aboutsummaryrefslogtreecommitdiff
path: root/src/lib/krb5
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5')
-rw-r--r--src/lib/krb5/ChangeLog4
-rw-r--r--src/lib/krb5/asn.1/ChangeLog27
-rw-r--r--src/lib/krb5/asn.1/asn1_encode.c12
-rw-r--r--src/lib/krb5/asn.1/asn1_k_decode.c25
-rw-r--r--src/lib/krb5/asn.1/asn1buf.c6
-rw-r--r--src/lib/krb5/configure.in2
-rw-r--r--src/lib/krb5/error_tables/ChangeLog9
-rw-r--r--src/lib/krb5/error_tables/asn1_err.et1
-rw-r--r--src/lib/krb5/error_tables/krb5_err.et1
-rw-r--r--src/lib/krb5/keytab/file/ChangeLog5
-rw-r--r--src/lib/krb5/keytab/file/ktf_g_ent.c14
-rw-r--r--src/lib/krb5/krb/ChangeLog129
-rw-r--r--src/lib/krb5/krb/Makefile.in4
-rw-r--r--src/lib/krb5/krb/brand.c15
-rw-r--r--src/lib/krb5/krb/chk_trans.c24
-rw-r--r--src/lib/krb5/krb/conv_princ.c34
-rw-r--r--src/lib/krb5/krb/deltat.c1063
-rw-r--r--src/lib/krb5/krb/fwd_tgt.c7
-rw-r--r--src/lib/krb5/krb/init_ctx.c28
-rw-r--r--src/lib/krb5/krb/preauth.c38
-rw-r--r--src/lib/krb5/krb/recvauth.c26
-rw-r--r--src/lib/krb5/krb/send_tgs.c3
-rw-r--r--src/lib/krb5/krb/sendauth.c5
-rw-r--r--src/lib/krb5/krb/str_conv.c553
-rw-r--r--src/lib/krb5/krb/strftime.c415
-rw-r--r--src/lib/krb5/krb/strptime.c386
-rw-r--r--src/lib/krb5/krb/t_kerb.c22
-rw-r--r--src/lib/krb5/krb/t_ref_kerb.out2
-rw-r--r--src/lib/krb5/os/ChangeLog16
-rw-r--r--src/lib/krb5/os/locate_kdc.c3
-rw-r--r--src/lib/krb5/os/promptusr.c2
-rw-r--r--src/lib/krb5/rcache/ChangeLog5
-rw-r--r--src/lib/krb5/rcache/rc_io.c2
33 files changed, 2490 insertions, 398 deletions
diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog
index 00b17c7..e77f6b9 100644
--- a/src/lib/krb5/ChangeLog
+++ b/src/lib/krb5/ChangeLog
@@ -1,3 +1,7 @@
+Mon Nov 18 20:42:39 1996 Ezra Peisach <epeisach@mit.edu>
+
+ * configure.in: Set shared library version to 1.0. [krb5-libs/201]
+
Wed Oct 23 01:15:40 1996 Theodore Y. Ts'o <tytso@mit.edu>
* configure.in, Makefile.in: Check to see if the -lgen library
diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog
index 8aa3684..e6f9777 100644
--- a/src/lib/krb5/asn.1/ChangeLog
+++ b/src/lib/krb5/asn.1/ChangeLog
@@ -1,3 +1,30 @@
+Thu Dec 3 19:41:06 1998 Tom Yu <tlyu@mit.edu>
+
+ * asn1_k_decode.c (asn1_decode_krb5_flags): Fix previous to
+ properly left-justify bit strings less than 32 bits.
+
+ * asn1_k_decode.c (asn1_decode_krb5_flags): Modify to deal with
+ BIT STRING values that are not exactly 32 bits. Throw away bits
+ beyond number 31 in a bit string for now. Deal with masking out
+ unused bits.
+
+1998-10-27 Marc Horowitz <marc@mit.edu>
+
+ * asn1buf.c (asn1buf_sync): interoperation testing against heimdal
+ revealed a bug. if extra fields are present in a SEQUENCE, they
+ are not ignored and skipped. This caused the decoder to get out
+ of sync.
+
+Thu Apr 16 17:01:27 1998 Tom Yu <tlyu@mit.edu>
+
+ * asn1_encode.c (asn1_encode_generaltime): Sanity check the return
+ from gmtime() to avoid overruns.
+
+Wed Jan 14 20:57:33 1998 Tom Yu <tlyu@mit.edu>
+
+ * asn1buf.c (asn12krb5_buf): Check return value of
+ calloc. [krb5-libs/518]
+
Thu Nov 14 20:57:55 1996 Theodore Y. Ts'o <tytso@mit.edu>
* asn1_k_encode.c (asn1_encode_principal_name): Be liberal about
diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c
index 16c25ca..826fc94 100644
--- a/src/lib/krb5/asn.1/asn1_encode.c
+++ b/src/lib/krb5/asn.1/asn1_encode.c
@@ -203,7 +203,17 @@ asn1_error_code asn1_encode_generaltime(buf, val, retlen)
gmt_time = val + EPOCH;
gtime = gmtime(&gmt_time);
- /* Time encoding: YYYYMMDDhhmmssZ */
+ /*
+ * Time encoding: YYYYMMDDhhmmssZ
+ *
+ * Sanity check this just to be paranoid, as gmtime can return NULL,
+ * and some bogus implementations might overrun on the sprintf.
+ */
+ if (gtime == NULL ||
+ gtime->tm_year > 9999 || gtime->tm_mon > 11 ||
+ gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
+ gtime->tm_min > 59 || gtime->tm_sec > 59)
+ return ASN1_BAD_GMTIME;
sprintf(s, "%04d%02d%02d%02d%02d%02dZ",
1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
gtime->tm_hour, gtime->tm_min, gtime->tm_sec);
diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c
index 475bc06..090fcc3 100644
--- a/src/lib/krb5/asn.1/asn1_k_decode.c
+++ b/src/lib/krb5/asn.1/asn1_k_decode.c
@@ -272,7 +272,7 @@ asn1_error_code asn1_decode_krb5_flags(buf, val)
krb5_flags * val;
{
setup();
- asn1_octet o;
+ asn1_octet unused, o;
int i;
krb5_flags f=0;
unused_var(taglen);
@@ -281,17 +281,28 @@ asn1_error_code asn1_decode_krb5_flags(buf, val)
if(retval) return retval;
if(class != UNIVERSAL || construction != PRIMITIVE ||
tagnum != ASN1_BITSTRING) return ASN1_BAD_ID;
- if(length != 5) return ASN1_BAD_LENGTH;
- retval = asn1buf_remove_octet(buf,&o); /* # of padding bits */
- if(retval) return retval; /* should be 0 */
- if(o != 0) return ASN1_BAD_FORMAT;
+ retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
+ if(retval) return retval;
+
+ /* Number of unused bits must be between 0 and 7. */
+ if (unused > 7) return ASN1_BAD_FORMAT;
+ length--;
- for(i=0; i<4; i++){
+ for(i = 0; i < length; i++) {
retval = asn1buf_remove_octet(buf,&o);
if(retval) return retval;
- f = (f<<8) | ((krb5_flags)o&0xFF);
+ /* ignore bits past number 31 */
+ if (i < 4)
+ f = (f<<8) | ((krb5_flags)o&0xFF);
+ }
+ if (length <= 4) {
+ /* Mask out unused bits, but only if necessary. */
+ f &= ~(krb5_flags)0 << unused;
}
+ /* left-justify */
+ if (length < 4)
+ f <<= (4 - length) * 8;
*val = f;
return 0;
}
diff --git a/src/lib/krb5/asn.1/asn1buf.c b/src/lib/krb5/asn.1/asn1buf.c
index 822b263..2ee95c4 100644
--- a/src/lib/krb5/asn.1/asn1buf.c
+++ b/src/lib/krb5/asn.1/asn1buf.c
@@ -91,7 +91,7 @@ void asn1buf_sync(buf, subbuf)
asn1buf * buf;
asn1buf * subbuf;
{
- buf->next = subbuf->next;
+ buf->next = subbuf->bound + 1;
}
asn1_error_code asn1buf_destroy(buf)
@@ -231,6 +231,10 @@ asn1_error_code asn12krb5_buf(buf, code)
(*code)->length = 0;
(*code)->length = asn1buf_len(buf);
(*code)->data = (char*)calloc(((*code)->length)+1,sizeof(char));
+ if ((*code)->data == NULL) {
+ free(*code);
+ return ENOMEM;
+ }
for(i=0; i < (*code)->length; i++)
((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
((*code)->data)[(*code)->length] = '\0';
diff --git a/src/lib/krb5/configure.in b/src/lib/krb5/configure.in
index c612ed7..2ac53bd 100644
--- a/src/lib/krb5/configure.in
+++ b/src/lib/krb5/configure.in
@@ -16,7 +16,7 @@ dnl
AC_CHECK_LIB(gen,compile,SHLIB_GEN=-lgen,SHLIB_GEN='')
AC_SUBST(SHLIB_GEN)
dnl
-V5_MAKE_SHARED_LIB(libkrb5,0.1,.., ./krb5)
+V5_MAKE_SHARED_LIB(libkrb5,1.0,.., ./krb5)
CRYPTO_SH_VERS=$krb5_cv_shlib_version_libcrypto
AC_SUBST(CRYPTO_SH_VERS)
COMERR_SH_VERS=$krb5_cv_shlib_version_libcom_err
diff --git a/src/lib/krb5/error_tables/ChangeLog b/src/lib/krb5/error_tables/ChangeLog
index 0b60e42..caccd26 100644
--- a/src/lib/krb5/error_tables/ChangeLog
+++ b/src/lib/krb5/error_tables/ChangeLog
@@ -1,3 +1,12 @@
+Thu Apr 16 20:51:40 1998 Tom Yu <tlyu@mit.edu>
+
+ * asn1_err.et (ASN1_BAD_GMTIME): Add code for case where bad
+ values are returned from gmtime().
+
+Tue Nov 19 17:06:26 1996 Barry Jaspan <bjaspan@mit.edu>
+
+ * krb5_err.et: add KRB5_KT_KVNONOTFOUND [krb5-libs/198]
+
Wed Nov 6 11:15:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
* krb5_err.et: Make the KRB5_CONFIG_CANTOPEN and
diff --git a/src/lib/krb5/error_tables/asn1_err.et b/src/lib/krb5/error_tables/asn1_err.et
index 9d823c1..f0136cf 100644
--- a/src/lib/krb5/error_tables/asn1_err.et
+++ b/src/lib/krb5/error_tables/asn1_err.et
@@ -9,4 +9,5 @@ error_code ASN1_BAD_ID, "ASN.1 identifier doesn't match expected value"
error_code ASN1_BAD_LENGTH, "ASN.1 length doesn't match expected value"
error_code ASN1_BAD_FORMAT, "ASN.1 badly-formatted encoding"
error_code ASN1_PARSE_ERROR, "ASN.1 parse error"
+error_code ASN1_BAD_GMTIME, "ASN.1 bad return from gmtime"
end
diff --git a/src/lib/krb5/error_tables/krb5_err.et b/src/lib/krb5/error_tables/krb5_err.et
index 06af955..1b42232 100644
--- a/src/lib/krb5/error_tables/krb5_err.et
+++ b/src/lib/krb5/error_tables/krb5_err.et
@@ -300,5 +300,6 @@ error_code KRB5_CONFIG_NODEFREALM, "Configuration file does not specify default
error_code KRB5_SAM_UNSUPPORTED, "Bad SAM flags in obtain_sam_padata"
error_code KRB5_KT_NAME_TOOLONG, "Keytab name too long"
+error_code KRB5_KT_KVNONOTFOUND, "Key version number for principal in key table is incorrect"
end
diff --git a/src/lib/krb5/keytab/file/ChangeLog b/src/lib/krb5/keytab/file/ChangeLog
index c37f709..f14e2a0 100644
--- a/src/lib/krb5/keytab/file/ChangeLog
+++ b/src/lib/krb5/keytab/file/ChangeLog
@@ -1,3 +1,8 @@
+Tue Nov 19 17:06:59 1996 Barry Jaspan <bjaspan@mit.edu>
+
+ * ktf_g_ent.c (krb5_ktfile_get_entry): return KRB5_KT_KVNONOTFOUND
+ when appropriate [krb5-libs/198]
+
Wed Jul 24 17:10:11 1996 Theodore Y. Ts'o <tytso@mit.edu>
* ktf_g_name.c (krb5_ktfile_get_name): Use the error code
diff --git a/src/lib/krb5/keytab/file/ktf_g_ent.c b/src/lib/krb5/keytab/file/ktf_g_ent.c
index 4805d5c..e42dcdb 100644
--- a/src/lib/krb5/keytab/file/ktf_g_ent.c
+++ b/src/lib/krb5/keytab/file/ktf_g_ent.c
@@ -40,6 +40,7 @@ krb5_ktfile_get_entry(context, id, principal, kvno, enctype, entry)
{
krb5_keytab_entry cur_entry, new_entry;
krb5_error_code kerror = 0;
+ int found_wrong_kvno = 0;
/* Open the keyfile for reading */
if ((kerror = krb5_ktfileint_openr(context, id)))
@@ -92,14 +93,21 @@ krb5_ktfile_get_entry(context, id, principal, kvno, enctype, entry)
krb5_kt_free_entry(context, &cur_entry);
cur_entry = new_entry;
break;
- }
+ } else
+ found_wrong_kvno++;
}
} else {
krb5_kt_free_entry(context, &new_entry);
}
}
- if (kerror == KRB5_KT_END)
- kerror = cur_entry.principal ? 0 : KRB5_KT_NOTFOUND;
+ if (kerror == KRB5_KT_END) {
+ if (cur_entry.principal)
+ kerror = 0;
+ else if (found_wrong_kvno)
+ kerror = KRB5_KT_KVNONOTFOUND;
+ else
+ kerror = KRB5_KT_NOTFOUND;
+ }
if (kerror) {
(void) krb5_ktfileint_close(context, id);
krb5_kt_free_entry(context, &cur_entry);
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index c702d0a..a1a5bac 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,132 @@
+2000-02-01 Ken Raeburn <raeburn@mit.edu>
+
+ * init_ctx.c (init_common): Renamed from krb5_init_context, now
+ static. New argument SECURE provides initialization of
+ profile_secure field.
+ (krb5_init_context): Call it.
+ (krb5_init_secure_context): New function.
+
+ * str_conv.c (krb5_deltat_to_string): Always write to a local
+ temporary buffer that's guaranteed to be large enough, then see if
+ the supplied output buffer is big enough.
+ (krb5_string_to_deltat): Deleted.
+ * deltat.c: New file.
+
+ * str_conv.c: Removed most static char arrays, substituting the
+ values in place.
+ (krb5_string_to_timestamp): Move atime_format_table inside here.
+ (krb5_timestamp_to_sfstring): Move sftime_format_table inside
+ here.
+
+ * str_conv.c: If strftime or strptime are not available, include
+ the renamed NetBSD versions, and define the function names as
+ macros to map them to the replacement names.
+ (__P, _CurrentTimeLocale, dummy_locale_info, TM_YEAR_BASE,
+ DAYSPERLYEAR, DAYSPERNYEAR, DAYSPERWEEK, isleap, tzname, tzset):
+ Define some dummies for strftime/strptime to use.
