$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-util.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- defines.h krcp.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h defines.h krcp.c
$(OUTPRE)krlogin.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h defines.h kcmd.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ defines.h kcmd.c
$(OUTPRE)forward.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h defines.h forward.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ defines.h forward.c
$(OUTPRE)login.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h login.c loginpaths.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ login.c loginpaths.h
$(OUTPRE)krshd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h defines.h krshd.c \
- loginpaths.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ defines.h krshd.c loginpaths.h
$(OUTPRE)krlogind.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h defines.h krlogind.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ defines.h krlogind.c
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../arpa/telnet.h \
- $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \
- defs.h ext.h pathnames.h sys_term.c telnetd.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \
+ $(srcdir)/../libtelnet/auth.h defs.h ext.h pathnames.h \
+ sys_term.c telnetd.h
$(OUTPRE)utility.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0;
int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version = 0;
+int show_adtype = 0;
char *defname;
char *progname;
krb5_int32 now;
{
#define KRB_AVAIL_STRING(x) ((x)?"available":"not available")
- fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-f] [-s] [-a [-n]]] %s",
+ fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-d] [-f] [-s] [-a [-n]]] %s",
progname, "[-k [-t] [-K]] [name]\n");
fprintf(stderr, "\t-c specifies credentials cache\n");
fprintf(stderr, "\t-k specifies keytab\n");
fprintf(stderr, "\t-e shows the encryption type\n");
fprintf(stderr, "\t-V shows the Kerberos version and exits\n");
fprintf(stderr, "\toptions for credential caches:\n");
+ fprintf(stderr, "\t\t-d shows the submitted authorization data types\n");
fprintf(stderr, "\t\t-f shows credentials flags\n");
fprintf(stderr, "\t\t-s sets exit status based on valid tgt existence\n");
fprintf(stderr, "\t\t-a displays the address list\n");
name = NULL;
mode = DEFAULT;
/* V=version so v can be used for verbose later if desired. */
- while ((c = getopt(argc, argv, "fetKsnack45V")) != -1) {
+ while ((c = getopt(argc, argv, "dfetKsnack45V")) != -1) {
switch (c) {
+ case 'd':
+ show_adtype = 1;
+ break;
case 'f':
show_flags = 1;
break;
krb5_free_ticket(kcontext, tkt);
}
+ if (show_adtype) {
+ int i;
+
+ if (cred->authdata != NULL) {
+ if (!extra_field)
+ fputs("\t",stdout);
+ else
+ fputs(", ",stdout);
+ printf("AD types: ");
+ for (i = 0; cred->authdata[i] != NULL; i++) {
+ if (i)
+ printf(", ");
+ printf("%d", cred->authdata[i]->ad_type);
+ }
+ extra_field++;
+ }
+ }
+
/* if any additional info was printed, extra_field is non-zero */
if (extra_field)
putchar('\n');
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h krb_auth_su.c ksu.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ krb_auth_su.c ksu.h
$(OUTPRE)ccache.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-util.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ccache.c ksu.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ccache.c ksu.h
$(OUTPRE)authorization.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h authorization.c ksu.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ authorization.c ksu.h
$(OUTPRE)main.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-util.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ksu.h main.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ksu.h main.c
$(OUTPRE)heuristic.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h heuristic.c ksu.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ heuristic.c ksu.h
$(OUTPRE)xmalloc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-util.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ksu.h xmalloc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ksu.h xmalloc.c
$(OUTPRE)setenv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
setenv.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kvno.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kvno.c
plugins/preauth/cksum_body plugins/preauth/encrypted_challenge
plugins/preauth/wpse
plugins/authdata/greet
+ plugins/authdata/greet_client
+ plugins/authdata/greet_server
clients clients/klist clients/kinit clients/kvno
clients/kdestroy clients/kpasswd clients/ksu
krb5_int32 nonce;
} krb5_fast_response;
+typedef struct _krb5_ad_kdcissued {
+ krb5_checksum ad_checksum;
+ krb5_principal i_principal;
+ krb5_authdata **elements;
+} krb5_ad_kdcissued;
typedef krb5_error_code (*krb5_preauth_obtain_proc)
(krb5_context,
(krb5_context, krb5_fast_finished *);
void KRB5_CALLCONV krb5_free_fast_response
(krb5_context, krb5_fast_response *);
+void KRB5_CALLCONV krb5_free_ad_kdcissued
+(krb5_context, krb5_ad_kdcissued *);
/* #include "krb5/wordsize.h" -- comes in through base-defs.h. */
#include "com_err.h"
#include "k5-plugin.h"
+#include <krb5/authdata_plugin.h>
+
+struct _krb5_authdata_context {
+ krb5_magic magic;
+ int n_modules;
+ struct _krb5_authdata_context_module {
+ krb5_authdatatype ad_type;
+ void *plugin_context;
+ authdata_client_plugin_fini_proc client_fini;
+ krb5_flags flags;
+ krb5plugin_authdata_client_ftable_v0 *ftable;
+ authdata_client_request_init_proc client_req_init;
+ authdata_client_request_fini_proc client_req_fini;
+ const char *name;
+ void *request_context;
+ void **request_context_pp;
+ } *modules;
+ struct plugin_dir_handle plugins;
+};
+
+typedef struct _krb5_authdata_context *krb5_authdata_context;
+
+void KRB5_CALLCONV krb5int_free_data_list
+(krb5_context context, krb5_data *data);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_context_init
+(krb5_context kcontext, krb5_authdata_context *pcontext);
+
+void KRB5_CALLCONV
+krb5_authdata_context_free
+(krb5_context kcontext, krb5_authdata_context context);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_export_authdata
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage,
+ krb5_authdata ***pauthdata);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_get_attribute_types
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_data **attrs);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_get_attribute
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_set_attribute
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_delete_attribute
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_import_attributes
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage,
+ const krb5_data *attributes);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_export_attributes
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage,
+ krb5_data **pattributes);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_export_internal
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean restrict_authenticated,
+ const char *module,
+ void **ptr);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_context_copy
+(krb5_context kcontext,
+ krb5_authdata_context src,
+ krb5_authdata_context *dst);
+
+krb5_error_code KRB5_CALLCONV krb5_authdata_free_internal
+(krb5_context kcontext,
+ krb5_authdata_context context,
+ const char *module,
+ void *ptr);
+
+
struct _kdb5_dal_handle; /* private, in kdb5.h */
typedef struct _kdb5_dal_handle kdb5_dal_handle;
struct _kdb_log_context;
krb5_error_code encode_krb5_fast_response
(const krb5_fast_response *, krb5_data **);
+krb5_error_code encode_krb5_ad_kdcissued
+(const krb5_ad_kdcissued *, krb5_data **);
+
/*************************************************************************
* End of prototypes for krb5_encode.c
*************************************************************************/
krb5_error_code decode_krb5_fast_response
(const krb5_data *, krb5_fast_response **);
+krb5_error_code decode_krb5_ad_kdcissued
+(const krb5_data *, krb5_ad_kdcissued **);
+
struct _krb5_key_data; /* kdb.h */
struct ldap_seqof_key_data {
krb5_keytab,
krb5_flags *,
krb5_ticket **);
+
krb5_error_code KRB5_CALLCONV krb5_cc_register
(krb5_context,
const krb5_cc_ops *,
krb5_auth_context,
krb5_enctype *);
+krb5_error_code
+krb5_auth_con_get_authdata_context
+ (krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context *ad_context);
+
+krb5_error_code
+krb5_auth_con_set_authdata_context
+ (krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context ad_context);
+
krb5_error_code KRB5_CALLCONV
krb5int_server_decrypt_ticket_keyblock
(krb5_context context,
krb5_keyblock *server_key; /* Key used to generate server signature */
krb5_timestamp authtime; /* Authtime of TGT */
krb5_authdata **auth_data; /* Authorization data from TGT */
+ krb5_keyblock *session_key; /* Reply session key */
} kdb_sign_auth_data_req;
typedef struct _kdb_sign_auth_data_rep {
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* AuthorizationData plugin definitions for Kerberos 5.
*/
* functions.
