_reply_key(krb5_context context, krb5_keyblock *output_key); +krb5_error_code +krb5int_fast_verify_nego(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_kdc_rep *rep, krb5_data *request, + krb5_keyblock *decrypting_key, + krb5_boolean *fast_avail); + +krb5_boolean +krb5int_upgrade_to_fast_p(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_pa_data **padata); #endif diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c index 8b202d2..df54621 100644 --- a/src/lib/krb5/krb/gc_via_tkt.c +++ b/src/lib/krb5/krb/gc_via_tkt.c @@ -167,33 +167,29 @@ krb5_get_cred_via_tkt (krb5_context context, krb5_creds *tkt, } krb5_error_code -krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, - krb5_flags kdcoptions, krb5_address *const *address, - krb5_pa_data **in_padata, - krb5_creds *in_cred, - krb5_error_code (*pacb_fct)(krb5_context, - krb5_keyblock *, - krb5_kdc_req *, - void *), - void *pacb_data, - krb5_pa_data ***out_padata, - krb5_pa_data ***out_enc_padata, - krb5_creds **out_cred, - krb5_keyblock **out_subkey) +krb5int_make_tgs_request(krb5_context context, + krb5_creds *tkt, + krb5_flags kdcoptions, + krb5_address *const *address, + krb5_pa_data **in_padata, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_data *request_data, + krb5_timestamp *timestamp, + krb5_int32 *nonce, + krb5_keyblock **subkey) { krb5_error_code retval; - krb5_kdc_rep *dec_rep; - krb5_error *err_reply; - krb5_response tgsrep; - krb5_enctype *enctypes = 0; - krb5_keyblock *subkey = NULL; - krb5_boolean s4u2self = FALSE, second_tkt; + krb5_enctype *enctypes = NULL; + krb5_boolean second_tkt; -#ifdef DEBUG_REFERRALS - printf("krb5_get_cred_via_tkt starting; referral flag is %s\n", kdcoptions&KDC_OPT_CANONICALIZE?"on":"off"); - krb5int_dbgref_dump_principal("krb5_get_cred_via_tkt requested ticket", in_cred->server); - krb5int_dbgref_dump_principal("krb5_get_cred_via_tkt TGT in use", tkt->server); -#endif + request_data->data = NULL; + *timestamp = 0; + *subkey = NULL; /* tkt->client must be equal to in_cred->client */ if (!krb5_principal_compare(context, tkt->client, in_cred->client)) @@ -202,74 +198,64 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, if (!tkt->ticket.length) return KRB5_NO_TKT_SUPPLIED; - second_tkt = ((kdcoptions & (KDC_OPT_ENC_TKT_IN_SKEY | KDC_OPT_CNAME_IN_ADDL_TKT)) != 0); - + second_tkt = ((kdcoptions & (KDC_OPT_ENC_TKT_IN_SKEY | + KDC_OPT_CNAME_IN_ADDL_TKT)) != 0); if (second_tkt && !in_cred->second_ticket.length) - return(KRB5_NO_2ND_TKT); - - s4u2self = krb5int_find_pa_data(context, in_padata, KRB5_PADATA_S4U_X509_USER) || - krb5int_find_pa_data(context, in_padata, KRB5_PADATA_FOR_USER); - - /* check if we have the right TGT */ - /* tkt->server must be equal to */ - /* krbtgt/realmof(cred->server)@realmof(tgt->server) */ -/* - { - krb5_principal tempprinc; - if (retval = krb5_tgtname(context, - krb5_princ_realm(context, in_cred->server), - krb5_princ_realm(context, tkt->server), &tempprinc)) - return(retval); - - if (!krb5_principal_compare(context, tempprinc, tkt->server)) { - krb5_free_principal(context, tempprinc); - return (KRB5_PRINC_NOMATCH); - } - krb5_free_principal(context, tempprinc); - } -*/ + return KRB5_NO_2ND_TKT; if (in_cred->keyblock.enctype) { - enctypes = (krb5_enctype *) malloc(sizeof(krb5_enctype)*2); - if (!enctypes) + enctypes = (krb5_enctype *)malloc(sizeof(krb5_enctype)*2); + if (enctypes == NULL) return ENOMEM; enctypes[0] = in_cred->keyblock.enctype; enctypes[1] = 0; } - retval = krb5int_send_tgs(context, kdcoptions, &in_cred->times, enctypes, - in_cred->server, address, in_cred->authdata, - in_padata, - second_tkt ? &in_cred->second_ticket : NULL, - tkt, pacb_fct, pacb_data, &tgsrep, &subkey); - if (enctypes) + retval = krb5int_make_tgs_request_ext(context, kdcoptions, &in_cred->times, + enctypes, in_cred->server, address, + in_cred->authdata, in_padata, + second_tkt ? + &in_cred->second_ticket : 0, + tkt, pacb_fct, pacb_data, + request_data, + timestamp, nonce, subkey); + if (enctypes != NULL) free(enctypes); - if (retval) { -#ifdef DEBUG_REFERRALS - printf("krb5_get_cred_via_tkt ending early after send_tgs with: %s\n", - error_message(retval)); -#endif - return retval; - } - - switch (tgsrep.message_type) { - case KRB5_TGS_REP: - break; - case KRB5_ERROR: - default: - if (krb5_is_krb_error(&tgsrep.response)) - retval = decode_krb5_error(&tgsrep.response, &err_reply); - else - retval = KRB5KRB_AP_ERR_MSG_TYPE; - if (retval) /* neither proper reply nor error! */ - goto error_4; + return retval; +} +krb5_error_code +krb5int_process_tgs_reply(krb5_context context, + krb5_data *response_data, + krb5_creds *tkt, + krb5_flags kdcoptions, + krb5_address *const *address, + krb5_pa_data **in_padata, + krb5_creds *in_cred, + krb5_timestamp timestamp, + krb5_int32 nonce, + krb5_keyblock *subkey, + krb5_pa_data ***out_padata, + krb5_pa_data ***out_enc_padata, + krb5_creds **out_cred) +{ + krb5_error_code retval; + krb5_kdc_rep *dec_rep = NULL; + krb5_error *err_reply = NULL; + krb5_boolean s4u2self; + + s4u2self = krb5int_find_pa_data(context, in_padata, + KRB5_PADATA_S4U_X509_USER) || + krb5int_find_pa_data(context, in_padata, + KRB5_PADATA_FOR_USER); + + if (krb5_is_krb_error(response_data)) { + retval = decode_krb5_error(response_data, &err_reply); + if (retval != 0) + goto cleanup; retval = (krb5_error_code) err_reply->error + ERROR_TABLE_BASE_krb5; if (err_reply->text.length > 0) { -#if 0 - const char *m; -#endif switch (err_reply->error) { case KRB_ERR_GENERIC: krb5_set_error_message(context, retval, @@ -280,7 +266,8 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, case KDC_ERR_S_PRINCIPAL_UNKNOWN: { char *s_name; - if (krb5_unparse_name(context, in_cred->server, &s_name) == 0) { + if (err_reply->server && + krb5_unparse_name(context, err_reply->server, &s_name) == 0) { krb5_set_error_message(context, retval, "Server %s not found in Kerberos database", s_name); @@ -291,45 +278,33 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, krb5_clear_error_message(context); } break; - default: -#if 0 /* We should stop the KDC from sending back this text, because - if the local language doesn't match the KDC's language, we'd - just wind up printing out the error message in two languages. - Well, when we get some localization. Which is already - happening in KfM. */ - m = error_message(retval); - /* Special case: MIT KDC may return this same string - in the e-text field. */ - if (strlen (m) == err_reply->text.length-1 - && !strcmp(m, err_reply->text.data)) - break; - krb5_set_error_message(context, retval, - "%s (KDC supplied additional data: %s)", - m, err_reply->text.data); -#endif - break; } } - krb5_free_error(context, err_reply); - goto error_4; + goto cleanup; + } else if (!krb5_is_tgs_rep(response_data)) { + retval = KRB5KRB_AP_ERR_MSG_TYPE; + goto cleanup; } /* Unfortunately, Heimdal at least up through 1.2 encrypts using the session key not the subsession key. So we try both. */ - if ((retval = krb5int_decode_tgs_rep(context, &tgsrep.response, - subkey, - KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY, &dec_rep))) { - if ((krb5int_decode_tgs_rep(context, &tgsrep.response, + retval = krb5int_decode_tgs_rep(context, response_data, + subkey, + KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY, + &dec_rep); + if (retval) { + if ((krb5int_decode_tgs_rep(context, response_data, &tkt->keyblock, KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY, &dec_rep)) == 0) retval = 0; - else goto error_4; + else + goto cleanup; } if (dec_rep->msg_type != KRB5_TGS_REP) { retval = KRB5KRB_AP_ERR_MSG_TYPE; - goto error_3; + goto cleanup; } /* @@ -358,7 +333,7 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, if (retval == 0) retval = check_reply_server(context, kdcoptions, in_cred, dec_rep); - if (dec_rep->enc_part2->nonce != tgsrep.expected_nonce) + if (dec_rep->enc_part2->nonce != nonce) retval = KRB5_KDCREP_MODIFIED; if ((kdcoptions & KDC_OPT_POSTDATED) && @@ -382,13 +357,13 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, retval = KRB5_KDCREP_MODIFIED; if (retval != 0) - goto error_3; + goto cleanup; if (!in_cred->times.starttime && !in_clock_skew(dec_rep->enc_part2->times.starttime, - tgsrep.request_time)) { + timestamp)) { retval = KRB5_KDCREP_SKEW; - goto error_3; + goto cleanup; } if (out_padata != NULL) { @@ -401,9 +376,103 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, } retval = krb5_kdcrep2creds(context, dec_rep, address, - &in_cred->second_ticket, out_cred); + &in_cred->second_ticket, out_cred); + if (retval != 0) + goto cleanup; + +cleanup: + if (dec_rep != NULL) { + memset(dec_rep->enc_part2->session->contents, 0, + dec_rep->enc_part2->session->length); + krb5_free_kdc_rep(context, dec_rep); + } + + return retval; +} + +krb5_error_code +krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, + krb5_flags kdcoptions, krb5_address *const *address, + krb5_pa_data **in_padata, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_pa_data ***out_padata, + krb5_pa_data ***out_enc_padata, + krb5_creds **out_cred, + krb5_keyblock **out_subkey) +{ + krb5_error_code retval; + krb5_data request_data; + krb5_data response_data; + krb5_timestamp timestamp; + krb5_int32 nonce; + krb5_keyblock *subkey = NULL; + int tcp_only = 0, use_master = 0; + + request_data.data = NULL; + request_data.length = 0; + response_data.data = NULL; + response_data.length = 0; + +#ifdef DEBUG_REFERRALS + printf("krb5_get_cred_via_tkt starting; referral flag is %s\n", kdcoptions&KDC_OPT_CANONICALIZE?"on":"off"); + krb5int_dbgref_dump_principal("krb5_get_cred_via_tkt requested ticket", in_cred->server); + krb5int_dbgref_dump_principal("krb5_get_cred_via_tkt TGT in use", tkt->server); +#endif + + retval = krb5int_make_tgs_request(context, tkt, kdcoptions, + address, in_padata, in_cred, + pacb_fct, pacb_data, + &request_data, ×tamp, &nonce, + &subkey); + if (retval != 0) + goto cleanup; + +send_again: + use_master = 0; + retval = krb5_sendto_kdc(context, &request_data, + krb5_princ_realm(context, in_cred->server), + &response_data, &use_master, tcp_only); + if (retval == 0) { + if (krb5_is_krb_error(&response_data)) { + if (!tcp_only) { + krb5_error *err_reply; + retval = decode_krb5_error(&response_data, &err_reply); + if (retval != 0) + goto cleanup; + if (err_reply->error == KRB_ERR_RESPONSE_TOO_BIG) { + tcp_only = 1; + krb5_free_error(context, err_reply); + krb5_free_data_contents(context, &response_data); + goto send_again; + } + krb5_free_error(context, err_reply); + } + } + } else + goto cleanup; + + retval = krb5int_process_tgs_reply(context, &response_data, + tkt, kdcoptions, address, + in_padata, in_cred, + timestamp, nonce, subkey, + out_padata, + out_enc_padata, out_cred); + if (retval != 0) + goto cleanup; + +cleanup: +#ifdef DEBUG_REFERRALS + printf("krb5_get_cred_via_tkt ending; %s\n", retval?error_message(retval):"no error"); +#endif + + krb5_free_data_contents(context, &request_data); + krb5_free_data_contents(context, &response_data); -error_3:; if (subkey != NULL) { if (retval == 0 && out_subkey != NULL) *out_subkey = subkey; @@ -411,14 +480,5 @@ error_3:; krb5_free_keyblock(context, subkey); } - memset(dec_rep->enc_part2->session->contents, 0, - dec_rep->enc_part2->session->length); - krb5_free_kdc_rep(context, dec_rep); - -error_4:; - free(tgsrep.response.data); -#ifdef DEBUG_REFERRALS - printf("krb5_get_cred_via_tkt ending; %s\n", retval?error_message(retval):"no error"); -#endif return retval; } diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index 15da288..15c67b8 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -34,6 +34,7 @@ #include "int-proto.h" #include "os-proto.h" #include "fast.h" +#include "init_creds_ctx.h" #if APPLE_PKINIT #define IN_TKT_DEBUG 0 @@ -544,6 +545,30 @@ tgt_is_local_realm(krb5_creds *tgt) && data_eq(tgt->server->realm, tgt->client->realm)); } +static krb5_error_code +request_enc_pa_rep(krb5_pa_data ***padptr) +{ + size_t size = 0; + krb5_pa_data **pad = *padptr; + krb5_pa_data *pa= NULL; + if (pad) + for (size=0; pad[size]; size++); + pad = realloc(pad, sizeof(*pad)*(size+2)); + + if (pad == NULL) + return ENOMEM; + pad[size+1] = NULL; + pa = malloc(sizeof(krb5_pa_data)); + if (pa == NULL) + return ENOMEM; + pa->contents = NULL; + pa->length = 0; + pa->pa_type = KRB5_ENCPADATA_REQ_ENC_PA_REP; + pad[size] = pa; + *padptr = pad; + return 0; +} + krb5_error_code KRB5_CALLCONV krb5_get_in_tkt(krb5_context context, krb5_flags options, @@ -1057,457 +1082,806 @@ build_in_tkt_name(krb5_context context, return ret; } +void KRB5_CALLCONV +krb5_init_creds_free(krb5_context context, + krb5_init_creds_context ctx) +{ + if (ctx == NULL) + return; + + if (ctx->opte != NULL && krb5_gic_opt_is_shadowed(ctx->opte)) { + krb5_get_init_creds_opt_free(context, + (krb5_get_init_creds_opt *)ctx->opte); + } + free(ctx->in_tkt_service); + zap(ctx->password.data, ctx->password.length); + krb5_free_data_contents(context, &ctx->password); + krb5_free_error(context, ctx->err_reply); + krb5_free_cred_contents(context, &ctx->cred); + krb5_free_kdc_req(context, ctx->request); + krb5_free_kdc_rep(context, ctx->reply); + krb5_free_data(context, ctx->encoded_request_body); + krb5_free_data(context, ctx->encoded_previous_request); + krb5int_fast_free_state(context, ctx->fast_state); + krb5_free_pa_data(context, ctx->preauth_to_use); + krb5_free_data_contents(context, &ctx->salt); + krb5_free_data_contents(context, &ctx->s2kparams); + krb5_free_keyblock_contents(context, &ctx->as_key); + free(ctx); +} + +static krb5_error_code +init_creds_get(krb5_context context, + krb5_init_creds_context ctx, + int *use_master) +{ + krb5_error_code code; + krb5_data request; + krb5_data reply; + krb5_data realm; + unsigned int flags = 0; + int tcp_only = 0; + + request.length = 0; + request.data = NULL; + reply.length = 0; + reply.data = NULL; + realm.length = 0; + realm.data = NULL; + + for (;;) { + code = krb5_init_creds_step(context, + ctx, + &reply, + &request, + &realm, + &flags); + if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only) + tcp_only = 1; + else if (code != 0 || (flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE)) + break; + + krb5_free_data_contents(context, &reply); + + code = krb5_sendto_kdc(context, &request, &realm, + &reply, use_master, tcp_only); + if (code != 0) + break; + + krb5_free_data_contents(context, &request); + krb5_free_data_contents(context, &realm); + } + + krb5_free_data_contents(context, &request); + krb5_free_data_contents(context, &reply); + krb5_free_data_contents(context, &realm); + + return code; +} + +/* Heimdal API */ krb5_error_code KRB5_CALLCONV -krb5_get_init_creds(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_prompter_fct prompter, - void *prompter_data, - krb5_deltat start_time, - char *in_tkt_service, - krb5_gic_opt_ext *options, - krb5_gic_get_as_key_fct gak_fct, - void *gak_data, - int *use_master, - krb5_kdc_rep **as_reply) +krb5_init_creds_get(krb5_context context, + krb5_init_creds_context ctx) { - krb5_error_code ret; - krb5_kdc_req request; - krb5_data *encoded_request_body, *encoded_previous_request; - krb5_pa_data **preauth_to_use, **kdc_padata; - int tempint; - char *tempstr; - krb5_deltat tkt_life; - krb5_deltat renew_life; - int loopcount; - krb5_data salt; - krb5_data s2kparams; - krb5_keyblock as_key, encrypting_key; - krb5_keyblock *strengthen_key = NULL; - krb5_error *err_reply; - krb5_kdc_rep *local_as_reply; - krb5_timestamp time_now; - krb5_enctype etype = 0; - krb5_preauth_client_rock get_data_rock; - int canon_flag = 0; - krb5_principal_data referred_client; - krb5_boolean retry = 0; - struct krb5int_fast_request_state *fast_state = NULL; - krb5_pa_data **out_padata = NULL; - - - /* initialize everything which will be freed at cleanup */ - - s2kparams.data = NULL; - s2kparams.length = 0; - request.server = NULL; - request.ktype = NULL; - request.addresses = NULL; - request.padata = NULL; - encoded_request_body = NULL; - encoded_previous_request = NULL; - preauth_to_use = NULL; - kdc_padata = NULL; - as_key.length = 0; - encrypting_key.length = 0; - encrypting_key.contents = NULL; - salt.length = 0; - salt.data = NULL; + int use_master = 0; - local_as_reply = 0; -#if APPLE_PKINIT - inTktDebug("krb5_get_init_creds top\n"); -#endif /* APPLE_PKINIT */ + return init_creds_get(context, ctx, &use_master); +} - err_reply = NULL; +krb5_error_code KRB5_CALLCONV +krb5_init_creds_get_creds(krb5_context context, + krb5_init_creds_context ctx, + krb5_creds *creds) +{ + if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0) + return KRB5_NO_TKT_SUPPLIED; - /* referred_client is used to rewrite the client realm for referrals */ - referred_client = *client; - referred_client.realm.data = NULL; - referred_client.realm.length = 0; - ret = krb5int_fast_make_state(context, &fast_state); - if (ret) + return krb5int_copy_creds_contents(context, &ctx->cred, creds); +} + +krb5_error_code KRB5_CALLCONV +krb5_init_creds_get_times(krb5_context context, + krb5_init_creds_context ctx, + krb5_ticket_times *times) +{ + if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0) + return KRB5_NO_TKT_SUPPLIED; + + *times = ctx->cred.times; + + return 0; +} + +krb5_error_code KRB5_CALLCONV +krb5_init_creds_get_error(krb5_context context, + krb5_init_creds_context ctx, + krb5_error **error) +{ + krb5_error_code code; + krb5_error *ret = NULL; + + *error = NULL; + + if (ctx->err_reply == NULL) + return 0; + + ret = k5alloc(sizeof(*ret), &code); + if (code != 0) + goto cleanup; + + ret->magic = KV5M_ERROR; + ret->ctime = ctx->err_reply->ctime; + ret->cusec = ctx->err_reply->cusec; + ret->susec = ctx->err_reply->susec; + ret->stime = ctx->err_reply->stime; + ret->error = ctx->err_reply->error; + + if (ctx->err_reply->client != NULL) { + code = krb5_copy_principal(context, ctx->err_reply->client, + &ret->client); + if (code != 0) + goto cleanup; + } + + code = krb5_copy_principal(context, ctx->err_reply->server, &ret->server); + if (code != 0) + goto cleanup; + + code = krb5int_copy_data_contents(context, &ctx->err_reply->text, + &ret->text); + if (code != 0) + goto cleanup; + + code = krb5int_copy_data_contents(context, &ctx->err_reply->e_data, + &ret->e_data); + if (code != 0) + goto cleanup; + + *error = ret; + +cleanup: + if (code != 0) + krb5_free_error(context, ret); + + return code; +} + +/** + * Throw away any state related to specific realm either at the beginning of a + * request, or when a realm changes, or when we start to use FAST after + * assuming we would not do so. + * + * @param padata padata from an error if an error from the realm we now expect + * to talk to caused the restart. Used to infer negotiation characteristics + * such as whether FAST is used. + */ +static krb5_error_code +restart_init_creds_loop(krb5_context context, krb5_init_creds_context ctx, + krb5_pa_data **padata) +{ + krb5_error_code code = 0; + unsigned char random_buf[4]; + krb5_data random_data; + if (ctx->preauth_to_use) { + krb5_free_pa_data(context, ctx->preauth_to_use); + ctx->preauth_to_use = NULL; + } + + if (ctx->fast_state) { + krb5int_fast_free_state(context, ctx->fast_state); + ctx->fast_state = NULL; + } + code = krb5int_fast_make_state(context, &ctx->fast_state); + if (code != 0) goto cleanup; + ctx->get_data_rock.fast_state = ctx->fast_state; + krb5_preauth_request_context_init(context); + if (ctx->encoded_request_body) { + krb5_free_data(context, ctx->encoded_request_body); + ctx->encoded_request_body = NULL; + } + if (ctx->opte && + (ctx->opte->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST)) { + if ((code = make_preauth_list(context, ctx->opte->preauth_list, + ctx->opte->preauth_list_length, + &ctx->preauth_to_use))) + goto cleanup; + } + /* Set the request nonce. */ + random_data.length = 4; + random_data.data = (char *)random_buf; + code = krb5_c_random_make_octets(context, &random_data); + if (code !=0) + goto cleanup; /* - * Set up the basic request structure + * See RT ticket 3196 at MIT. If we set the high bit, we may have + * compatibility problems with Heimdal, because we (incorrectly) encode + * this value as signed. */ - request.magic = KV5M_KDC_REQ; - request.msg_type = KRB5_AS_REQ; + ctx->request->nonce = 0x7fffffff & load_32_n(random_buf); + krb5_free_principal(context, ctx->request->server); + ctx->request->server = NULL; + + code = build_in_tkt_name(context, ctx->in_tkt_service, + ctx->request->client, + &ctx->request->server); + if (code != 0) + goto cleanup; - /* request.nonce is filled in when we send a request to the kdc */ - request.nonce = 0; + code = krb5_timeofday(context, &ctx->request_time); + if (code != 0) + goto cleanup; + + code = krb5int_fast_as_armor(context, ctx->fast_state, + ctx->opte, ctx->request); + if (code != 0) + goto cleanup; + if (krb5int_upgrade_to_fast_p(context, ctx->fast_state, padata)) { + code = krb5int_fast_as_armor(context, ctx->fast_state, + ctx->opte, ctx->request); + if (code != 0) + goto cleanup; + } + /* give the preauth plugins a chance to prep the request body */ + krb5_preauth_prepare_request(context, ctx->opte, ctx->request); + + ctx->request->from = krb5int_addint32(ctx->request_time, + ctx->start_time); + ctx->request->till = krb5int_addint32(ctx->request->from, + ctx->tkt_life); + + if (ctx->renew_life > 0) { + ctx->request->rtime = + krb5int_addint32(ctx->request->from, ctx->renew_life); + if (ctx->request->rtime < ctx->request->till) { + /* don't ask for a smaller renewable time than the lifetime */ + ctx->request->rtime = ctx->request->till; + } + ctx->request->kdc_options &= ~(KDC_OPT_RENEWABLE_OK); + } else + ctx->request->rtime = 0; + code = krb5int_fast_prep_req_body(context, ctx->fast_state, + ctx->request, + &ctx->encoded_request_body); + if (code != 0) + goto cleanup; +cleanup: + return code; +} + +krb5_error_code KRB5_CALLCONV +krb5_init_creds_init(krb5_context context, + krb5_principal client, + krb5_prompter_fct prompter, + void *data, + krb5_deltat start_time, + krb5_get_init_creds_opt *options, + krb5_init_creds_context *pctx) +{ + krb5_error_code code; + krb5_init_creds_context ctx; + int tmp; + char *str = NULL; + krb5_gic_opt_ext *opte; + + ctx = k5alloc(sizeof(*ctx), &code); + if (code != 0) + goto cleanup; + + ctx->request = k5alloc(sizeof(krb5_kdc_req), &code); + if (code != 0) + goto cleanup; + ctx->enc_pa_rep_permitted = 1; + code = krb5_copy_principal(context, client, &ctx->request->client); + if (code != 0) + goto cleanup; + + ctx->prompter = prompter; + ctx->prompter_data = data; + ctx->gak_fct = krb5_get_as_key_password; + ctx->gak_data = &ctx->password; + + ctx->request_time = 0; /* filled in later */ + ctx->start_time = start_time; + + if (options == NULL) { + code = krb5_get_init_creds_opt_alloc(context, &options); + if (code != 0) + goto cleanup; + } + + code = krb5int_gic_opt_to_opte(context, options, + &ctx->opte, 1, "krb5_init_creds_init"); + if (code != 0) + goto cleanup; - /* request.padata is filled in later */ + opte = ctx->opte; - request.kdc_options = context->kdc_default_options; + ctx->get_data_rock.magic = CLIENT_ROCK_MAGIC; + ctx->get_data_rock.etype = &ctx->etype; - /* forwardable */ + /* Initialise request parameters as per krb5_get_init_creds() */ + ctx->request->kdc_options = context->kdc_default_options; - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE)) - tempint = options->forwardable; - else if ((ret = krb5_libdefault_boolean(context, &client->realm, - KRB5_CONF_FORWARDABLE, &tempint)) == 0) + /* forwaradble */ + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE) + tmp = opte->forwardable; + else if (krb5_libdefault_boolean(context, &ctx->request->client->realm, + KRB5_CONF_FORWARDABLE, &tmp) == 0) ; else - tempint = 0; - if (tempint) - request.kdc_options |= KDC_OPT_FORWARDABLE; + tmp = 0; + if (tmp) + ctx->request->kdc_options |= KDC_OPT_FORWARDABLE; /* proxiable */ - - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE)) - tempint = options->proxiable; - else if ((ret = krb5_libdefault_boolean(context, &client->realm, - KRB5_CONF_PROXIABLE, &tempint)) == 0) + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE) + tmp = opte->proxiable; + else if (krb5_libdefault_boolean(context, &ctx->request->client->realm, + KRB5_CONF_PROXIABLE, &tmp) == 0) ; else - tempint = 0; - if (tempint) - request.kdc_options |= KDC_OPT_PROXIABLE; + tmp = 0; + if (tmp) + ctx->request->kdc_options |= KDC_OPT_PROXIABLE; /* canonicalize */ - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_CANONICALIZE)) - tempint = 1; - else if ((ret = krb5_libdefault_boolean(context, &client->realm, - KRB5_CONF_CANONICALIZE, &tempint)) == 0) + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_CANONICALIZE) + tmp = 1; + else if (krb5_libdefault_boolean(context, &ctx->request->client->realm, + KRB5_CONF_CANONICALIZE, &tmp) == 0) ; else - tempint = 0; - if (tempint) - request.kdc_options |= KDC_OPT_CANONICALIZE; + tmp = 0; + if (tmp) + ctx->request->kdc_options |= KDC_OPT_CANONICALIZE; /* allow_postdate */ - - if (start_time > 0) - request.kdc_options |= (KDC_OPT_ALLOW_POSTDATE|KDC_OPT_POSTDATED); + if (ctx->start_time > 0) + ctx->request->kdc_options |= KDC_OPT_ALLOW_POSTDATE | KDC_OPT_POSTDATED; /* ticket lifetime */ + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE) + ctx->tkt_life = options->tkt_life; + else if (krb5_libdefault_string(context, &ctx->request->client->realm, + KRB5_CONF_TICKET_LIFETIME, &str) == 0) { + code = krb5_string_to_deltat(str, &ctx->tkt_life); + if (code != 0) + goto cleanup; + free(str); + str = NULL; + } else + ctx->tkt_life = 24 * 60 * 60; /* previously hardcoded in kinit */ - if ((ret = krb5_timeofday(context, &request.from))) - goto cleanup; - request.from = krb5int_addint32(request.from, start_time); - - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE)) { - tkt_life = options->tkt_life; - } else if ((ret = krb5_libdefault_string(context, &client->realm, - KRB5_CONF_TICKET_LIFETIME, &tempstr)) - == 0) { - ret = krb5_string_to_deltat(tempstr, &tkt_life); - free(tempstr); - if (ret) { + /* renewable lifetime */ + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) + ctx->renew_life = options->renew_life; + else if (krb5_libdefault_string(context, &ctx->request->client->realm, + KRB5_CONF_RENEW_LIFETIME, &str) == 0) { + code = krb5_string_to_deltat(str, &ctx->renew_life); + if (code != 0) goto cleanup; - } + free(str); + str = NULL; + } else + ctx->renew_life = 0; + + if (ctx->renew_life > 0) + ctx->request->kdc_options |= KDC_OPT_RENEWABLE; + + /* enctypes */ + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { + ctx->request->ktype = + k5alloc((opte->etype_list_length * sizeof(krb5_enctype)), + &code); + if (code != 0) + goto cleanup; + ctx->request->nktypes = opte->etype_list_length; + memcpy(ctx->request->ktype, opte->etype_list, + ctx->request->nktypes * sizeof(krb5_enctype)); + } else if (krb5_get_default_in_tkt_ktypes(context, + &ctx->request->ktype) == 0) { + for (ctx->request->nktypes = 0; + ctx->request->ktype[ctx->request->nktypes] != ENCTYPE_NULL; + ctx->request->nktypes++) + ; } else { - /* this used to be hardcoded in kinit.c */ - tkt_life = 24*60*60; + /* there isn't any useful default here. */ + code = KRB5_CONFIG_ETYPE_NOSUPP; + goto cleanup; } - request.till = krb5int_addint32(request.from, tkt_life); - /* renewable lifetime */ - - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE)) { - renew_life = options->renew_life; - } else if ((ret = krb5_libdefault_string(context, &client->realm, - KRB5_CONF_RENEW_LIFETIME, &tempstr)) - == 0) { - ret = krb5_string_to_deltat(tempstr, &renew_life); - free(tempstr); - if (ret) { + /* addresess */ + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST) { + code = krb5_copy_addresses(context, opte->address_list, + &ctx->request->addresses); + if (code != 0) goto cleanup; - } + } else if (krb5_libdefault_boolean(context, &ctx->request->client->realm, + KRB5_CONF_NOADDRESSES, &tmp) != 0 + || tmp) { + ctx->request->addresses = NULL; } else { - renew_life = 0; + code = krb5_os_localaddr(context, &ctx->request->addresses); + if (code != 0) + goto cleanup; } - if (renew_life > 0) - request.kdc_options |= KDC_OPT_RENEWABLE; - if (renew_life > 0) { - request.rtime = krb5int_addint32(request.from, renew_life); - if (request.rtime < request.till) { - /* don't ask for a smaller renewable time than the lifetime */ - request.rtime = request.till; - } - /* we are already asking for renewable tickets so strip this option */ - request.kdc_options &= ~(KDC_OPT_RENEWABLE_OK); + if (opte->flags & KRB5_GET_INIT_CREDS_OPT_SALT) { + code = krb5int_copy_data_contents(context, opte->salt, &ctx->salt); + if (code != 0) + goto cleanup; } else { - request.rtime = 0; + ctx->salt.length = SALT_TYPE_AFS_LENGTH; + ctx->salt.data = NULL; } - /* client */ + code = restart_init_creds_loop(context, ctx, NULL); - request.client = client; + *pctx = ctx; - /* per referrals draft, enterprise principals imply canonicalization */ - canon_flag = ((request.kdc_options & KDC_OPT_CANONICALIZE) != 0) || - client->type == KRB5_NT_ENTERPRISE_PRINCIPAL; +cleanup: + if (code != 0) + krb5_init_creds_free(context, ctx); + if (str != NULL) + free(str); - /* service */ - if ((ret = build_in_tkt_name(context, in_tkt_service, - request.client, &request.server))) - goto cleanup; + return code; +} - krb5_preauth_request_context_init(context); +krb5_error_code KRB5_CALLCONV +krb5_init_creds_set_service(krb5_context context, + krb5_init_creds_context ctx, + const char *service) +{ + char *s; + s = strdup(service); + if (s == NULL) + return ENOMEM; - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST)) { - request.ktype = options->etype_list; - request.nktypes = options->etype_list_length; - } else if ((ret = krb5_get_default_in_tkt_ktypes(context, - &request.ktype)) == 0) { - for (request.nktypes = 0; - request.ktype[request.nktypes]; - request.nktypes++) - ; - } else { - /* there isn't any useful default here. ret is set from above */ - goto cleanup; - } + free(ctx->in_tkt_service); + ctx->in_tkt_service = s; - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST)) { - request.addresses = options->address_list; - } - /* it would be nice if this parsed out an address list, but - that would be work. */ - else if (((ret = krb5_libdefault_boolean(context, &client->realm, - KRB5_CONF_NOADDRESSES, &tempint)) != 0) - || (tempint == 1)) { - ; - } else { - if ((ret = krb5_os_localaddr(context, &request.addresses))) - goto cleanup; + krb5_preauth_request_context_fini(context); + return restart_init_creds_loop(context, ctx, NULL); +} + +static krb5_error_code +init_creds_validate_reply(krb5_context context, + krb5_init_creds_context ctx, + krb5_data *reply) +{ + krb5_error_code code; + krb5_error *error = NULL; + krb5_kdc_rep *as_reply = NULL; + + krb5_free_error(context, ctx->err_reply); + ctx->err_reply = NULL; + + krb5_free_kdc_rep(context, ctx->reply); + ctx->reply = NULL; + + if (krb5_is_krb_error(reply)) { + code = decode_krb5_error(reply, &error); + if (code != 0) + return code; + + assert(error != NULL); + + if (error->error == KRB_ERR_RESPONSE_TOO_BIG) { + krb5_free_error(context, error); + return KRB5KRB_ERR_RESPONSE_TOO_BIG; + } else { + ctx->err_reply = error; + return 0; + } } - request.authorization_data.ciphertext.length = 0; - request.authorization_data.ciphertext.data = 0; - request.unenc_authdata = 0; - request.second_ticket = 0; + /* + * Check to make sure it isn't a V4 reply. + */ + if (reply->length != 0 && !krb5_is_as_rep(reply)) { +/* these are in <kerberosIV/prot.h> as well but it isn't worth including. */ +#define V4_KRB_PROT_VERSION 4 +#define V4_AUTH_MSG_ERR_REPLY (5<<1) + /* check here for V4 reply */ + unsigned int t_switch; - /* set up the other state. */ + /* From v4 g_in_tkt.c: This used to be + switch (pkt_msg_type(rpkt) & ~1) { + but SCO 3.2v4 cc compiled that incorrectly. */ + t_switch = reply->data[1]; + t_switch &= ~1; - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST)) { - if ((ret = make_preauth_list(context, options->preauth_list, - options->preauth_list_length, - &preauth_to_use))) - goto cleanup; + if (t_switch == V4_AUTH_MSG_ERR_REPLY + && reply->data[0] == V4_KRB_PROT_VERSION) { + code = KRB5KRB_AP_ERR_V4_REPLY; + } else { + code = KRB5KRB_AP_ERR_MSG_TYPE; + } + return code; } - /* the salt is allocated from somewhere, unless it is from the caller, - then it is a reference */ + /* It must be a KRB_AS_REP message, or an bad returned packet */ + code = decode_krb5_as_rep(reply, &as_reply); + if (code != 0) + return code; - if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT)) { - salt = *options->salt; - } else { - salt.length = SALT_TYPE_AFS_LENGTH; - salt.data = NULL; + if (as_reply->msg_type != KRB5_AS_REP) { + krb5_free_kdc_rep(context, as_reply); + return KRB5KRB_AP_ERR_MSG_TYPE; } + ctx->reply = as_reply; + + return 0; +} + +static krb5_error_code +init_creds_step_request(krb5_context context, + krb5_init_creds_context ctx, + krb5_data *out) +{ + krb5_error_code code; - /* set the request nonce */ - if ((ret = krb5_timeofday(context, &time_now))) + if (ctx->loopcount >= MAX_IN_TKT_LOOPS) { + code = KRB5_GET_IN_TKT_LOOP; goto cleanup; - /* - * XXX we know they are the same size... and we should do - * something better than just the current time - */ - { - unsigned char random_buf[4]; - krb5_data random_data; - - random_data.length = 4; - random_data.data = (char *)random_buf; - if (krb5_c_random_make_octets(context, &random_data) == 0) - /* See RT ticket 3196 at MIT. If we set the high bit, we - may have compatibility problems with Heimdal, because - we (incorrectly) encode this value as signed. */ - request.nonce = 0x7fffffff & load_32_n(random_buf); - else - /* XXX Yuck. Old version. */ - request.nonce = (krb5_int32) time_now; } - ret = krb5int_fast_as_armor(context, fast_state, options, &request); - if (ret != 0) + + if (ctx->err_reply == NULL) { + /* either our first attempt, or retrying after PREAUTH_NEEDED */ + code = krb5_do_preauth(context, + ctx->request, + ctx->encoded_request_body, + ctx->encoded_previous_request, + ctx->preauth_to_use, + &ctx->request->padata, + &ctx->salt, + &ctx->s2kparams, + &ctx->etype, + &ctx->as_key, + ctx->prompter, + ctx->prompter_data, + ctx->gak_fct, + ctx->gak_data, + &ctx->get_data_rock, + ctx->opte); + if (code != 0) + goto cleanup; + } else { + if (ctx->preauth_to_use != NULL) { + /* + * Retry after an error other than PREAUTH_NEEDED, + * using e-data to figure out what to change. + */ + code = krb5_do_preauth_tryagain(context, + ctx->request, + ctx->encoded_request_body, + ctx->encoded_previous_request, + ctx->preauth_to_use, + &ctx->request->padata, + ctx->err_reply, + &ctx->salt, + &ctx->s2kparams, + &ctx->etype, + &ctx->as_key, + ctx->prompter, + ctx->prompter_data, + ctx->gak_fct, + ctx->gak_data, + &ctx->get_data_rock, + ctx->opte); + } else { + /* No preauth supplied, so can't query the plugins. */ + code = KRB5KRB_ERR_GENERIC; + } + if (code != 0) { + /* couldn't come up with anything better */ + code = ctx->err_reply->error + ERROR_TABLE_BASE_krb5; + goto cleanup; + } + } + + if (ctx->encoded_previous_request != NULL) { + krb5_free_data(context, ctx->encoded_previous_request); + ctx->encoded_previous_request = NULL; + } + if (ctx->request->padata) + ctx->sent_nontrivial_preauth = 1; + if (ctx->enc_pa_rep_permitted) + code = request_enc_pa_rep(&ctx->request->padata); + if (code) goto cleanup; - /* give the preauth plugins a chance to prep the request body */ - krb5_preauth_prepare_request(context, options, &request); - ret = krb5int_fast_prep_req_body(context, fast_state, - &request, &encoded_request_body); - if (ret) + code = krb5int_fast_prep_req(context, ctx->fast_state, + ctx->request, ctx->encoded_request_body, + encode_krb5_as_req, + &ctx->encoded_previous_request); + if (code != 0) goto cleanup; - get_data_rock.magic = CLIENT_ROCK_MAGIC; - get_data_rock.etype = &etype; - get_data_rock.fast_state = fast_state; + code = krb5int_copy_data_contents(context, + ctx->encoded_previous_request, + out); + if (code != 0) + goto cleanup; - /* now, loop processing preauth data and talking to the kdc */ - for (loopcount = 0; loopcount < MAX_IN_TKT_LOOPS; loopcount++) { - if (request.padata) { - krb5_free_pa_data(context, request.padata); - request.padata = NULL; - } - if (!err_reply) { - /* either our first attempt, or retrying after PREAUTH_NEEDED */ - if ((ret = krb5_do_preauth(context, - &request, - encoded_request_body, - encoded_previous_request, - preauth_to_use, &request.padata, - &salt, &s2kparams, &etype, &as_key, - prompter, prompter_data, - gak_fct, gak_data, - &get_data_rock, options))) - goto cleanup; - if (out_padata) { - krb5_free_pa_data(context, out_padata); - out_padata = NULL; - } - } else { - if (preauth_to_use != NULL) { - /* - * Retry after an error other than PREAUTH_NEEDED, - * using e-data to figure out what to change. - */ - ret = krb5_do_preauth_tryagain(context, - &request, - encoded_request_body, - encoded_previous_request, - preauth_to_use, &request.padata, - err_reply, - &salt, &s2kparams, &etype, - &as_key, - prompter, prompter_data, - gak_fct, gak_data, - &get_data_rock, options); - } else { - /* No preauth supplied, so can't query the plug-ins. */ - ret = KRB5KRB_ERR_GENERIC; - } - if (ret) { - /* couldn't come up with anything better */ - ret = err_reply->error + ERROR_TABLE_BASE_krb5; - } - krb5_free_error(context, err_reply); - err_reply = NULL; - if (ret) - goto cleanup; - } +cleanup: + return code; +} - if (encoded_previous_request != NULL) { - krb5_free_data(context, encoded_previous_request); - encoded_previous_request = NULL; - } - ret = krb5int_fast_prep_req(context, fast_state, - &request, encoded_request_body, - encode_krb5_as_req, &encoded_previous_request); - if (ret) - goto cleanup; +/* + * The control flow is complicated. In order to switch from non-FAST mode to + * FAST mode, we need to reset our pre-authentication state. FAST negotiation + * attempts to make sure we rarely have to do this. When FAST negotiation is + * working, we record whether FAST is available when we obtain an armor ticket; + * if so, we start out with FAST enabled . There are two complicated + * situations. + * + * First, if we get a PREAUTH_REQUIRED error including PADATA_FX_FAST back from + * a KDC in a case where we were not expecting to use FAST, and we have an + * armor ticket available, then we want to use FAST. That involves clearing + * out the pre-auth state, reinitializing the plugins and trying again with an + * armor key. + * + * Secondly, using the negotiation can cause problems with some older KDCs. + * Negotiation involves including a special padata item. Some KDCs, including + * MIT prior to 1.7, will return PREAUTH_FAILED rather than PREAUTH_REQUIRED in + * pre-authentication is required and unknown padata are included in the + * request. To make matters worse, these KDCs typically do not include a list + * of padata in PREAUTH_FAILED errors. So, if we get PREAUTH_FAILED and we + * generated no pre-authentication other than the negotiation then we want to + * retry without negotiation. In this case it is probably also desirable to + * retry with the preauth plugin state cleared. + * + * In all these cases we should not start over more than once. Control flow is + * managed by several variables. + * + * sent_nontrivial_preauth: if true, we sent preauth other than negotiation; + * no restart on PREAUTH_FAILED + * + * KRB5INT_FAST_ARMOR_AVAIL: fast_state_flag if desired we could generate + * armor; if not set, then we can't use FAST even if the KDC wants to. + * + * have_restarted: true if we've already restarted + */ +static krb5_boolean +negotiation_requests_restart(krb5_context context, krb5_init_creds_context ctx, + krb5_pa_data **padata) +{ + if (!ctx->have_restarted && + (krb5int_upgrade_to_fast_p(context, ctx->fast_state, padata) || + (ctx->err_reply->error == KDC_ERR_PREAUTH_FAILED && + !ctx->sent_nontrivial_preauth))) + return 1; + return 0; +} - err_reply = 0; - local_as_reply = 0; - if ((ret = send_as_request(context, encoded_previous_request, - krb5_princ_realm(context, request.client), &err_reply, - &local_as_reply, use_master))) - goto cleanup; +static krb5_error_code +init_creds_step_reply(krb5_context context, + krb5_init_creds_context ctx, + krb5_data *in) +{ + krb5_error_code code; + krb5_pa_data **padata = NULL; + krb5_pa_data **kdc_padata = NULL; + krb5_boolean retry = FALSE; + int canon_flag = 0; + krb5_keyblock *strengthen_key = NULL; + krb5_keyblock encrypting_key; + krb5_boolean fast_avail; - if (err_reply) { - ret = krb5int_fast_process_error(context, fast_state, &err_reply, - &out_padata, &retry); - if (ret !=0) - goto cleanup; - if (err_reply->error == KDC_ERR_PREAUTH_REQUIRED && retry) { - /* reset the list of preauth types to try */ - if (preauth_to_use) { - krb5_free_pa_data(context, preauth_to_use); - preauth_to_use = NULL; - } - preauth_to_use = out_padata; - out_padata = NULL; - krb5_free_error(context, err_reply); - err_reply = NULL; - ret = sort_krb5_padata_sequence(context, - &request.server->realm, - preauth_to_use); - if (ret) - goto cleanup; - /* continue to next iteration */ - } else if (canon_flag && err_reply->error == KDC_ERR_WRONG_REALM) { - if (err_reply->client == NULL || - err_reply->client->realm.length == 0) { - ret = KRB5KDC_ERR_WRONG_REALM; - krb5_free_error(context, err_reply); - goto cleanup; - } - /* Rewrite request.client with realm from error reply */ - if (referred_client.realm.data) { - krb5_free_data_contents(context, &referred_client.realm); - referred_client.realm.data = NULL; - } - ret = krb5int_copy_data_contents(context, - &err_reply->client->realm, - &referred_client.realm); - krb5_free_error(context, err_reply); - err_reply = NULL; - if (ret) - goto cleanup; - request.client = &referred_client; + encrypting_key.length = 0; + encrypting_key.contents = NULL; - krb5_free_principal(context, request.server); - request.server = NULL; + /* process previous KDC response */ + code = init_creds_validate_reply(context, ctx, in); + if (code != 0) + goto cleanup; - ret = build_in_tkt_name(context, in_tkt_service, - request.client, &request.server); - if (ret) - goto cleanup; - } else { - if (retry) { - /* continue to next iteration */ - } else { - /* error + no hints = give up */ - ret = (krb5_error_code) err_reply->error - + ERROR_TABLE_BASE_krb5; - krb5_free_error(context, err_reply); - goto cleanup; - } + /* per referrals draft, enterprise principals imply canonicalization */ + canon_flag = ((ctx->request->kdc_options & KDC_OPT_CANONICALIZE) != 0) || + ctx->request->client->type == KRB5_NT_ENTERPRISE_PRINCIPAL; + + if (ctx->err_reply != NULL) { + code = krb5int_fast_process_error(context, ctx->fast_state, + &ctx->err_reply, &padata, &retry); + if (code != 0) + goto cleanup; + if (negotiation_requests_restart(context, ctx, padata)) { + ctx->have_restarted = 1; + krb5_preauth_request_context_fini(context); + if ((ctx->fast_state->fast_state_flags & KRB5INT_FAST_DO_FAST) ==0) + ctx->enc_pa_rep_permitted = 0; + code = restart_init_creds_loop(context, ctx, padata); + krb5_free_error(context, ctx->err_reply); + ctx->err_reply = NULL; + } else if (ctx->err_reply->error == KDC_ERR_PREAUTH_REQUIRED && + retry) { + /* reset the list of preauth types to try */ + krb5_free_pa_data(context, ctx->preauth_to_use); + ctx->preauth_to_use = padata; + padata = NULL; + /* this will trigger a new call to krb5_do_preauth() */ + krb5_free_error(context, ctx->err_reply); + ctx->err_reply = NULL; + code = sort_krb5_padata_sequence(context, + &ctx->request->client->realm, + ctx->preauth_to_use); + + } else if (canon_flag && ctx->err_reply->error == KDC_ERR_WRONG_REALM) { + if (ctx->err_reply->client == NULL || + !krb5_princ_realm(context, ctx->err_reply->client)->length) { + code = KRB5KDC_ERR_WRONG_REALM; + goto cleanup; } - } else if (local_as_reply) { - break; + /* Rewrite request.client with realm from error reply */ + krb5_free_data_contents(context, &ctx->request->client->realm); + code = krb5int_copy_data_contents(context, + &ctx->err_reply->client->realm, + &ctx->request->client->realm); + /* this will trigger a new call to krb5_do_preauth() */ + krb5_free_error(context, ctx->err_reply); + ctx->err_reply = NULL; + krb5_preauth_request_context_fini(context); + /* Permit another negotiation based restart. */ + ctx->have_restarted = 0; + ctx->sent_nontrivial_preauth = 0; + code = restart_init_creds_loop(context, ctx, NULL); + if (code != 0) + goto cleanup; } else { - ret = KRB5KRB_AP_ERR_MSG_TYPE; - goto cleanup; + if (retry) { + code = 0; + } else { + /* error + no hints = give up */ + code = (krb5_error_code)ctx->err_reply->error + + ERROR_TABLE_BASE_krb5; + } } - } -#if APPLE_PKINIT - inTktDebug("krb5_get_init_creds done with send_as_request loop lc %d\n", - (int)loopcount); -#endif /* APPLE_PKINIT */ - if (loopcount == MAX_IN_TKT_LOOPS) { - ret = KRB5_GET_IN_TKT_LOOP; + /* Return error code, or continue with next iteration */ goto cleanup; } + /* We have a response. Process it. */ + assert(ctx->reply != NULL); + /* process any preauth data in the as_reply */ krb5_clear_preauth_context_use_counts(context); - ret = krb5int_fast_process_response(context, fast_state, - local_as_reply, &strengthen_key); - if (ret) + code = krb5int_fast_process_response(context, ctx->fast_state, + ctx->reply, &strengthen_key); + if (code != 0) goto cleanup; - if ((ret = sort_krb5_padata_sequence(context, &request.server->realm, - local_as_reply->padata))) + + code = sort_krb5_padata_sequence(context, &ctx->request->client->realm, + ctx->reply->padata); + if (code != 0) goto cleanup; - etype = local_as_reply->enc_part.enctype; - if ((ret = krb5_do_preauth(context, - &request, - encoded_request_body, encoded_previous_request, - local_as_reply->padata, &kdc_padata, - &salt, &s2kparams, &etype, &as_key, prompter, - prompter_data, gak_fct, gak_data, - &get_data_rock, options))) { -#if APPLE_PKINIT - inTktDebug("krb5_get_init_creds krb5_do_preauth returned %d\n", (int)ret); -#endif /* APPLE_PKINIT */ + + ctx->etype = ctx->reply->enc_part.enctype; + + code = krb5_do_preauth(context, + ctx->request, + ctx->encoded_request_body, + ctx->encoded_previous_request, + ctx->reply->padata, + &kdc_padata, + &ctx->salt, + &ctx->s2kparams, + &ctx->etype, + &ctx->as_key, + ctx->prompter, + ctx->prompter_data, + ctx->gak_fct, + ctx->gak_data, + &ctx->get_data_rock, + ctx->opte); + if (code != 0) goto cleanup; - } /* * If we haven't gotten a salt from another source yet, set up one @@ -1519,9 +1893,9 @@ krb5_get_init_creds(krb5_context context, * salt. local_as_reply->client will be checked later on in * verify_as_reply. */ - if (salt.length == SALT_TYPE_AFS_LENGTH && salt.data == NULL) { - ret = krb5_principal2salt(context, local_as_reply->client, &salt); - if (ret) + if (ctx->salt.length == SALT_TYPE_AFS_LENGTH && ctx->salt.data == NULL) { + code = krb5_principal2salt(context, ctx->reply->client, &ctx->salt); + if (code != 0) goto cleanup; } @@ -1537,113 +1911,224 @@ krb5_get_init_creds(krb5_context context, it. If decrypting the as_rep fails, or if there isn't an as_key at all yet, then use the gak_fct to get one, and try again. */ - if (as_key.length) { - ret = krb5int_fast_reply_key(context, strengthen_key, &as_key, - &encrypting_key); - if (ret) + if (ctx->as_key.length) { + code = krb5int_fast_reply_key(context, strengthen_key, &ctx->as_key, + &encrypting_key); + if (code != 0) goto cleanup; - ret = decrypt_as_reply(context, NULL, local_as_reply, NULL, - NULL, &encrypting_key, krb5_kdc_rep_decrypt_proc, - NULL); + code = decrypt_as_reply(context, NULL, ctx->reply, NULL, NULL, + &encrypting_key, krb5_kdc_rep_decrypt_proc, + NULL); } else - ret = -1; + code = -1; - if (ret) { + if (code != 0) { /* if we haven't get gotten a key, get it now */ - - if ((ret = ((*gak_fct)(context, request.client, - local_as_reply->enc_part.enctype, - prompter, prompter_data, &salt, &s2kparams, - &as_key, gak_data)))) + code = (*ctx->gak_fct)(context, ctx->request->client, + ctx->reply->enc_part.enctype, + ctx->prompter, ctx->prompter_data, + &ctx->salt, &ctx->s2kparams, + &ctx->as_key, ctx->gak_data); + if (code != 0) goto cleanup; - ret = krb5int_fast_reply_key(context, strengthen_key, &as_key, - &encrypting_key); - if (ret) + code = krb5int_fast_reply_key(context, strengthen_key, &ctx->as_key, + &encrypting_key); + if (code != 0) goto cleanup; - if ((ret = decrypt_as_reply(context, NULL, local_as_reply, NULL, - NULL, &encrypting_key, krb5_kdc_rep_decrypt_proc, - NULL))) + + code = decrypt_as_reply(context, NULL, ctx->reply, NULL, NULL, + &encrypting_key, krb5_kdc_rep_decrypt_proc, + NULL); + if (code != 0) goto cleanup; } - if ((ret = verify_as_reply(context, time_now, &request, local_as_reply))) + code = krb5int_fast_verify_nego(context, ctx->fast_state, + ctx->reply, ctx->encoded_previous_request, + &encrypting_key, &fast_avail); + if (code) + goto cleanup; + code = verify_as_reply(context, ctx->request_time, + ctx->request, ctx->reply); + if (code != 0) goto cleanup; - /* XXX this should be inside stash_as_reply, but as long as - get_in_tkt is still around using that arg as an in/out, I can't - do that */ - memset(creds, 0, sizeof(*creds)); - - if ((ret = stash_as_reply(context, time_now, &request, local_as_reply, - creds, NULL))) + code = stash_as_reply(context, ctx->request_time, ctx->request, + ctx->reply, &ctx->cred, NULL); + if (code != 0) goto cleanup; + if (ctx->opte && ctx->opte->opt_private->out_ccache) { + krb5_ccache out_ccache = ctx->opte->opt_private->out_ccache; + krb5_data config_data; + code = krb5_cc_initialize(context, out_ccache, ctx->cred.client); + if (code != 0) + goto cc_cleanup; + code = krb5_cc_store_cred(context, out_ccache, &ctx->cred); + if (code != 0) + goto cc_cleanup; + if (fast_avail) { + config_data.data = "yes"; + config_data.length = strlen(config_data.data); + code = krb5_cc_set_config(context, out_ccache, ctx->cred.server, + KRB5_CONF_FAST_AVAIL, &config_data); + } + cc_cleanup: + if (code !