+ (strptime): Deleted old stub version.
+ (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Always
+ assume strftime is available.
+ (krb5_string_to_timestamp): Assume strptime is always available.
+ * strftime.c, strptime.c: New files, based on NetBSD versions.
+ Modified to rename the functions and not export any symbols.
+
+Mon Mar 8 22:39:01 1999 Tom Yu <tlyu@mit.edu>
+
+ * sendauth.c (krb5_sendauth): Set credspout to NULL if it's
+ destined to be returned to avoid freeing it. Also,
+ unconditionally free credspout if it's non-NULL so that if someone
+ doesn't pass in a ticket and doesn't give us a non-NULL out_creds,
+ we don't leak it. [krb5-libs/699]
+
+Fri Jan 29 22:46:37 1999 Tom Yu <tlyu@mit.edu>
+
+ * recvauth.c (krb5_recvauth): Add some bookkeeping flags so we
+ know how much stuff to free upon cleanup. Fix the up cleanup
+ code.
+
+Wed Jul 15 11:46:05 1998 Ezra Peisach <epeisach@mit.edu>
+
+ * t_ref_kerb.out: Fix test case for zephyr principal to reflect
+ addition to conv_princ.c
+
+Tue Jul 7 17:06:13 1998 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * conv_princ.c: Add additional commonly seen Kerberos V4 services
+ to the hard-coded list.
+
+Tue Jul 7 16:59:03 1998 Tom Yu <tlyu@mit.edu>
+
+ * chk_trans.c: Fix up previous fix; short-circuit out when
+ trans->length == 0.
+
+Wed Jul 1 17:59:26 1998 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * chk_trans.c (krb5_check_transited_list): Fix use of an
+ uninitialized variable; apparently the code was depending
+ on the stack garbage being non-zero(!)
+
+1998-05-12 Theodore Ts'o <tytso@rsts-11.mit.edu>
+
+ * str_conv.c (krb5_timestamp_to_sfstring): Make sure the date
+ string printed uses 4 digit years.
+
+1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu>
+
+ * str_conv.c (krb5_string_to_timestamp, strptime): Fix routines to
+ be able to properly parse Y2K dates.
+
+ * t_kerb.c: Add ability to test krb5_string_to_timestamp
+
+Mon Mar 16 19:50:55 1998 Tom Yu <tlyu@mit.edu>
+
+ * chk_trans.c (krb5_check_transited_list): Check lengths when
+ appending to next and prev.
+
+Wed Jan 14 20:58:52 1998 Tom Yu <tlyu@mit.edu>
+
+ * preauth.c (handle_sam_labels): Check return value of
+ malloc. [krb5-libs/518]
+
+Wed Oct 22 00:29:33 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * send_tgs.c (krb5_send_tgs): Don't send a zero endtime; if the
+ requested endtime is zero, set it equal to the TGT endtime.
+
+Sat Dec 21 01:26:11 1996 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * brand.c: New file, which allows a release engineer to "brand"
+ the krb5 library or a binary application program
+ statically linked against the krb5 library. This file is
+ statically included by init_ctx.c, to force it be in a
+ binary library or application program.
+
+Tue Mar 25 00:32:55 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * preauth.c (obtain_sam_padata): Fix handling of the sam-timestamp
+ and sam-usec fields, which should always be set if the
+ nonce is not available, not just SAM_USE_SAD_AS_KEY is
+ being used. [krb5-libs/325]
+
+Wed Feb 12 20:47:30 1997 Tom Yu <tlyu@mit.edu>
+
+ * fwd_tgt.c (krb5_fwd_tgt_creds): Use the client's realm rather
+ than the server's realm for constructing the tgs principal.
+ Remove TC_MATCH_SRV_NAMEONLY from call to retrieve_cred() because
+ we want to get an exact match.
+
+Tue Apr 8 10:31:30 1997 Theodore Ts'o <tytso@rsts-11.mit.edu>
+
+ * sendauth.c (krb5_sendauth): Don't free credspout if it is to be
+ returned in out_creds (#PR 357)
+
+Thu Nov 21 13:54:01 1996 Ezra Peisach <epeisach@mit.edu>
+
+ * recvauth.c (krb5_recvauth): If there is an error, and the server
+ argument to krb5_recvauth is NULL, create a dummy server
+ entry for the krb5_error structure so that krb5_mk_error
+ will not die with missing required fields. [krb5-libs/209]
+
Wed Nov 13 14:30:47 1996 Tom Yu <tlyu@mit.edu>
* init_ctx.c: Revert previous kt_default_name changes.
diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in
index 939c1a5..dc96e03 100644
--- a/src/lib/krb5/krb/Makefile.in
+++ b/src/lib/krb5/krb/Makefile.in
@@ -28,6 +28,7 @@ OBJS= addr_comp.$(OBJEXT) \
cp_key_cnt.$(OBJEXT) \
decode_kdc.$(OBJEXT) \
decrypt_tk.$(OBJEXT) \
+ deltat.$(OBJEXT) \
encode_kdc.$(OBJEXT) \
encrypt_tk.$(OBJEXT) \
free_rtree.$(OBJEXT) \
@@ -101,6 +102,7 @@ SRCS= $(srcdir)/addr_comp.c \
$(srcdir)/cp_key_cnt.c \
$(srcdir)/decode_kdc.c \
$(srcdir)/decrypt_tk.c \
+ $(srcdir)/deltat.c \
$(srcdir)/encode_kdc.c \
$(srcdir)/encrypt_tk.c \
$(srcdir)/free_rtree.c \
@@ -166,7 +168,7 @@ COMERRLIB=$(TOPLIBD)/libcom_err.a
T_WALK_RTREE_OBJS= t_walk_rtree.o walk_rtree.o tgtname.o unparse.o \
free_rtree.o bld_pr_ext.o
-T_KERB_OBJS= t_kerb.o conv_princ.o unparse.o
+T_KERB_OBJS= t_kerb.o conv_princ.o unparse.o str_conv.o
T_SER_OBJS= t_ser.o ser_actx.o ser_adata.o ser_addr.o ser_auth.o ser_cksum.o \
ser_ctx.o ser_eblk.o ser_key.o ser_princ.o serialize.o
diff --git a/src/lib/krb5/krb/brand.c b/src/lib/krb5/krb/brand.c
new file mode 100644
index 0000000..de48d58
--- /dev/null
+++ b/src/lib/krb5/krb/brand.c
@@ -0,0 +1,15 @@
+/*
+ * This file is used to put a "release brand" on a Krb5 library before
+ * it is released via some release engineering process. This gives us
+ * an easy way to tell where a binary came from.
+ *
+ * It currently is manually maintained, because there's no good way to
+ * automatically have CVS do the right thing. We could put RCS tags
+ * in every single file, but that (a) takes up lots of space, since we
+ * have lots of files in the Kerberos library, and (b) it makes CVS
+ * merges a real pain.
+ */
+
+/* Format: "KRB5_BRAND: <cvs tag> <date>" */
+
+static char krb5_brand[] = "KRB5_BRAND: Unbranded release";
diff --git a/src/lib/krb5/krb/chk_trans.c b/src/lib/krb5/krb/chk_trans.c
index 0961d6a..c2ac716 100644
--- a/src/lib/krb5/krb/chk_trans.c
+++ b/src/lib/krb5/krb/chk_trans.c
@@ -40,9 +40,16 @@ krb5_data *realm2;
krb5_error_code retval = 0;
krb5_principal *tgs_list;
- if (!trans || !trans->data) return(0);
+ if (trans == NULL || trans->data == NULL || trans->length == 0)
+ return(0);
trans_length = trans->data[trans->length-1] ?
- trans->length : trans->length - 1;
+ trans->length : trans->length - 1;
+
+ for (i = 0; i < trans_length; i++)
+ if (trans->data[i] == '\0') {
+ /* Realms may not contain ASCII NUL character. */
+ return(KRB5KRB_AP_ERR_ILL_CR_TKT);
+ }
if ((retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list,
KRB5_REALM_BRANCH_CHAR))) {
@@ -51,19 +58,28 @@ krb5_data *realm2;
memset(prev, 0, MAX_REALM_LN + 1);
memset(next, 0, MAX_REALM_LN + 1), nextp = next;
- for (i = 0; i <= trans_length; i++) {
+ for (i = 0; i < trans_length; i++) {
if (i < trans_length-1 && trans->data[i] == '\\') {
i++;
*nextp++ = trans->data[i];
+ if (nextp - next > MAX_REALM_LN) {
+ retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
+ goto finish;
+ }
continue;
}
if (i < trans_length && trans->data[i] != ',') {
*nextp++ = trans->data[i];
+ if (nextp - next > MAX_REALM_LN) {
+ retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
+ goto finish;
+ }
continue;
}
if (strlen(next) > 0) {
if (next[0] != '/') {
- if (*(nextp-1) == '.') strcat(next, prev);
+ if (*(nextp-1) == '.' && strlen(next) + strlen(prev) <= MAX_REALM_LN)
+ strcat(next, prev);
retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
for (j = 0; tgs_list[j]; j++) {
if (strlen(next) == (size_t) krb5_princ_realm(context, tgs_list[j])->length &&
diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c
index d11fac3..e1833b3 100644
--- a/src/lib/krb5/krb/conv_princ.c
+++ b/src/lib/krb5/krb/conv_princ.c
@@ -67,6 +67,40 @@ static const struct krb_convert sconv_list[] = {
{"imap", "imap", DO_REALM_CONVERSION},
{"ftp", "ftp", DO_REALM_CONVERSION},
{"ecat", "ecat", DO_REALM_CONVERSION},
+ {"daemon", "daemon", DO_REALM_CONVERSION},
+ {"gnats", "gnats", DO_REALM_CONVERSION},
+ {"moira", "moira", DO_REALM_CONVERSION},
+ {"prms", "prms", DO_REALM_CONVERSION},
+ {"mandarin", "mandarin", DO_REALM_CONVERSION},
+ {"register", "register", DO_REALM_CONVERSION},
+ {"changepw", "changepw", DO_REALM_CONVERSION},
+ {"sms", "sms", DO_REALM_CONVERSION},
+ {"afpserver", "afpserver", DO_REALM_CONVERSION},
+ {"gdss", "gdss", DO_REALM_CONVERSION},
+ {"news", "news", DO_REALM_CONVERSION},
+ {"abs", "abs", DO_REALM_CONVERSION},
+ {"nfs", "nfs", DO_REALM_CONVERSION},
+ {"tftp", "tftp", DO_REALM_CONVERSION},
+ {"zephyr", "zephyr", DO_REALM_CONVERSION},
+ {"http", "http", DO_REALM_CONVERSION},
+ {"khttp", "khttp", DO_REALM_CONVERSION},
+ {"pgpsigner", "pgpsigner", DO_REALM_CONVERSION},
+ {"irc", "irc", DO_REALM_CONVERSION},
+ {"mandarin-agent", "mandarin-agent", DO_REALM_CONVERSION},
+ {"write", "write", DO_REALM_CONVERSION},
+ {"palladium", "palladium", DO_REALM_CONVERSION},
+ {"news", "news", DO_REALM_CONVERSION},
+ {"abs", "abs", DO_REALM_CONVERSION},
+ {"nfs", "nfs", DO_REALM_CONVERSION},
+ {"tftp", "tftp", DO_REALM_CONVERSION},
+ {"zephyr", "zephyr", DO_REALM_CONVERSION},
+ {"http", "http", DO_REALM_CONVERSION},
+ {"khttp", "khttp", DO_REALM_CONVERSION},
+ {"pgpsigner", "pgpsigner", DO_REALM_CONVERSION},
+ {"irc", "irc", DO_REALM_CONVERSION},
+ {"mandarin-agent", "mandarin-agent", DO_REALM_CONVERSION},
+ {"write", "write", DO_REALM_CONVERSION},
+ {"palladium", "palladium", DO_REALM_CONVERSION},
{0, 0, 0},
};
diff --git a/src/lib/krb5/krb/deltat.c b/src/lib/krb5/krb/deltat.c
new file mode 100644
index 0000000..dbf9900
--- /dev/null
+++ b/src/lib/krb5/krb/deltat.c
@@ -0,0 +1,1063 @@
+
+/* A Bison parser, made from ../../../../asrc/lib/krb5/krb/x-deltat.y
+ by GNU Bison version 1.27
+ */
+
+#define YYBISON 1 /* Identify Bison output. */
+
+#define NUM 257
+#define LONGNUM 258
+#define WS 259
+
+#line 38 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+
+
+#include <ctype.h>
+#include <errno.h>
+#include "k5-int.h"
+
+#if 0
+#define NBITS(TYPE) (8*sizeof(TYPE))
+#define LOG10_2 0.30103
+#define LOG10_MAX(TYPE) (LOG10_2 * NBITS(TYPE))
+#define BUFFERSIZE(TYPE) (1 /* \0 */ + (int) (1 + LOG10_MAX(TYPE)))
+#endif
+
+struct param {
+ krb5_deltat delta;
+ char *p;
+};
+
+#define YYPARSE_PARAM tmv
+
+#define DO(D,H,M,S) \
+ { \
+ ((struct param *)tmv)->delta = (((D * 24) + H) * 60 + M) * 60 + S; \
+ }
+
+static int mylex (int *, char **);
+#define YYLEX_PARAM (&((struct param *)tmv)->p)
+#undef yylex
+#define yylex(U, P) mylex (&(U)->val, (P))
+
+#undef yyerror
+#define yyerror(MSG)
+
+static int yyparse (void *);
+
+
+#line 77 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+typedef union { int val; } YYSTYPE;
+#include <stdio.h>
+
+#ifndef __cplusplus
+#ifndef __STDC__
+#define const
+#endif
+#endif
+
+
+
+#define YYFINAL 41
+#define YYFLAG -32768
+#define YYNTBASE 12
+
+#define YYTRANSLATE(x) ((unsigned)(x) <= 259 ? yytranslate[x] : 21)
+
+static const char yytranslate[] = { 0,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 5, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 6, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 7,
+ 2, 2, 2, 8, 2, 2, 2, 2, 9, 2,
+ 2, 2, 2, 2, 10, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 1, 3, 4, 11
+};
+
+#if YYDEBUG != 0
+static const short yyprhs[] = { 0,
+ 0, 2, 4, 6, 8, 11, 12, 14, 17, 21,
+ 25, 29, 32, 40, 46, 50, 52, 56, 58, 62,
+ 64
+};
+
+static const short yyrhs[] = { 17,
+ 0, 3, 0, 4, 0, 13, 0, 5, 13, 0,
+ 0, 11, 0, 15, 14, 0, 16, 7, 18, 0,
+ 16, 8, 19, 0, 16, 9, 20, 0, 16, 10,
+ 0, 16, 5, 3, 6, 3, 6, 3, 0, 16,
+ 6, 3, 6, 3, 0, 16, 6, 3, 0, 19,
+ 0, 16, 8, 19, 0, 20, 0, 16, 9, 20,
+ 0, 15, 0, 16, 10, 0
+};
+
+#endif
+
+#if YYDEBUG != 0
+static const short yyrline[] = { 0,
+ 88, 89, 89, 90, 90, 91, 91, 92, 93, 95,
+ 96, 97, 98, 99, 100, 103, 105, 106, 108, 109,
+ 111
+};
+#endif
+
+
+#if YYDEBUG != 0 || defined (YYERROR_VERBOSE)
+
+static const char * const yytname[] = { "$","error","$undefined.","NUM","LONGNUM",
+"'-'","':'","'d'","'h'","'m'","'s'","WS","start","posnum","num","ws","wsnum",
+"deltat","opt_hms","opt_ms","opt_s", NULL
+};
+#endif
+
+static const short yyr1[] = { 0,
+ 12, 13, 13, 14, 14, 15, 15, 16, 17, 17,
+ 17, 17, 17, 17, 17, 18, 18, 19, 19, 20,
+ 20
+};
+
+static const short yyr2[] = { 0,
+ 1, 1, 1, 1, 2, 0, 1, 2, 3, 3,
+ 3, 2, 7, 5, 3, 1, 3, 1, 3, 1,
+ 2
+};
+
+static const short yydefact[] = { 6,
+ 7, 0, 0, 1, 2, 3, 0, 4, 8, 0,
+ 0, 6, 6, 6, 12, 5, 0, 15, 20, 0,
+ 9, 16, 18, 0, 10, 0, 11, 0, 0, 6,
+ 6, 21, 0, 14, 17, 19, 0, 13, 0, 0,
+ 0
+};
+
+static const short yydefgoto[] = { 39,
+ 8, 9, 19, 24, 4, 21, 22, 23
+};
+
+static const short yypact[] = { -9,
+-32768, 12, -1,-32768,-32768,-32768, 7,-32768,-32768, 10,
+ 16, -9, -9, -9,-32768,-32768, 20, 21, 12, 13,
+-32768,-32768,-32768, 15,-32768, 18,-32768, 26, 27, -9,
+ -9,-32768, 28,-32768,-32768,-32768, 29,-32768, 33, 35,
+-32768
+};
+
+static const short yypgoto[] = {-32768,
+ 30,-32768, 36, 0,-32768,-32768, -12, -11
+};
+
+
+#define YYLAST 37
+
+
+static const short yytable[] = { 3,
+ 25, 1, 27, 10, 11, 12, 13, 14, 15, 5,
+ 6, 20, 17, 26, 5, 6, 7, 35, 18, 36,
+ 30, 31, 32, 31, 32, 28, 29, 32, 33, 34,
+ 26, 38, 40, 37, 41, 2, 16
+};
+
+static const short yycheck[] = { 0,
+ 13, 11, 14, 5, 6, 7, 8, 9, 10, 3,
+ 4, 12, 3, 14, 3, 4, 5, 30, 3, 31,
+ 8, 9, 10, 9, 10, 6, 6, 10, 3, 3,
+ 31, 3, 0, 6, 0, 0, 7
+};
+#define YYPURE 1
+
+/* -*-C-*- Note some compilers choke on comments on `#line' lines. */
+#line 3 "/mit/gnu/share/bison.simple"
+/* This file comes from bison-1.27. */
+
+/* Skeleton output parser for bison,
+ Copyright (C) 1984, 1989, 1990 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA. */
+
+/* As a special exception, when this file is copied by Bison into a
+ Bison output file, you may use that output file without restriction.