*/
/* extern krb5plugin_authdata_ftable_v0 authdata_server_0; */
-typedef struct krb5plugin_authdata_ftable_v0 {
+typedef struct krb5plugin_authdata_server_ftable_v0 {
/* Not-usually-visible name. */
char *name;
krb5_data *req_pkt,
krb5_kdc_req *request,
krb5_enc_tkt_part *enc_tkt_reply);
-} krb5plugin_authdata_ftable_v0;
+} krb5plugin_server_authdata_ftable_v0;
-typedef struct krb5plugin_authdata_ftable_v1 {
+typedef krb5plugin_server_authdata_ftable_v0 krb5plugin_authdata_ftable_v0;
+
+typedef struct krb5plugin_authdata_server_ftable_v1 {
/* Not-usually-visible name. */
char *name;
krb5_const_principal for_user_princ,
krb5_enc_tkt_part *enc_tkt_request,
krb5_enc_tkt_part *enc_tkt_reply);
-} krb5plugin_authdata_ftable_v1;
+} krb5plugin_authdata_server_ftable_v1;
+
+typedef krb5plugin_authdata_server_ftable_v1 krb5plugin_authdata_ftable_v1;
+
+typedef krb5_error_code
+(*authdata_client_plugin_init_proc)(krb5_context context,
+ void **plugin_context);
+
+#define AD_USAGE_AS_REQ 0x01
+#define AD_USAGE_TGS_REQ 0x02
+#define AD_USAGE_AP_REQ 0x04
+#define AD_USAGE_KDC_ISSUED 0x08
+#define AD_USAGE_MASK 0x0F
+#define AD_INFORMATIONAL 0x10
+
+struct _krb5_authdata_context;
+
+typedef void
+(*authdata_client_plugin_flags_proc)(krb5_context kcontext,
+ void *plugin_context,
+ krb5_authdatatype ad_type,
+ krb5_flags *flags);
+
+typedef void
+(*authdata_client_plugin_fini_proc)(krb5_context kcontext,
+ void *plugin_context);
+
+typedef krb5_error_code
+(*authdata_client_request_init_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void **request_context);
+
+typedef void
+(*authdata_client_request_fini_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context);
+
+typedef krb5_error_code
+(*authdata_client_import_authdata_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_authdata **authdata,
+ krb5_boolean kdc_issued_flag,
+ krb5_const_principal issuer);
+
+typedef krb5_error_code
+(*authdata_client_export_authdata_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_flags usage,
+ krb5_authdata ***authdata);
+
+typedef krb5_error_code
+(*authdata_client_get_attribute_types_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_data **attrs);
+
+typedef krb5_error_code
+(*authdata_client_get_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more);
+
+typedef krb5_error_code
+(*authdata_client_set_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value);
+
+typedef krb5_error_code
+(*authdata_client_delete_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute);
+
+typedef krb5_error_code
+(*authdata_client_export_internal_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean restrict_authenticated,
+ void **ptr);
+
+typedef void
+(*authdata_client_free_internal_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ void *ptr);
+
+typedef krb5_error_code
+(*authdata_client_verify_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_auth_context *auth_context,
+ const krb5_keyblock *key,
+ const krb5_ap_req *req);
+
+typedef krb5_error_code
+(*authdata_client_size_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ size_t *sizep);
+
+typedef krb5_error_code
+(*authdata_client_externalize_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain);
+
+typedef krb5_error_code
+(*authdata_client_internalize_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain);
+
+typedef krb5_error_code
+(*authdata_client_copy_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ void *dst_plugin_context,
+ void *dst_request_context);
+
+typedef struct krb5plugin_authdata_client_ftable_v0 {
+ char *name;
+ krb5_authdatatype *ad_type_list;
+ authdata_client_plugin_init_proc init;
+ authdata_client_plugin_fini_proc fini;
+ authdata_client_plugin_flags_proc flags;
+ authdata_client_request_init_proc request_init;
+ authdata_client_request_fini_proc request_fini;
+ authdata_client_get_attribute_types_proc get_attribute_types;
+ authdata_client_get_attribute_proc get_attribute;
+ authdata_client_set_attribute_proc set_attribute;
+ authdata_client_delete_attribute_proc delete_attribute;
+ authdata_client_export_authdata_proc export_authdata;
+ authdata_client_import_authdata_proc import_authdata;
+ authdata_client_export_internal_proc export_internal;
+ authdata_client_free_internal_proc free_internal;
+ authdata_client_verify_proc verify;
+ authdata_client_size_proc size;
+ authdata_client_externalize_proc externalize;
+ authdata_client_internalize_proc internalize;
+ authdata_client_copy_proc copy; /* optional */
+} krb5plugin_authdata_client_ftable_v0;
#endif /* KRB5_AUTHDATA_PLUGIN_H_INCLUDED */
krb5_authdata * const*authdata,
krb5_authdata ***container);
+/*
+ * AD-KDCIssued
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_make_authdata_kdc_issued(krb5_context context,
+ const krb5_keyblock *key,
+ krb5_const_principal issuer,
+ krb5_authdata *const *authdata,
+ krb5_authdata ***ad_kdcissued);
+krb5_error_code KRB5_CALLCONV
+krb5_verify_authdata_kdc_issued(krb5_context context,
+ const krb5_keyblock *key,
+ const krb5_authdata *ad_kdcissued,
+ krb5_principal *issuer,
+ krb5_authdata ***authdata);
+
/*
* Windows PAC
*/
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kadmin.h keytab.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kadmin.h keytab.c
$(OUTPRE)keytab_local.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kadmin.h keytab.c \
- keytab_local.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kadmin.h keytab.c keytab_local.c
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_log.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kdb5_util.c kdb5_util.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kdb5_util.c kdb5_util.h
$(OUTPRE)kdb5_create.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_log.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kdb5_create.c kdb5_util.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kdb5_create.c kdb5_util.h
$(OUTPRE)kadm5_create.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kadm5_create.c kdb5_util.h \
- string_table.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kadm5_create.c kdb5_util.h string_table.h
$(OUTPRE)string_table.$(OBJEXT): string_table.c
$(OUTPRE)kdb5_destroy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb5_destroy.c kdb5_util.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb5_destroy.c kdb5_util.h
$(OUTPRE)kdb5_stash.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb5_stash.c kdb5_util.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb5_stash.c kdb5_util.h
$(OUTPRE)import_err.$(OBJEXT): $(COM_ERR_DEPS) import_err.c
$(OUTPRE)strtok.$(OBJEXT): nstrtok.h strtok.c
$(OUTPRE)dump.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h dump.c kdb5_util.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ dump.c kdb5_util.h
$(OUTPRE)ovload.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h import_err.h kdb5_util.h \
- nstrtok.h ovload.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ import_err.h kdb5_util.h nstrtok.h ovload.c
$(OUTPRE)kdb5_mkey.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_log.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kdb5_mkey.c kdb5_util.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kdb5_mkey.c kdb5_util.h
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SS_DEPS) ktutil.c \
- ktutil.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SS_DEPS) ktutil.c ktutil.h
$(OUTPRE)ktutil_ct.$(OBJEXT): $(COM_ERR_DEPS) $(SS_DEPS) \
ktutil_ct.c
$(OUTPRE)ktutil_funcs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ktutil.h ktutil_funcs.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ktutil.h ktutil_funcs.c
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_kt.h \
$(SRCTOP)/include/kdb_log.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(SRCTOP)/lib/gssapi/generic/gssapiP_generic.h $(SRCTOP)/lib/gssapi/generic/gssapi_ext.h \
- $(SRCTOP)/lib/gssapi/generic/gssapi_generic.h $(SRCTOP)/lib/gssapi/krb5/gssapiP_krb5.h \
- misc.h ovsec_kadmd.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/gssapi/generic/gssapiP_generic.h \
+ $(SRCTOP)/lib/gssapi/generic/gssapi_ext.h $(SRCTOP)/lib/gssapi/generic/gssapi_generic.h \
+ $(SRCTOP)/lib/gssapi/krb5/gssapiP_krb5.h misc.h ovsec_kadmd.c
$(OUTPRE)schpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h misc.h schpw.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ misc.h schpw.c
$(OUTPRE)misc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h misc.c misc.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ misc.c misc.h
$(OUTPRE)ipropd_svc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h misc.h network.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ misc.h network.c
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h dispatch.c extern.h \
- kdc_util.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ dispatch.c extern.h kdc_util.h
$(OUTPRE)do_as_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- do_as_req.c extern.h kdc_util.h policy.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h do_as_req.c extern.h \
+ kdc_util.h policy.h
$(OUTPRE)do_tgs_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h do_tgs_req.c extern.h \
- kdc_util.h policy.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ do_tgs_req.c extern.h kdc_util.h policy.h
$(OUTPRE)fast_util.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- extern.h fast_util.c kdc_util.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h extern.h fast_util.c \
+ kdc_util.h
$(OUTPRE)kdc_util.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- extern.h kdc_util.c kdc_util.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h extern.h kdc_util.c \
+ kdc_util.h
$(OUTPRE)kdc_preauth.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h extern.h kdc_preauth.c \
- kdc_util.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ extern.h kdc_preauth.c kdc_util.h
$(OUTPRE)main.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/kdb_kt.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h extern.h kdc5_err.h \
- kdc_util.h main.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ extern.h kdc5_err.h kdc_util.h main.c
$(OUTPRE)network.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- extern.h kdc5_err.h kdc_util.h network.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h extern.h kdc5_err.h \
+ kdc_util.h network.c
$(OUTPRE)policy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- extern.h kdc_util.h policy.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h extern.h kdc_util.h \
+ policy.c
$(OUTPRE)extern.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h extern.c extern.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ extern.c extern.h
$(OUTPRE)replay.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- extern.h kdc_util.h replay.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h extern.h kdc_util.h \
+ replay.c
$(OUTPRE)kdc_authdata.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
else
enc_tkt_reply.client = header_enc_tkt->client;
+ enc_tkt_reply.session = &session_key;
+ enc_tkt_reply.transited.tr_type = KRB5_DOMAIN_X500_COMPRESS;
+ enc_tkt_reply.transited.tr_contents = empty_string; /* equivalent of "" */
+
errcode = handle_authdata(kdc_context,
c_flags,
(c_nprincs != 0) ? &client : NULL,
}
}
- enc_tkt_reply.session = &session_key;
- enc_tkt_reply.transited.tr_type = KRB5_DOMAIN_X500_COMPRESS;
- enc_tkt_reply.transited.tr_contents = empty_string; /* equivalent of "" */
-
/*
* Only add the realm of the presented tgt to the transited list if
* it is different than the local realm (cross-realm) and it is different
}
/* Count the valid modules. */
- module_count = sizeof(static_authdata_systems)
- / sizeof(static_authdata_systems[0]);
+ module_count = 0;
if (authdata_plugins_ftables_v1 != NULL) {
- struct krb5plugin_authdata_ftable_v1 *ftable;
+ struct krb5plugin_authdata_server_ftable_v1 *ftable;
for (i = 0; authdata_plugins_ftables_v1[i] != NULL; i++) {
ftable = authdata_plugins_ftables_v1[i];
}
if (authdata_plugins_ftables_v0 != NULL) {
- struct krb5plugin_authdata_ftable_v0 *ftable;
+ struct krb5plugin_authdata_server_ftable_v0 *ftable;
for (i = 0; authdata_plugins_ftables_v0[i] != NULL; i++) {
ftable = authdata_plugins_ftables_v0[i];
}
}
+ module_count += sizeof(static_authdata_systems)
+ / sizeof(static_authdata_systems[0]);
+
/* Build the complete list of supported authdata options, and
* leave room for a terminator entry. */
authdata_systems = calloc(module_count + 1, sizeof(krb5_authdata_systems));
goto cleanup;
}
- /* Add the locally-supplied mechanisms to the dynamic list first. */
- for (i = 0, k = 0;
- i < sizeof(static_authdata_systems) / sizeof(static_authdata_systems[0]);
- i++) {
- authdata_systems[k] = static_authdata_systems[i];
- /* Try to initialize the authdata system. If it fails, we'll remove it
- * from the list of systems we'll be using. */
- server_init_proc = static_authdata_systems[i].init;
- if ((server_init_proc != NULL) &&
- ((*server_init_proc)(context, &authdata_systems[k].plugin_context) != 0)) {
- memset(&authdata_systems[k], 0, sizeof(authdata_systems[k]));
- continue;
- }
- k++;
- }
+ k = 0;
/* Add dynamically loaded V1 plugins */
if (authdata_plugins_ftables_v1 != NULL) {
- struct krb5plugin_authdata_ftable_v1 *ftable;
+ struct krb5plugin_authdata_server_ftable_v1 *ftable;
for (i = 0; authdata_plugins_ftables_v1[i] != NULL; i++) {
krb5_error_code initerr;
/* Add dynamically loaded V0 plugins */
if (authdata_plugins_ftables_v0 != NULL) {
- struct krb5plugin_authdata_ftable_v0 *ftable;
+ struct krb5plugin_authdata_server_ftable_v0 *ftable;
for (i = 0; authdata_plugins_ftables_v0[i] != NULL; i++) {
krb5_error_code initerr;
}
}
+ /* Add the locally-supplied mechanisms to the dynamic list first. */
+ for (i = 0;
+ i < sizeof(static_authdata_systems) / sizeof(static_authdata_systems[0]);
+ i++) {
+ authdata_systems[k] = static_authdata_systems[i];
+ /* Try to initialize the authdata system. If it fails, we'll remove it
+ * from the list of systems we'll be using. */
+ server_init_proc = static_authdata_systems[i].init;
+ if ((server_init_proc != NULL) &&
+ ((*server_init_proc)(context, &authdata_systems[k].plugin_context) != 0)) {
+ memset(&authdata_systems[k], 0, sizeof(authdata_systems[k]));
+ continue;
+ }
+ k++;
+ }
+
n_authdata_systems = k;
/* Add the end-of-list marker. */
authdata_systems[k].name = "[end]";
server_key, /* U2U or server key */
enc_tkt_reply->times.authtime,
tgs_req ? enc_tkt_request->authorization_data : NULL,
+ enc_tkt_reply->session,
&db_authdata,
&ad_entry,
&ad_nprincs);
krb5_keyblock *server_key,
krb5_timestamp authtime,
krb5_authdata **tgs_authdata,
+ krb5_keyblock *session_key,
krb5_authdata ***ret_authdata,
krb5_db_entry *ad_entry,
int *ad_nprincs)
req.server_key = server_key;
req.authtime = authtime;
req.auth_data = tgs_authdata;
+ req.session_key = session_key;
rep.entry = ad_entry;
rep.nprincs = 0;
krb5_keyblock *server_key,
krb5_timestamp authtime,
krb5_authdata **tgs_authdata,
+ krb5_keyblock *session_key,
krb5_authdata ***ret_authdata,
krb5_db_entry *ad_entry,
int *ad_nprincs);
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- daemon.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h daemon.c
dummy.so dummy.po $(OUTPRE)dummy.$(OBJEXT): dummy.c
myfulldir=lib/crypto/builtin/aes
mydir=lib/crypto/builtin/aes
BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include
DEFS=
##DOS##BUILDTOP = ..\..\..\..