=0) { + const char *msg; + msg = krb5_get_error_message(context, code); + krb5_set_error_message(context, code, + "%s while storing credentials", msg); + krb5_free_error_message(context, msg); + } + } + + krb5_preauth_request_context_fini(context); /* success */ + code = 0; + ctx->flags |= KRB5_INIT_CREDS_STEP_FLAG_COMPLETE; + +cleanup: + krb5_free_pa_data(context, padata); + krb5_free_pa_data(context, kdc_padata); + krb5_free_keyblock(context, strengthen_key); + krb5_free_keyblock_contents(context, &encrypting_key); + + return code; +} + +/* + * Do next step of credentials acquisition. + * + * On success returns 0 or KRB5KRB_ERR_RESPONSE_TOO_BIG if the request + * should be sent with TCP. + */ +krb5_error_code KRB5_CALLCONV +krb5_init_creds_step(krb5_context context, + krb5_init_creds_context ctx, + krb5_data *in, + krb5_data *out, + krb5_data *realm, + unsigned int *flags) +{ + krb5_error_code code = 0, code2; + + *flags = 0; + + out->data = NULL; + out->length = 0; + + realm->data = NULL; + realm->length = 0; + + if (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) + goto cleanup; + + if (in->length != 0) { + code = init_creds_step_reply(context, ctx, in); + if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG) { + code2 = krb5int_copy_data_contents(context, + ctx->encoded_previous_request, + out); + if (code2 != 0) { + code = code2; + goto cleanup; + } + goto copy_realm; + } + if (code != 0 || (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE)) + goto cleanup; + } - ret = 0; + code = init_creds_step_request(context, ctx, out); + if (code != 0) + goto cleanup; + + /* Only a new request increments the loop count, not a TCP retry */ + ctx->loopcount++; + +copy_realm: + assert(ctx->request->server != NULL); + + code2 = krb5int_copy_data_contents(context, + &ctx->request->server->realm, + realm); + if (code2 != 0) { + code = code2; + goto cleanup; + } cleanup: - if (ret != 0) { + if (code == KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN) { char *client_name; - /* See if we can produce a more detailed error message. */ - switch (ret) { - case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN: - client_name = NULL; - if (krb5_unparse_name(context, client, &client_name) == 0) { - krb5_set_error_message(context, ret, - "Client '%s' not found in Kerberos database", - client_name); - free(client_name); - } - break; - default: - break; + + /* See if we can produce a more detailed error message */ + code2 = krb5_unparse_name(context, ctx->request->client, &client_name); + if (code2 == 0) { + krb5_set_error_message(context, code, + "Client '%s' not found in Kerberos database", + client_name); + krb5_free_unparsed_name(context, client_name); } } - krb5_preauth_request_context_fini(context); - krb5_free_keyblock(context, strengthen_key); - if (encrypting_key.contents) - krb5_free_keyblock_contents(context, &encrypting_key); - if (fast_state) - krb5int_fast_free_state(context, fast_state); - if (out_padata) - krb5_free_pa_data(context, out_padata); - if (encoded_previous_request != NULL) { - krb5_free_data(context, encoded_previous_request); - encoded_previous_request = NULL; + + *flags = (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE); + + return code; +} + +krb5_error_code KRB5_CALLCONV +krb5int_get_init_creds(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_deltat start_time, + char *in_tkt_service, + krb5_get_init_creds_opt *options, + krb5_gic_get_as_key_fct gak_fct, + void *gak_data, + int *use_master, + krb5_kdc_rep **as_reply) +{ + krb5_error_code code; + krb5_init_creds_context ctx = NULL; + + code = krb5_init_creds_init(context, + client, + prompter, + prompter_data, + start_time, + options, + &ctx); + if (code != 0) + goto cleanup; + + ctx->gak_fct = gak_fct; + ctx->gak_data = gak_data; + + if (in_tkt_service) { + code = krb5_init_creds_set_service(context, ctx, in_tkt_service); + if (code != 0) + goto cleanup; } - if (encoded_request_body != NULL) { - krb5_free_data(context, encoded_request_body); - encoded_request_body = NULL; + + code = init_creds_get(context, ctx, use_master); + if (code != 0) + goto cleanup; + + code = krb5_init_creds_get_creds(context, ctx, creds); + if (code != 0) + goto cleanup; + + if (as_reply != NULL) { + *as_reply = ctx->reply; + ctx->reply = NULL; } - if (request.server) - krb5_free_principal(context, request.server); - if (request.ktype && - (!(options && (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST)))) - free(request.ktype); - if (request.addresses && - (!(options && - (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST)))) - krb5_free_addresses(context, request.addresses); - if (preauth_to_use) - krb5_free_pa_data(context, preauth_to_use); - if (kdc_padata) - krb5_free_pa_data(context, kdc_padata); - if (request.padata) - krb5_free_pa_data(context, request.padata); - if (as_key.length) - krb5_free_keyblock_contents(context, &as_key); - if (salt.data && - (!(options && (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT)))) - free(salt.data); - krb5_free_data_contents(context, &s2kparams); - if (as_reply) - *as_reply = local_as_reply; - else if (local_as_reply) - krb5_free_kdc_rep(context, local_as_reply); - if (referred_client.realm.data) - krb5_free_data_contents(context, &referred_client.realm); - return(ret); +cleanup: + krb5_init_creds_free(context, ctx); + + return code; } diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c index ab064eb..c4c6d32 100644 --- a/src/lib/krb5/krb/gic_keytab.c +++ b/src/lib/krb5/krb/gic_keytab.c @@ -27,18 +27,18 @@ #ifndef LEAN_CLIENT #include "k5-int.h" +#include "init_creds_ctx.h" static krb5_error_code -krb5_get_as_key_keytab( - krb5_context context, - krb5_principal client, - krb5_enctype etype, - krb5_prompter_fct prompter, - void *prompter_data, - krb5_data *salt, - krb5_data *params, - krb5_keyblock *as_key, - void *gak_data) +get_as_key_keytab(krb5_context context, + krb5_principal client, + krb5_enctype etype, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_data *salt, + krb5_data *params, + krb5_keyblock *as_key, + void *gak_data) { krb5_keytab keytab = (krb5_keytab) gak_data; krb5_error_code ret; @@ -78,6 +78,17 @@ krb5_get_as_key_keytab( } krb5_error_code KRB5_CALLCONV +krb5_init_creds_set_keytab(krb5_context context, + krb5_init_creds_context ctx, + krb5_keytab keytab) +{ + ctx->gak_fct = get_as_key_keytab; + ctx->gak_data = keytab; + + return 0; +} + +krb5_error_code KRB5_CALLCONV krb5_get_init_creds_keytab(krb5_context context, krb5_creds *creds, krb5_principal client, @@ -89,7 +100,6 @@ krb5_get_init_creds_keytab(krb5_context context, krb5_error_code ret, ret2; int use_master; krb5_keytab keytab; - krb5_gic_opt_ext *opte = NULL; if (arg_keytab == NULL) { if ((ret = krb5_kt_default(context, &keytab))) @@ -98,19 +108,14 @@ krb5_get_init_creds_keytab(krb5_context context, keytab = arg_keytab; } - ret = krb5int_gic_opt_to_opte(context, options, &opte, 1, - "krb5_get_init_creds_keytab"); - if (ret) - return ret; - use_master = 0; /* first try: get the requested tkt from any kdc */ - ret = krb5_get_init_creds(context, creds, client, NULL, NULL, - start_time, in_tkt_service, opte, - krb5_get_as_key_keytab, (void *) keytab, - &use_master,NULL); + ret = krb5int_get_init_creds(context, creds, client, NULL, NULL, + start_time, in_tkt_service, options, + get_as_key_keytab, (void *) keytab, + &use_master,NULL); /* check for success */ @@ -128,10 +133,10 @@ krb5_get_init_creds_keytab(krb5_context context, if (!use_master) { use_master = 1; - ret2 = krb5_get_init_creds(context, creds, client, NULL, NULL, - start_time, in_tkt_service, opte, - krb5_get_as_key_keytab, (void *) keytab, - &use_master, NULL); + ret2 = krb5int_get_init_creds(context, creds, client, NULL, NULL, + start_time, in_tkt_service, options, + get_as_key_keytab, (void *) keytab, + &use_master, NULL); if (ret2 == 0) { ret = 0; @@ -153,8 +158,6 @@ krb5_get_init_creds_keytab(krb5_context context, do any prompting or changing for keytabs, that's it. */ cleanup: - if (opte && krb5_gic_opt_is_shadowed(opte)) - krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte); if (arg_keytab == NULL) krb5_kt_close(context, keytab); @@ -168,13 +171,13 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, krb5_creds *creds, krb5_kdc_rep **ret_as_reply) { krb5_error_code retval; - krb5_gic_opt_ext *opte; + krb5_get_init_creds_opt *opts; char * server = NULL; krb5_keytab keytab; krb5_principal client_princ, server_princ; int use_master = 0; - retval = krb5int_populate_gic_opt(context, &opte, + retval = krb5int_populate_gic_opt(context, &opts, options, addrs, ktypes, pre_auth_types, creds); if (retval) @@ -183,7 +186,7 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, if (arg_keytab == NULL) { retval = krb5_kt_default(context, &keytab); if (retval) - return retval; + goto cleanup; } else keytab = arg_keytab; @@ -192,14 +195,12 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, goto cleanup; server_princ = creds->server; client_princ = creds->client; - retval = krb5_get_init_creds (context, - creds, creds->client, - krb5_prompter_posix, NULL, - 0, server, opte, - krb5_get_as_key_keytab, (void *)keytab, - &use_master, ret_as_reply); + retval = krb5int_get_init_creds(context, creds, creds->client, + krb5_prompter_posix, NULL, + 0, server, opts, + get_as_key_keytab, (void *)keytab, + &use_master, ret_as_reply); krb5_free_unparsed_name( context, server); - krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte); if (retval) { goto cleanup; } @@ -212,7 +213,9 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, if (ccache) if ((retval = krb5_cc_store_cred(context, ccache, creds))) goto cleanup; -cleanup: if (arg_keytab == NULL) +cleanup: + krb5_get_init_creds_opt_free(context, opts); + if (arg_keytab == NULL) krb5_kt_close(context, keytab); return retval; } diff --git a/src/lib/krb5/krb/gic_opt.c b/src/lib/krb5/krb/gic_opt.c index bff4539..f4cfd92 100644 --- a/src/lib/krb5/krb/gic_opt.c +++ b/src/lib/krb5/krb/gic_opt.c @@ -149,6 +149,8 @@ krb5int_gic_opte_private_free(krb5_context context, krb5_gic_opt_ext *opte) free_gic_opt_ext_preauth_data(context, opte); if (opte->opt_private->fast_ccache_name) free(opte->opt_private->fast_ccache_name); + if (opte->opt_private->out_ccache) + krb5_cc_close(context, opte->opt_private->out_ccache); free(opte->opt_private); opte->opt_private = NULL; return 0; @@ -486,3 +488,59 @@ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_ccache_name retval = ENOMEM; return retval; } + +krb5_error_code KRB5_CALLCONV +krb5_get_init_creds_opt_set_out_ccache(krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_ccache ccache) +{ + krb5_error_code retval = 0; + krb5_gic_opt_ext *opte; + + retval = krb5int_gic_opt_to_opte(context, opt, &opte, 0, + "krb5_get_init_creds_opt_set_out_ccache"); + if (retval) + return retval; + if (opte->opt_private->out_ccache) { + krb5_cc_close(context, opte->opt_private->out_ccache); + opte->opt_private->out_ccache = NULL; + } + retval = krb5_cc_resolve(context, krb5_cc_get_name(context, ccache), + &opte->opt_private->out_ccache); + return retval; +} + +krb5_error_code KRB5_CALLCONV +krb5_get_init_creds_opt_set_fast_flags(krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_flags flags) +{ + krb5_error_code retval = 0; + krb5_gic_opt_ext *opte; + + retval = krb5int_gic_opt_to_opte(context, opt, &opte, 0, + "krb5_get_init_creds_opt_set_fast_flags"); + if (retval) + return retval; + opte->opt_private->fast_flags = flags; + return retval; +} + +krb5_error_code KRB5_CALLCONV +krb5_get_init_creds_opt_get_fast_flags(krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_flags *out_flags) +{ + krb5_error_code retval = 0; + krb5_gic_opt_ext *opte; + if (out_flags == NULL) + return EINVAL; + *out_flags = 0; + retval = krb5int_gic_opt_to_opte(context, opt, &opte, 0, + "krb5_get_init_creds_opt_get_fast_flags"); + if (retval) + return retval; + *out_flags = opte->opt_private->fast_flags; + return retval; +} + diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index 84e5b49..eac2afb 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -1,8 +1,9 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "k5-int.h" #include "com_err.h" +#include "init_creds_ctx.h" -static krb5_error_code +krb5_error_code krb5_get_as_key_password( krb5_context context, krb5_principal client, @@ -39,7 +40,7 @@ krb5_get_as_key_password( } } - if (password->data[0] == '\0') { + if (password->length == 0 || password->data[0] == '\0') { if (prompter == NULL) return(EIO); @@ -83,6 +84,30 @@ krb5_get_as_key_password( } krb5_error_code KRB5_CALLCONV +krb5_init_creds_set_password(krb5_context context, + krb5_init_creds_context ctx, + const char *password) +{ + char *s; + + s = strdup(password); + if (s == NULL) + return ENOMEM; + + if (ctx->password.data != NULL) { + zap(ctx->password.data, ctx->password.length); + krb5_free_data_contents(context, &ctx->password); + } + + ctx->password.data = s; + ctx->password.length = strlen(s); + ctx->gak_fct = krb5_get_as_key_password; + ctx->gak_data = &ctx->password; + + return 0; +} + +krb5_error_code KRB5_CALLCONV krb5_get_init_creds_password(krb5_context context, krb5_creds *creds, krb5_principal client, @@ -103,8 +128,6 @@ krb5_get_init_creds_password(krb5_context context, char banner[1024], pw0array[1024], pw1array[1024]; krb5_prompt prompt[2]; krb5_prompt_type prompt_types[sizeof(prompt)/sizeof(prompt[0])]; - krb5_gic_opt_ext *opte = NULL; - krb5_gic_opt_ext *chpw_opte = NULL; use_master = 0; as_reply = NULL; @@ -127,17 +150,12 @@ krb5_get_init_creds_password(krb5_context context, pw1.data[0] = '\0'; pw1.length = sizeof(pw1array); - ret = krb5int_gic_opt_to_opte(context, options, &opte, 1, - "krb5_get_init_creds_password"); - if (ret) - goto cleanup; - /* first try: get the requested tkt from any kdc */ - ret = krb5_get_init_creds(context, creds, client, prompter, data, - start_time, in_tkt_service, opte, - krb5_get_as_key_password, (void *) &pw0, - &use_master, &as_reply); + ret = krb5int_get_init_creds(context, creds, client, prompter, data, + start_time, in_tkt_service, options, + krb5_get_as_key_password, (void *) &pw0, + &use_master, &as_reply); /* check for success */ @@ -162,10 +180,10 @@ krb5_get_init_creds_password(krb5_context context, krb5_free_kdc_rep( context, as_reply); as_reply = NULL; } - ret2 = krb5_get_init_creds(context, creds, client, prompter, data, - start_time, in_tkt_service, opte, - krb5_get_as_key_password, (void *) &pw0, - &use_master, &as_reply); + ret2 = krb5int_get_init_creds(context, creds, client, prompter, data, + start_time, in_tkt_service, options, + krb5_get_as_key_password, (void *) &pw0, + &use_master, &as_reply); if (ret2 == 0) { ret = 0; @@ -216,16 +234,12 @@ krb5_get_init_creds_password(krb5_context context, krb5_get_init_creds_opt_set_renew_life(chpw_opts, 0); krb5_get_init_creds_opt_set_forwardable(chpw_opts, 0); krb5_get_init_creds_opt_set_proxiable(chpw_opts, 0); - ret = krb5int_gic_opt_to_opte(context, chpw_opts, &chpw_opte, 0, - "krb5_get_init_creds_password (changing password)"); - if (ret) - goto cleanup; - if ((ret = krb5_get_init_creds(context, &chpw_creds, client, - prompter, data, - start_time, "kadmin/changepw", chpw_opte, - krb5_get_as_key_password, (void *) &pw0, - &use_master, NULL))) + if ((ret = krb5int_get_init_creds(context, &chpw_creds, client, + prompter, data, + start_time, "kadmin/changepw", chpw_opts, + krb5_get_as_key_password, (void *) &pw0, + &use_master, NULL))) goto cleanup; prompt[0].prompt = "Enter new password"; @@ -313,10 +327,10 @@ krb5_get_init_creds_password(krb5_context context, from the master. this is the last try. the return from this is final. */ - ret = krb5_get_init_creds(context, creds, client, prompter, data, - start_time, in_tkt_service, opte, - krb5_get_as_key_password, (void *) &pw0, - &use_master, &as_reply); + ret = krb5int_get_init_creds(context, creds, client, prompter, data, + start_time, in_tkt_service, options, + krb5_get_as_key_password, (void *) &pw0, + &use_master, &as_reply); cleanup: krb5int_set_prompt_types(context, 0); @@ -397,8 +411,6 @@ cleanup: if (chpw_opts) krb5_get_init_creds_opt_free(context, chpw_opts); - if (opte && krb5_gic_opt_is_shadowed(opte)) - krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte); memset(pw0array, 0, sizeof(pw0array)); memset(pw1array, 0, sizeof(pw1array)); krb5_free_cred_contents(context, &chpw_creds); @@ -409,7 +421,7 @@ cleanup: } krb5_error_code -krb5int_populate_gic_opt(krb5_context context, krb5_gic_opt_ext **opte, +krb5int_populate_gic_opt(krb5_context context, krb5_get_init_creds_opt **out, krb5_flags options, krb5_address *const *addrs, krb5_enctype *ktypes, krb5_preauthtype *pre_auth_types, krb5_creds *creds) @@ -419,7 +431,7 @@ krb5int_populate_gic_opt(krb5_context context, krb5_gic_opt_ext **opte, krb5_get_init_creds_opt *opt; krb5_error_code retval; - *opte = NULL; + *out = NULL; retval = krb5_get_init_creds_opt_alloc(context, &opt); if (retval) return(retval); @@ -449,8 +461,8 @@ krb5int_populate_gic_opt(krb5_context context, krb5_gic_opt_ext **opte, if (creds->times.starttime) starttime = creds->times.starttime; krb5_get_init_creds_opt_set_tkt_life(opt, creds->times.endtime - starttime); } - return krb5int_gic_opt_to_opte(context, opt, opte, 0, - "krb5int_populate_gic_opt"); + *out = opt; + return 0; cleanup: krb5_get_init_creds_opt_free(context, opt); return retval; @@ -489,7 +501,7 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, char * server; krb5_principal server_princ, client_princ; int use_master = 0; - krb5_gic_opt_ext *opte = NULL; + krb5_get_init_creds_opt *opts = NULL; pw0.data = pw0array; if (password && password[0]) { @@ -500,26 +512,25 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, pw0.data[0] = '\0'; pw0.length = sizeof(pw0array); } - retval = krb5int_populate_gic_opt(context, &opte, + retval = krb5int_populate_gic_opt(context, &opts, options, addrs, ktypes, pre_auth_types, creds); if (retval) return (retval); retval = krb5_unparse_name( context, creds->server, &server); if (retval) { - krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte); + krb5_get_init_creds_opt_free(context, opts); return (retval); } server_princ = creds->server; client_princ = creds->client; - retval = krb5_get_init_creds (context, - creds, creds->client, - krb5_prompter_posix, NULL, - 0, server, opte, - krb5_get_as_key_password, &pw0, - &use_master, ret_as_reply); + retval = krb5int_get_init_creds(context, creds, creds->client, + krb5_prompter_posix, NULL, + 0, server, opts, + krb5_get_as_key_password, &pw0, + &use_master, ret_as_reply); krb5_free_unparsed_name( context, server); - krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte); + krb5_get_init_creds_opt_free(context, opts); if (retval) { return (retval); } diff --git a/src/lib/krb5/krb/init_creds_ctx.h b/src/lib/krb5/krb/init_creds_ctx.h new file mode 100644 index 0000000..1d41a44 --- /dev/null +++ b/src/lib/krb5/krb/init_creds_ctx.h @@ -0,0 +1,51 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ + +#ifndef KRB5_INIT_CREDS_CONTEXT +#define KRB5_INIT_CREDS_CONTEXT 1 + +struct _krb5_init_creds_context { + krb5_gic_opt_ext *opte; + char *in_tkt_service; + krb5_prompter_fct prompter; + void *prompter_data; + krb5_gic_get_as_key_fct gak_fct; + void *gak_data; + krb5_timestamp request_time; + krb5_deltat start_time; + krb5_deltat tkt_life; + krb5_deltat renew_life; + unsigned int flags; + unsigned int loopcount; + krb5_data password; + krb5_error *err_reply; + krb5_creds cred; + krb5_kdc_req *request; + krb5_kdc_rep *reply; + krb5_data *encoded_request_body; + krb5_data *encoded_previous_request; + struct krb5int_fast_request_state *fast_state; + krb5_pa_data **preauth_to_use; + krb5_data salt; + krb5_data s2kparams; + krb5_keyblock as_key; + krb5_enctype etype; + krb5_preauth_client_rock get_data_rock; + krb5_boolean enc_pa_rep_permitted; + krb5_boolean have_restarted; + krb5_boolean sent_nontrivial_preauth; +}; + +#define KRB5_INIT_CREDS_STEP_FLAG_COMPLETE 0x1 + +krb5_error_code +krb5_get_as_key_password(krb5_context context, + krb5_principal client, + krb5_enctype etype, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_data *salt, + krb5_data *params, + krb5_keyblock *as_key, + void *gak_data); + +#endif /* !KRB5_INIT_CREDS_CONTEXT */ diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 8667897..6ffee90 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -61,9 +61,6 @@ #include "../krb5_libinit.h" #endif -/* This must be the largest enctype value defined in krb5.h. */ -#define MAX_ENCTYPE ENCTYPE_ARCFOUR_HMAC_EXP - /* The des-mdX entries are last for now, because it's easy to configure KDCs to issue TGTs with des-mdX keys and then not accept them. This'll be fixed, but for better compatibility, let's prefer @@ -347,33 +344,50 @@ krb5_set_default_tgs_ktypes(krb5_context context, const krb5_enctype *etypes) } /* - * Add etype to, or remove etype from, list (of size MAX_ENCTYPE + 1) - * which has *count entries. Filter out weak enctypes if allow_weak - * is false. + * Add etype to, or remove etype from, the zero-terminated list *list_ptr, + * reallocating if the list size changes. Filter out weak enctypes if + * allow_weak is false. If memory allocation fails, set *list_ptr to NULL and + * do nothing for subsequent operations. */ static void mod_list(krb5_enctype etype, krb5_boolean add, krb5_boolean allow_weak, - krb5_enctype *list, unsigned int *count) + krb5_enctype **list_ptr) { - unsigned int i; + size_t i; + krb5_enctype *list = *list_ptr; - assert(etype > 0 && etype <= MAX_ENCTYPE); - if (!allow_weak && krb5int_c_weak_enctype(etype)) + /* Stop now if a previous allocation failed or the enctype is filtered. */ + if (list == NULL || (!allow_weak && krb5int_c_weak_enctype(etype))) return; - for (i = 0; i < *count; i++) { - if (list[i] == etype) { - if (!add) { - for (; i < *count - 1; i++) - list[i] = list[i + 1]; - (*count)--; - } - return; - } - } if (add) { - assert(*count < MAX_ENCTYPE); - list[(*count)++] = etype; + /* Count entries; do nothing if etype is a duplicate. */ + for (i = 0; list[i] != 0; i++) { + if (list[i] == etype) + return; + } + /* Make room for the new entry and add it. */ + list = realloc(list, (i + 2) * sizeof(krb5_enctype)); + if (list != NULL) { + list[i] = etype; + list[i + 1] = 0; + } + } else { + /* Look for etype in the list. */ + for (i = 0; list[i] != 0; i++) { + if (list[i] != etype) + continue; + /* Perform removal. */ + for (; list[i + 1] != 0; i++) + list[i] = list[i + 1]; + list[i] = 0; + list = realloc(list, (i + 1) * sizeof(krb5_enctype)); + break; + } } + /* Update *list_ptr, freeing the old value if realloc failed. */ + if (list == NULL) + free(*list_ptr); + *list_ptr = list; } /* @@ -386,11 +400,16 @@ krb5int_parse_enctype_list(krb5_context context, char *profstr, { char *token, *delim = " \t\r\n,", *save = NULL; krb5_boolean sel, weak = context->allow_weak_crypto; - krb5_enctype etype, list[MAX_ENCTYPE]; - unsigned int i, count = 0; + krb5_enctype etype, *list; + unsigned int i; *result = NULL; + /* Set up an empty list. Allocation failure is detected at the end. */ + list = malloc(sizeof(krb5_enctype)); + if (list != NULL) + list[0] = 0; + /* Walk through the words in profstr. */ for (token = strtok_r(profstr, delim, &save); token; token = strtok_r(NULL, delim, &save)) { @@ -402,26 +421,28 @@ krb5int_parse_enctype_list(krb5_context context, char *profstr, if (strcasecmp(token, "DEFAULT") == 0) { /* Set all enctypes in the default list. */ for (i = 0; default_list[i]; i++) - mod_list(default_list[i], sel, weak, list, &count); + mod_list(default_list[i], sel, weak, &list); } else if (strcasecmp(token, "des") == 0) { - mod_list(ENCTYPE_DES_CBC_CRC, sel, weak, list, &count); - mod_list(ENCTYPE_DES_CBC_MD5, sel, weak, list, &count); - mod_list(ENCTYPE_DES_CBC_MD4, sel, weak, list, &count); + mod_list(ENCTYPE_DES_CBC_CRC, sel, weak, &list); + mod_list(ENCTYPE_DES_CBC_MD5, sel, weak, &list); + mod_list(ENCTYPE_DES_CBC_MD4, sel, weak, &list); } else if (strcasecmp(token, "des3") == 0) { - mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, list, &count); + mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list); } else if (strcasecmp(token, "aes") == 0) { - mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, list, &count); - mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, list, &count); + mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list); + mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list); } else if (strcasecmp(token, "rc4") == 0) { - mod_list(ENCTYPE_ARCFOUR_HMAC, sel, weak, list, &count); + mod_list(ENCTYPE_ARCFOUR_HMAC, sel, weak, &list); } else if (krb5_string_to_enctype(token, &etype) == 0) { /* Set a specific enctype. */ - mod_list(etype, sel, weak, list, &count); + mod_list(etype, sel, weak, &list); } } - list[count] = 0; - return copy_enctypes(context, list, result); + if (list == NULL) + return ENOMEM; + *result = list; + return 0; } /* diff --git a/src/lib/krb5/krb/int-proto.h b/src/lib/krb5/krb/int-proto.h index 44ea69d..47555d6 100644 --- a/src/lib/krb5/krb/int-proto.h +++ b/src/lib/krb5/krb/int-proto.h @@ -85,6 +85,59 @@ krb5_get_cred_via_tkt_ext (krb5_context context, krb5_creds *tkt, krb5_creds **out_cred, krb5_keyblock **out_subkey); +krb5_error_code +krb5int_make_tgs_request_ext(krb5_context context, + krb5_flags kdcoptions, + const krb5_ticket_times *timestruct, + const krb5_enctype *ktypes, + krb5_const_principal sname, + krb5_address *const *addrs, + krb5_authdata *const *authorization_data, + krb5_pa_data *const *padata, + const krb5_data *second_ticket, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_data *request_data, + krb5_timestamp *timestamp, + krb5_int32 *nonce, + krb5_keyblock **subkey); + +krb5_error_code +krb5int_make_tgs_request(krb5_context context, + krb5_creds *tkt, + krb5_flags kdcoptions, + krb5_address *const *address, + krb5_pa_data **in_padata, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_data *request_data, + krb5_timestamp *timestamp, + krb5_int32 *nonce, + krb5_keyblock **subkey); + +krb5_error_code +krb5int_process_tgs_reply(krb5_context context, + krb5_data *response_data, + krb5_creds *tkt, + krb5_flags kdcoptions, + krb5_address *const *address, + krb5_pa_data **in_padata, + krb5_creds *in_cred, + krb5_timestamp timestamp, + krb5_int32 nonce, + krb5_keyblock *subkey, + krb5_pa_data ***out_padata, + krb5_pa_data ***out_enc_padata, + krb5_creds **out_cred); + krb5_error_code krb5int_send_tgs(krb5_context, krb5_flags, const krb5_ticket_times *, const krb5_enctype *, diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index 95f04e9..c0f9f83 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -181,17 +181,7 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, &(*auth_context)->local_seq_number))) goto cleanup; - /* generate subkey if needed */ - if (!in_data &&(*auth_context)->checksum_func) { - retval = (*auth_context)->checksum_func( context, - *auth_context, - (*auth_context)->checksum_func_data, - &in_data); - if (retval) - goto cleanup; - } - if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->send_subkey)) { retval = krb5int_generate_and_save_subkey (context, *auth_context, &in_creds->keyblock, @@ -201,8 +191,16 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, } - if (in_data) { + if (!in_data && (*auth_context)->checksum_func) { + retval = (*auth_context)->checksum_func( context, + *auth_context, + (*auth_context)->checksum_func_data, + &in_data); + if (retval) + goto cleanup; + } + if (in_data) { if ((*auth_context)->req_cksumtype == 0x8003) { /* XXX Special hack for GSSAPI */ checksum.checksum_type = 0x8003; diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index e9e5839..8b9cd36 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -526,25 +526,25 @@ krb5_preauth_prepare_request(krb5_context kcontext, * hasn't had a chance to run yet (INFO modules don't count, because as a rule * they don't generate preauth data), and run it. */ static krb5_error_code -krb5_run_preauth_plugins(krb5_context kcontext, - int module_required_flags, - krb5_kdc_req *request, - krb5_data *encoded_request_body, - krb5_data *encoded_previous_request, - krb5_pa_data *in_padata, - krb5_prompter_fct prompter, - void *prompter_data, - preauth_get_as_key_proc gak_fct, - krb5_data *salt, - krb5_data *s2kparams, - void *gak_data, - krb5_preauth_client_rock *get_data_rock, - krb5_keyblock *as_key, - krb5_pa_data ***out_pa_list, - int *out_pa_list_size, - int *module_ret, - int *module_flags, - krb5_gic_opt_ext *opte) +run_preauth_plugins(krb5_context kcontext, + int module_required_flags, + krb5_kdc_req *request, + krb5_data *encoded_request_body, + krb5_data *encoded_previous_request, + krb5_pa_data *in_padata, + krb5_prompter_fct prompter, + void *prompter_data, + preauth_get_as_key_proc gak_fct, + krb5_data *salt, + krb5_data *s2kparams, + void *gak_data, + krb5_preauth_client_rock *get_data_rock, + krb5_keyblock *as_key, + krb5_pa_data ***out_pa_list, + int *out_pa_list_size, + int *module_ret, + int *module_flags, + krb5_gic_opt_ext *opte) { int i; krb5_pa_data **out_pa_data; @@ -1052,19 +1052,19 @@ pa_sam(krb5_context context, krb5_kdc_req *request, krb5_pa_data *in_padata, #define kdcPkinitDebug(args...) #endif -static krb5_error_code pa_pkinit_gen_req( - krb5_context context, - krb5_kdc_req *request, - krb5_pa_data *in_padata, - krb5_pa_data **out_padata, - krb5_data *salt, - krb5_data *s2kparams, - krb5_enctype *etype, - krb5_keyblock *as_key, - krb5_prompter_fct prompter, - void *prompter_data, - krb5_gic_get_as_key_fct gak_fct, - void *gak_data) +static krb5_error_code +pa_pkinit_gen_req(krb5_context context, + krb5_kdc_req *request, + krb5_pa_data *in_padata, + krb5_pa_data **out_padata, + krb5_data *salt, + krb5_data *s2kparams, + krb5_enctype *etype, + krb5_keyblock *as_key, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_gic_get_as_key_fct gak_fct, + void *gak_data) { krb5_error_code krtn; krb5_data out_data = {0, 0, NULL}; @@ -1196,10 +1196,10 @@ cleanup: * the KDC certificate as valid if its hash matches the * realm. */ -static krb5_boolean local_kdc_cert_match( - krb5_context context, - krb5_data *signer_cert, - krb5_principal client) +static krb5_boolean +local_kdc_cert_match(krb5_context context, + krb5_data *signer_cert, + krb5_principal client) { static const char lkdcprefix[] = "LKDC:SHA1."; krb5_boolean match = FALSE; @@ -1226,19 +1226,19 @@ static krb5_boolean local_kdc_cert_match( return match; } -static krb5_error_code pa_pkinit_parse_rep( - krb5_context context, - krb5_kdc_req *request, - krb5_pa_data *in_padata, - krb5_pa_data **out_padata, - krb5_data *salt, - krb5_data *s2kparams, - krb5_enctype *etype, - krb5_keyblock *as_key, - krb5_prompter_fct prompter, - void *prompter_data, - krb5_gic_get_as_key_fct gak_fct, - void *gak_data) +static krb5_error_code +pa_pkinit_parse_rep(krb5_context context, + krb5_kdc_req *request, + krb5_pa_data *in_padata, + krb5_pa_data **out_padata, + krb5_data *salt, + krb5_data *s2kparams, + krb5_enctype *etype, + krb5_keyblock *as_key, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_gic_get_as_key_fct gak_fct, + void *gak_data) { krb5int_cert_sig_status sig_status = (krb5int_cert_sig_status)-999; krb5_error_code krtn; @@ -2055,24 +2055,24 @@ krb5_do_preauth(krb5_context context, fprintf (stderr, "trying modules for pa_type %d, flag %d\n", in_padata[i]->pa_type, paorder[h]); #endif - ret = krb5_run_preauth_plugins(context, - paorder[h], - request, - encoded_request_body, - encoded_previous_request, - in_padata[i], - prompter, - prompter_data, - gak_fct, - salt, s2kparams, - gak_data, - get_data_rock, - as_key, - &out_pa_list, - &out_pa_list_size, - &module_ret, - &module_flags, - opte); + ret = run_preauth_plugins(context, + paorder[h], + request, + encoded_request_body, + encoded_previous_request, + in_padata[i], + prompter, + prompter_data, + gak_fct, + salt, s2kparams, + gak_data, + get_data_rock, + as_key, + &out_pa_list, + &out_pa_list_size, + &module_ret, + &module_flags, + opte); if (ret == 0) { if (module_ret == 0) { if (paorder[h] == PA_REAL) { diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index adfa4de..a20eb4c 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -62,9 +62,9 @@ * returns system errors, encryption errors, replay errors */ -static krb5_error_code decrypt_authenticator -(krb5_context, const krb5_ap_req *, krb5_authenticator **, - int); +static krb5_error_code +decrypt_authenticator(krb5_context, const krb5_ap_req *, + krb5_authenticator **, int); static krb5_error_code decode_etype_list(krb5_context context, const krb5_authenticator *authp, @@ -79,24 +79,10 @@ negotiate_etype(krb5_context context, int permitted_etypes_len, krb5_enctype *negotiated_etype); -krb5_error_code -krb5int_check_clockskew(krb5_context context, krb5_timestamp date) -{ - krb5_timestamp currenttime; - krb5_error_code retval; - - retval = krb5_timeofday(context, ¤ttime); - if (retval) - return retval; - if (!(labs((date)-currenttime) < context->clockskew)) - return KRB5KRB_AP_ERR_SKEW; - return 0; -} - static krb5_error_code -krb5_rd_req_decrypt_tkt_part(krb5_context context, const krb5_ap_req *req, - krb5_const_principal server, krb5_keytab keytab, - krb5_keyblock *key) +rd_req_decrypt_tkt_part(krb5_context context, const krb5_ap_req *req, + krb5_const_principal server, krb5_keytab keytab, + krb5_keyblock *key) { krb5_error_code retval; krb5_keytab_entry ktent; @@ -209,19 +195,19 @@ debug_log_authz_data(const char *which, krb5_authdata **a) #endif static krb5_error_code -krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, - const krb5_ap_req *req, krb5_const_principal server, - krb5_keytab keytab, krb5_flags *ap_req_options, - krb5_ticket **ticket, int check_valid_flag) +rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, + const krb5_ap_req *req, krb5_const_principal server, + krb5_keytab keytab, krb5_flags *ap_req_options, + krb5_ticket **ticket, int check_valid_flag) { krb5_error_code retval = 0; - krb5_principal_data princ_data; + krb5_principal_data princ_data; krb5_enctype *desired_etypes = NULL; int desired_etypes_len = 0; int rfc4537_etypes_len = 0; krb5_enctype *permitted_etypes = NULL; int permitted_etypes_len = 0; - krb5_keyblock decrypt_key; + krb5_keyblock decrypt_key; decrypt_key.enctype = ENCTYPE_NULL; decrypt_key.contents = NULL; @@ -255,9 +241,9 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, krb5_k_free_key(context, (*auth_context)->key); (*auth_context)->key = NULL; } else { - if ((retval = krb5_rd_req_decrypt_tkt_part(context, req, - server, keytab, - check_valid_flag ? &decrypt_key : NULL))) + if ((retval = rd_req_decrypt_tkt_part(context, req, + server, keytab, + check_valid_flag ? &decrypt_key : NULL))) goto cleanup; } @@ -291,8 +277,7 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, && ((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) && server) { if ((retval = krb5_get_server_rcache(context, - krb5_princ_component(context, - server,0), + krb5_princ_component(context,server,0), &(*auth_context)->rcache))) goto cleanup; } @@ -353,8 +338,7 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, if (trans->tr_contents.data && trans->tr_contents.data[0]) { retval = krb5_check_transited_list(context, &(trans->tr_contents), realm, - krb5_princ_realm (context, - server)); + krb5_princ_realm (context,server)); } } @@ -568,10 +552,10 @@ krb5_rd_req_decoded(krb5_context context, krb5_auth_context *auth_context, krb5_ticket **ticket) { krb5_error_code retval; - retval = krb5_rd_req_decoded_opt(context, auth_context, - req, server, keytab, - ap_req_options, ticket, - 1); /* check_valid_flag */ + retval = rd_req_decoded_opt(context, auth_context, + req, server, keytab, + ap_req_options, ticket, + 1); /* check_valid_flag */ return retval; } @@ -583,10 +567,10 @@ krb5_rd_req_decoded_anyflag(krb5_context context, krb5_flags *ap_req_options, krb5_ticket **ticket) { krb5_error_code retval; - retval = krb5_rd_req_decoded_opt(context, auth_context, - req, server, keytab, - ap_req_options, ticket, - 0); /* don't check_valid_flag */ + retval = rd_req_decoded_opt(context, auth_context, + req, server, keytab, + ap_req_options, ticket, + 0); /* don't check_valid_flag */ return retval; } diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c index 4733865..c0c9fe2 100644 --- a/src/lib/krb5/krb/s4u_creds.c +++ b/src/lib/krb5/krb/s4u_creds.c @@ -66,7 +66,6 @@ s4u_identify_user(krb5_context context, krb5_creds creds; int use_master = 0; krb5_get_init_creds_opt *opts = NULL; - krb5_gic_opt_ext *opte = NULL; krb5_principal_data client_data; krb5_principal client; krb5_s4u_userid userid; @@ -98,10 +97,6 @@ s4u_identify_user(krb5_context context, krb5_get_init_creds_opt_set_proxiable(opts, 0); krb5_get_init_creds_opt_set_canonicalize(opts, 1); krb5_get_init_creds_opt_set_preauth_list(opts, ptypes, 1); - code = krb5int_gic_opt_to_opte(context, opts, &opte, - 0, "s4u_identify_user"); - if (code != 0) - goto cleanup; if (in_creds->client != NULL) client = in_creds->client; @@ -115,10 +110,10 @@ s4u_identify_user(krb5_context context, client = &client_data; } - code = krb5_get_init_creds(context, &creds, client, - NULL, NULL, 0, NULL, opte, - krb5_get_as_key_noop, &userid, - &use_master, NULL); + code = krb5int_get_init_creds(context, &creds, client, + NULL, NULL, 0, NULL, opts, + krb5_get_as_key_noop, &userid, + &use_master, NULL); if (code == 0 || code == KDC_ERR_PREAUTH_REQUIRED || code == KDC_ERR_PREAUTH_FAILED) { diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index bee982b..2baba8a 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -148,19 +148,27 @@ cleanup: * The pacb_fct callback allows the caller access to the nonce * and request subkey, for binding preauthentication data */ + krb5_error_code -krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions, - const krb5_ticket_times *timestruct, const krb5_enctype *ktypes, - krb5_const_principal sname, krb5_address *const *addrs, - krb5_authdata *const *authorization_data, - krb5_pa_data *const *padata, const krb5_data *second_ticket, - krb5_creds *in_cred, - krb5_error_code (*pacb_fct)(krb5_context, - krb5_keyblock *, - krb5_kdc_req *, - void *), - void *pacb_data, - krb5_response *rep, krb5_keyblock **subkey) +krb5int_make_tgs_request_ext(krb5_context context, + krb5_flags kdcoptions, + const krb5_ticket_times *timestruct, + const krb5_enctype *ktypes, + krb5_const_principal sname, + krb5_address *const *addrs, + krb5_authdata *const *authorization_data, + krb5_pa_data *const *padata, + const krb5_data *second_ticket, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_data *request_data, + krb5_timestamp *timestamp, + krb5_int32 *nonce, + krb5_keyblock **subkey) { krb5_error_code retval; krb5_kdc_req tgsreq; @@ -170,7 +178,6 @@ krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions, krb5_timestamp time_now; krb5_pa_data **combined_padata = NULL; krb5_pa_data ap_req_padata; - int tcp_only = 0, use_master; krb5_keyblock *local_subkey = NULL; assert (subkey != NULL); @@ -195,10 +202,8 @@ krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions, if ((retval = krb5_timeofday(context, &time_now))) return(retval); /* XXX we know they are the same size... */ - rep->expected_nonce = tgsreq.nonce = (krb5_int32) time_now; - rep->request_time = time_now; - rep->message_type = KRB5_ERROR; /*caller only uses the response - * element on successful return*/ + *nonce = tgsreq.nonce = (krb5_int32)time_now; + *timestamp = time_now; tgsreq.addresses = (krb5_address **) addrs; @@ -332,38 +337,9 @@ krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions, krb5_free_pa_data(context, tgsreq.padata); tgsreq.padata = NULL; -send_again: - use_master = 0; - retval = krb5_sendto_kdc(context, scratch, - krb5_princ_realm(context, sname), - &rep->response, &use_master, tcp_only); - if (retval == 0) { - if (krb5_is_krb_error(&rep->response)) { - if (!tcp_only) { - krb5_error *err_reply; - retval = decode_krb5_error(&rep->response, &err_reply); - if (retval) - goto send_tgs_error_3; - if (err_reply->error == KRB_ERR_RESPONSE_TOO_BIG) { - tcp_only = 1; - krb5_free_error(context, err_reply); - free(rep->response.data); - rep->response.data = NULL; - goto send_again; - } - krb5_free_error(context, err_reply); - send_tgs_error_3: - ; - } - rep->message_type = KRB5_ERROR; - } else if (krb5_is_tgs_rep(&rep->response)) { - rep->message_type = KRB5_TGS_REP; - *subkey = local_subkey; - } else /* XXX: assume it's an error */ - rep->message_type = KRB5_ERROR; - } - - krb5_free_data(context, scratch); + *request_data = *scratch; + free(scratch); + scratch = NULL; send_tgs_error_2:; if (tgsreq.padata) @@ -379,9 +355,86 @@ send_tgs_error_1:; tgsreq.authorization_data.ciphertext.length); free(tgsreq.authorization_data.ciphertext.data); } - if (rep->message_type != KRB5_TGS_REP && local_subkey){ - krb5_free_keyblock(context, *subkey); + + if (retval) + krb5_free_keyblock(context, local_subkey); + else + *subkey = local_subkey; + + return retval; + +} + +krb5_error_code +krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions, + const krb5_ticket_times *timestruct, + const krb5_enctype *ktypes, + krb5_const_principal sname, krb5_address *const *addrs, + krb5_authdata *const *authorization_data, + krb5_pa_data *const *padata, const krb5_data *second_ticket, + krb5_creds *in_cred, + krb5_error_code (*pacb_fct)(krb5_context, + krb5_keyblock *, + krb5_kdc_req *, + void *), + void *pacb_data, + krb5_response *rep, krb5_keyblock **subkey_out) +{ + krb5_error_code retval; + krb5_data request; + int tcp_only = 0, use_master; + krb5_timestamp now; + krb5_int32 nonce; + krb5_keyblock *subkey; + krb5_error *err_reply = NULL; + krb5_ui_4 err; + + *subkey_out = NULL; + rep->message_type = KRB5_ERROR; + + retval = krb5int_make_tgs_request_ext(context, kdcoptions, timestruct, + ktypes, sname, addrs, + authorization_data, padata, + second_ticket, in_cred, + pacb_fct, pacb_data, &request, &now, + &nonce, &subkey); + if (retval != 0) + return retval; + + rep->expected_nonce = nonce; + rep->request_time = now; + + for (tcp_only = 0; tcp_only <= 1; tcp_only++) { + use_master = 0; + retval = krb5_sendto_kdc(context, &request, + krb5_princ_realm(context, sname), + &rep->response, &use_master, tcp_only); + if (retval != 0) + break; + + if (krb5_is_tgs_rep(&rep->response)) { + /* Successful response; set the output subkey. */ + rep->message_type = KRB5_TGS_REP; + *subkey_out = subkey; + subkey = NULL; + break; + } else if (krb5_is_krb_error(&rep->response) && !tcp_only) { + /* Decode the error response to extract the code. */ + retval = decode_krb5_error(&rep->response, &err_reply); + err = (retval == 0) ? err_reply->error : 0; + krb5_free_error(context, err_reply); + if (err == KRB_ERR_RESPONSE_TOO_BIG) { + /* Try again with TCP. */ + krb5_free_data_contents(context, &rep->response); + continue; + } + } + /* Unexpected message type, or an error other than RESPONSE_TOO_BIG. */ + rep->message_type = KRB5_ERROR; + break; } + krb5_free_data_contents(context, &request); + krb5_free_keyblock(context, subkey); return retval; } diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c index 2b9beeb..f71e7a9 100644 --- a/src/lib/krb5/krb/vfy_increds.c +++ b/src/lib/krb5/krb/vfy_increds.c @@ -3,7 +3,8 @@ #include "int-proto.h" static krb5_error_code -krb5_cc_copy_creds_except(krb5_context context, krb5_ccache incc, krb5_ccache outcc, krb5_principal princ) +copy_creds_except(krb5_context context, krb5_ccache incc, + krb5_ccache outcc, krb5_principal princ) { krb5_error_code code; krb5_flags flags; @@ -117,8 +118,7 @@ krb5_verify_init_creds(krb5_context context, } else if (krb5_libdefault_boolean(context, &creds->client->realm, KRB5_CONF_VERIFY_AP_REQ_NOFAIL, - &nofail) - == 0) { + &nofail) == 0) { if (nofail) goto cleanup; } @@ -129,8 +129,9 @@ krb5_verify_init_creds(krb5_context context, krb5_kt_free_entry(context, &kte); - /* If the creds are for the server principal, we're set, just do - a mk_req. Otherwise, do a get_credentials first. */ + /* If the creds are for the server principal, we're set, just do a mk_req. + * Otherwise, do a get_credentials first. + */ if (krb5_principal_compare(context, server, creds->server)) { /* make an ap_req */ @@ -199,21 +200,22 @@ krb5_verify_init_creds(krb5_context context, if ((ret = krb5_cc_resolve(context, "MEMORY:rd_req2", &retcc)) || (ret = krb5_cc_initialize(context, retcc, creds->client)) || - (ret = krb5_cc_copy_creds_except(context, ccache, retcc, - creds->server))) { + (ret = copy_creds_except(context, ccache, retcc, + creds->server))) { if (retcc) krb5_cc_destroy(context, retcc); } else { *ccache_arg = retcc; } } else { - ret = krb5_cc_copy_creds_except(context, ccache, *ccache_arg, - server); + ret = copy_creds_except(context, ccache, *ccache_arg, + server); } } - /* if any of the above paths returned an errors, then ret is set - accordingly. either that, or it's zero, which is fine, too */ + /* if any of the above paths returned an errors, then ret is set accordingly. + * Either that, or it's zero, which is fine, too + */ cleanup: if ( server) diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index 8ef3a9d..a1dfd94 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -53,6 +53,7 @@ encode_krb5_as_rep encode_krb5_as_req encode_krb5_authdata encode_krb5_authenticator +encode_krb5_checksum encode_krb5_cred encode_krb5_enc_cred_part encode_krb5_enc_data @@ -119,14 +120,17 @@ krb5_auth_con_getauthenticator krb5_auth_con_getflags krb5_auth_con_getivector krb5_auth_con_getkey +krb5_auth_con_getkey_k krb5_auth_con_getlocalseqnumber krb5_auth_con_getlocalsubkey krb5_auth_con_getpermetypes krb5_auth_con_getrcache krb5_auth_con_getrecvsubkey +krb5_auth_con_getrecvsubkey_k krb5_auth_con_getremoteseqnumber krb5_auth_con_getremotesubkey krb5_auth_con_getsendsubkey +krb5_auth_con_getsendsubkey_k krb5_auth_con_init krb5_auth_con_initivector krb5_auth_con_set_authdata_context @@ -168,6 +172,7 @@ krb5_cc_dfl_ops krb5_cc_end_seq_get krb5_cc_file_ops krb5_cc_gen_new +krb5_cc_get_config krb5_cc_get_name krb5_cc_get_principal krb5_cc_get_type @@ -179,6 +184,7 @@ krb5_cc_remove_cred krb5_cc_resolve krb5_cc_retrieve_cred krb5_cc_retrieve_cred_default +krb5_cc_set_config krb5_cc_set_default_name krb5_cc_set_flags krb5_cc_start_seq_get @@ -323,11 +329,11 @@ krb5_get_in_tkt krb5_get_in_tkt_with_keytab krb5_get_in_tkt_with_password krb5_get_in_tkt_with_skey -krb5_get_init_creds krb5_get_init_creds_keytab krb5_get_init_creds_opt_alloc krb5_get_init_creds_opt_free krb5_get_init_creds_opt_free_pa +krb5_get_init_creds_opt_get_fast_flags krb5_get_init_creds_opt_get_pa krb5_get_init_creds_opt_init krb5_get_init_creds_opt_set_address_list @@ -335,7 +341,9 @@ krb5_get_init_creds_opt_set_canonicalize krb5_get_init_creds_opt_set_change_password_prompt krb5_get_init_creds_opt_set_etype_list krb5_get_init_creds_opt_set_fast_ccache_name +krb5_get_init_creds_opt_set_fast_flags krb5_get_init_creds_opt_set_forwardable +krb5_get_init_creds_opt_set_out_ccache krb5_get_init_creds_opt_set_pa krb5_get_init_creds_opt_set_preauth_list krb5_get_init_creds_opt_set_proxiable @@ -355,9 +363,20 @@ krb5_get_tgs_ktypes krb5_get_time_offsets krb5_get_validated_creds krb5_init_context +krb5_init_creds_free +krb5_init_creds_get +krb5_init_creds_get_creds +krb5_init_creds_get_error +krb5_init_creds_get_times +krb5_init_creds_init +krb5_init_creds_set_keytab +krb5_init_creds_set_password +krb5_init_creds_set_service +krb5_init_creds_step krb5_init_keyblock krb5_init_secure_context krb5_internalize_opaque +krb5_is_config_principal krb5_is_permitted_enctype krb5_is_referral_realm krb5_is_thread_safe diff --git a/src/lib/krb5/os/Makefile.in b/src/lib/krb5/os/Makefile.in index 824f913..8a410ea 100644 --- a/src/lib/krb5/os/Makefile.in +++ b/src/lib/krb5/os/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/os mydir=lib/krb5/os BUILDTOP=$(REL)..