+ This special exception was added by the Free Software Foundation
+ in version 1.24 of Bison. */
+
+/* This is the parser code that is written into each bison parser
+ when the %semantic_parser declaration is not specified in the grammar.
+ It was written by Richard Stallman by simplifying the hairy parser
+ used when %semantic_parser is specified. */
+
+#ifndef YYSTACK_USE_ALLOCA
+#ifdef alloca
+#define YYSTACK_USE_ALLOCA
+#else /* alloca not defined */
+#ifdef __GNUC__
+#define YYSTACK_USE_ALLOCA
+#define alloca __builtin_alloca
+#else /* not GNU C. */
+#if (!defined (__STDC__) && defined (sparc)) || defined (__sparc__) || defined (__sparc) || defined (__sgi) || (defined (__sun) && defined (__i386))
+#define YYSTACK_USE_ALLOCA
+#include <alloca.h>
+#else /* not sparc */
+/* We think this test detects Watcom and Microsoft C. */
+/* This used to test MSDOS, but that is a bad idea
+ since that symbol is in the user namespace. */
+#if (defined (_MSDOS) || defined (_MSDOS_)) && !defined (__TURBOC__)
+#if 0 /* No need for malloc.h, which pollutes the namespace;
+ instead, just don't use alloca. */
+#include <malloc.h>
+#endif
+#else /* not MSDOS, or __TURBOC__ */
+#if defined(_AIX)
+/* I don't know what this was needed for, but it pollutes the namespace.
+ So I turned it off. rms, 2 May 1997. */
+/* #include <malloc.h> */
+ #pragma alloca
+#define YYSTACK_USE_ALLOCA
+#else /* not MSDOS, or __TURBOC__, or _AIX */
+#if 0
+#ifdef __hpux /* haible@ilog.fr says this works for HPUX 9.05 and up,
+ and on HPUX 10. Eventually we can turn this on. */
+#define YYSTACK_USE_ALLOCA
+#define alloca __builtin_alloca
+#endif /* __hpux */
+#endif
+#endif /* not _AIX */
+#endif /* not MSDOS, or __TURBOC__ */
+#endif /* not sparc */
+#endif /* not GNU C */
+#endif /* alloca not defined */
+#endif /* YYSTACK_USE_ALLOCA not defined */
+
+#ifdef YYSTACK_USE_ALLOCA
+#define YYSTACK_ALLOC alloca
+#else
+#define YYSTACK_ALLOC malloc
+#endif
+
+/* Note: there must be only one dollar sign in this file.
+ It is replaced by the list of actions, each action
+ as one case of the switch. */
+
+#define yyerrok (yyerrstatus = 0)
+#define yyclearin (yychar = YYEMPTY)
+#define YYEMPTY -2
+#define YYEOF 0
+#define YYACCEPT goto yyacceptlab
+#define YYABORT goto yyabortlab
+#define YYERROR goto yyerrlab1
+/* Like YYERROR except do call yyerror.
+ This remains here temporarily to ease the
+ transition to the new meaning of YYERROR, for GCC.
+ Once GCC version 2 has supplanted version 1, this can go. */
+#define YYFAIL goto yyerrlab
+#define YYRECOVERING() (!!yyerrstatus)
+#define YYBACKUP(token, value) \
+do \
+ if (yychar == YYEMPTY && yylen == 1) \
+ { yychar = (token), yylval = (value); \
+ yychar1 = YYTRANSLATE (yychar); \
+ YYPOPSTACK; \
+ goto yybackup; \
+ } \
+ else \
+ { yyerror ("syntax error: cannot back up"); YYERROR; } \
+while (0)
+
+#define YYTERROR 1
+#define YYERRCODE 256
+
+#ifndef YYPURE
+#define YYLEX yylex()
+#endif
+
+#ifdef YYPURE
+#ifdef YYLSP_NEEDED
+#ifdef YYLEX_PARAM
+#define YYLEX yylex(&yylval, &yylloc, YYLEX_PARAM)
+#else
+#define YYLEX yylex(&yylval, &yylloc)
+#endif
+#else /* not YYLSP_NEEDED */
+#ifdef YYLEX_PARAM
+#define YYLEX yylex(&yylval, YYLEX_PARAM)
+#else
+#define YYLEX yylex(&yylval)
+#endif
+#endif /* not YYLSP_NEEDED */
+#endif
+
+/* If nonreentrant, generate the variables here */
+
+#ifndef YYPURE
+
+int yychar; /* the lookahead symbol */
+YYSTYPE yylval; /* the semantic value of the */
+ /* lookahead symbol */
+
+#ifdef YYLSP_NEEDED
+YYLTYPE yylloc; /* location data for the lookahead */
+ /* symbol */
+#endif
+
+int yynerrs; /* number of parse errors so far */
+#endif /* not YYPURE */
+
+#if YYDEBUG != 0
+int yydebug; /* nonzero means print parse trace */
+/* Since this is uninitialized, it does not stop multiple parsers
+ from coexisting. */
+#endif
+
+/* YYINITDEPTH indicates the initial size of the parser's stacks */
+
+#ifndef YYINITDEPTH
+#define YYINITDEPTH 200
+#endif
+
+/* YYMAXDEPTH is the maximum size the stacks can grow to
+ (effective only if the built-in stack extension method is used). */
+
+#if YYMAXDEPTH == 0
+#undef YYMAXDEPTH
+#endif
+
+#ifndef YYMAXDEPTH
+#define YYMAXDEPTH 10000
+#endif
+
+/* Define __yy_memcpy. Note that the size argument
+ should be passed with type unsigned int, because that is what the non-GCC
+ definitions require. With GCC, __builtin_memcpy takes an arg
+ of type size_t, but it can handle unsigned int. */
+
+#if __GNUC__ > 1 /* GNU C and GNU C++ define this. */
+#define __yy_memcpy(TO,FROM,COUNT) __builtin_memcpy(TO,FROM,COUNT)
+#else /* not GNU C or C++ */
+#ifndef __cplusplus
+
+/* This is the most reliable way to avoid incompatibilities
+ in available built-in functions on various systems. */
+static void
+__yy_memcpy (to, from, count)
+ char *to;
+ char *from;
+ unsigned int count;
+{
+ register char *f = from;
+ register char *t = to;
+ register int i = count;
+
+ while (i-- > 0)
+ *t++ = *f++;
+}
+
+#else /* __cplusplus */
+
+/* This is the most reliable way to avoid incompatibilities
+ in available built-in functions on various systems. */
+static void
+__yy_memcpy (char *to, char *from, unsigned int count)
+{
+ register char *t = to;
+ register char *f = from;
+ register int i = count;
+
+ while (i-- > 0)
+ *t++ = *f++;
+}
+
+#endif
+#endif
+
+#line 216 "/mit/gnu/share/bison.simple"
+
+/* The user can define YYPARSE_PARAM as the name of an argument to be passed
+ into yyparse. The argument should have type void *.
+ It should actually point to an object.
+ Grammar actions can access the variable by casting it
+ to the proper pointer type. */
+
+#ifdef YYPARSE_PARAM
+#ifdef __cplusplus
+#define YYPARSE_PARAM_ARG void *YYPARSE_PARAM
+#define YYPARSE_PARAM_DECL
+#else /* not __cplusplus */
+#define YYPARSE_PARAM_ARG YYPARSE_PARAM
+#define YYPARSE_PARAM_DECL void *YYPARSE_PARAM;
+#endif /* not __cplusplus */
+#else /* not YYPARSE_PARAM */
+#define YYPARSE_PARAM_ARG
+#define YYPARSE_PARAM_DECL
+#endif /* not YYPARSE_PARAM */
+
+/* Prevent warning if -Wstrict-prototypes. */
+#ifdef __GNUC__
+#ifdef YYPARSE_PARAM
+int yyparse (void *);
+#else
+int yyparse (void);
+#endif
+#endif
+
+int
+yyparse(YYPARSE_PARAM_ARG)
+ YYPARSE_PARAM_DECL
+{
+ register int yystate;
+ register int yyn;
+ register short *yyssp;
+ register YYSTYPE *yyvsp;
+ int yyerrstatus; /* number of tokens to shift before error messages enabled */
+ int yychar1 = 0; /* lookahead token as an internal (translated) token number */
+
+ short yyssa[YYINITDEPTH]; /* the state stack */
+ YYSTYPE yyvsa[YYINITDEPTH]; /* the semantic value stack */
+
+ short *yyss = yyssa; /* refer to the stacks thru separate pointers */
+ YYSTYPE *yyvs = yyvsa; /* to allow yyoverflow to reallocate them elsewhere */
+
+#ifdef YYLSP_NEEDED
+ YYLTYPE yylsa[YYINITDEPTH]; /* the location stack */
+ YYLTYPE *yyls = yylsa;
+ YYLTYPE *yylsp;
+
+#define YYPOPSTACK (yyvsp--, yyssp--, yylsp--)
+#else
+#define YYPOPSTACK (yyvsp--, yyssp--)
+#endif
+
+ int yystacksize = YYINITDEPTH;
+ int yyfree_stacks = 0;
+
+#ifdef YYPURE
+ int yychar;
+ YYSTYPE yylval;
+ int yynerrs;
+#ifdef YYLSP_NEEDED
+ YYLTYPE yylloc;
+#endif
+#endif
+
+ YYSTYPE yyval; /* the variable used to return */
+ /* semantic values from the action */
+ /* routines */
+
+ int yylen;
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Starting parse\n");
+#endif
+
+ yystate = 0;
+ yyerrstatus = 0;
+ yynerrs = 0;
+ yychar = YYEMPTY; /* Cause a token to be read. */
+
+ /* Initialize stack pointers.
+ Waste one element of value and location stack
+ so that they stay on the same level as the state stack.