depend:: $(SRCS)
-aes-gen: aes-gen.o $(GEN_OBJS)
- $(CC_LINK) -o aes-gen aes-gen.o $(GEN_OBJS)
+../../$(CIMPL)/aes-gen: ../../$(CIMPL)/aes-gen.o $(GEN_OBJS)
+ $(CC_LINK) -I../../../../include $(LOCALINCLUDES) -o ../../$(CIMPL)/aes-gen ../../$(CIMPL)/aes-gen.o $(GEN_OBJS)
-run-aes-gen: aes-gen
- ./aes-gen > kresults.out
+run-aes-gen: ../../$(CIMPL)/aes-gen
+ ../../$(CIMPL)/aes-gen > kresults.out
check:: run-aes-gen
clean-unix:: clean-libobjs
clean::
- -$(RM) aes-gen aes-gen.o kresults.out
+ -$(RM) ../../$(CIMPL)/aes-gen ../../$(CIMPL)/aes-gen.o ../../$(CIMPL)/kresults.out
@libobj_frag@
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/aes/aes_s2k.c $(srcdir)/../../builtin/aes/aes_s2k.h \
- $(srcdir)/../../krb/dk/dk.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/aes/aes_s2k.c \
+ $(srcdir)/../../builtin/aes/aes_s2k.h $(srcdir)/../../krb/dk/dk.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.c \
- $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../krb/hash_provider/hash_provider.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
+ $(srcdir)/../../builtin/arcfour/arcfour.c $(srcdir)/../../builtin/arcfour/arcfour.h \
+ $(srcdir)/../hash_provider/hash_provider.h
arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
- $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/arcfour/arcfour_aead.c \
- $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
+ $(srcdir)/../../builtin/arcfour/arcfour_aead.c $(srcdir)/../../krb/aead.h \
+ $(srcdir)/../../krb/cksumtypes.h
arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-utf8.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
- $(srcdir)/../../builtin/arcfour/arcfour_s2k.c $(srcdir)/../md4/rsa-md4.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
+ $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/arcfour/arcfour_s2k.c \
+ $(srcdir)/../../builtin/md4/rsa-md4.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../builtin/hmac.c $(srcdir)/../krb/aead.h \
- $(srcdir)/../krb/cksumtypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/hmac.c \
+ $(srcdir)/../krb/aead.h $(srcdir)/../krb/cksumtypes.h
pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../builtin/pbkdf2.c $(srcdir)/../builtin/hash_provider/hash_provider.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../builtin/pbkdf2.c
##DOS##PREFIXDIR=des
##DOS##OBJFILE=..\$(OUTPRE)des.lst
+RUN_SETUP = @KRB5_RUN_ENV@
PROG_LIBPATH=-L$(TOPLIBD)
PROG_RPATH=$(KRB5_LIBDIR)
$(srcdir)/../../$(CIMPL)/weak_key.c \
$(srcdir)/../../$(CIMPL)/string2key.c
+EXTRADEPSRCS = $(SRCDIR)destest.c
+
##DOS##LIBOBJS = $(OBJS)
+TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
+ $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
+ $(OUTPRE)f_cksum.$(OBJEXT)
+
+destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
+ $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
+
all-unix:: all-libobjs
+check-unix:: destest
+ $(RUN_SETUP) $(VALGRIND) ./destest < $(srcdir)/keytest.data
+
includes:: depend
depend:: $(SRCS)
check-windows::
-clean::
+clean::
+ $(RM) destest.$(OBJEXT) destest$(EXEEXT)
clean-unix:: clean-libobjs
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/afsstring2key.c \
- $(srcdir)/../../builtin/des/des_int.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/afsstring2key.c $(srcdir)/../../builtin/des/des_int.h
d3_cbc.so d3_cbc.po $(OUTPRE)d3_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/d3_cbc.c $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/f_tables.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/d3_cbc.c \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_tables.h
d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/d3_aead.c $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/f_tables.h $(srcdir)/../../krb/aead.h \
- $(srcdir)/../../krb/cksumtypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/d3_aead.c \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_tables.h \
+ $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h
d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/d3_kysched.c \
- $(srcdir)/../../builtin/des/des_int.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/d3_kysched.c $(srcdir)/../../builtin/des/des_int.h
f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_aead.c \
- $(srcdir)/../../builtin/des/f_tables.h $(srcdir)/../../krb/aead.h \
- $(srcdir)/../../krb/cksumtypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/des/f_aead.c $(srcdir)/../../builtin/des/f_tables.h \
+ $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h
f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_cbc.c \
- $(srcdir)/../../builtin/des/f_tables.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/des/f_cbc.c $(srcdir)/../../builtin/des/f_tables.h
f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_cksum.c \
- $(srcdir)/../../builtin/des/f_tables.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/des/f_cksum.c $(srcdir)/../../builtin/des/f_tables.h
f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/f_parity.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_parity.c
f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_sched.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/des/f_sched.c
f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/f_tables.c $(srcdir)/../../builtin/des/f_tables.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/f_tables.c \
+ $(srcdir)/../../builtin/des/f_tables.h
key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/key_sched.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/key_sched.c
weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/weak_key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/weak_key.c
string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/des/string2key.c
+destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+ $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+ $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
$(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/des/string2key.c
+ $(SRCTOP)/include/socket-utils.h des_int.h destest.c
krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+ if (ivec != NULL)
+ memcpy(ivec->data, blockN2, BLOCK_SIZE);
+
/* Decrypt second last block */
dec(tmp2, blockN2, &ctx);
/* Set tmp2 to last (possibly partial) plaintext block, and
memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE);
dec(tmp3, tmp2, &ctx);
xorblock(tmp3, tmp);
- /* Copy out ivec first before we clobber blockN1 with plaintext */
- if (ivec != NULL)
- memcpy(ivec->data, blockN1, BLOCK_SIZE);
memcpy(blockN1, tmp3, BLOCK_SIZE);
/* Put the last two blocks back into the iovec */
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/enc_provider/des.c \
- $(srcdir)/../../builtin/enc_provider/enc_provider.h \
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/enc_provider/des.c $(srcdir)/../../builtin/enc_provider/enc_provider.h \
$(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
$(srcdir)/../../krb/rand2key/rand2key.h
des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/enc_provider/des3.c \
- $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
- $(srcdir)/../../krb/rand2key/rand2key.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ $(srcdir)/../../builtin/enc_provider/des3.c $(srcdir)/../../krb/aead.h \
+ $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h
aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
- $(srcdir)/../../builtin/enc_provider/aes.c $(srcdir)/../../builtin/enc_provider/enc_provider.h \
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/aes/aes.h \
+ $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/enc_provider/aes.c \
+ $(srcdir)/../../builtin/enc_provider/enc_provider.h \
$(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
$(srcdir)/../../krb/rand2key/rand2key.h
rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
- $(srcdir)/../../builtin/enc_provider/enc_provider.h \
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
+ $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/enc_provider/enc_provider.h \
$(srcdir)/../../builtin/enc_provider/rc4.c $(srcdir)/../../krb/aead.h \
$(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../krb/crc32/crc-32.h \
- hash_crc32.c hash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/hash_provider/hash_crc32.c \
+ $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../krb/crc32/crc-32.h
hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/md4/rsa-md4.h \
- hash_md4.c hash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/hash_provider/hash_md4.c $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../builtin/md4/rsa-md4.h
hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/md5/rsa-md5.h \
- hash_md5.c hash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/hash_provider/hash_md5.c $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../builtin/md5/rsa-md5.h
hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/sha1/shs.h \
- hash_provider.h hash_sha1.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../builtin/hash_provider/hash_sha1.c $(srcdir)/../../builtin/sha1/shs.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/md4/md4.c $(srcdir)/../../builtin/md4/rsa-md4.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/md4/md4.c \
+ $(srcdir)/../../builtin/md4/rsa-md4.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/md5/md5.c $(srcdir)/../../builtin/md5/rsa-md5.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/md5/md5.c \
+ $(srcdir)/../../builtin/md5/rsa-md5.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/sha1/shs.c $(srcdir)/../../builtin/sha1/shs.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/sha1/shs.c \
+ $(srcdir)/../../builtin/sha1/shs.h
check-unix:: t_nfold t_encrypt t_prf t_prng t_hmac t_cf2 \
t_cksum4 t_cksum5 \
- aes-test verify destest t_afss2k \
+ aes-test verify t_afss2k \
t_mddriver4 t_mddriver \
- t_shs t_shs3 t_crc
+ t_shs t_shs3 t_crc t_cts
$(RUN_SETUP) $(VALGRIND) ./t_nfold
$(RUN_SETUP) $(VALGRIND) ./t_encrypt
$(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
$(RUN_SETUP) $(VALGRIND) ./verify -z
$(RUN_SETUP) $(VALGRIND) ./verify -m
$(RUN_SETUP) $(VALGRIND) ./verify
- $(RUN_SETUP) $(VALGRIND) ./destest < $(srcdir)/keytest.data
$(RUN_SETUP) $(VALGRIND) ./t_afss2k
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver4 -x
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x
vectors$(EXEEXT): vectors.$(OBJEXT) $(CRYPTO_DEPLIB) $(SUPPORT_DEPLIB)
$(CC_LINK) -o $@ vectors.$(OBJEXT) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB)
-# t_cts$(EXEEXT): t_cts.$(OBJEXT) $(CRYPTO_DEPLIB) $(SUPPORT_DEPLIB)
-# $(CC_LINK) -o $@ t_cts.$(OBJEXT) \
-# $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB)
+ t_cts$(EXEEXT): t_cts.$(OBJEXT) $(CRYPTO_DEPLIB) $(SUPPORT_DEPLIB)
+ $(CC_LINK) -o $@ t_cts.$(OBJEXT) \
+ $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB)
t_cksum4.o: $(srcdir)/t_cksum.c
$(CC) -DMD=4 $(ALL_CFLAGS) -o t_cksum4.o -c $(srcdir)/t_cksum.c
verify$(EXEEXT): t_verify.$(OBJEXT) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
$(CC_LINK) -o $@ t_verify.$(OBJEXT) -lcom_err $(SUPPORT_LIB) -lk5crypto
-destest$(EXEEXT): destest.$(OBJEXT) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB) -lk5crypto
-
t_afss2k: t_afss2k.$(OBJEXT) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
$(CC_LINK) -o $@ t_afss2k.$(OBJEXT) -lcom_err $(SUPPORT_LIB) -lk5crypto
clean::
- $(RM) t_nfold.o t_nfold t_encrypt t_encrypt.o t_prng.o t_prng \
- t_hmac.o t_hmac t_pkcs5.o t_pkcs5 pbkdf2.o t_prf t_prf.o t_cf2 t_cf2.o \
- aes-test.o aes-test vt.txt vk.txt kresults.out \
- destest.o destest \
- t_afss2k.o t_afss2k t_cksum.o t_cksum \
- t_crc.o t_crc t_cts.o t_cts \
- t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
+ $(RM) t_nfold.o t_nfold nfold.$(OBJEXT) t_encrypt t_encrypt.o \
+ t_prng.o t_prng t_hmac.o t_hmac t_pkcs5.o t_pkcs5 pbkdf2.o \
+ t_prf t_prf.o t_cf2 t_cf2.o \
+ aes-test.o aes-test vt.txt vk.txt kresults.out \
+ t_afss2k.o t_afss2k t_cksum.o t_cksum \
+ t_crc.o t_crc t_cts.o t_cts \
+ t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \
t_shs3 t_shs3.o t_shs t_shs.o verify t_verify.o \