$(S)..$(S).. KRB5_RUN_ENV = @KRB5_RUN_ENV@ @@ -7,7 +5,7 @@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= DEFINES=-DLIBDIR=\"$(KRB5_LIBDIR)\" -LOCALINCLUDES=-I$(SRCTOP)/util/profile +LOCALINCLUDES=-I$(top_srcdir)/util/profile ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=os diff --git a/src/lib/krb5/os/accessor.c b/src/lib/krb5/os/accessor.c index 20fb30d..fa97c57 100644 --- a/src/lib/krb5/os/accessor.c +++ b/src/lib/krb5/os/accessor.c @@ -52,11 +52,9 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version) #define S(FIELD, VAL) internals_temp.FIELD = VAL krb5int_access internals_temp; #endif + S (arcfour_gsscrypt, krb5int_arcfour_gsscrypt), S (free_addrlist, krb5int_free_addrlist), - S (hmac, krb5int_hmac_keyblock), S (auth_con_get_subkey_enctype, krb5_auth_con_get_subkey_enctype), - S (md5_hash_provider, &krb5int_hash_md5), - S (arcfour_enc_provider, &krb5int_enc_arcfour), S (sendto_udp, &krb5int_sendto), S (add_host_to_list, krb5int_add_host_to_list), diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c index 0c043a2..46bb828 100644 --- a/src/lib/krb5/os/changepw.c +++ b/src/lib/krb5/os/changepw.c @@ -58,8 +58,8 @@ struct sendto_callback_context { */ static krb5_error_code -krb5_locate_kpasswd(krb5_context context, const krb5_data *realm, - struct addrlist *addrlist, krb5_boolean useTcp) +locate_kpasswd(krb5_context context, const krb5_data *realm, + struct addrlist *addrlist, krb5_boolean useTcp) { krb5_error_code code; int sockType = (useTcp ? SOCK_STREAM : SOCK_DGRAM); @@ -99,12 +99,14 @@ static void kpasswd_sendto_msg_cleanup (void* callback_context, krb5_data* message) { struct sendto_callback_context *ctx = callback_context; + krb5_free_data_contents(ctx->context, message); } static int -kpasswd_sendto_msg_callback(struct conn_state *conn, void *callback_context, +kpasswd_sendto_msg_callback(struct conn_state *conn, + void *callback_context, krb5_data *message) { krb5_error_code code = 0; @@ -195,15 +197,18 @@ cleanup: /* ** The logic for setting and changing a password is mostly the same -** krb5_change_set_password handles both cases +** change_set_password handles both cases ** if set_password_for is NULL, then a password change is performed, ** otherwise, the password is set for the principal indicated in set_password_for */ -static krb5_error_code KRB5_CALLCONV -krb5_change_set_password(krb5_context context, krb5_creds *creds, char *newpw, - krb5_principal set_password_for, - int *result_code, krb5_data *result_code_string, - krb5_data *result_string) +static krb5_error_code +change_set_password(krb5_context context, + krb5_creds *creds, + char *newpw, + krb5_principal set_password_for, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string) { krb5_data chpw_rep; krb5_address remote_kaddr; @@ -240,10 +245,10 @@ krb5_change_set_password(krb5_context context, krb5_creds *creds, char *newpw, callback_ctx.local_seq_num = callback_ctx.auth_context->local_seq_number; do { - if ((code = krb5_locate_kpasswd(callback_ctx.context, - krb5_princ_realm(callback_ctx.context, - creds->server), - &al, useTcp))) + if ((code = locate_kpasswd(callback_ctx.context, + krb5_princ_realm(callback_ctx.context, + creds->server), + &al, useTcp))) break; addrlen = sizeof(remote_addr); @@ -350,10 +355,15 @@ cleanup: } krb5_error_code KRB5_CALLCONV -krb5_change_password(krb5_context context, krb5_creds *creds, char *newpw, int *result_code, krb5_data *result_code_string, krb5_data *result_string) +krb5_change_password(krb5_context context, + krb5_creds *creds, + char *newpw, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string) { - return krb5_change_set_password( - context, creds, newpw, NULL, result_code, result_code_string, result_string ); + return change_set_password(context, creds, newpw, NULL, + result_code, result_code_string, result_string ); } /* @@ -362,25 +372,27 @@ krb5_change_password(krb5_context context, krb5_creds *creds, char *newpw, int * */ krb5_error_code KRB5_CALLCONV -krb5_set_password( - krb5_context context, - krb5_creds *creds, - char *newpw, - krb5_principal change_password_for, - int *result_code, krb5_data *result_code_string, krb5_data *result_string +krb5_set_password(krb5_context context, + krb5_creds *creds, + char *newpw, + krb5_principal change_password_for, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string ) { - return krb5_change_set_password( - context, creds, newpw, change_password_for, result_code, result_code_string, result_string ); + return change_set_password(context, creds, newpw, change_password_for, + result_code, result_code_string, result_string ); } krb5_error_code KRB5_CALLCONV -krb5_set_password_using_ccache( - krb5_context context, - krb5_ccache ccache, - char *newpw, - krb5_principal change_password_for, - int *result_code, krb5_data *result_code_string, krb5_data *result_string +krb5_set_password_using_ccache(krb5_context context, + krb5_ccache ccache, + char *newpw, + krb5_principal change_password_for, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string ) { krb5_creds creds; diff --git a/src/lib/krb5/os/deps b/src/lib/krb5/os/deps index a729e38..8c13f1f 100644 --- a/src/lib/krb5/os/deps +++ b/src/lib/krb5/os/deps @@ -4,492 +4,499 @@ accessor.so accessor.po $(OUTPRE)accessor.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ accessor.c os-proto.h an_to_ln.so an_to_ln.po $(OUTPRE)an_to_ln.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ an_to_ln.c c_ustime.so c_ustime.po $(OUTPRE)c_ustime.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ c_ustime.c def_realm.so def_realm.po $(OUTPRE)def_realm.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ def_realm.c os-proto.h ccdefname.so ccdefname.po $(OUTPRE)ccdefname.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ccdefname.c changepw.so changepw.po $(OUTPRE)changepw.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/cm.h $(SRCTOP)/include/fake-addrinfo.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../krb/auth_con.h changepw.c os-proto.h + $(COM_ERR_DEPS) $(srcdir)/../krb/auth_con.h $(top_srcdir)/include/cm.h \ + $(top_srcdir)/include/fake-addrinfo.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h changepw.c os-proto.h dnsglue.so dnsglue.po $(OUTPRE)dnsglue.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h dnsglue.c dnsglue.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dnsglue.c dnsglue.h \ os-proto.h dnssrv.so dnssrv.po $(OUTPRE)dnssrv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h dnsglue.h dnssrv.c \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dnsglue.h dnssrv.c \ os-proto.h free_krbhs.so free_krbhs.po $(OUTPRE)free_krbhs.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ free_krbhs.c free_hstrl.so free_hstrl.po $(OUTPRE)free_hstrl.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ free_hstrl.c full_ipadr.so full_ipadr.po $(OUTPRE)full_ipadr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ full_ipadr.c os-proto.h get_krbhst.so get_krbhst.po $(OUTPRE)get_krbhst.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ get_krbhst.c gen_port.so gen_port.po $(OUTPRE)gen_port.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gen_port.c os-proto.h genaddrs.so genaddrs.po $(OUTPRE)genaddrs.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ genaddrs.c os-proto.h gen_rname.so gen_rname.po $(OUTPRE)gen_rname.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ gen_rname.c os-proto.h hostaddr.so hostaddr.po $(OUTPRE)hostaddr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h hostaddr.c + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hostaddr.c hst_realm.so hst_realm.po $(OUTPRE)hst_realm.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h dnsglue.h hst_realm.c \ - os-proto.h + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + dnsglue.h hst_realm.c os-proto.h init_os_ctx.so init_os_ctx.po $(OUTPRE)init_os_ctx.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/util/profile/prof_int.h init_os_ctx.c os-proto.h + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(top_srcdir)/util/profile/prof_int.h init_os_ctx.c \ + os-proto.h krbfileio.so krbfileio.po $(OUTPRE)krbfileio.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ krbfileio.c ktdefname.so ktdefname.po $(OUTPRE)ktdefname.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ktdefname.c kuserok.so kuserok.po $(OUTPRE)kuserok.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h kuserok.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h kuserok.c mk_faddr.so mk_faddr.po $(OUTPRE)mk_faddr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ mk_faddr.c os-proto.h localaddr.so localaddr.po $(OUTPRE)localaddr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/foreachaddr.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h localaddr.c + $(COM_ERR_DEPS) $(top_srcdir)/include/foreachaddr.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + localaddr.c locate_kdc.so locate_kdc.po $(OUTPRE)locate_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h locate_kdc.c os-proto.h + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + locate_kdc.c os-proto.h lock_file.so lock_file.po $(OUTPRE)lock_file.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ lock_file.c net_read.so net_read.po $(OUTPRE)net_read.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ net_read.c net_write.so net_write.po $(OUTPRE)net_write.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ net_write.c os-proto.h osconfig.so osconfig.po $(OUTPRE)osconfig.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ osconfig.c prompter.so prompter.po $(OUTPRE)prompter.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ prompter.c read_msg.so read_msg.po $(OUTPRE)read_msg.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ read_msg.c read_pwd.so read_pwd.po $(OUTPRE)read_pwd.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ read_pwd.c realm_dom.so realm_dom.po $(OUTPRE)realm_dom.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ realm_dom.c realm_iter.so realm_iter.po $(OUTPRE)realm_iter.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ realm_iter.c port2ip.so port2ip.po $(OUTPRE)port2ip.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h os-proto.h port2ip.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h os-proto.h port2ip.c sendto_kdc.so sendto_kdc.po $(OUTPRE)sendto_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/cm.h $(SRCTOP)/include/fake-addrinfo.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/cm.h $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ os-proto.h sendto_kdc.c sn2princ.so sn2princ.po $(OUTPRE)sn2princ.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h os-proto.h sn2princ.c + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + os-proto.h sn2princ.c thread_safe.so thread_safe.po $(OUTPRE)thread_safe.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ thread_safe.c timeofday.so timeofday.po $(OUTPRE)timeofday.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ timeofday.c toffset.so toffset.po $(OUTPRE)toffset.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h toffset.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h toffset.c unlck_file.so unlck_file.po $(OUTPRE)unlck_file.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ unlck_file.c ustime.so ustime.po $(OUTPRE)ustime.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h ustime.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h ustime.c write_msg.so write_msg.po $(OUTPRE)write_msg.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ os-proto.h write_msg.c t_an_to_ln.so t_an_to_ln.po $(OUTPRE)t_an_to_ln.$(OBJEXT): \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \ + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \ t_an_to_ln.c t_gifconf.so t_gifconf.po $(OUTPRE)t_gifconf.$(OBJEXT): \ t_gifconf.c t_locate_kdc.so t_locate_kdc.po $(OUTPRE)t_locate_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h dnsglue.c dnsglue.h \ - dnssrv.c locate_kdc.c os-proto.h t_locate_kdc.c + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + dnsglue.c dnsglue.h dnssrv.c locate_kdc.c os-proto.h \ + t_locate_kdc.c t_realm_iter.so t_realm_iter.po $(OUTPRE)t_realm_iter.$(OBJEXT): \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \ + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \ t_realm_iter.c t_std_conf.so t_std_conf.po $(OUTPRE)t_std_conf.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h os-proto.h t_std_conf.c + $(COM_ERR_DEPS) $(top_srcdir)/include/fake-addrinfo.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + os-proto.h t_std_conf.c diff --git a/src/lib/krb5/os/read_pwd.c b/src/lib/krb5/os/read_pwd.c index 192c873..df93c65 100644 --- a/src/lib/krb5/os/read_pwd.c +++ b/src/lib/krb5/os/read_pwd.c @@ -42,7 +42,9 @@ #endif /* ECHO_PASSWORD */ krb5_error_code -krb5_read_password(krb5_context context, const char *prompt, const char *prompt2, char *return_pwd, unsigned int *size_return) +krb5_read_password(krb5_context context, + const char *prompt, const char *prompt2, + char *return_pwd, unsigned int *size_return) { krb5_data reply_data; krb5_prompt k5prompt; @@ -117,12 +119,11 @@ center_dialog(HWND hwnd) #ifdef _WIN32 static krb5_error_code -read_console_password( - krb5_context context, - const char * prompt, - const char * prompt2, - char * password, - int * pwsize) +read_console_password(krb5_context context, + const char * prompt, + const char * prompt2, + char * password, + int * pwsize) { HANDLE handle; DWORD old_mode, new_mode; diff --git a/src/lib/krb5/os/timeofday.c b/src/lib/krb5/os/timeofday.c index a711b04..7c4534e 100644 --- a/src/lib/krb5/os/timeofday.c +++ b/src/lib/krb5/os/timeofday.c @@ -55,3 +55,18 @@ krb5_timeofday(krb5_context context, register krb5_timestamp *timeret) *timeret = tval; return 0; } + +krb5_error_code +krb5int_check_clockskew(krb5_context context, krb5_timestamp date) +{ + krb5_timestamp currenttime; + krb5_error_code retval; + + retval = krb5_timeofday(context, ¤ttime); + if (retval) + return retval; + if (!