+ The wasted elements are never initialized. */
+
+ yyssp = yyss - 1;
+ yyvsp = yyvs;
+#ifdef YYLSP_NEEDED
+ yylsp = yyls;
+#endif
+
+/* Push a new state, which is found in yystate . */
+/* In all cases, when you get here, the value and location stacks
+ have just been pushed. so pushing a state here evens the stacks. */
+yynewstate:
+
+ *++yyssp = yystate;
+
+ if (yyssp >= yyss + yystacksize - 1)
+ {
+ /* Give user a chance to reallocate the stack */
+ /* Use copies of these so that the &'s don't force the real ones into memory. */
+ YYSTYPE *yyvs1 = yyvs;
+ short *yyss1 = yyss;
+#ifdef YYLSP_NEEDED
+ YYLTYPE *yyls1 = yyls;
+#endif
+
+ /* Get the current used size of the three stacks, in elements. */
+ int size = yyssp - yyss + 1;
+
+#ifdef yyoverflow
+ /* Each stack pointer address is followed by the size of
+ the data in use in that stack, in bytes. */
+#ifdef YYLSP_NEEDED
+ /* This used to be a conditional around just the two extra args,
+ but that might be undefined if yyoverflow is a macro. */
+ yyoverflow("parser stack overflow",
+ &yyss1, size * sizeof (*yyssp),
+ &yyvs1, size * sizeof (*yyvsp),
+ &yyls1, size * sizeof (*yylsp),
+ &yystacksize);
+#else
+ yyoverflow("parser stack overflow",
+ &yyss1, size * sizeof (*yyssp),
+ &yyvs1, size * sizeof (*yyvsp),
+ &yystacksize);
+#endif
+
+ yyss = yyss1; yyvs = yyvs1;
+#ifdef YYLSP_NEEDED
+ yyls = yyls1;
+#endif
+#else /* no yyoverflow */
+ /* Extend the stack our own way. */
+ if (yystacksize >= YYMAXDEPTH)
+ {
+ yyerror("parser stack overflow");
+ if (yyfree_stacks)
+ {
+ free (yyss);
+ free (yyvs);
+#ifdef YYLSP_NEEDED
+ free (yyls);
+#endif
+ }
+ return 2;
+ }
+ yystacksize *= 2;
+ if (yystacksize > YYMAXDEPTH)
+ yystacksize = YYMAXDEPTH;
+#ifndef YYSTACK_USE_ALLOCA
+ yyfree_stacks = 1;
+#endif
+ yyss = (short *) YYSTACK_ALLOC (yystacksize * sizeof (*yyssp));
+ __yy_memcpy ((char *)yyss, (char *)yyss1,
+ size * (unsigned int) sizeof (*yyssp));
+ yyvs = (YYSTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yyvsp));
+ __yy_memcpy ((char *)yyvs, (char *)yyvs1,
+ size * (unsigned int) sizeof (*yyvsp));
+#ifdef YYLSP_NEEDED
+ yyls = (YYLTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yylsp));
+ __yy_memcpy ((char *)yyls, (char *)yyls1,
+ size * (unsigned int) sizeof (*yylsp));
+#endif
+#endif /* no yyoverflow */
+
+ yyssp = yyss + size - 1;
+ yyvsp = yyvs + size - 1;
+#ifdef YYLSP_NEEDED
+ yylsp = yyls + size - 1;
+#endif
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Stack size increased to %d\n", yystacksize);
+#endif
+
+ if (yyssp >= yyss + yystacksize - 1)
+ YYABORT;
+ }
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Entering state %d\n", yystate);
+#endif
+
+ goto yybackup;
+ yybackup:
+
+/* Do appropriate processing given the current state. */
+/* Read a lookahead token if we need one and don't already have one. */
+/* yyresume: */
+
+ /* First try to decide what to do without reference to lookahead token. */
+
+ yyn = yypact[yystate];
+ if (yyn == YYFLAG)
+ goto yydefault;
+
+ /* Not known => get a lookahead token if don't already have one. */
+
+ /* yychar is either YYEMPTY or YYEOF
+ or a valid token in external form. */
+
+ if (yychar == YYEMPTY)
+ {
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Reading a token: ");
+#endif
+ yychar = YYLEX;
+ }
+
+ /* Convert token to internal form (in yychar1) for indexing tables with */
+
+ if (yychar <= 0) /* This means end of input. */
+ {
+ yychar1 = 0;
+ yychar = YYEOF; /* Don't call YYLEX any more */
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Now at end of input.\n");
+#endif
+ }
+ else
+ {
+ yychar1 = YYTRANSLATE(yychar);
+
+#if YYDEBUG != 0
+ if (yydebug)
+ {
+ fprintf (stderr, "Next token is %d (%s", yychar, yytname[yychar1]);
+ /* Give the individual parser a way to print the precise meaning
+ of a token, for further debugging info. */
+#ifdef YYPRINT
+ YYPRINT (stderr, yychar, yylval);
+#endif
+ fprintf (stderr, ")\n");
+ }
+#endif
+ }
+
+ yyn += yychar1;
+ if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != yychar1)
+ goto yydefault;
+
+ yyn = yytable[yyn];
+
+ /* yyn is what to do for this token type in this state.
+ Negative => reduce, -yyn is rule number.
+ Positive => shift, yyn is new state.
+ New state is final state => don't bother to shift,
+ just return success.
+ 0, or most negative number => error. */
+
+ if (yyn < 0)
+ {
+ if (yyn == YYFLAG)
+ goto yyerrlab;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+ else if (yyn == 0)
+ goto yyerrlab;
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ /* Shift the lookahead token. */
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Shifting token %d (%s), ", yychar, yytname[yychar1]);
+#endif
+
+ /* Discard the token being shifted unless it is eof. */
+ if (yychar != YYEOF)
+ yychar = YYEMPTY;
+
+ *++yyvsp = yylval;
+#ifdef YYLSP_NEEDED
+ *++yylsp = yylloc;
+#endif
+
+ /* count tokens shifted since error; after three, turn off error status. */
+ if (yyerrstatus) yyerrstatus--;
+
+ yystate = yyn;
+ goto yynewstate;
+
+/* Do the default action for the current state. */
+yydefault:
+
+ yyn = yydefact[yystate];
+ if (yyn == 0)
+ goto yyerrlab;
+
+/* Do a reduction. yyn is the number of a rule to reduce with. */
+yyreduce:
+ yylen = yyr2[yyn];
+ if (yylen > 0)
+ yyval = yyvsp[1-yylen]; /* implement default value of the action */
+
+#if YYDEBUG != 0
+ if (yydebug)
+ {
+ int i;
+
+ fprintf (stderr, "Reducing via rule %d (line %d), ",
+ yyn, yyrline[yyn]);
+
+ /* Print the symbols being reduced, and their result. */
+ for (i = yyprhs[yyn]; yyrhs[i] > 0; i++)
+ fprintf (stderr, "%s ", yytname[yyrhs[i]]);
+ fprintf (stderr, " -> %s\n", yytname[yyr1[yyn]]);
+ }
+#endif
+
+
+ switch (yyn) {
+
+case 5:
+#line 90 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ yyval.val = - yyvsp[0].val; ;
+ break;}
+case 8:
+#line 92 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ yyval.val = yyvsp[0].val; ;
+ break;}
+case 9:
+#line 94 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO (yyvsp[-2].val, 0, 0, yyvsp[0].val); ;
+ break;}
+case 10:
+#line 95 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO ( 0, yyvsp[-2].val, 0, yyvsp[0].val); ;
+ break;}
+case 11:
+#line 96 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO ( 0, 0, yyvsp[-2].val, yyvsp[0].val); ;
+ break;}
+case 12:
+#line 97 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO ( 0, 0, 0, yyvsp[-1].val); ;
+ break;}
+case 13:
+#line 98 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO (yyvsp[-6].val, yyvsp[-4].val, yyvsp[-2].val, yyvsp[0].val); ;
+ break;}
+case 14:
+#line 99 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO ( 0, yyvsp[-4].val, yyvsp[-2].val, yyvsp[0].val); ;
+ break;}
+case 15:
+#line 100 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ DO ( 0, yyvsp[-2].val, yyvsp[0].val, 0); ;
+ break;}
+case 17:
+#line 105 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ yyval.val = yyvsp[-2].val * 3600 + yyvsp[0].val; ;
+ break;}
+case 19:
+#line 108 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ yyval.val = yyvsp[-2].val * 60 + yyvsp[0].val; ;
+ break;}
+case 20:
+#line 110 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+{ yyval.val = 0; ;
+ break;}
+}
+ /* the action file gets copied in in place of this dollarsign */
+#line 542 "/mit/gnu/share/bison.simple"
+
+ yyvsp -= yylen;
+ yyssp -= yylen;
+#ifdef YYLSP_NEEDED
+ yylsp -= yylen;
+#endif
+
+#if YYDEBUG != 0
+ if (yydebug)
+ {
+ short *ssp1 = yyss - 1;
+ fprintf (stderr, "state stack now");
+ while (ssp1 != yyssp)
+ fprintf (stderr, " %d", *++ssp1);
+ fprintf (stderr, "\n");
+ }
+#endif
+
+ *++yyvsp = yyval;
+
+#ifdef YYLSP_NEEDED
+ yylsp++;
+ if (yylen == 0)
+ {
+ yylsp->first_line = yylloc.first_line;
+ yylsp->first_column = yylloc.first_column;
+ yylsp->last_line = (yylsp-1)->last_line;
+ yylsp->last_column = (yylsp-1)->last_column;
+ yylsp->text = 0;
+ }
+ else
+ {
+ yylsp->last_line = (yylsp+yylen-1)->last_line;
+ yylsp->last_column = (yylsp+yylen-1)->last_column;
+ }
+#endif
+
+ /* Now "shift" the result of the reduction.
+ Determine what state that goes to,
+ based on the state we popped back to
+ and the rule number reduced by. */
+
+ yyn = yyr1[yyn];
+
+ yystate = yypgoto[yyn - YYNTBASE] + *yyssp;
+ if (yystate >= 0 && yystate <= YYLAST && yycheck[yystate] == *yyssp)
+ yystate = yytable[yystate];
+ else
+ yystate = yydefgoto[yyn - YYNTBASE];
+
+ goto yynewstate;
+
+yyerrlab: /* here on detecting error */
+
+ if (! yyerrstatus)
+ /* If not already recovering from an error, report this error. */
+ {
+ ++yynerrs;
+
+#ifdef YYERROR_VERBOSE
+ yyn = yypact[yystate];
+
+ if (yyn > YYFLAG && yyn < YYLAST)
+ {
+ int size = 0;
+ char *msg;
+ int x, count;
+
+ count = 0;
+ /* Start X at -yyn if nec to avoid negative indexes in yycheck. */
+ for (x = (yyn < 0 ? -yyn : 0);
+ x < (sizeof(yytname) / sizeof(char *)); x++)
+ if (yycheck[x + yyn] == x)
+ size += strlen(yytname[x]) + 15, count++;
+ msg = (char *) malloc(size + 15);
+ if (msg != 0)
+ {
+ strcpy(msg, "parse error");
+
+ if (count < 5)
+ {
+ count = 0;
+ for (x = (yyn < 0 ? -yyn : 0);
+ x < (sizeof(yytname) / sizeof(char *)); x++)
+ if (yycheck[x + yyn] == x)
+ {
+ strcat(msg, count == 0 ? ", expecting `" : " or `");
+ strcat(msg, yytname[x]);
+ strcat(msg, "'");
+ count++;
+ }
+ }
+ yyerror(msg);
+ free(msg);
+ }
+ else
+ yyerror ("parse error; also virtual memory exceeded");
+ }
+ else
+#endif /* YYERROR_VERBOSE */
+ yyerror("parse error");
+ }
+
+ goto yyerrlab1;
+yyerrlab1: /* here on error raised explicitly by an action */
+
+ if (yyerrstatus == 3)
+ {
+ /* if just tried and failed to reuse lookahead token after an error, discard it. */
+
+ /* return failure if at end of input */
+ if (yychar == YYEOF)
+ YYABORT;
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Discarding token %d (%s).\n", yychar, yytname[yychar1]);
+#endif
+
+ yychar = YYEMPTY;
+ }
+
+ /* Else will try to reuse lookahead token
+ after shifting the error token. */
+
+ yyerrstatus = 3; /* Each real token shifted decrements this */
+
+ goto yyerrhandle;
+
+yyerrdefault: /* current state does not do anything special for the error token. */
+
+#if 0
+ /* This is wrong; only states that explicitly want error tokens
+ should shift them. */
+ yyn = yydefact[yystate]; /* If its default is to accept any token, ok. Otherwise pop it.*/
+ if (yyn) goto yydefault;
+#endif
+
+yyerrpop: /* pop the current state because it cannot handle the error token */
+
+ if (yyssp == yyss) YYABORT;
+ yyvsp--;
+ yystate = *--yyssp;
+#ifdef YYLSP_NEEDED
+ yylsp--;
+#endif
+
+#if YYDEBUG != 0
+ if (yydebug)
+ {
+ short *ssp1 = yyss - 1;
+ fprintf (stderr, "Error: state stack now");
+ while (ssp1 != yyssp)
+ fprintf (stderr, " %d", *++ssp1);
+ fprintf (stderr, "\n");
+ }
+#endif
+
+yyerrhandle:
+
+ yyn = yypact[yystate];
+ if (yyn == YYFLAG)
+ goto yyerrdefault;
+
+ yyn += YYTERROR;
+ if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != YYTERROR)
+ goto yyerrdefault;
+
+ yyn = yytable[yyn];
+ if (yyn < 0)
+ {
+ if (yyn == YYFLAG)
+ goto yyerrpop;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+ else if (yyn == 0)
+ goto yyerrpop;
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+#if YYDEBUG != 0
+ if (yydebug)
+ fprintf(stderr, "Shifting error token, ");
+#endif
+
+ *++yyvsp = yylval;
+#ifdef YYLSP_NEEDED
+ *++yylsp = yylloc;
+#endif
+
+ yystate = yyn;
+ goto yynewstate;
+
+ yyacceptlab:
+ /* YYACCEPT comes here. */
+ if (yyfree_stacks)
+ {
+ free (yyss);
+ free (yyvs);
+#ifdef YYLSP_NEEDED
+ free (yyls);
+#endif
+ }
+ return 0;
+
+ yyabortlab:
+ /* YYABORT comes here. */
+ if (yyfree_stacks)
+ {
+ free (yyss);
+ free (yyvs);
+#ifdef YYLSP_NEEDED
+ free (yyls);
+#endif
+ }
+ return 1;
+}
+#line 113 "../../../../asrc/lib/krb5/krb/x-deltat.y"
+
+
+static int
+mylex (int *intp, char **pp)
+{
+ int num, c;
+#define P (*pp)
+ char *orig_p = P;
+
+#ifdef isascii
+ if (!isascii (*P))
+ return 0;
+#endif
+ switch (c = *P++) {
+ case '-':
+ case ':':
+ case 'd':
+ case 'h':
+ case 'm':
+ case 's':
+ return c;
+ case '0':
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ case '8':
+ case '9':
+ /* XXX assumes ASCII */
+ num = c - '0';
+ while (isdigit (*P)) {
+ num *= 10;
+ num += *P++ - '0';
+ }
+ *intp = num;
+ return (P - orig_p > 2) ? LONGNUM : NUM;
+ case ' ':
+ case '\t':
+ case '\n':
+ while (isspace (*P))
+ P++;
+ return WS;
+ default:
+ return YYEOF;
+ }
+}
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
+krb5_string_to_deltat(string, deltatp)
+ char FAR * string;
+ krb5_deltat FAR * deltatp;
+{
+ struct param p;
+ p.delta = 0;
+ p.p = string;
+ if (yyparse (&p))
+ return EINVAL;
+ *deltatp = p.delta;
+ return 0;
+}
diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c
index 6e10ad2..5fe226b 100644
--- a/src/lib/krb5/krb/fwd_tgt.c
+++ b/src/lib/krb5/krb/fwd_tgt.c
@@ -77,8 +77,8 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc,
goto errout;
if ((retval = krb5_build_principal_ext(context, &creds.server,
- server->realm.length,
- server->realm.data,
+ client->realm.length,
+ client->realm.data,
KRB5_TGS_NAME_SIZE,
KRB5_TGS_NAME,
client->realm.length,
@@ -93,8 +93,7 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc,
}
/* fetch tgt directly from cache */
- retval = krb5_cc_retrieve_cred (context, cc, KRB5_TC_MATCH_SRV_NAMEONLY,
- &creds, &tgt);
+ retval = krb5_cc_retrieve_cred (context, cc, 0, &creds, &tgt);
if (retval)
goto errout;
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index 19aaf66..ba8feb7 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -16,7 +16,10 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
@@ -30,11 +33,28 @@
extern void krb5_win_do_init();
#endif
-krb5_error_code INTERFACE
+static krb5_error_code init_common ();
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
krb5_init_context(context)
krb5_context *context;
{
- krb5_context ctx;
+ return init_common (context, FALSE);
+}
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
+krb5_init_secure_context(context)
+ krb5_context *context;
+{
+ return init_common (context, TRUE);
+}
+
+static krb5_error_code
+init_common (context, secure)
+ krb5_context *context;
+ krb5_boolean secure;
+{
+ krb5_context ctx = 0;
krb5_error_code retval;
int tmp;
@@ -57,6 +77,8 @@ krb5_init_context(context)
/* Initialize error tables */
krb5_init_ets(ctx);
+ ctx->profile_secure = secure;
+
/* Set the default encryption types, possible defined in krb5/conf */
if ((retval = krb5_set_default_in_tkt_ktypes(ctx, NULL)))
goto cleanup;
diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c
index a5f593b..4689e3f 100644
--- a/src/lib/krb5/krb/preauth.c
+++ b/src/lib/krb5/krb/preauth.c
@@ -470,10 +470,14 @@ char *handle_sam_labels(sc)
p = prompt1 = malloc(label_len + strlen(sep1) +
challenge_len + strlen(sep2) +
prompt_len+ strlen(sep3) + 1);
- strncpy(p, label, label_len); p += label_len;
- strcpy(p, sep1); p += strlen(sep1);
- strncpy(p, challenge, challenge_len); p += challenge_len;
- strcpy(p, sep2); p += strlen(sep2);
+ if (p == NULL)
+ return NULL;
+ if (challenge_len) {
+ strncpy(p, label, label_len); p += label_len;
+ strcpy(p, sep1); p += strlen(sep1);
+ strncpy(p, challenge, challenge_len); p += challenge_len;
+ strcpy(p, sep2); p += strlen(sep2);
+ }
strncpy(p, prompt, prompt_len); p += prompt_len;
strcpy(p, sep3); /* p += strlen(sep3); */
return prompt1;
@@ -518,11 +522,25 @@ obtain_sam_padata(context, in_padata, etype_info, def_enc_key,
}
enc_sam_response_enc.sam_nonce = sam_challenge->sam_nonce;
+ if (!sam_challenge->sam_nonce) {
+ retval = krb5_us_timeofday(context,
+ &enc_sam_response_enc.sam_timestamp,
+ &enc_sam_response_enc.sam_usec);
+ sam_response.sam_patimestamp = enc_sam_response_enc.sam_timestamp;
+ }
+ if (retval)
+ return retval;
if (sam_challenge->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD) {
/* encrypt passcode in key by stuffing it here */
int pcsize = 256;
char *passcode = malloc(pcsize+1);
+ if (passcode == NULL)
+ return ENOMEM;
prompt = handle_sam_labels(sam_challenge);
+ if (prompt == NULL) {
+ free(passcode);
+ return ENOMEM;
+ }
retval = krb5_read_password(context, prompt, 0, passcode, &pcsize);
free(prompt);
@@ -533,17 +551,9 @@ obtain_sam_padata(context, in_padata, etype_info, def_enc_key,
enc_sam_response_enc.sam_passcode.data = passcode;
enc_sam_response_enc.sam_passcode.length = pcsize;
} else if (sam_challenge->sam_flags & KRB5_SAM_USE_SAD_AS_KEY) {
- if (sam_challenge->sam_nonce) {
- /* use nonce in the next AS request? */
- } else {
- retval = krb5_us_timeofday(context,
- &enc_sam_response_enc.sam_timestamp,
- &enc_sam_response_enc.sam_usec);
- sam_response.sam_patimestamp = enc_sam_response_enc.sam_timestamp;
- }
- if (retval)
- return retval;
prompt = handle_sam_labels(sam_challenge);
+ if (prompt == NULL)
+ return ENOMEM;
retval = sam_get_pass_from_user(context, etype_info, key_proc,
key_seed, request, &sam_use_key,
prompt);
diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c
index d6d6772..ef40e1f 100644
--- a/src/lib/krb5/krb/recvauth.c
+++ b/src/lib/krb5/krb/recvauth.c
@@ -57,6 +57,8 @@ krb5_recvauth(context, auth_context,
krb5_rcache rcache = 0;
krb5_octet response;
krb5_data null_server;
+ int need_error_free = 0;
+ int local_rcache = 0, local_authcon = 0;
/*
* Zero out problem variable. If problem is set at the end of
@@ -140,8 +142,10 @@ krb5_recvauth(context, auth_context,
if (*auth_context == NULL) {
problem = krb5_auth_con_init(context, &new_auth_context);
*auth_context = new_auth_context;
+ local_authcon = 1;
}
- if ((!problem) && ((*auth_context)->rcache == NULL)) {
+ krb5_auth_con_getrcache(context, *auth_context, &rcache);
+ if ((!problem) && rcache == NULL) {
/*
* Setup the replay cache.