- t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \
+ t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \
t_shs$(EXEEXT) t_shs.$(OBJEXT) t_shs3$(EXEEXT) t_shs3.$(OBJEXT)
-$(RM) t_prng.output
"I would like the General Gau's Chicken, please, and wonton soup.";
static const unsigned char aeskey[16] = "chicken teriyaki";
static const int lengths[] = { 17, 31, 32, 47, 48, 64 };
- extern krb5_error_code krb5int_aes_encrypt(const krb5_keyblock *,
- const krb5_data *,
- const krb5_data *,
- krb5_data *);
int i;
char outbuf[64], encivbuf[16], decivbuf[16], outbuf2[64];
krb5_data in, out, enciv, deciv, out2;
- krb5_keyblock key;
+ krb5_keyblock keyblock;
+ krb5_key key;
krb5_error_code err;
in.data = input;
enciv.length = deciv.length = 16;
enciv.data = encivbuf;
deciv.data = decivbuf;
- key.contents = aeskey;
- key.length = 16;
+ keyblock.contents = aeskey;
+ keyblock.length = 16;
+
+ err = krb5_k_create_key(NULL, &keyblock, &key);
+ if (err) {
+ printf("error %ld from krb5_k_create_key\n", (long)err);
+ exit(1);
+ }
memset(enciv.data, 0, 16);
- printk("AES 128-bit key", &key);
+ printk("AES 128-bit key", &keyblock);
for (i = 0; i < sizeof(lengths)/sizeof(lengths[0]); i++) {
memset(enciv.data, 0, 16);
memset(deciv.data, 0, 16);
printf("\n");
in.length = out.length = lengths[i];
printd("IV", &enciv);
- err = krb5int_aes_encrypt(&key, &enciv, &in, &out);
+ err = krb5int_aes_encrypt(key, &enciv, &in, &out);
if (err) {
printf("error %ld from krb5int_aes_encrypt\n", (long)err);
exit(1);
printd("Output", &out);
printd("Next IV", &enciv);
out2.length = out.length;
- err = krb5int_aes_decrypt(&key, &deciv, &out, &out2);
+ err = krb5int_aes_decrypt(key, &deciv, &out, &out2);
if (err) {
printf("error %ld from krb5int_aes_decrypt\n", (long)err);
exit(1);
if (out.data == NULL || out2.data == NULL
|| check.data == NULL || check2.data == NULL)
abort();
+ out.magic = KV5M_DATA;
out.length = 2048;
+ out2.magic = KV5M_DATA;
out2.length = 2048;
check.length = 2048;
check2.length = 2048;
compare_results(&in, &iov[1].data));
/* Set up iovecs for AEAD encryption. */
+ signdata.magic = KV5M_DATA;
signdata.data = (char *) "This should be signed";
signdata.length = strlen(signdata.data);
iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
krb5_c_decrypt (context, keyblock, 9, 0, &enc_out, &check));
test ("Comparing", compare_results (&in, &check));
+ krb5_free_keyblock (context, keyblock);
free(out.data);
free(out2.data);
free(check.data);
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- crc-32.h crc32.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h crc-32.h crc32.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/dk/dk.h aead.c aead.h cksumtypes.h etypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/dk/dk.h \
+ aead.c aead.h cksumtypes.h etypes.h
block_size.so block_size.po $(OUTPRE)block_size.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h block_size.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ block_size.c etypes.h
checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h checksum_length.c \
- cksumtypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ checksum_length.c cksumtypes.h
cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtype_to_string.c \
- cksumtypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtype_to_string.c cksumtypes.h
cksumtypes.so cksumtypes.po $(OUTPRE)cksumtypes.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/hash_provider/hash_provider.h \
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../builtin/hash_provider/hash_provider.h \
$(srcdir)/keyhash_provider/keyhash_provider.h cksumtypes.c \
cksumtypes.h
coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h coll_proof_cksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h coll_proof_cksum.c
combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/dk/dk.h \
- combine_keys.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/dk/dk.h combine_keys.c etypes.h
crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
- crypto_length.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aead.h cksumtypes.h crypto_length.c etypes.h
crypto_libinit.so crypto_libinit.po $(OUTPRE)crypto_libinit.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h crypto_libinit.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ crypto_libinit.c
default_state.so default_state.po $(OUTPRE)default_state.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h default_state.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ default_state.c
decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- aead.h cksumtypes.h decrypt.c etypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
+ decrypt.c etypes.h
decrypt_iov.so decrypt_iov.po $(OUTPRE)decrypt_iov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
- decrypt_iov.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aead.h cksumtypes.h decrypt_iov.c etypes.h
encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- aead.h cksumtypes.h encrypt.c etypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
+ encrypt.c etypes.h
encrypt_iov.so encrypt_iov.po $(OUTPRE)encrypt_iov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h encrypt_iov.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ encrypt_iov.c etypes.h
encrypt_length.so encrypt_length.po $(OUTPRE)encrypt_length.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
- encrypt_length.c etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aead.h cksumtypes.h encrypt_length.c etypes.h
enctype_compare.so enctype_compare.po $(OUTPRE)enctype_compare.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h enctype_compare.c \
- etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ enctype_compare.c etypes.h
enctype_to_string.so enctype_to_string.po $(OUTPRE)enctype_to_string.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h enctype_to_string.c \
- etypes.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ enctype_to_string.c etypes.h
etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../builtin/aes/aes_s2k.h $(srcdir)/../builtin/arcfour/arcfour.h \
- $(srcdir)/../builtin/des/des_int.h $(srcdir)/../builtin/enc_provider/enc_provider.h \
- $(srcdir)/dk/dk.h $(srcdir)/../builtin/hash_provider/hash_provider.h \
- $(srcdir)/old/old.h $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h \
- etypes.c etypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/aes/aes_s2k.h \
+ $(srcdir)/../builtin/arcfour/arcfour.h $(srcdir)/../builtin/des/des_int.h \
+ $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/dk/dk.h $(srcdir)/old/old.h $(srcdir)/prf/prf_int.h \
+ $(srcdir)/raw/raw.h etypes.c etypes.h
keyblocks.so keyblocks.po $(OUTPRE)keyblocks.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h keyblocks.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ keyblocks.c
keyed_cksum.so keyed_cksum.po $(OUTPRE)keyed_cksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h keyed_cksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h keyed_cksum.c
keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h etypes.h \
- keyed_checksum_types.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h etypes.h keyed_checksum_types.c
keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h keylengths.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h keylengths.c
make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/dk/dk.h \
- cksumtypes.h etypes.h make_checksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/dk/dk.h cksumtypes.h etypes.h make_checksum.c
make_checksum_iov.so make_checksum_iov.po $(OUTPRE)make_checksum_iov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
- make_checksum_iov.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aead.h cksumtypes.h make_checksum_iov.c
make_random_key.so make_random_key.po $(OUTPRE)make_random_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h make_random_key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h make_random_key.c
mandatory_sumtype.so mandatory_sumtype.po $(OUTPRE)mandatory_sumtype.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h mandatory_sumtype.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h mandatory_sumtype.c
nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- nfold.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h nfold.c
old_api_glue.so old_api_glue.po $(OUTPRE)old_api_glue.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h old_api_glue.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ old_api_glue.c
prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- etypes.h prf.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h etypes.h prf.c
cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- cf2.c etypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h cf2.c etypes.h
prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/sha1/shs.h \
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../builtin/enc_provider/enc_provider.h \
+ $(srcdir)/../builtin/sha1/shs.h $(srcdir)/../builtin/yhash.h \
$(srcdir)/yarrow/yarrow.h $(srcdir)/yarrow/ycipher.h \
- $(srcdir)/../builtin/yhash.h $(srcdir)/yarrow/ytypes.h \
- prng.c
+ $(srcdir)/yarrow/ytypes.h prng.c
random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h random_to_key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h random_to_key.c
state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- etypes.h state.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h etypes.h state.c
string_to_cksumtype.so string_to_cksumtype.po $(OUTPRE)string_to_cksumtype.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h string_to_cksumtype.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h string_to_cksumtype.c
string_to_enctype.so string_to_enctype.po $(OUTPRE)string_to_enctype.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h string_to_enctype.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h string_to_enctype.c
string_to_key.so string_to_key.po $(OUTPRE)string_to_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h string_to_key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h string_to_key.c
valid_cksumtype.so valid_cksumtype.po $(OUTPRE)valid_cksumtype.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h valid_cksumtype.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h valid_cksumtype.c
valid_enctype.so valid_enctype.po $(OUTPRE)valid_enctype.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h etypes.h valid_enctype.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ etypes.h valid_enctype.c
verify_checksum.so verify_checksum.po $(OUTPRE)verify_checksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cksumtypes.h verify_checksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cksumtypes.h verify_checksum.c
verify_checksum_iov.so verify_checksum_iov.po $(OUTPRE)verify_checksum_iov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aead.h cksumtypes.h \
- verify_checksum_iov.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aead.h cksumtypes.h verify_checksum_iov.c
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../aead.h \
- $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h checksum.c \
- dk.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \
+ checksum.c dk.h
dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h dk.h \
- dk_aead.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../aead.h \
+ $(srcdir)/../cksumtypes.h dk.h dk_aead.c
dk_decrypt.so dk_decrypt.po $(OUTPRE)dk_decrypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h dk.h dk_decrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ dk.h dk_decrypt.c
dk_encrypt.so dk_encrypt.po $(OUTPRE)dk_encrypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h dk.h dk_encrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ dk.h dk_encrypt.c
derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- derive.c dk.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h derive.c dk.h
stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h dk.h stringtokey.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ dk.h stringtokey.c
--- /dev/null
+thisconfigdir=../../../..