(labs((date)-currenttime) < context->clockskew)) + return KRB5KRB_AP_ERR_SKEW; + + return 0; +} diff --git a/src/lib/krb5/posix/Makefile.in b/src/lib/krb5/posix/Makefile.in index 65a7b60..0d835a9 100644 --- a/src/lib/krb5/posix/Makefile.in +++ b/src/lib/krb5/posix/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=./.. -myfulldir=lib/krb5/posix mydir=posix BUILDTOP=$(REL)..$(S)..$(S).. DEFS= diff --git a/src/lib/krb5/rcache/Makefile.in b/src/lib/krb5/rcache/Makefile.in index abbcc32..fec270b 100644 --- a/src/lib/krb5/rcache/Makefile.in +++ b/src/lib/krb5/rcache/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/rcache mydir=lib/krb5/rcache BUILDTOP=$(REL)..$(S)..$(S).. PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/krb5/rcache/deps b/src/lib/krb5/rcache/deps index 6a3840f..008c183 100644 --- a/src/lib/krb5/rcache/deps +++ b/src/lib/krb5/rcache/deps @@ -3,96 +3,96 @@ # rc_base.so rc_base.po $(OUTPRE)rc_base.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h rc_base.c \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h rc_base.c \ rc_base.h rc_dfl.so rc_dfl.po $(OUTPRE)rc_dfl.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h rc_base.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h rc_base.h \ rc_dfl.c rc_dfl.h rc_io.h rc_io.so rc_io.po $(OUTPRE)rc_io.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc_base.h rc_dfl.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc_base.h rc_dfl.h \ rc_io.c rc_io.h rcdef.so rcdef.po $(OUTPRE)rcdef.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h rc_dfl.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h rc_dfl.h \ rcdef.c rc_none.so rc_none.po $(OUTPRE)rc_none.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h rc_none.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h rc_none.c rc_conv.so rc_conv.po $(OUTPRE)rc_conv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc_base.h rc_conv.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc_base.h rc_conv.c ser_rc.so ser_rc.po $(OUTPRE)ser_rc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h ser_rc.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h ser_rc.c rcfns.so rcfns.po $(OUTPRE)rcfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h rc-int.h rcfns.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc-int.h rcfns.c t_replay.so t_replay.po $(OUTPRE)t_replay.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ t_replay.c diff --git a/src/lib/krb5/unicode/Makefile.in b/src/lib/krb5/unicode/Makefile.in index 04d426a..5ae89fb 100644 --- a/src/lib/krb5/unicode/Makefile.in +++ b/src/lib/krb5/unicode/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/krb5/unicode mydir=lib/krb5/unicode BUILDTOP=$(REL)..$(S)..$(S).. KRB5_RUN_ENV = @KRB5_RUN_ENV@ diff --git a/src/lib/krb5/unicode/deps b/src/lib/krb5/unicode/deps index 5d0ffc4..89e1c95 100644 --- a/src/lib/krb5/unicode/deps +++ b/src/lib/krb5/unicode/deps @@ -3,13 +3,13 @@ # ucstr.so ucstr.po $(OUTPRE)ucstr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-unicode.h \ - $(SRCTOP)/include/k5-utf8.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/ucdata/ucdata.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/ucdata/ucdata.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-unicode.h $(top_srcdir)/include/k5-utf8.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ ucstr.c diff --git a/src/lib/rpc/Makefile.in b/src/lib/rpc/Makefile.in index ec164a8..578a2d1 100644 --- a/src/lib/rpc/Makefile.in +++ b/src/lib/rpc/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../.. -myfulldir=lib/rpc mydir=lib/rpc BUILDTOP=$(REL)..$(S).. DEFINES = -DGSSAPI_KRB5 -DDEBUG_GSSAPI=0 -DGSSRPC__IMPL @@ -226,8 +224,8 @@ do-dyn-lclint:: $(LCLINT) $(LCLINTOPTS) $(LOCALINCLUDES) $(DEFS) dyn.c dyntest.c $(BUILDTOP)/include/gssrpc/types.h: types.stamp -types.stamp: $(SRCTOP)/include/gssrpc/types.hin $(thisconfigdir)/config.status - cd $(thisconfigdir) && $(SHELL) config.status include/gssrpc/types.h +types.stamp: $(top_srcdir)/include/gssrpc/types.hin $(BUILDTOP)/config.status + cd $(BUILDTOP) && $(SHELL) config.status include/gssrpc/types.h touch types.stamp clean-unix:: diff --git a/src/lib/rpc/deps b/src/lib/rpc/deps index 53ea7ae..d088bf0 100644 --- a/src/lib/rpc/deps +++ b/src/lib/rpc/deps @@ -2,322 +2,323 @@ # Generated makefile dependencies follow. # auth_none.so auth_none.po $(OUTPRE)auth_none.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ auth_none.c auth_unix.so auth_unix.po $(OUTPRE)auth_unix.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ auth_unix.c authgss_prot.so authgss_prot.po $(OUTPRE)authgss_prot.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ authgss_prot.c authunix_prot.so authunix_prot.po $(OUTPRE)authunix_prot.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h authunix_prot.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h authunix_prot.c auth_gss.so auth_gss.po $(OUTPRE)auth_gss.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h auth_gss.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h auth_gss.c auth_gssapi.so auth_gssapi.po $(OUTPRE)auth_gssapi.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \ $(BUILDTOP)/include/gssapi/gssapi_generic.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_gssapi.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/krb5.h \ - auth_gssapi.c gssrpcint.h + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_gssapi.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/krb5.h auth_gssapi.c gssrpcint.h auth_gssapi_misc.so auth_gssapi_misc.po $(OUTPRE)auth_gssapi_misc.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_gssapi.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h auth_gssapi_misc.c gssrpcint.h + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_gssapi.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h auth_gssapi_misc.c \ + gssrpcint.h bindresvport.so bindresvport.po $(OUTPRE)bindresvport.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ bindresvport.c clnt_generic.so clnt_generic.po $(OUTPRE)clnt_generic.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h clnt_generic.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h clnt_generic.c clnt_perror.so clnt_perror.po $(OUTPRE)clnt_perror.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ clnt_perror.c clnt_raw.so clnt_raw.po $(OUTPRE)clnt_raw.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ clnt_raw.c clnt_simple.so clnt_simple.po $(OUTPRE)clnt_simple.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/port-sockets.h \ + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/port-sockets.h \ clnt_simple.c clnt_tcp.so clnt_tcp.po $(OUTPRE)clnt_tcp.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/pmap_clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/port-sockets.h clnt_tcp.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/pmap_clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/port-sockets.h clnt_tcp.c clnt_udp.so clnt_udp.po $(OUTPRE)clnt_udp.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/pmap_clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/port-sockets.h clnt_udp.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/pmap_clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/port-sockets.h clnt_udp.c dyn.so dyn.po $(OUTPRE)dyn.$(OBJEXT): dyn.c dyn.h dynP.h rpc_dtablesize.so rpc_dtablesize.po $(OUTPRE)rpc_dtablesize.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ rpc_dtablesize.c get_myaddress.so get_myaddress.po $(OUTPRE)get_myaddress.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/krb5.h get_myaddress.c + $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/krb5.h get_myaddress.c getrpcport.so getrpcport.po $(OUTPRE)getrpcport.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/pmap_clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/pmap_clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ getrpcport.c pmap_clnt.so pmap_clnt.po $(OUTPRE)pmap_clnt.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ pmap_clnt.c pmap_getmaps.so pmap_getmaps.po $(OUTPRE)pmap_getmaps.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ pmap_getmaps.c pmap_getport.so pmap_getport.po $(OUTPRE)pmap_getport.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ pmap_getport.c pmap_prot.so pmap_prot.po $(OUTPRE)pmap_prot.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ pmap_prot.c pmap_prot2.so pmap_prot2.po $(OUTPRE)pmap_prot2.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/pmap_prot.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/pmap_prot.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ pmap_prot2.c pmap_rmt.so pmap_rmt.po $(OUTPRE)pmap_rmt.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/pmap_clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_prot.h $(SRCTOP)/include/gssrpc/pmap_rmt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h pmap_rmt.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/pmap_clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_prot.h $(top_srcdir)/include/gssrpc/pmap_rmt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/port-sockets.h pmap_rmt.c rpc_prot.so rpc_prot.po $(OUTPRE)rpc_prot.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ rpc_prot.c rpc_commondata.so rpc_commondata.po $(OUTPRE)rpc_commondata.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ rpc_commondata.c rpc_callmsg.so rpc_callmsg.po $(OUTPRE)rpc_callmsg.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ rpc_callmsg.c svc.so svc.po $(OUTPRE)svc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h svc.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h svc.c svc_auth.so svc_auth.po $(OUTPRE)svc_auth.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ svc_auth.c svc_auth_gss.so svc_auth_gss.po $(OUTPRE)svc_auth_gss.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_generic.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_gssapi.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h svc_auth_gss.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_gssapi.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h svc_auth_gss.c svc_auth_none.so svc_auth_none.po $(OUTPRE)svc_auth_none.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ svc_auth_none.c svc_auth_unix.so svc_auth_unix.po $(OUTPRE)svc_auth_unix.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ svc_auth_unix.c svc_auth_gssapi.so svc_auth_gssapi.po $(OUTPRE)svc_auth_gssapi.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_gssapi.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/krb5.h \ - gssrpcint.h svc_auth_gssapi.c + $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_gssapi.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/krb5.h gssrpcint.h svc_auth_gssapi.c svc_raw.so svc_raw.po $(OUTPRE)svc_raw.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h svc_raw.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h svc_raw.c svc_run.so svc_run.po $(OUTPRE)svc_run.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h svc_run.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h svc_run.c svc_simple.so svc_simple.po $(OUTPRE)svc_simple.$(OBJEXT): \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h svc_simple.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h svc_simple.c svc_tcp.so svc_tcp.po $(OUTPRE)svc_tcp.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h svc_tcp.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/port-sockets.h svc_tcp.c svc_udp.so svc_udp.po $(OUTPRE)svc_udp.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \ - $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \ - $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h svc_udp.c + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \ + $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \ + $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/port-sockets.h svc_udp.c xdr.so xdr.po $(OUTPRE)xdr.$(OBJEXT): $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ xdr.c xdr_array.so xdr_array.po $(OUTPRE)xdr_array.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h xdr_array.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h xdr_array.c xdr_float.so xdr_float.po $(OUTPRE)xdr_float.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h xdr_float.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h xdr_float.c xdr_mem.so xdr_mem.po $(OUTPRE)xdr_mem.$(OBJEXT): $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ xdr_mem.c xdr_rec.so xdr_rec.po $(OUTPRE)xdr_rec.$(OBJEXT): $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/xdr.h \ + $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/xdr.h \ xdr_rec.c xdr_reference.so xdr_reference.po $(OUTPRE)xdr_reference.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h xdr_reference.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h xdr_reference.c xdr_stdio.so xdr_stdio.po $(OUTPRE)xdr_stdio.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h xdr_stdio.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h xdr_stdio.c xdr_sizeof.so xdr_sizeof.po $(OUTPRE)xdr_sizeof.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h xdr_sizeof.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h xdr_sizeof.c xdr_alloc.so xdr_alloc.po $(OUTPRE)xdr_alloc.$(OBJEXT): \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/xdr.h dyn.h xdr_alloc.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/xdr.h dyn.h xdr_alloc.c diff --git a/src/lib/rpc/unit-test/Makefile.in b/src/lib/rpc/unit-test/Makefile.in index 2b98dbb..71ddef8 100644 --- a/src/lib/rpc/unit-test/Makefile.in +++ b/src/lib/rpc/unit-test/Makefile.in @@ -1,5 +1,3 @@ -thisconfigdir=../../.. -myfulldir=lib/rpc/unit-test mydir=lib/rpc/unit-test BUILDTOP=$(REL)..$(S)..$(S).. LOCALINCLUDES = -I. diff --git a/src/lib/rpc/unit-test/deps b/src/lib/rpc/unit-test/deps index 94e4c8f..6b24703 100644 --- a/src/lib/rpc/unit-test/deps +++ b/src/lib/rpc/unit-test/deps @@ -3,33 +3,33 @@ # $(OUTPRE)client.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(SRCTOP)/include/gssrpc/auth.h $(SRCTOP)/include/gssrpc/auth_gss.h \ - $(SRCTOP)/include/gssrpc/auth_gssapi.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h client.c rpc_test.h + $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \ + $(top_srcdir)/include/gssrpc/auth_gssapi.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h client.c rpc_test.h $(OUTPRE)rpc_test_clnt.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h rpc_test.h rpc_test_clnt.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h rpc_test.h rpc_test_clnt.c $(OUTPRE)rpc_test_svc.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \ - $(SRCTOP)/include/gssrpc/clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h rpc_test.h rpc_test_svc.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ + $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h rpc_test.h rpc_test_svc.c $(OUTPRE)server.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \ - $(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \ - $(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_gssapi.h \ - $(SRCTOP)/include/gssrpc/auth_unix.h $(SRCTOP)/include/gssrpc/clnt.h \ - $(SRCTOP)/include/gssrpc/pmap_clnt.h $(SRCTOP)/include/gssrpc/rename.h \ - $(SRCTOP)/include/gssrpc/rpc.h $(SRCTOP)/include/gssrpc/rpc_msg.h \ - $(SRCTOP)/include/gssrpc/svc.h $(SRCTOP)/include/gssrpc/svc_auth.h \ - $(SRCTOP)/include/gssrpc/xdr.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h rpc_test.h server.c + $(BUILDTOP)/include/gssrpc/types.h $(top_srcdir)/include/gssrpc/auth.h \ + $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_gssapi.h \ + $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \ + $(top_srcdir)/include/gssrpc/pmap_clnt.h $(top_srcdir)/include/gssrpc/rename.h \ + $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ + $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ + $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-thread.h rpc_test.h server.c |