*/
@@ -155,6 +159,7 @@ krb5_recvauth(context, auth_context,
}
if (!problem)
problem = krb5_auth_con_setrcache(context, *auth_context, rcache);
+ local_rcache = 1;
}
if (!problem) {
problem = krb5_rd_req(context, auth_context, &inbuf, server,
@@ -173,7 +178,14 @@ krb5_recvauth(context, auth_context,
memset((char *)&error, 0, sizeof(error));
krb5_us_timeofday(context, &error.stime, &error.susec);
- error.server = server;
+ if(server)
+ error.server = server;
+ else {
+ /* If this fails - ie. ENOMEM we are hosed
+ we cannot even send the error if we wanted to... */
+ (void) krb5_parse_name(context, "????", &error.server);
+ need_error_free = 1;
+ }
error.error = problem - ERROR_TABLE_BASE_krb5;
if (error.error > 127)
@@ -190,6 +202,9 @@ krb5_recvauth(context, auth_context,
goto cleanup;
}
free(error.text.data);
+ if(need_error_free)
+ krb5_free_principal(context, error.server);
+
} else {
outbuf.length = 0;
outbuf.data = 0;
@@ -216,9 +231,12 @@ krb5_recvauth(context, auth_context,
cleanup:;
if (retval) {
- if (rcache)
+ if (local_authcon) {
+ krb5_auth_con_free(context, *auth_context);
+ } else if (local_rcache && rcache != NULL) {
krb5_rc_close(context, rcache);
- krb5_auth_con_free(context, *auth_context);
+ krb5_auth_con_setrcache(context, *auth_context, NULL);
+ }
}
return retval;
}
diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c
index ac4e277..3247c8e 100644
--- a/src/lib/krb5/krb/send_tgs.c
+++ b/src/lib/krb5/krb/send_tgs.c
@@ -199,7 +199,8 @@ krb5_send_tgs(context, kdcoptions, timestruct, ktypes, sname, addrs,
tgsreq.server = (krb5_principal) sname;
tgsreq.from = timestruct->starttime;
- tgsreq.till = timestruct->endtime;
+ tgsreq.till = timestruct->endtime ? timestruct->endtime :
+ in_cred->times.endtime;
tgsreq.rtime = timestruct->renew_till;
if ((retval = krb5_timeofday(context, &time_now)))
return(retval);
diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c
index d77afdc..58a0ee8 100644
--- a/src/lib/krb5/krb/sendauth.c
+++ b/src/lib/krb5/krb/sendauth.c
@@ -213,12 +213,13 @@ krb5_sendauth(context, auth_context,
}
retval = 0; /* Normal return */
if (out_creds) {
- *out_creds = credsp;
+ *out_creds = credsp;
+ credspout = NULL;
}
error_return:
krb5_free_cred_contents(context, &creds);
- if (credspout)
+ if (credspout != NULL)
krb5_free_creds(context, credspout);
if (!ccache && use_ccache)
krb5_cc_close(context, use_ccache);
diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c
index 76a79a8..166b277 100644
--- a/src/lib/krb5/krb/str_conv.c
+++ b/src/lib/krb5/krb/str_conv.c
@@ -1,7 +1,7 @@
/*
* lib/kadm/str_conv.c
*
- * Copyright 1995 by the Massachusetts Institute of Technology.
+ * Copyright 1995, 2000 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
@@ -16,7 +16,10 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
@@ -49,6 +52,8 @@
#include "k5-int.h"
+/* Salt type conversions */
+
/*
* Local data structures.
*/
@@ -70,15 +75,6 @@ struct cksumtype_lookup_entry {
const char * cst_output; /* How to spit it out */
};
-struct deltat_match_entry {
- const char * dt_scan_format; /* sscanf format */
- int dt_nmatch; /* Number to match */
- int dt_dindex; /* Day index */
- int dt_hindex; /* Hour index */
- int dt_mindex; /* Minute index */
- int dt_sindex; /* Second index */
-};
-
/*
* Local strings
*/
@@ -98,20 +94,6 @@ static const char enctype_descbcmd5_out[] = "DES cbc mode with RSA-MD5";
static const char enctype_des3cbcsha_out[] = "DES-3 cbc mode with NIST-SHA";
static const char enctype_descbcraw_out[] = "DES cbc mode raw";
-/* Salttype strings */
-static const char stype_v5_in[] = "normal";
-static const char stype_v4_in[] = "v4";
-static const char stype_norealm_in[] = "norealm";
-static const char stype_olrealm_in[] = "onlyrealm";
-static const char stype_special_in[] = "special";
-static const char stype_afs3_in[] = "afs3";
-static const char stype_v5_out[] = "Version 5";
-static const char stype_v4_out[] = "Version 4";
-static const char stype_norealm_out[] = "Version 5 - No Realm";
-static const char stype_olrealm_out[] = "Version 5 - Realm Only";
-static const char stype_special_out[] = "Special";
-static const char stype_afs3_out[] = "AFS version 3";
-
/* Checksum type strings */
static const char cstype_crc32_in[] = "crc32";
static const char cstype_md4_in[] = "md4";
@@ -130,52 +112,6 @@ static const char cstype_md5des_out[] = "RSA-MD5 with DES cbc mode";
static const char cstype_sha_out[] = "NIST-SHA";
static const char cstype_hmacsha_out[] = "HMAC-SHA";
-/* Absolute time strings */
-static const char atime_full_digits[] = "%y%m%d%H%M%S";
-static const char atime_full_digits_d[] = "%y.%m.%d.%H.%M.%S";
-static const char atime_nsec_digits[] = "%y%m%d%H%M";
-static const char atime_rel_hms[] = "%H%M%S";
-static const char atime_rel_hm[] = "%H%M";
-static const char atime_rel_col_hms[] = "%T";
-static const char atime_rel_col_hm[] = "%R";
-static const char atime_ldep_sfmt[] = "%x:%X";
-static const char atime_full_text[] = "%d-%b-%Y:%T";
-static const char atime_full_text_nos[] = "%d-%b-%Y:%R";
-#if !HAVE_STRPTIME
-static const char ascan_full_digits[] = "%02d%02d%02d%02d%02d%02d";
-static const char ascan_full_digits_d[] = "%02d.%02d.%02d.%02d.%02d.%02d";
-static const char ascan_nsec_digits[] = "%02d%02d%02d%02d%02d";
-static const char ascan_rel_hms[] = "%02d%02d%02d";
-static const char ascan_rel_hm[] = "%02d%02d";
-static const char ascan_rel_col_hms[] = "%02d:%02d:%02d";
-static const char ascan_rel_col_hm[] = "%02d:%02d";
-#endif /* !HAVE_STRPTIME */
-#ifdef HAVE_STRFTIME
-static const char sftime_ldep_time[] = "%c";
-static const char sftime_med_fmt[] = "%d %b %y %T";
-static const char sftime_short_fmt[] = "%x %X";
-static const char sftime_last_fmt[] = "%d/%m/%y %R";
-#endif /* HAVE_STRFTIME */
-static const char sftime_default_fmt[] = "%02d/%02d/%02d %02d:%02d";
-static const size_t sftime_default_len = 2+1+2+1+2+1+2+1+2+1;
-
-/* Delta time strings */
-static const char dtscan_dhms_notext[] = "%d-%02d:%02d:%02d";
-static const char dtscan_dhms_stext[] = "%dd%dh%dm%ds";
-static const char dtscan_hms_notext[] = "%d:%02d:%02d";
-static const char dtscan_hms_stext[] = "%dh%dm%ds";
-static const char dtscan_hm_notext[] = "%d:%02d";
-static const char dtscan_hm_stext[] = "%dh%dm";
-static const char dtscan_days[] = "%d%[d]";
-static const char dtscan_hours[] = "%d%[h]";
-static const char dtscan_minutes[] = "%d%[m]";
-static const char dtscan_seconds[] = "%d%[s]";
-static const char dt_day_singular[] = "day";
-static const char dt_day_plural[] = "days";
-static const char dt_output_donly[] = "%d %s";
-static const char dt_output_dhms[] = "%d %s %02d:%02d:%02d";
-static const char dt_output_hms[] = "%d:%02d:%02d";
-
/*
* Lookup tables.
*/
@@ -195,14 +131,14 @@ static const int enctype_table_nents = sizeof(enctype_table)/
sizeof(enctype_table[0]);
static const struct salttype_lookup_entry salttype_table[] = {
-/* salt type input specifier output string */
-/*----------------------------- ----------------------- ------------------*/
-{ KRB5_KDB_SALTTYPE_NORMAL, stype_v5_in, stype_v5_out },
-{ KRB5_KDB_SALTTYPE_V4, stype_v4_in, stype_v4_out },
-{ KRB5_KDB_SALTTYPE_NOREALM, stype_norealm_in, stype_norealm_out },
-{ KRB5_KDB_SALTTYPE_ONLYREALM, stype_olrealm_in, stype_olrealm_out },
-{ KRB5_KDB_SALTTYPE_SPECIAL, stype_special_in, stype_special_out },
-{ KRB5_KDB_SALTTYPE_AFS3, stype_afs3_in, stype_afs3_out }
+/* salt type input specifier output string */
+/*----------------------------- --------------- ---------------*/
+{ KRB5_KDB_SALTTYPE_NORMAL, "normal", "Version 5" },
+{ KRB5_KDB_SALTTYPE_V4, "v4", "Version 4" },
+{ KRB5_KDB_SALTTYPE_NOREALM, "norealm", "Version 5 - No Realm" },
+{ KRB5_KDB_SALTTYPE_ONLYREALM, "onlyrealm", "Version 5 - Realm Only" },
+{ KRB5_KDB_SALTTYPE_SPECIAL, "special", "Special" },
+{ KRB5_KDB_SALTTYPE_AFS3, "afs3", "AFS version 3" }
};
static const int salttype_table_nents = sizeof(salttype_table)/
sizeof(salttype_table[0]);
@@ -222,146 +158,7 @@ static const struct cksumtype_lookup_entry cksumtype_table[] = {
static const int cksumtype_table_nents = sizeof(cksumtype_table)/
sizeof(cksumtype_table[0]);
-static const char * const atime_format_table[] = {
-atime_full_digits, /* yymmddhhmmss */
-atime_full_digits_d, /* yy.mm.dd.hh.mm.ss */
-atime_nsec_digits, /* yymmddhhmm */
-atime_rel_hms, /* hhmmss */
-atime_rel_hm, /* hhmm */
-atime_rel_col_hms, /* hh:mm:ss */
-atime_rel_col_hm, /* hh:mm */
-/* The following not really supported unless native strptime present */
-atime_ldep_sfmt, /*locale-dependent short format */
-atime_full_text, /* dd-month-yyyy:hh:mm:ss */
-atime_full_text_nos /* dd-month-yyyy:hh:mm */
-};
-static const int atime_format_table_nents = sizeof(atime_format_table)/
- sizeof(atime_format_table[0]);
-
-#ifdef HAVE_STRFTIME
-static const char * const sftime_format_table[] = {
-sftime_ldep_time, /* Default locale-dependent date and time */
-sftime_med_fmt, /* dd mon yy hh:mm:ss */
-sftime_short_fmt, /* locale-dependent short format */
-sftime_last_fmt /* dd/mm/yy hh:mm */
-};
-static const int sftime_format_table_nents = sizeof(sftime_format_table)/
- sizeof(sftime_format_table[0]);
-#endif /* HAVE_STRFTIME */
-
-static const struct deltat_match_entry deltat_table[] = {
-/* scan format nmatch daypos hourpos minpos secpos */
-/*--------------------- ------- ------- ------- ------- --------*/
-{ dtscan_dhms_notext, 4, 0, 1, 2, 3 },
-{ dtscan_dhms_stext, 4, 0, 1, 2, 3 },
-{ dtscan_hms_notext, 3, -1, 0, 1, 2 },
-{ dtscan_hms_stext, 3, -1, 0, 1, 2 },
-{ dtscan_hm_notext, 2, -1, -1, 0, 1 },
-{ dtscan_hm_stext, 2, -1, -1, 0, 1 },
-{ dtscan_days, 2, 0, -1, -1, -1 },
-{ dtscan_hours, 2, -1, 0, -1, -1 },
-{ dtscan_minutes, 2, -1, -1, 0, -1 },
-{ dtscan_seconds, 2, -1, -1, -1, 0 }
-};
-static const int deltat_table_nents = sizeof(deltat_table)/
- sizeof(deltat_table[0]);
-
-#if !HAVE_STRPTIME
-/*
- * Rudimentary version of strptime for systems which don't have it.