+myfulldir=lib/crypto/krb/enc_provider
+mydir=lib/crypto/krb/enc_provider
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/../../@CRYPTO_IMPL@/des -I$(srcdir)/../../@CRYPTO_IMPL@/arcfour \
+ -I$(srcdir)/../../@CRYPTO_IMPL@/aes -I$(srcdir)/.. -I$(srcdir)/../../@CRYPTO_IMPL@
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=enc_provider
+##DOS##OBJFILE=..\$(OUTPRE)enc_prov.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= des.o des3.o rc4.o aes.o
+
+OBJS= \
+ $(OUTPRE)des.$(OBJEXT) \
+ $(OUTPRE)des3.$(OBJEXT) \
+ $(OUTPRE)aes.$(OBJEXT) \
+ $(OUTPRE)rc4.$(OBJEXT)
+
+SRCS= \
+ $(srcdir)/des.c \
+ $(srcdir)/des3.c \
+ $(srcdir)/aes.c \
+ $(srcdir)/rc4.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
--- /dev/null
+/*
+ * lib/crypto/enc_provider/aes.c
+ *
+ * Copyright (C) 2003, 2007, 2008 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#include "k5-int.h"
+#include "enc_provider.h"
+#include "aes.h"
+#include "../aead.h"
+
+#if 0
+aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]);
+aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+#endif
+
+#define CHECK_SIZES 0
+
+#if 0
+static void printd (const char *descr, krb5_data *d) {
+ int i, j;
+ const int r = 16;
+
+ printf("%s:", descr);
+
+ for (i = 0; i < d->length; i += r) {
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
+#ifdef SHOW_TEXT
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
+#endif
+ }
+ printf("\n");
+}
+#endif
+
+static inline void enc(char *out, const char *in, aes_ctx *ctx)
+{
+ if (aes_enc_blk((const unsigned char *)in, (unsigned char *)out, ctx)
+ != aes_good)
+ abort();
+}
+static inline void dec(char *out, const char *in, aes_ctx *ctx)
+{
+ if (aes_dec_blk((const unsigned char *)in, (unsigned char *)out, ctx)
+ != aes_good)
+ abort();
+}
+
+static void xorblock(char *out, const char *in)
+{
+ int z;
+ for (z = 0; z < BLOCK_SIZE; z++)
+ out[z] ^= in[z];
+}
+
+krb5_error_code
+krb5int_aes_encrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ aes_ctx ctx;
+ char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
+ int nblocks = 0, blockno;
+
+/* CHECK_SIZES; */
+
+ if (aes_enc_key(key->contents, key->length, &ctx) != aes_good)
+ abort();
+
+ if (ivec)
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
+ else
+ memset(tmp, 0, BLOCK_SIZE);
+
+ nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+
+ if (nblocks == 1) {
+ /* XXX Used for DK function. */
+ enc(output->data, input->data, &ctx);
+ } else {
+ unsigned int nleft;
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ xorblock(tmp, input->data + blockno * BLOCK_SIZE);
+ enc(tmp2, tmp, &ctx);
+ memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+
+ /* Set up for next block. */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+ }
+ /* Do final CTS step for last two blocks (the second of which
+ may or may not be incomplete). */
+ xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE);
+ enc(tmp2, tmp, &ctx);
+ nleft = input->length - (nblocks - 1) * BLOCK_SIZE;
+ memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft);
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+
+ memset(tmp3, 0, sizeof(tmp3));
+ memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft);
+ xorblock(tmp, tmp3);
+ enc(tmp2, tmp, &ctx);
+ memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+ if (ivec)
+ memcpy(ivec->data, tmp2, BLOCK_SIZE);
+ }
+
+ return 0;
+}
+
+krb5_error_code
+krb5int_aes_decrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ aes_ctx ctx;
+ char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
+ int nblocks = 0, blockno;
+
+ CHECK_SIZES;
+
+ if (aes_dec_key(key->contents, key->length, &ctx) != aes_good)
+ abort();
+
+ if (ivec)
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
+ else
+ memset(tmp, 0, BLOCK_SIZE);
+
+ nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+
+ if (nblocks == 1) {
+ if (input->length < BLOCK_SIZE)
+ abort();
+ dec(output->data, input->data, &ctx);
+ } else {
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx);
+ xorblock(tmp2, tmp);
+ memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+ memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE);
+ }
+ /* Do last two blocks, the second of which (next-to-last block
+ of plaintext) may be incomplete. */
+ dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx);
+ /* Set tmp3 to last ciphertext block, padded. */
+ memset(tmp3, 0, sizeof(tmp3));
+ memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE,
+ input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Set tmp2 to last (possibly partial) plaintext block, and
+ save it. */
+ xorblock(tmp2, tmp3);
+ memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2,
+ input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Maybe keep the trailing part, and copy in the last
+ ciphertext block. */
+ memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Decrypt, to get next to last plaintext block xor previous
+ ciphertext. */
+ dec(tmp3, tmp2, &ctx);
+ xorblock(tmp3, tmp);
+ memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE);
+ if (ivec)
+ memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE,
+ BLOCK_SIZE);
+ }
+
+ return 0;
+}
+
+static krb5_error_code
+krb5int_aes_encrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ aes_ctx ctx;
+ char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE];
+ int nblocks = 0, blockno;
+ size_t input_length, i;
+
+ if (aes_enc_key(key->contents, key->length, &ctx) != aes_good)
+ abort();
+
+ if (ivec != NULL)
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
+ else
+ memset(tmp, 0, BLOCK_SIZE);
+
+ for (i = 0, input_length = 0; i < num_data; i++) {
+ krb5_crypto_iov *iov = &data[i];
+
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
+ }
+
+ nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+
+ assert(nblocks > 1);
+
+ {
+ char blockN2[BLOCK_SIZE]; /* second last */
+ char blockN1[BLOCK_SIZE]; /* last block */
+ struct iov_block_state input_pos, output_pos;
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ char blockN[BLOCK_SIZE];
+
+ krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
+ xorblock(tmp, blockN);
+ enc(tmp2, tmp, &ctx);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
+
+ /* Set up for next block. */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+ }
+
+ /* Do final CTS step for last two blocks (the second of which
+ may or may not be incomplete). */
+
+ /* First, get the last two blocks */
+ memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
+ krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
+ krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+
+ /* Encrypt second last block */
+ xorblock(tmp, blockN2);
+ enc(tmp2, tmp, &ctx);
+ memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+
+ /* Encrypt last block */
+ xorblock(tmp, blockN1);
+ enc(tmp2, tmp, &ctx);
+ memcpy(blockN1, tmp2, BLOCK_SIZE);
+
+ /* Put the last two blocks back into the iovec (reverse order) */
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
+
+ if (ivec != NULL)
+ memcpy(ivec->data, blockN1, BLOCK_SIZE);
+ }
+
+ return 0;
+}
+
+static krb5_error_code
+krb5int_aes_decrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ aes_ctx ctx;
+ char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
+ int nblocks = 0, blockno;
+ unsigned int i;
+ size_t input_length;
+
+ CHECK_SIZES;
+
+ if (aes_dec_key(key->contents, key->length, &ctx) != aes_good)
+ abort();
+
+ if (ivec != NULL)
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
+ else
+ memset(tmp, 0, BLOCK_SIZE);
+
+ for (i = 0, input_length = 0; i < num_data; i++) {
+ krb5_crypto_iov *iov = &data[i];
+
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
+ }
+
+ nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+
+ assert(nblocks > 1);
+
+ {
+ char blockN2[BLOCK_SIZE]; /* second last */
+ char blockN1[BLOCK_SIZE]; /* last block */
+ struct iov_block_state input_pos, output_pos;
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ char blockN[BLOCK_SIZE];
+
+ krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
+ dec(tmp2, blockN, &ctx);
+ xorblock(tmp2, tmp);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
+ memcpy(tmp, blockN, BLOCK_SIZE);
+ }
+
+ /* Do last two blocks, the second of which (next-to-last block
+ of plaintext) may be incomplete. */
+
+ /* First, get the last two encrypted blocks */
+ memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
+ krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
+ krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+
+ /* Decrypt second last block */
+ dec(tmp2, blockN2, &ctx);
+ /* Set tmp2 to last (possibly partial) plaintext block, and
+ save it. */
+ xorblock(tmp2, blockN1);
+ memcpy(blockN2, tmp2, BLOCK_SIZE);
+
+ /* Maybe keep the trailing part, and copy in the last
+ ciphertext block. */
+ input_length %= BLOCK_SIZE;
+ memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE);
+ dec(tmp3, tmp2, &ctx);
+ xorblock(tmp3, tmp);
+ /* Copy out ivec first before we clobber blockN1 with plaintext */
+ if (ivec != NULL)
+ memcpy(ivec->data, blockN1, BLOCK_SIZE);
+ memcpy(blockN1, tmp3, BLOCK_SIZE);
+
+ /* Put the last two blocks back into the iovec */
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
+ }
+
+ return 0;
+}
+
+static krb5_error_code
+k5_aes_make_key(const krb5_data *randombits, krb5_keyblock *key)
+{
+ if (key->length != 16 && key->length != 32)
+ return(KRB5_BAD_KEYSIZE);
+ if (randombits->length != key->length)
+ return(KRB5_CRYPTO_INTERNAL);
+
+ key->magic = KV5M_KEYBLOCK;
+
+ memcpy(key->contents, randombits->data, randombits->length);
+ return(0);
+}
+
+static krb5_error_code
+krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage,
+ krb5_data *state)
+{
+ state->length = 16;
+ state->data = (void *) malloc(16);
+ if (state->data == NULL)
+ return ENOMEM;
+ memset(state->data, 0, state->length);
+ return 0;
+}
+
+const struct krb5_enc_provider krb5int_enc_aes128 = {
+ 16,
+ 16, 16,
+ krb5int_aes_encrypt,
+ krb5int_aes_decrypt,
+ k5_aes_make_key,
+ krb5int_aes_init_state,
+ krb5int_default_free_state,
+ krb5int_aes_encrypt_iov,
+ krb5int_aes_decrypt_iov
+};
+
+const struct krb5_enc_provider krb5int_enc_aes256 = {
+ 16,
+ 32, 32,
+ krb5int_aes_encrypt,
+ krb5int_aes_decrypt,
+ k5_aes_make_key,
+ krb5int_aes_init_state,
+ krb5int_default_free_state,
+ krb5int_aes_encrypt_iov,
+ krb5int_aes_decrypt_iov
+};
+
--- /dev/null
+#
+# Generated makefile dependencies follow.