- */
-static char *
-strptime(buf, format, tm)
- char *buf;
- const char *format;
- struct tm *tm;
-{
- int year, month, day, hour, minute, second;
- char *bp;
- time_t now;
-
- /*
- * We only understand the following fixed formats:
- * %y%m%d%H%M%S
- * %y.%m.%d.%H.%M.%S
- * %y%m%d%H%M
- * %H%M%S
- * %H%M
- * %T
- * %R
- */
- bp = (char *) NULL;
- if (!strcmp(format, atime_full_digits) &&
- (sscanf(buf, ascan_full_digits,
- &year, &month, &day, &hour, &minute, &second) == 6)) {
- tm->tm_year = year;
- tm->tm_mon = month - 1;
- tm->tm_mday = day;
- tm->tm_hour = hour;
- tm->tm_min = minute;
- tm->tm_sec = second;
- bp = &buf[strlen(atime_full_digits)];
- }
- else if (!strcmp(format,atime_full_digits_d) &&
- (sscanf(buf, ascan_full_digits_d,
- &year, &month, &day, &hour, &minute, &second) == 6)) {
- tm->tm_year = year;
- tm->tm_mon = month - 1;
- tm->tm_mday = day;
- tm->tm_hour = hour;
- tm->tm_min = minute;
- tm->tm_sec = second;
- bp = &buf[strlen(atime_full_digits_d)];
- }
- else if (!strcmp(format, atime_nsec_digits) &&
- (sscanf(buf, ascan_nsec_digits,
- &year, &month, &day, &hour, &minute) == 5)) {
- tm->tm_year = year;
- tm->tm_mon = month - 1;
- tm->tm_mday = day;
- tm->tm_hour = hour;
- tm->tm_min = minute;
- tm->tm_sec = 0;
- bp = &buf[strlen(atime_nsec_digits)];
- }
- else if (!strcmp(format, atime_rel_hms) &&
- (sscanf(buf, ascan_rel_hms, &hour, &minute, &second) == 3)) {
- now = time((time_t *) NULL);
- memcpy(tm, localtime(&now), sizeof(struct tm));
- tm->tm_hour = hour;
- tm->tm_min = minute;
- tm->tm_sec = second;
- bp = &buf[strlen(atime_rel_hms)];
- }
- else if (!strcmp(format, atime_rel_hm) &&
- (sscanf(buf, ascan_rel_hm, &hour, &minute) == 2)) {
- now = time((time_t *) NULL);
- memcpy(tm, localtime(&now), sizeof(struct tm));
- tm->tm_hour = hour;
- tm->tm_min = minute;
- bp = &buf[strlen(atime_rel_hm)];
- }
- else if (!strcmp(format, atime_rel_col_hms) &&
- (sscanf(buf, ascan_rel_col_hms, &hour, &minute, &second) == 3)) {
- now = time((time_t *) NULL);
- memcpy(tm, localtime(&now), sizeof(struct tm));
- tm->tm_hour = hour;
- tm->tm_min = minute;
- tm->tm_sec = second;
- bp = &buf[strlen(atime_rel_col_hms)];
- }
- else if (!strcmp(format, atime_rel_col_hm) &&
- (sscanf(buf, ascan_rel_col_hm, &hour, &minute) == 2)) {
- now = time((time_t *) NULL);
- memcpy(tm, localtime(&now), sizeof(struct tm));
- tm->tm_hour = hour;
- tm->tm_min = minute;
- bp = &buf[strlen(atime_rel_col_hm)];
- }
- return(bp);
-}
-#endif /* HAVE_STRPTIME */
-
+
/*
* String to internal datatype routines.
*
@@ -388,8 +185,8 @@ krb5_string_to_enctype(string, enctypep)
krb5_error_code
krb5_string_to_salttype(string, salttypep)
- char * string;
- krb5_int32 * salttypep;
+ char * string;
+ krb5_int32 * salttypep;
{
int i;
int found;
@@ -424,78 +221,6 @@ krb5_string_to_cksumtype(string, cksumtypep)
return((found) ? 0 : EINVAL);
}
-krb5_error_code
-krb5_string_to_timestamp(string, timestampp)
- char * string;
- krb5_timestamp * timestampp;
-{
- int i;
- int found;
- struct tm timebuf;
- time_t now;
- char *s;
-
- found = 0;
- now = time((time_t *) NULL);
- for (i=0; i<atime_format_table_nents; i++) {
- /* We reset every time throughout the loop as the manual page
- * indicated that no guarantees are made as to preserving timebuf
- * when parsing fails
- */
- memcpy(&timebuf, localtime(&now), sizeof(timebuf));
- if ((s = strptime(string, atime_format_table[i], &timebuf))
- && (s != string)) {
- found = 1;
- break;
- }
- }
- if (found)
- *timestampp = (krb5_timestamp) mktime(&timebuf);
- return((found) ? 0 : EINVAL);
-}
-
-krb5_error_code
-krb5_string_to_deltat(string, deltatp)
- char * string;
- krb5_deltat * deltatp;
-{
- int i;
- int found;
- int svalues[4];
- int days, hours, minutes, seconds;
- krb5_deltat dt;
-
- found = 0;
- days = hours = minutes = seconds = 0;
- for (i=0; i<deltat_table_nents; i++) {
- if (sscanf(string, deltat_table[i].dt_scan_format,
- &svalues[0], &svalues[1], &svalues[2], &svalues[3]) ==
- deltat_table[i].dt_nmatch) {
- if (deltat_table[i].dt_dindex >= 0)
- days = svalues[deltat_table[i].dt_dindex];
- if (deltat_table[i].dt_hindex >= 0)
- hours = svalues[deltat_table[i].dt_hindex];
- if (deltat_table[i].dt_mindex >= 0)
- minutes = svalues[deltat_table[i].dt_mindex];
- if (deltat_table[i].dt_sindex >= 0)
- seconds = svalues[deltat_table[i].dt_sindex];
- found = 1;
- break;
- }
- }
- if (found) {
- dt = days;
- dt *= 24;
- dt += hours;
- dt *= 60;
- dt += minutes;
- dt *= 60;
- dt += seconds;
- *deltatp = dt;
- }
- return((found) ? 0 : EINVAL);
-}
-
/*
* Internal datatype to string routines.
*
@@ -582,53 +307,118 @@ krb5_cksumtype_to_string(cksumtype, buffer, buflen)
else
return(EINVAL);
}
+
+/* (absolute) time conversions */
-krb5_error_code
+#ifndef HAVE_STRFTIME
+#undef strftime
+#define strftime my_strftime
+static size_t strftime (char *, size_t, const char *, const struct tm *);
+#endif
+
+#ifndef HAVE_STRPTIME
+#undef strptime
+#define strptime my_strptime
+static char *strptime (const char *, const char *, struct tm *);
+#endif
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
+krb5_string_to_timestamp(string, timestampp)
+ char FAR * string;
+ krb5_timestamp FAR * timestampp;
+{
+ int i;
+ struct tm timebuf;
+ time_t now, ret_time;
+ char *s;
+ static const char * const atime_format_table[] = {
+ "%Y%m%d%H%M%S", /* yyyymmddhhmmss */
+ "%Y.%m.%d.%H.%M.%S", /* yyyy.mm.dd.hh.mm.ss */
+ "%y%m%d%H%M%S", /* yymmddhhmmss */
+ "%y.%m.%d.%H.%M.%S", /* yy.mm.dd.hh.mm.ss */
+ "%y%m%d%H%M", /* yymmddhhmm */
+ "%H%M%S", /* hhmmss */
+ "%H%M", /* hhmm */
+ "%T", /* hh:mm:ss */
+ "%R", /* hh:mm */
+ /* The following not really supported unless native strptime present */
+ "%x:%X", /* locale-dependent short format */
+ "%d-%b-%Y:%T", /* dd-month-yyyy:hh:mm:ss */
+ "%d-%b-%Y:%R" /* dd-month-yyyy:hh:mm */
+ };
+ static const int atime_format_table_nents =
+ sizeof(atime_format_table)/sizeof(atime_format_table[0]);
+
+
+ now = time((time_t *) NULL);
+ for (i=0; i<atime_format_table_nents; i++) {
+ /* We reset every time throughout the loop as the manual page
+ * indicated that no guarantees are made as to preserving timebuf
+ * when parsing fails
+ */
+ memcpy(&timebuf, localtime(&now), sizeof(timebuf));
+ if ((s = strptime(string, atime_format_table[i], &timebuf))
+ && (s != string)) {
+ if (timebuf.tm_year <= 0)
+ continue; /* clearly confused */
+ ret_time = mktime(&timebuf);
+ if (ret_time == (time_t) -1)
+ continue; /* clearly confused */
+ *timestampp = (krb5_timestamp) ret_time;
+ return 0;
+ }
+ }
+ return(EINVAL);
+}
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
krb5_timestamp_to_string(timestamp, buffer, buflen)
krb5_timestamp timestamp;
- char * buffer;
+ char FAR * buffer;
size_t buflen;
{
-#if HAVE_STRFTIME
- if (strftime(buffer, buflen, "%c", localtime((time_t *) &timestamp)))
- return(0);
- else
+ int ret;
+ time_t timestamp2 = timestamp;
+
+ ret = strftime(buffer, buflen, "%c", localtime(&timestamp2));
+ if (ret == 0 || ret == buflen)
return(ENOMEM);
-#else /* HAVE_STRFTIME */
- if (strlen(ctime((time_t *) &timestamp)) <= buflen) {
- strcpy(buffer, ctime((time_t *) &timestamp));
- /* ctime returns <datestring>\n\0 */
- buffer[strlen(buffer)-1] = '\0';
- return(0);
- }
- return(ENOMEM);
-#endif /* HAVE_STRFTIME */
+ return(0);
}
-krb5_error_code
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
krb5_timestamp_to_sfstring(timestamp, buffer, buflen, pad)
krb5_timestamp timestamp;
- char * buffer;
+ char FAR * buffer;
size_t buflen;
- char * pad;
+ char FAR * pad;
{
struct tm *tmp;
size_t i;
size_t ndone;
-
- tmp = localtime((time_t *) &timestamp);
+ time_t timestamp2 = timestamp;
+
+ static const char * const sftime_format_table[] = {
+ "%c", /* Default locale-dependent date and time */
+ "%d %b %Y %T", /* dd mon yyyy hh:mm:ss */
+ "%x %X", /* locale-dependent short format */
+ "%d/%m/%Y %R" /* dd/mm/yyyy hh:mm */
+ };
+ static const int sftime_format_table_nents =
+ sizeof(sftime_format_table)/sizeof(sftime_format_table[0]);
+
+ tmp = localtime(&timestamp2);
ndone = 0;
-#if HAVE_STRFTIME
for (i=0; i<sftime_format_table_nents; i++) {
if ((ndone = strftime(buffer, buflen, sftime_format_table[i], tmp)))
break;
}
-#endif /* HAVE_STRFTIME */
if (!ndone) {
+#define sftime_default_len 2+1+2+1+4+1+2+1+2+1
if (buflen >= sftime_default_len) {
- sprintf(buffer, sftime_default_fmt,
- tmp->tm_mday, tmp->tm_mon+1, tmp->tm_year,
- tmp->tm_hour, tmp->tm_min, tmp->tm_sec);
+ sprintf(buffer, "%02d/%02d/%4d %02d:%02d",
+ tmp->tm_mday, tmp->tm_mon+1, 1900+tmp->tm_year,
+ tmp->tm_hour, tmp->tm_min);
ndone = strlen(buffer);
}
}
@@ -639,47 +429,114 @@ krb5_timestamp_to_sfstring(timestamp, buffer, buflen, pad)
}
return((ndone) ? 0 : ENOMEM);
}
+
+/* relative time (delta-t) conversions */
-krb5_error_code
+/* string->deltat is in deltat.y */
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
krb5_deltat_to_string(deltat, buffer, buflen)
krb5_deltat deltat;
- char * buffer;
+ char FAR * buffer;
size_t buflen;
{
int days, hours, minutes, seconds;
krb5_deltat dt;
- krb5_error_code retval;
- days = (int) (deltat / (24*3600l));
- dt = deltat % (24*3600l);
+ /*
+ * We want something like ceil(log10(2**(nbits-1))) + 1. That log
+ * value is log10(2)*(nbits-1) or log10(2**8)*(nbits-1)/8. So,
+ * 2.4... is log10(256), rounded up. Add one to handle leading
+ * minus, and one more to force int cast to round the value up.
+ * This doesn't include room for a trailing nul.
+ *
+ * This will break if bytes are more than 8 bits.