+#
+des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+ $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+ $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../aead.h \
+ $(srcdir)/../cksumtypes.h des.c enc_provider.h
+des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+ $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+ $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../aead.h \
+ $(srcdir)/../cksumtypes.h des3.c
+aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+ $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+ $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+ $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h aes.c \
+ enc_provider.h
+rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+ $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+ $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
+ $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h enc_provider.h \
+ rc4.c
--- /dev/null
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include "enc_provider.h"
+#include "aead.h"
+
+static krb5_error_code
+k5_des_docrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output, int enc)
+{
+ mit_des_key_schedule schedule;
+
+ /* key->enctype was checked by the caller */
+
+ if (key->length != 8)
+ return(KRB5_BAD_KEYSIZE);
+ if ((input->length%8) != 0)
+ return(KRB5_BAD_MSIZE);
+ if (ivec && (ivec->length != 8))
+ return(KRB5_BAD_MSIZE);
+ if (input->length != output->length)
+ return(KRB5_BAD_MSIZE);
+
+ switch (mit_des_key_sched(key->contents, schedule)) {
+ case -1:
+ return(KRB5DES_BAD_KEYPAR);
+ case -2:
+ return(KRB5DES_WEAK_KEY);
+ }
+
+ /* this has a return value, but the code always returns zero */
+
+ mit_des_cbc_encrypt((krb5_pointer) input->data,
+ (krb5_pointer) output->data, input->length,
+ schedule,
+ (ivec
+ ? (const unsigned char *) ivec->data
+ : (const unsigned char *) mit_des_zeroblock),
+ enc);
+
+ memset(schedule, 0, sizeof(schedule));
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des_encrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ return(k5_des_docrypt(key, ivec, input, output, 1));
+}
+
+static krb5_error_code
+k5_des_decrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ return(k5_des_docrypt(key, ivec, input, output, 0));
+}
+
+static krb5_error_code
+k5_des_make_key(const krb5_data *randombits, krb5_keyblock *key)
+{
+ if (key->length != 8)
+ return(KRB5_BAD_KEYSIZE);
+ if (randombits->length != 7)
+ return(KRB5_CRYPTO_INTERNAL);
+
+ key->magic = KV5M_KEYBLOCK;
+ key->length = 8;
+
+ /* take the seven bytes, move them around into the top 7 bits of the
+ 8 key bytes, then compute the parity bits */
+
+ memcpy(key->contents, randombits->data, randombits->length);
+ key->contents[7] = (((key->contents[0]&1)<<1) | ((key->contents[1]&1)<<2) |
+ ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) |
+ ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) |
+ ((key->contents[6]&1)<<7));
+
+ mit_des_fixup_key_parity(key->contents);
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des_docrypt_iov(const krb5_keyblock *key, const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data, int enc)
+{
+ mit_des_key_schedule schedule;
+ size_t input_length = 0;
+ unsigned int i;
+
+ /* key->enctype was checked by the caller */
+
+ if (key->length != 8)
+ return(KRB5_BAD_KEYSIZE);
+
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (ENCRYPT_DATA_IOV(iov))
+ input_length += iov->data.length;
+ }
+
+ if ((input_length % 8) != 0)
+ return(KRB5_BAD_MSIZE);
+ if (ivec && (ivec->length != 8))
+ return(KRB5_BAD_MSIZE);
+
+ switch (mit_des_key_sched(key->contents, schedule)) {
+ case -1:
+ return(KRB5DES_BAD_KEYPAR);
+ case -2:
+ return(KRB5DES_WEAK_KEY);
+ }
+
+ /* this has a return value, but the code always returns zero */
+ if (enc)
+ krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
+ else
+ krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
+
+ memset(schedule, 0, sizeof(schedule));
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des_encrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ return k5_des_docrypt_iov(key, ivec, data, num_data, 1);
+}
+
+static krb5_error_code
+k5_des_decrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ return k5_des_docrypt_iov(key, ivec, data, num_data, 0);
+}
+
+const struct krb5_enc_provider krb5int_enc_des = {
+ 8,
+ 7, 8,
+ k5_des_encrypt,
+ k5_des_decrypt,
+ k5_des_make_key,
+ krb5int_des_init_state,
+ krb5int_default_free_state,
+ k5_des_encrypt_iov,
+ k5_des_decrypt_iov
+};
--- /dev/null
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include "../aead.h"
+
+static krb5_error_code
+validate_and_schedule(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, const krb5_data *output,
+ mit_des3_key_schedule *schedule)
+{
+ /* key->enctype was checked by the caller */
+
+ if (key->length != 24)
+ return(KRB5_BAD_KEYSIZE);
+ if ((input->length%8) != 0)
+ return(KRB5_BAD_MSIZE);
+ if (ivec && (ivec->length != 8))
+ return(KRB5_BAD_MSIZE);
+ if (input->length != output->length)
+ return(KRB5_BAD_MSIZE);
+
+ switch (mit_des3_key_sched(*(mit_des3_cblock *)key->contents,
+ *schedule)) {
+ case -1:
+ return(KRB5DES_BAD_KEYPAR);
+ case -2:
+ return(KRB5DES_WEAK_KEY);
+ }
+ return 0;
+}
+
+static krb5_error_code
+validate_and_schedule_iov(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_crypto_iov *data, size_t num_data,
+ mit_des3_key_schedule *schedule)
+{
+ size_t i, input_length;
+
+ for (i = 0, input_length = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
+ }
+
+ if (key->length != 24)
+ return(KRB5_BAD_KEYSIZE);
+ if ((input_length%8) != 0)
+ return(KRB5_BAD_MSIZE);
+ if (ivec && (ivec->length != 8))
+ return(KRB5_BAD_MSIZE);
+
+ switch (mit_des3_key_sched(*(mit_des3_cblock *)key->contents,
+ *schedule)) {
+ case -1:
+ return(KRB5DES_BAD_KEYPAR);
+ case -2:
+ return(KRB5DES_WEAK_KEY);
+ }
+ return 0;
+}
+
+static krb5_error_code
+k5_des3_encrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ mit_des3_key_schedule schedule;
+ krb5_error_code err;
+
+ err = validate_and_schedule(key, ivec, input, output, &schedule);
+ if (err)
+ return err;
+
+ /* this has a return value, but the code always returns zero */
+ krb5int_des3_cbc_encrypt((krb5_pointer) input->data,
+ (krb5_pointer) output->data, input->length,
+ schedule[0], schedule[1], schedule[2],
+ ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
+
+ zap(schedule, sizeof(schedule));
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des3_decrypt(const krb5_keyblock *key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output)
+{
+ mit_des3_key_schedule schedule;
+ krb5_error_code err;
+
+ err = validate_and_schedule(key, ivec, input, output, &schedule);
+ if (err)
+ return err;
+
+ /* this has a return value, but the code always returns zero */
+ krb5int_des3_cbc_decrypt((krb5_pointer) input->data,
+ (krb5_pointer) output->data, input->length,
+ schedule[0], schedule[1], schedule[2],
+ ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
+
+ zap(schedule, sizeof(schedule));
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des3_make_key(const krb5_data *randombits, krb5_keyblock *key)
+{
+ int i;
+
+ if (key->length != 24)
+ return(KRB5_BAD_KEYSIZE);
+ if (randombits->length != 21)
+ return(KRB5_CRYPTO_INTERNAL);
+
+ key->magic = KV5M_KEYBLOCK;
+ key->length = 24;
+
+ /* take the seven bytes, move them around into the top 7 bits of the
+ 8 key bytes, then compute the parity bits. Do this three times. */
+
+ for (i=0; i<3; i++) {
+ memcpy(key->contents+i*8, randombits->data+i*7, 7);
+ key->contents[i*8+7] = (((key->contents[i*8]&1)<<1) |
+ ((key->contents[i*8+1]&1)<<2) |
+ ((key->contents[i*8+2]&1)<<3) |
+ ((key->contents[i*8+3]&1)<<4) |
+ ((key->contents[i*8+4]&1)<<5) |
+ ((key->contents[i*8+5]&1)<<6) |
+ ((key->contents[i*8+6]&1)<<7));
+
+ mit_des_fixup_key_parity(key->contents+i*8);
+ }
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des3_encrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ mit_des3_key_schedule schedule;
+ krb5_error_code err;
+
+ err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule);
+ if (err)
+ return err;
+
+ /* this has a return value, but the code always returns zero */
+ krb5int_des3_cbc_encrypt_iov(data, num_data,
+ schedule[0], schedule[1], schedule[2],
+ ivec != NULL ? (unsigned char *) ivec->data : NULL);
+
+ zap(schedule, sizeof(schedule));
+
+ return(0);
+}
+
+static krb5_error_code
+k5_des3_decrypt_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ mit_des3_key_schedule schedule;
+ krb5_error_code err;
+
+ err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule);
+ if (err)
+ return err;
+
+ /* this has a return value, but the code always returns zero */
+ krb5int_des3_cbc_decrypt_iov(data, num_data,
+ schedule[0], schedule[1], schedule[2],
+ ivec != NULL ? (unsigned char *) ivec->data : NULL);
+
+ zap(schedule, sizeof(schedule));
+
+ return(0);
+}
+
+const struct krb5_enc_provider krb5int_enc_des3 = {
+ 8,
+ 21, 24,
+ k5_des3_encrypt,
+ k5_des3_decrypt,
+ k5_des3_make_key,
+ krb5int_des_init_state,
+ krb5int_default_free_state,
+ k5_des3_encrypt_iov,
+ k5_des3_decrypt_iov
+};
+
--- /dev/null
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+
+extern const struct krb5_enc_provider krb5int_enc_des;
+extern const struct krb5_enc_provider krb5int_enc_des3;
+extern const struct krb5_enc_provider krb5int_enc_arcfour;
+extern const struct krb5_enc_provider krb5int_enc_aes128;
+extern const struct krb5_enc_provider krb5int_enc_aes256;
+extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
+extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
+
--- /dev/null
+/* arcfour.c
+ *
+ * Copyright (c) 2000 by Computer Science Laboratory,
+ * Rensselaer Polytechnic Institute
+ *
+ * #include STD_DISCLAIMER
+ */
+
+#include "k5-int.h"
+#include "arcfour-int.h"
+#include "enc_provider.h"
+#include "../aead.h"
+/* gets the next byte from the PRNG */
+#if ((__GNUC__ >= 2) )
+static __inline__ unsigned int k5_arcfour_byte(ArcfourContext *);
+#else
+static unsigned int k5_arcfour_byte(ArcfourContext *);
+#endif /* gcc inlines*/
+