+ */
+#define MAX_CHARS_FOR_INT_TYPE(TYPE) ((int) (2 + 2.408241 * sizeof (TYPE)))
+ char tmpbuf[MAX_CHARS_FOR_INT_TYPE(int) * 4 + 8];
+
+ days = (int) (deltat / (24*3600L));
+ dt = deltat % (24*3600L);
hours = (int) (dt / 3600);
dt %= 3600;
minutes = (int) (dt / 60);
seconds = (int) (dt % 60);
- retval = 0;
- if (days) {
- if (hours || minutes || seconds) {
- if (buflen < (strlen(dt_output_dhms)+strlen(dt_day_plural)))
- retval = ENOMEM;
- else
- sprintf(buffer, dt_output_dhms, days,
- (days > 1) ? dt_day_plural : dt_day_singular,
- hours, minutes, seconds);
- }
- else {
- if (buflen < (strlen(dt_output_donly)+strlen(dt_day_plural)))
- retval = ENOMEM;
- else
- sprintf(buffer, dt_output_donly, days,
- (days > 1) ? dt_day_plural : dt_day_singular);
- }
- }
- else {
- if (buflen < strlen(dt_output_hms))
- retval = ENOMEM;
- else
- sprintf(buffer, dt_output_hms, hours, minutes, seconds);
- }
- return(retval);
+ memset (tmpbuf, 0, sizeof (tmpbuf));
+ if (days == 0)
+ sprintf(buffer, "%d:%02d:%02d", hours, minutes, seconds);
+ else if (hours || minutes || seconds)
+ sprintf(buffer, "%d %s %02d:%02d:%02d", days,
+ (days > 1) ? "days" : "day",
+ hours, minutes, seconds);
+ else
+ sprintf(buffer, "%d %s", days,
+ (days > 1) ? "days" : "day");
+ if (tmpbuf[sizeof(tmpbuf)-1] != 0)
+ /* Something must be very wrong with my math above, or the
+ assumptions going into it... */
+ abort ();
+ if (strlen (tmpbuf) > buflen)
+ return ENOMEM;
+ else
+ strncpy (buffer, tmpbuf, buflen);
+ return 0;
}
+
+#undef __P
+#define __P(X) X
+
+#if !defined (HAVE_STRFTIME) || !defined (HAVE_STRPTIME)
+#undef _CurrentTimeLocale
+#define _CurrentTimeLocale (&dummy_locale_info)
+
+struct dummy_locale_info_t {
+ char d_t_fmt[15];
+ char t_fmt_ampm[12];
+ char t_fmt[9];
+ char d_fmt[9];
+ char day[7][10];
+ char abday[7][4];
+ char mon[12][10];
+ char abmon[12][4];
+ char am_pm[2][3];
+};
+static const struct dummy_locale_info_t dummy_locale_info = {
+ "%a %b %d %X %Y", /* %c */
+ "%I:%M:%S %p", /* %r */
+ "%H:%M:%S", /* %X */
+ "%m/%d/%y", /* %x */
+ { "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday",
+ "Saturday" },
+ { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" },
+ { "January", "February", "March", "April", "May", "June",
+ "July", "August", "September", "October", "November", "December" },
+ { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" },
+ { "AM", "PM" },
+};
+#undef TM_YEAR_BASE
+#define TM_YEAR_BASE 1900
+#endif
+
+#ifndef HAVE_STRFTIME
+#undef DAYSPERLYEAR
+#define DAYSPERLYEAR 366
+#undef DAYSPERNYEAR
+#define DAYSPERNYEAR 365
+#undef DAYSPERWEEK
+#define DAYSPERWEEK 7
+#undef isleap
+#define isleap(N) ((N % 4) == 0 && (N % 100 != 0 || N % 400 == 0))
+#undef tzname
+#define tzname my_tzname
+static const char *const tzname[2] = { 0, 0 };
+#undef tzset
+#define tzset()
+
+#include "strftime.c"
+#endif
+
+#ifndef HAVE_STRPTIME
+#include "strptime.c"
+#endif
diff --git a/src/lib/krb5/krb/strftime.c b/src/lib/krb5/krb/strftime.c
new file mode 100644
index 0000000..f2a5cb7
--- /dev/null
+++ b/src/lib/krb5/krb/strftime.c
@@ -0,0 +1,415 @@
+/* $NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $ */
+
+/*
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+#if 0
+static char *sccsid = "@(#)strftime.c 5.11 (Berkeley) 2/24/91";
+#else
+__RCSID("$NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $");
+#endif
+#endif /* LIBC_SCCS and not lint */
+
+#include <string.h>
+#include <time.h>
+
+static int _add __P((const char *, char **, const char *));
+static int _conv __P((int, int, int, char **, const char *));
+static int _secs __P((const struct tm *, char **, const char *));
+static size_t _fmt __P((const char *, const struct tm *, char **,
+ const char *));
+
+static size_t
+strftime(s, maxsize, format, t)
+ char *s;
+ size_t maxsize;
+ const char *format;
+ const struct tm *t;
+{
+ char *pt;
+
+ tzset();
+ if (maxsize < 1)
+ return (0);
+
+ pt = s;
+ if (_fmt(format, t, &pt, s + maxsize)) {
+ *pt = '\0';
+ return (pt - s);
+ } else
+ return (0);
+}
+
+#define SUN_WEEK(t) (((t)->tm_yday + 7 - \
+ ((t)->tm_wday)) / 7)
+#define MON_WEEK(t) (((t)->tm_yday + 7 - \
+ ((t)->tm_wday ? (t)->tm_wday - 1 : 6)) / 7)
+
+static size_t
+_fmt(format, t, pt, ptlim)
+ const char *format;
+ const struct tm *t;
+ char **pt;
+ const char * const ptlim;
+{
+ for (; *format; ++format) {
+ if (*format == '%') {
+ ++format;
+ if (*format == 'E') {
+ /* Alternate Era */
+ ++format;
+ } else if (*format == 'O') {
+ /* Alternate numeric symbols */
+ ++format;
+ }
+ switch (*format) {
+ case '\0':
+ --format;
+ break;
+ case 'A':
+ if (t->tm_wday < 0 || t->tm_wday > 6)
+ return (0);
+ if (!_add(_CurrentTimeLocale->day[t->tm_wday],
+ pt, ptlim))
+ return (0);
+ continue;
+
+ case 'a':
+ if (t->tm_wday < 0 || t->tm_wday > 6)
+ return (0);
+ if (!_add(_CurrentTimeLocale->abday[t->tm_wday],
+ pt, ptlim))
+ return (0);
+ continue;
+ case 'B':
+ if (t->tm_mon < 0 || t->tm_mon > 11)
+ return (0);
+ if (!_add(_CurrentTimeLocale->mon[t->tm_mon],
+ pt, ptlim))
+ return (0);
+ continue;
+ case 'b':
+ case 'h':
+ if (t->tm_mon < 0 || t->tm_mon > 11)
+ return (0);
+ if (!_add(_CurrentTimeLocale->abmon[t->tm_mon],
+ pt, ptlim))
+ return (0);
+ continue;
+ case 'C':
+ if (!_conv((t->tm_year + TM_YEAR_BASE) / 100,
+ 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'c':
+ if (!_fmt(_CurrentTimeLocale->d_t_fmt, t, pt,
+ ptlim))
+ return (0);
+ continue;
+ case 'D':
+ if (!_fmt("%m/%d/%y", t, pt, ptlim))
+ return (0);
+ continue;
+ case 'd':
+ if (!_conv(t->tm_mday, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'e':
+ if (!_conv(t->tm_mday, 2, ' ', pt, ptlim))
+ return (0);
+ continue;
+ case 'H':
+ if (!_conv(t->tm_hour, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'I':
+ if (!_conv(t->tm_hour % 12 ?
+ t->tm_hour % 12 : 12, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'j':
+ if (!_conv(t->tm_yday + 1, 3, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'k':
+ if (!_conv(t->tm_hour, 2, ' ', pt, ptlim))
+ return (0);
+ continue;
+ case 'l':
+ if (!_conv(t->tm_hour % 12 ?
+ t->tm_hour % 12: 12, 2, ' ', pt, ptlim))
+ return (0);
+ continue;
+ case 'M':
+ if (!_conv(t->tm_min, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'm':
+ if (!_conv(t->tm_mon + 1, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'n':
+ if (!_add("\n", pt, ptlim))
+ return (0);
+ continue;
+ case 'p':
+ if (!_add(_CurrentTimeLocale->am_pm[t->tm_hour
+ >= 12], pt, ptlim))
+ return (0);
+ continue;
+ case 'R':
+ if (!_fmt("%H:%M", t, pt, ptlim))
+ return (0);
+ continue;
+ case 'r':
+ if (!_fmt(_CurrentTimeLocale->t_fmt_ampm, t, pt,
+ ptlim))
+ return (0);
+ continue;
+ case 'S':
+ if (!_conv(t->tm_sec, 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 's':
+ if (!_secs(t, pt, ptlim))
+ return (0);
+ continue;
+ case 'T':
+ if (!_fmt("%H:%M:%S", t, pt, ptlim))
+ return (0);
+ continue;
+ case 't':
+ if (!_add("\t", pt, ptlim))
+ return (0);
+ continue;
+ case 'U':
+ if (!_conv(SUN_WEEK(t), 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'u':
+ if (!_conv(t->tm_wday ? t->tm_wday : 7, 1, '0',
+ pt, ptlim))
+ return (0);
+ continue;
+ case 'V': /* ISO 8601 week number */
+ case 'G': /* ISO 8601 year (four digits) */
+ case 'g': /* ISO 8601 year (two digits) */
+/*
+** From Arnold Robbins' strftime version 3.0: "the week number of the
+** year (the first Monday as the first day of week 1) as a decimal number
+** (01-53)."
+** (ado, 1993-05-24)
+**
+** From "http://www.ft.uni-erlangen.de/~mskuhn/iso-time.html" by Markus Kuhn:
+** "Week 01 of a year is per definition the first week which has the
+** Thursday in this year, which is equivalent to the week which contains
+** the fourth day of January. In other words, the first week of a new year
+** is the week which has the majority of its days in the new year. Week 01
+** might also contain days from the previous year and the week before week
+** 01 of a year is the last week (52 or 53) of the previous year even if
+** it contains days from the new year. A week starts with Monday (day 1)
+** and ends with Sunday (day 7). For example, the first week of the year
+** 1997 lasts from 1996-12-30 to 1997-01-05..."
+** (ado, 1996-01-02)
+*/
+ {
+ int year;
+ int yday;
+ int wday;
+ int w;
+
+ year = t->tm_year + TM_YEAR_BASE;
+ yday = t->tm_yday;
+ wday = t->tm_wday;
+ for ( ; ; ) {
+ int len;
+ int bot;
+ int top;
+
+ len = isleap(year) ?
+ DAYSPERLYEAR :
+ DAYSPERNYEAR;
+ /*
+ ** What yday (-3 ... 3) does
+ ** the ISO year begin on?
+ */
+ bot = ((yday + 11 - wday) %
+ DAYSPERWEEK) - 3;
+ /*
+ ** What yday does the NEXT
+ ** ISO year begin on?
+ */
+ top = bot -
+ (len % DAYSPERWEEK);
+ if (top < -3)
+ top += DAYSPERWEEK;
+ top += len;
+ if (yday >= top) {
+ ++year;
+ w = 1;
+ break;
+ }
+ if (yday >= bot) {
+ w = 1 + ((yday - bot) /
+ DAYSPERWEEK);
+ break;
+ }
+ --year;
+ yday += isleap(year) ?
+ DAYSPERLYEAR :
+ DAYSPERNYEAR;
+ }
+#ifdef XPG4_1994_04_09
+ if ((w == 52
+ && t->tm_mon == TM_JANUARY)
+ || (w == 1
+ && t->tm_mon == TM_DECEMBER))
+ w = 53;
+#endif /* defined XPG4_1994_04_09 */
+ if (*format == 'V') {
+ if (!_conv(w, 2, '0',
+ pt, ptlim))
+ return (0);
+ } else if (*format == 'g') {
+ if (!_conv(year % 100, 2, '0',
+ pt, ptlim))
+ return (0);
+ } else if (!_conv(year, 4, '0',
+ pt, ptlim))
+ return (0);
+ }
+ continue;
+ case 'W':
+ if (!_conv(MON_WEEK(t), 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'w':
+ if (!_conv(t->tm_wday, 1, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'x':
+ if (!_fmt(_CurrentTimeLocale->d_fmt, t, pt,
+ ptlim))
+ return (0);
+ continue;
+ case 'X':
+ if (!_fmt(_CurrentTimeLocale->t_fmt, t, pt,
+ ptlim))
+ return (0);
+ continue;
+ case 'y':
+ if (!_conv((t->tm_year + TM_YEAR_BASE) % 100,
+ 2, '0', pt, ptlim))
+ return (0);
+ continue;
+ case 'Y':
+ if (!_conv((t->tm_year + TM_YEAR_BASE), 4, '0',
+ pt, ptlim))
+ return (0);
+ continue;
+ case 'Z':
+ if (tzname[t->tm_isdst ? 1 : 0] &&
+ !_add(tzname[t->tm_isdst ? 1 : 0], pt,
+ ptlim))
+ return (0);
+ continue;
+ case '%':
+ /*
+ * X311J/88-090 (4.12.3.5): if conversion char is
+ * undefined, behavior is undefined. Print out the
+ * character itself as printf(3) does.
+ */
+ default:
+ break;
+ }
+ }
+ if (*pt == ptlim)
+ return (0);
+ *(*pt)++ = *format;
+ }
+ return (ptlim - *pt);
+}
+
+static int
+_secs(t, pt, ptlim)
+ const struct tm *t;
+ char **pt;
+ const char * const ptlim;
+{
+ char buf[15];
+ time_t s;
+ char *p;
+ struct tm tmp;
+
+ buf[sizeof (buf) - 1] = '\0';
+ /* Make a copy, mktime(3) modifies the tm struct. */
+ tmp = *t;
+ s = mktime(&tmp);
+ for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10)
+ *p-- = (char)(s % 10 + '0');
+ return (_add(++p, pt, ptlim));
+}
+
+static int
+_conv(n, digits, pad, pt, ptlim)
+ int n, digits;
+ int pad;
+ char **pt;
+ const char * const ptlim;
+{
+ char buf[10];
+ char *p;
+
+ buf[sizeof (buf) - 1] = '\0';
+ for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits)
+ *p-- = n % 10 + '0';
+ while (p > buf && digits-- > 0)
+ *p-- = pad;
+ return (_add(++p, pt, ptlim));
+}
+
+static int
+_add(str, pt, ptlim)
+ const char *str;
+ char **pt;
+ const char * const ptlim;
+{
+
+ for (;; ++(*pt)) {
+ if (*pt == ptlim)
+ return (0);
+ if ((**pt = *str++) == '\0')
+ return (1);
+ }
+}
diff --git a/src/lib/krb5/krb/strptime.c b/src/lib/krb5/krb/strptime.c
new file mode 100644
index 0000000..ac52d5c
--- /dev/null
+++ b/src/lib/krb5/krb/strptime.c
@@ -0,0 +1,386 @@
+/* $NetBSD: strptime.c,v 1.18 1999/04/29 02:58:30 tv Exp $ */
+
+/*-
+ * Copyright (c) 1997, 1998 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code was contributed to The NetBSD Foundation by Klaus Klein.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+__RCSID("$NetBSD: strptime.c,v 1.18 1999/04/29 02:58:30 tv Exp $");
+#endif
+
+#include <ctype.h>
+#include <string.h>
+#include <time.h>
+
+#undef _ctloc
+#define _ctloc(x) _CurrentTimeLocale->x
+
+/*
+ * We do not implement alternate representations. However, we always
+ * check whether a given modifier is allowed for a certain conversion.
+ */
+#define ALT_E 0x01
+#define ALT_O 0x02
+#define LEGAL_ALT(x) { if (alt_format & ~(x)) return (0); }
+
+
+static int conv_num __P((const char **, int *, int, int));
+
+
+static char *
+strptime(buf, fmt, tm)
+ const char *buf, *fmt;
+ struct tm *tm;
+{
+ char c;
+ const char *bp;
+ size_t len = 0;
+ int alt_format, i, split_year = 0;
+
+ bp = buf;
+
+ while ((c = *fmt) != '\0') {
+ /* Clear `alternate' modifier prior to new conversion. */
+ alt_format = 0;
+
+ /* Eat up white-space. */
+ if (isspace(c)) {
+ while (isspace(*bp))
+ bp++;
+
+ fmt++;
+ continue;
+ }
+
+ if ((c = *fmt++) != '%')
+ goto literal;
+
+
+again: switch (c = *fmt++) {
+ case '%': /* "%%" is converted to "%". */
+literal:
+ if (c != *bp++)
+ return (0);
+ break;
+
+ /*
+ * "Alternative" modifiers. Just set the appropriate flag
+ * and start over again.