+/* Initializes the context and sets the key. */
+static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key,
+ unsigned int keylen);
+
+/* Encrypts/decrypts data. */
+static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest,
+ const unsigned char *src, unsigned int len);
+
+/* Interface layer to kerb5 crypto layer */
+static krb5_error_code
+k5_arcfour_docrypt(const krb5_keyblock *, const krb5_data *,
+ const krb5_data *, krb5_data *);
+
+/* from a random bitstrem, construct a key */
+static krb5_error_code
+k5_arcfour_make_key(const krb5_data *, krb5_keyblock *);
+
+static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd};
+static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc};
+static const struct {
+ size_t length;
+ const unsigned char *data;
+} arcfour_weakkeys[] = {
+ { sizeof (arcfour_weakkey1), arcfour_weakkey1},
+ { sizeof (arcfour_weakkey2), arcfour_weakkey2},
+};
+
+static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx)
+{
+ unsigned int x;
+ unsigned int y;
+ unsigned int sx, sy;
+ unsigned char *state;
+
+ state = ctx->state;
+ x = (ctx->x + 1) & 0xff;
+ sx = state[x];
+ y = (sx + ctx->y) & 0xff;
+ sy = state[y];
+ ctx->x = x;
+ ctx->y = y;
+ state[y] = sx;
+ state[x] = sy;
+ return state[(sx + sy) & 0xff];
+}
+
+static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest,
+ const unsigned char *src, unsigned int len)
+{
+ unsigned int i;
+ for (i = 0; i < len; i++)
+ dest[i] = src[i] ^ k5_arcfour_byte(ctx);
+}
+
+
+static krb5_error_code
+k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key,
+ unsigned int key_len)
+{
+ unsigned int t, u;
+ unsigned int keyindex;
+ unsigned int stateindex;
+ unsigned char* state;
+ unsigned int counter;
+
+ if (key_len != 16)
+ return KRB5_BAD_MSIZE; /*this is probably not the correct error code
+ to return */
+ for (counter=0;
+ counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]);
+ counter++)
+ if (!memcmp(key, arcfour_weakkeys[counter].data,
+ arcfour_weakkeys[counter].length))
+ return KRB5DES_WEAK_KEY; /* most certainly not the correct error */
+
+ state = &ctx->state[0];
+ ctx->x = 0;
+ ctx->y = 0;
+ for (counter = 0; counter < 256; counter++)
+ state[counter] = counter;
+ keyindex = 0;
+ stateindex = 0;
+ for (counter = 0; counter < 256; counter++)
+ {
+ t = state[counter];
+ stateindex = (stateindex + key[keyindex] + t) & 0xff;
+ u = state[stateindex];
+ state[stateindex] = t;
+ state[counter] = u;
+ if (++keyindex >= key_len)
+ keyindex = 0;
+ }
+ return 0;
+}
+
+
+/* The workhorse of the arcfour system, this impliments the cipher */
+static krb5_error_code
+k5_arcfour_docrypt(const krb5_keyblock *key, const krb5_data *state,
+ const krb5_data *input, krb5_data *output)
+{
+ ArcfourContext *arcfour_ctx;
+ ArcFourCipherState *cipher_state;
+ int ret;
+
+ if (key->length != 16)
+ return(KRB5_BAD_KEYSIZE);
+ if (state && (state->length != sizeof (ArcFourCipherState)))
+ return(KRB5_BAD_MSIZE);
+ if (input->length != output->length)
+ return(KRB5_BAD_MSIZE);
+
+ if (state) {
+ cipher_state = (ArcFourCipherState *) state->data;
+ arcfour_ctx=&cipher_state->ctx;
+ if (cipher_state->initialized == 0) {
+ if ((ret=k5_arcfour_init(arcfour_ctx, key->contents, key->length))) {
+ return ret;
+ }
+ cipher_state->initialized = 1;
+ }
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length);
+ }
+ else {
+ arcfour_ctx=malloc(sizeof (ArcfourContext));
+ if (arcfour_ctx == NULL)
+ return ENOMEM;
+ if ((ret=k5_arcfour_init(arcfour_ctx, key->contents, key->length))) {
+ free(arcfour_ctx);
+ return (ret);
+ }
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data,
+ (const unsigned char * ) input->data, input->length);
+ memset(arcfour_ctx, 0, sizeof (ArcfourContext));
+ free(arcfour_ctx);
+ }
+
+ return 0;
+}
+
+/* In-place encryption */
+static krb5_error_code
+k5_arcfour_docrypt_iov(const krb5_keyblock *key,
+ const krb5_data *state,
+ krb5_crypto_iov *data,
+ size_t num_data)
+{
+ ArcfourContext *arcfour_ctx = NULL;
+ ArcFourCipherState *cipher_state = NULL;
+ krb5_error_code ret;
+ size_t i;
+
+ if (key->length != 16)
+ return KRB5_BAD_KEYSIZE;
+ if (state != NULL && (state->length != sizeof(ArcFourCipherState)))
+ return KRB5_BAD_MSIZE;
+
+ if (state != NULL) {
+ cipher_state = (ArcFourCipherState *)state->data;
+ arcfour_ctx = &cipher_state->ctx;
+ if (cipher_state->initialized == 0) {
+ ret = k5_arcfour_init(arcfour_ctx, key->contents, key->length);
+ if (ret != 0)
+ return ret;
+
+ cipher_state->initialized = 1;
+ }
+ } else {
+ arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext));
+ if (arcfour_ctx == NULL)
+ return ENOMEM;
+
+ ret = k5_arcfour_init(arcfour_ctx, key->contents, key->length);
+ if (ret != 0) {
+ free(arcfour_ctx);
+ return ret;
+ }
+ }
+
+ for (i = 0; i < num_data; i++) {
+ krb5_crypto_iov *iov = &data[i];
+
+ if (ENCRYPT_IOV(iov))
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data,
+ (const unsigned char *)iov->data.data, iov->data.length);
+ }
+
+ if (state == NULL) {
+ memset(arcfour_ctx, 0, sizeof(ArcfourContext));
+ free(arcfour_ctx);
+ }
+
+ return 0;
+}
+
+static krb5_error_code
+k5_arcfour_make_key(const krb5_data *randombits, krb5_keyblock *key)
+{
+ if (key->length != 16)
+ return(KRB5_BAD_KEYSIZE);
+ if (randombits->length != 16)
+ return(KRB5_CRYPTO_INTERNAL);
+
+ key->magic = KV5M_KEYBLOCK;
+ key->length = 16;
+
+ memcpy(key->contents, randombits->data, randombits->length);
+
+ return(0);
+}
+
+static krb5_error_code
+k5_arcfour_init_state (const krb5_keyblock *key,
+ krb5_keyusage keyusage, krb5_data *new_state)
+{
+ /* Note that we can't actually set up the state here because the key
+ * will change between now and when encrypt is called
+ * because it is data dependent. Yeah, this has strange
+ * properties. --SDH
+ */
+ new_state->length = sizeof (ArcFourCipherState);
+ new_state->data = malloc (new_state->length);
+ if (new_state->data) {
+ memset (new_state->data, 0 , new_state->length);
+ /* That will set initialized to zero*/
+ }else {
+ return (ENOMEM);
+ }
+ return 0;
+}
+
+/* Since the arcfour cipher is identical going forwards and backwards,
+ we just call "docrypt" directly
+*/
+const struct krb5_enc_provider krb5int_enc_arcfour = {
+ /* This seems to work... although I am not sure what the
+ implications are in other places in the kerberos library */
+ 1,
+ /* Keysize is arbitrary in arcfour, but the constraints of the
+ system, and to attempt to work with the MSFT system forces us
+ to 16byte/128bit. Since there is no parity in the key, the
+ byte and length are the same. */
+ 16, 16,
+ k5_arcfour_docrypt,
+ k5_arcfour_docrypt,
+ k5_arcfour_make_key,
+ k5_arcfour_init_state, /*xxx not implemented yet*/
+ krb5int_default_free_state,
+ k5_arcfour_docrypt_iov,
+ k5_arcfour_docrypt_iov
+};
+
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/des/des_int.h descbc.c keyhash_provider.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
+ descbc.c keyhash_provider.h
k5_md4des.so k5_md4des.po $(OUTPRE)k5_md4des.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/md4/rsa-md4.h k5_md4des.c keyhash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/md4/rsa-md4.h \
+ k5_md4des.c keyhash_provider.h
k5_md5des.so k5_md5des.po $(OUTPRE)k5_md5des.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- $(srcdir)/../../builtin/md5/rsa-md5.h k5_md5des.c keyhash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h $(srcdir)/../../builtin/md5/rsa-md5.h \
+ k5_md5des.c keyhash_provider.h
hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
- $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/md5/rsa-md5.h \
- $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h $(srcdir)/../../builtin/hash_provider/hash_provider.h \
- hmac_md5.c keyhash_provider.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
+ $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../builtin/md5/rsa-md5.h $(srcdir)/../aead.h \
+ $(srcdir)/../cksumtypes.h hmac_md5.c keyhash_provider.h
md5_hmac.so md5_hmac.po $(OUTPRE)md5_hmac.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/arcfour/arcfour-int.h \
- $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/md5/rsa-md5.h \
- $(srcdir)/../../builtin/hash_provider/hash_provider.h keyhash_provider.h \
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/arcfour/arcfour-int.h $(srcdir)/../../builtin/arcfour/arcfour.h \
+ $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ $(srcdir)/../../builtin/md5/rsa-md5.h keyhash_provider.h \
md5_hmac.c
krb5_crypto_iov iov[1];
iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
- iov[0].data = *input;
+ iov[0].data.data = input->data;
+ iov[0].data.length = input->length;
assert(keyhash->hash_iov != NULL);
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/des/des_int.h \
- des_stringtokey.c old.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../builtin/des/des_int.h des_stringtokey.c \
+ old.h
old_decrypt.so old_decrypt.po $(OUTPRE)old_decrypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h old.h old_decrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ old.h old_decrypt.c
old_encrypt.so old_encrypt.po $(OUTPRE)old_encrypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h old.h old_encrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ old.h old_encrypt.c
input.data = in;
input.length = in_length;
+ key.enctype = ENCTYPE_NULL;
key.length = seed_length;
key.contents = seed;
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- des_prf.c prf_int.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h des_prf.c prf_int.h
dk_prf.so dk_prf.po $(OUTPRE)dk_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../dk/dk.h dk_prf.c prf_int.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../dk/dk.h \
+ dk_prf.c prf_int.h
rc4_prf.so rc4_prf.po $(OUTPRE)rc4_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/hash_provider/hash_provider.h prf_int.h \
- rc4_prf.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/hash_provider/hash_provider.h \
+ prf_int.h rc4_prf.c
myfulldir=lib/crypto/krb/rand2key
mydir=lib/crypto/krb/rand2key
BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.