+ */
+ case 'E': /* "%E?" alternative conversion modifier. */
+ LEGAL_ALT(0);
+ alt_format |= ALT_E;
+ goto again;
+
+ case 'O': /* "%O?" alternative conversion modifier. */
+ LEGAL_ALT(0);
+ alt_format |= ALT_O;
+ goto again;
+
+ /*
+ * "Complex" conversion rules, implemented through recursion.
+ */
+ case 'c': /* Date and time, using the locale's format. */
+ LEGAL_ALT(ALT_E);
+ if (!(bp = strptime(bp, _ctloc(d_t_fmt), tm)))
+ return (0);
+ break;
+
+ case 'D': /* The date as "%m/%d/%y". */
+ LEGAL_ALT(0);
+ if (!(bp = strptime(bp, "%m/%d/%y", tm)))
+ return (0);
+ break;
+
+ case 'R': /* The time as "%H:%M". */
+ LEGAL_ALT(0);
+ if (!(bp = strptime(bp, "%H:%M", tm)))
+ return (0);
+ break;
+
+ case 'r': /* The time in 12-hour clock representation. */
+ LEGAL_ALT(0);
+ if (!(bp = strptime(bp, _ctloc(t_fmt_ampm), tm)))
+ return (0);
+ break;
+
+ case 'T': /* The time as "%H:%M:%S". */
+ LEGAL_ALT(0);
+ if (!(bp = strptime(bp, "%H:%M:%S", tm)))
+ return (0);
+ break;
+
+ case 'X': /* The time, using the locale's format. */
+ LEGAL_ALT(ALT_E);
+ if (!(bp = strptime(bp, _ctloc(t_fmt), tm)))
+ return (0);
+ break;
+
+ case 'x': /* The date, using the locale's format. */
+ LEGAL_ALT(ALT_E);
+ if (!(bp = strptime(bp, _ctloc(d_fmt), tm)))
+ return (0);
+ break;
+
+ /*
+ * "Elementary" conversion rules.
+ */
+ case 'A': /* The day of week, using the locale's form. */
+ case 'a':
+ LEGAL_ALT(0);
+ for (i = 0; i < 7; i++) {
+ /* Full name. */
+ len = strlen(_ctloc(day[i]));
+ if (strncasecmp(_ctloc(day[i]), bp, len) == 0)
+ break;
+
+ /* Abbreviated name. */
+ len = strlen(_ctloc(abday[i]));
+ if (strncasecmp(_ctloc(abday[i]), bp, len) == 0)
+ break;
+ }
+
+ /* Nothing matched. */
+ if (i == 7)
+ return (0);
+
+ tm->tm_wday = i;
+ bp += len;
+ break;
+
+ case 'B': /* The month, using the locale's form. */
+ case 'b':
+ case 'h':
+ LEGAL_ALT(0);
+ for (i = 0; i < 12; i++) {
+ /* Full name. */
+ len = strlen(_ctloc(mon[i]));
+ if (strncasecmp(_ctloc(mon[i]), bp, len) == 0)
+ break;
+
+ /* Abbreviated name. */
+ len = strlen(_ctloc(abmon[i]));
+ if (strncasecmp(_ctloc(abmon[i]), bp, len) == 0)
+ break;
+ }
+
+ /* Nothing matched. */
+ if (i == 12)
+ return (0);
+
+ tm->tm_mon = i;
+ bp += len;
+ break;
+
+ case 'C': /* The century number. */
+ LEGAL_ALT(ALT_E);
+ if (!(conv_num(&bp, &i, 0, 99)))
+ return (0);
+
+ if (split_year) {
+ tm->tm_year = (tm->tm_year % 100) + (i * 100);
+ } else {
+ tm->tm_year = i * 100;
+ split_year = 1;
+ }
+ break;
+
+ case 'd': /* The day of month. */
+ case 'e':
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_mday, 1, 31)))
+ return (0);
+ break;
+
+ case 'k': /* The hour (24-hour clock representation). */
+ LEGAL_ALT(0);
+ /* FALLTHROUGH */
+ case 'H':
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_hour, 0, 23)))
+ return (0);
+ break;
+
+ case 'l': /* The hour (12-hour clock representation). */
+ LEGAL_ALT(0);
+ /* FALLTHROUGH */
+ case 'I':
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_hour, 1, 12)))
+ return (0);
+ if (tm->tm_hour == 12)
+ tm->tm_hour = 0;
+ break;
+
+ case 'j': /* The day of year. */
+ LEGAL_ALT(0);
+ if (!(conv_num(&bp, &i, 1, 366)))
+ return (0);
+ tm->tm_yday = i - 1;
+ break;
+
+ case 'M': /* The minute. */
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_min, 0, 59)))
+ return (0);
+ break;
+
+ case 'm': /* The month. */
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &i, 1, 12)))
+ return (0);
+ tm->tm_mon = i - 1;
+ break;
+
+ case 'p': /* The locale's equivalent of AM/PM. */
+ LEGAL_ALT(0);
+ /* AM? */
+ if (strcasecmp(_ctloc(am_pm[0]), bp) == 0) {
+ if (tm->tm_hour > 11)
+ return (0);
+
+ bp += strlen(_ctloc(am_pm[0]));
+ break;
+ }
+ /* PM? */
+ else if (strcasecmp(_ctloc(am_pm[1]), bp) == 0) {
+ if (tm->tm_hour > 11)
+ return (0);
+
+ tm->tm_hour += 12;
+ bp += strlen(_ctloc(am_pm[1]));
+ break;
+ }
+
+ /* Nothing matched. */
+ return (0);
+
+ case 'S': /* The seconds. */
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_sec, 0, 61)))
+ return (0);
+ break;
+
+ case 'U': /* The week of year, beginning on sunday. */
+ case 'W': /* The week of year, beginning on monday. */
+ LEGAL_ALT(ALT_O);
+ /*
+ * XXX This is bogus, as we can not assume any valid
+ * information present in the tm structure at this
+ * point to calculate a real value, so just check the
+ * range for now.
+ */
+ if (!(conv_num(&bp, &i, 0, 53)))
+ return (0);
+ break;
+
+ case 'w': /* The day of week, beginning on sunday. */
+ LEGAL_ALT(ALT_O);
+ if (!(conv_num(&bp, &tm->tm_wday, 0, 6)))
+ return (0);
+ break;
+
+ case 'Y': /* The year. */
+ LEGAL_ALT(ALT_E);
+ if (!(conv_num(&bp, &i, 0, 9999)))
+ return (0);
+
+ tm->tm_year = i - TM_YEAR_BASE;
+ break;
+
+ case 'y': /* The year within 100 years of the epoch. */
+ LEGAL_ALT(ALT_E | ALT_O);
+ if (!(conv_num(&bp, &i, 0, 99)))
+ return (0);
+
+ if (split_year) {
+ tm->tm_year = ((tm->tm_year / 100) * 100) + i;
+ break;
+ }
+ split_year = 1;
+ if (i <= 68)
+ tm->tm_year = i + 2000 - TM_YEAR_BASE;
+ else
+ tm->tm_year = i + 1900 - TM_YEAR_BASE;
+ break;
+
+ /*
+ * Miscellaneous conversions.
+ */
+ case 'n': /* Any kind of white-space. */
+ case 't':
+ LEGAL_ALT(0);
+ while (isspace(*bp))
+ bp++;
+ break;
+
+
+ default: /* Unknown/unsupported conversion. */
+ return (0);
+ }
+
+
+ }
+
+ /* LINTED functional specification */
+ return ((char *)bp);
+}
+
+
+static int
+conv_num(buf, dest, llim, ulim)
+ const char **buf;
+ int *dest;
+ int llim, ulim;
+{
+ int result = 0;
+
+ /* The limit also determines the number of valid digits. */
+ int rulim = ulim;
+
+ if (**buf < '0' || **buf > '9')
+ return (0);
+
+ do {
+ result *= 10;
+ result += *(*buf)++ - '0';
+ rulim /= 10;
+ } while ((result * 10 <= ulim) && rulim && **buf >= '0' && **buf <= '9');
+
+ if (result < llim || result > ulim)
+ return (0);
+
+ *dest = result;
+ return (1);
+}
diff --git a/src/lib/krb5/krb/t_kerb.c b/src/lib/krb5/krb/t_kerb.c
index 3a960b8..b4d1781 100644
--- a/src/lib/krb5/krb/t_kerb.c
+++ b/src/lib/krb5/krb/t_kerb.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
+#include <time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
@@ -14,6 +15,22 @@
#include "com_err.h"
+void test_string_to_timestamp(ctx, time)
+ krb5_context ctx;
+ char *time;
+{
+ krb5_timestamp timestamp;
+ time_t t;
+ krb5_error_code retval;
+
+ retval = krb5_string_to_timestamp(time, &timestamp);
+ if (retval) {
+ com_err("krb5_string_to_timestamp", retval, 0);
+ return;
+ }
+ t = (time_t) timestamp;
+ printf("Parsed time was %s", ctime(&t));
+}
void test_425_conv_principal(ctx, name, inst, realm)
krb5_context ctx;
@@ -82,6 +99,7 @@ void usage(progname)
fprintf(stderr, "%s: Usage: %s 425_conv_principal <name> <inst> <realm\n",
progname, progname);
fprintf(stderr, "\t%s parse_name <name>\n", progname);
+ fprintf(stderr, "\t%s string_to_timestamp <time>\n", progname);
exit(1);
}
@@ -123,6 +141,10 @@ main(argc, argv)
if (!argc) usage(progname);
name = *argv;
test_parse_name(ctx, name);
+ } else if (strcmp(*argv, "string_to_timestamp") == 0) {
+ argc--; argv++;
+ if (!argc) usage(progname);
+ test_string_to_timestamp(ctx, *argv);
}
else
usage(progname);
diff --git a/src/lib/krb5/krb/t_ref_kerb.out b/src/lib/krb5/krb/t_ref_kerb.out
index d3a7982..968b308 100644
--- a/src/lib/krb5/krb/t_ref_kerb.out
+++ b/src/lib/krb5/krb/t_ref_kerb.out
@@ -12,5 +12,5 @@ parsed (and unparsed) principal(\/slash/\@atsign/octa\/thorpe@\/slash\@at\/sign)
425_converted principal(rcmd, lithium, ATHENA.MIT.EDU): 'host/lithium.lcs.mit.edu@ATHENA.MIT.EDU'
425_converted principal(rcmd, tweedledumb, CYGNUS.COM): 'host/tweedledumb.cygnus.com@CYGNUS.COM'
425_converted principal(rcmd, uunet, UU.NET): 'host/uunet.uu.net@UU.NET'
-425_converted principal(zephyr, zephyr, ATHENA.MIT.EDU): 'zephyr/zephyr@ATHENA.MIT.EDU'
+425_converted principal(zephyr, zephyr, ATHENA.MIT.EDU): 'zephyr/zephyr.mit.edu@ATHENA.MIT.EDU'
425_converted principal(kadmin, ATHENA.MIT.EDU, ATHENA.MIT.EDU): 'kadmin/ATHENA.MIT.EDU@ATHENA.MIT.EDU'
diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog
index a1d63cf..2c1842f 100644
--- a/src/lib/krb5/os/ChangeLog
+++ b/src/lib/krb5/os/ChangeLog
@@ -1,3 +1,19 @@
+Thu Mar 25 18:45:48 1999 Tom Yu <tlyu@mit.edu>
+
+ * promptusr.c (krb5_os_get_tty_uio): getchar() returns int, not
+ char.
+
+Wed Jan 14 21:12:20 1998 Tom Yu <tlyu@mit.edu>
+
+ * locate_kdc.c (krb5_locate_kdc): Check return of
+ malloc. [krb5-libs/518]
+
+ * locate_kdc.c (krb5_locate_kdc): Free hostlist array elements
+ when finished with them.
+
+ * locate_kdc.c (krb5_locate_kdc): Get rid of extra krb5_xfree
+ which caused freeing of memory twice.
+
Wed Nov 13 02:53:31 1996 Tom Yu <tlyu@mit.edu>
* osconfig.c: Add warning re: global variables.
diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c
index 418072f..b323c75 100644
--- a/src/lib/krb5/os/locate_kdc.c
+++ b/src/lib/krb5/os/locate_kdc.c
@@ -65,7 +65,6 @@ krb5_locate_kdc(context, realm, addr_pp, naddrs)
realm_kdc_names[3] = 0;
code = profile_get_values(context->profile, realm_kdc_names, &hostlist);
- krb5_xfree(host);
if (code == PROF_NO_SECTION)
return KRB5_REALM_UNKNOWN;
@@ -98,6 +97,8 @@ krb5_locate_kdc(context, realm, addr_pp, naddrs)
#endif
addr_p = (struct sockaddr *)malloc (sizeof (struct sockaddr) * count);
+ if (addr_p == NULL)
+ return ENOMEM;
for (i=0, out=0; hostlist[i]; i++) {
host = hostlist[i];
diff --git a/src/lib/krb5/os/promptusr.c b/src/lib/krb5/os/promptusr.c
index f40be0f..c03b4b8 100644
--- a/src/lib/krb5/os/promptusr.c
+++ b/src/lib/krb5/os/promptusr.c
@@ -48,7 +48,7 @@ krb5_os_get_tty_uio(context, uio)
int fd;
char read_string[BUFSIZ];
char *cp;
- char ch;
+ int ch;
/* get the file descriptor associated with stdin */
fd=fileno(stdin);
diff --git a/src/lib/krb5/rcache/ChangeLog b/src/lib/krb5/rcache/ChangeLog
index b5554fd..80d7f77 100644
--- a/src/lib/krb5/rcache/ChangeLog
+++ b/src/lib/krb5/rcache/ChangeLog
@@ -1,3 +1,8 @@
+Tue Mar 25 01:15:39 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * rc_io.c (krb5_rc_io_open): rcache owner should be checked against
+ the effective uid, not the real uid. [krb5-libs/366]
+
Mon Nov 18 15:25:51 1996 Theodore Y. Ts'o <tytso@mit.edu>
* rc_dfl.c: Apply jik's fix to allow the expunging of the replay
diff --git a/src/lib/krb5/rcache/rc_io.c b/src/lib/krb5/rcache/rc_io.c
index bf11e8f..3d69c15 100644
--- a/src/lib/krb5/rcache/rc_io.c
+++ b/src/lib/krb5/rcache/rc_io.c
@@ -185,7 +185,7 @@ krb5_error_code krb5_rc_io_open (context, d, fn)
if ((d->fd = stat(d->fn, &statb)) != -1) {
uid_t me;
- me = getuid();
+ me = geteuid();
/* must be owned by this user, to prevent some security problems with
* other users modifying replay cache stufff */
if ((statb.st_uid != me) || ((statb.st_mode & S_IFMT) != S_IFREG)) {
generated by cgit v1.1 at 2024-08-15 08:40:22 +0000