+LOCALINCLUDES = -I$(srcdir)/. -I$(srcdir)/../../@CRYPTO_IMPL@/des
DEFS=
##DOS##BUILDTOP = ..\..\..\..
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h aes_rand2key.c rand2key.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ aes_rand2key.c rand2key.h
des_rand2key.so des_rand2key.po $(OUTPRE)des_rand2key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_rand2key.c rand2key.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ des_rand2key.c rand2key.h
des3_rand2key.so des3_rand2key.po $(OUTPRE)des3_rand2key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des3_rand2key.c rand2key.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ des3_rand2key.c rand2key.h
rc4_rand2key.so rc4_rand2key.po $(OUTPRE)rc4_rand2key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h rand2key.h rc4_rand2key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ rand2key.h rc4_rand2key.c
#include "rand2key.h"
+#include "des_int.h"
krb5_error_code
krb5int_des_make_key(const krb5_data *randombits, krb5_keyblock *key)
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h raw.h raw_decrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ raw.h raw_decrypt.c
raw_encrypt.so raw_encrypt.po $(OUTPRE)raw_encrypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h raw.h raw_encrypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ raw.h raw_encrypt.c
raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../aead.h \
- $(srcdir)/../cksumtypes.h raw.h raw_aead.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h raw.h \
+ raw_aead.c
const struct krb5_keytypes *ktp;
ktp = find_enctype(etype);
- return ((ktp->flags & ETYPE_WEAK) != 0);
+ return (ktp != NULL && (ktp->flags & ETYPE_WEAK) != 0);
}
krb5_crypto_iov iov[1];
iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
- iov[0].data = *data;
+ iov[0].data.data = data->data;
+ iov[0].data.length = data->length;
return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata,
valid);
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/sha1/shs.h yarrow.c yarrow.h \
- ycipher.h yexcep.h $(srcdir)/../../builtin/yhash.h ylock.h ystate.h ytypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/sha1/shs.h \
+ $(srcdir)/../../builtin/yhash.h yarrow.c yarrow.h ycipher.h \
+ yexcep.h ylock.h ystate.h ytypes.h
ycipher.so ycipher.po $(OUTPRE)ycipher.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../../builtin/enc_provider/enc_provider.h \
- $(srcdir)/../../builtin/sha1/shs.h yarrow.h ycipher.c \
- ycipher.h $(srcdir)/../../builtin/yhash.h ytypes.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../../builtin/enc_provider/enc_provider.h \
+ $(srcdir)/../../builtin/sha1/shs.h $(srcdir)/../../builtin/yhash.h \
+ yarrow.h ycipher.c ycipher.h ytypes.h
--- /dev/null
+/*
+ * To be compiled against the AES code from:
+ * http://fp.gladman.plus.com/cryptography_technology/rijndael/index.htm
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include "aes.h"
+
+#define B 16U
+unsigned char key[16];
+unsigned char test_case_len[] = { B+1, 2*B-1, 2*B, 2*B+1, 3*B-1, 3*B, 4*B, };
+#define NTESTS (sizeof(test_case_len))
+struct {
+ unsigned char ivec[16];
+ unsigned char input[4*16];
+ unsigned char output[4*16];
+} test_case[NTESTS];
+aes_ctx ctx, dctx;
+
+static void init ()
+{
+ int i, j, r;
+
+ srand(42);
+ for (i = 0; i < 16; i++)
+ key[i] = 0xff & rand();
+ memset(test_case, 0, sizeof(test_case));
+ for (i = 0; i < NTESTS; i++)
+ for (j = 0; j < test_case_len[i]; j++) {
+ test_case[i].input[j] = 0xff & rand();
+ }
+
+ r = aes_enc_key (key, sizeof(key), &ctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ r = aes_dec_key (key, sizeof(key), &dctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+}
+
+static void hexdump(const unsigned char *ptr, size_t len)
+{
+ int i;
+ for (i = 0; i < len; i++)
+ printf ("%s%02X", (i % 16 == 0) ? "\n " : " ", ptr[i]);
+}
+
+static void fips_test ()
+{
+ static const unsigned char fipskey[16] = {
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
+ };
+ static const unsigned char input[16] = {
+ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
+ };
+ static const unsigned char expected[16] = {
+ 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
+ 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
+ };
+ unsigned char output[16];
+ unsigned char tmp[16];
+ aes_ctx fipsctx;
+ int r;
+
+ printf ("FIPS test:\nkey:");
+ hexdump (fipskey, 16);
+ printf ("\ninput:");
+ hexdump (input, 16);
+ r = aes_enc_key (fipskey, sizeof(fipskey), &fipsctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ r = aes_enc_blk (input, output, &fipsctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ printf ("\noutput:");
+ hexdump (output, 16);
+ printf ("\n");
+ if (memcmp(expected, output, 16))
+ fprintf(stderr, "wrong results!!!\n"), exit (1);
+ r = aes_dec_key (fipskey, sizeof(fipskey), &fipsctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ r = aes_dec_blk (output, tmp, &fipsctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ if (memcmp(input, tmp, 16))
+ fprintf(stderr, "decryption failed!!\n"), exit(1);
+ printf ("ok.\n\n");
+}
+
+static void
+xor (unsigned char *out, const unsigned char *a, const unsigned char *b)
+{
+ int i;
+ for (i = 0; i < B; i++)
+ out[i] = a[i] ^ b[i];
+}
+
+static void
+ecb_enc (unsigned char *out, unsigned char *in, unsigned int len)
+{
+ int i, r;
+ for (i = 0; i < len; i += 16) {
+ r = aes_enc_blk (in + i, out + i, &ctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ }
+ if (i != len) abort ();
+}
+
+static void
+ecb_dec (unsigned char *out, unsigned char *in, unsigned int len)
+{
+ int i, r;
+ for (i = 0; i < len; i += 16) {
+ r = aes_dec_blk (in + i, out + i, &dctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ }
+ if (i != len) abort ();
+}
+
+#define D(X) (printf("%s %d: %s=",__FUNCTION__,__LINE__, #X),hexdump(X,B),printf("\n"))
+
+#undef D
+#define D(X)
+
+static void
+cbc_enc (unsigned char *out, unsigned char *in, unsigned char *iv,
+ unsigned int len)
+{
+ int i, r;
+ unsigned char tmp[B];
+ D(iv);
+ memcpy (tmp, iv, B);
+ for (i = 0; i < len; i += B) {
+ D(in+i);
+ xor (tmp, tmp, in + i);
+ D(tmp);
+ r = aes_enc_blk (tmp, out + i, &ctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ memcpy (tmp, out + i, B);
+ D(out+i);
+ }
+ if (i != len) abort ();
+}
+
+static void
+cbc_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
+ unsigned int len)
+{
+ int i, r;
+ unsigned char tmp[B];
+ memcpy (tmp, iv, B);
+ for (i = 0; i < len; i += B) {
+ r = aes_dec_blk (in + i, tmp, &dctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ xor (tmp, tmp, iv);
+ iv = in + i;
+ memcpy (out + i, tmp, B);
+ }
+ if (i != len) abort ();
+}
+
+static void
+cts_enc (unsigned char *out, unsigned char *in, unsigned char *iv,
+ unsigned int len)
+{
+ int r;
+ unsigned int len2;
+ unsigned char pn1[B], pn[B], cn[B], cn1[B];
+
+ if (len < B + 1) abort ();
+ len2 = (len - B - 1) & ~(B-1);
+ cbc_enc (out, in, iv, len2);
+ out += len2;
+ in += len2;
+ len -= len2;
+ if (len2)
+ iv = out - B;
+ if (len <= B || len > 2 * B)
+ abort ();
+ printf ("(did CBC mode for %d)\n", len2);
+
+ D(in);
+ xor (pn1, in, iv);
+ D(pn1);
+ r = aes_enc_blk (pn1, cn, &ctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ D(cn);
+ memset (pn, 0, sizeof(pn));
+ memcpy (pn, in+B, len-B);
+ D(pn);
+ xor (pn, pn, cn);
+ D(pn);
+ r = aes_enc_blk (pn, cn1, &ctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ D(cn1);
+ memcpy(out, cn1, B);
+ memcpy(out+B, cn, len-B);
+}
+
+static void
+cts_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
+ unsigned int len)
+{
+ int r;
+ unsigned int len2;
+ unsigned char pn1[B], pn[B], cn[B], cn1[B];
+
+ if (len < B + 1) abort ();
+ len2 = (len - B - 1) & ~(B-1);
+ cbc_dec (out, in, iv, len2);
+ out += len2;
+ in += len2;
+ len -= len2;
+ if (len2)
+ iv = in - B;
+ if (len <= B || len > 2 * B)
+ abort ();
+
+ memcpy (cn1, in, B);
+ r = aes_dec_blk (cn1, pn, &dctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ memset (cn, 0, sizeof(cn));
+ memcpy (cn, in+B, len-B);
+ xor (pn, pn, cn);
+ memcpy (cn+len-B, pn+len-B, 2*B-len);
+ r = aes_dec_blk (cn, pn1, &dctx);
+ if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
+ xor (pn1, pn1, iv);
+ memcpy(out, pn1, B);
+ memcpy(out+B, pn, len-B);
+}
+
+static void ecb_test ()
+{
+ int testno;
+ unsigned char tmp[4*B];
+
+ printf ("ECB tests:\n");
+ printf ("key:");
+ hexdump (key, sizeof(key));
+ for (testno = 0; testno < NTESTS; testno++) {
+ unsigned len = (test_case_len[testno] + 15) & ~15;
+ printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("input:");
+ hexdump (test_case[testno].input, len);
+ printf ("\n");
+ ecb_enc (test_case[testno].output, test_case[testno].input, len);
+ printf ("output:");
+ hexdump (test_case[testno].output, len);
+ printf ("\n");
+ ecb_dec (tmp, test_case[testno].output, len);
+ if (memcmp (tmp, test_case[testno].input, len)) {
+ printf ("ecb decrypt failed!!");
+ hexdump (tmp, len);
+ printf ("\n");
+ exit (1);
+ }
+ }
+ printf ("\n");
+}
+
+unsigned char ivec[16] = { 0 };
+
+static void cbc_test ()
+{
+ int testno;
+ unsigned char tmp[4*B];
+
+ printf ("CBC tests:\n");
+ printf ("initial vector:");
+ hexdump (ivec, sizeof(ivec));
+ for (testno = 0; testno < NTESTS; testno++) {
+ unsigned len = (test_case_len[testno] + 15) & ~15;
+ printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("input:");
+ hexdump (test_case[testno].input, len);
+ printf ("\n");
+ cbc_enc (test_case[testno].output, test_case[testno].input, ivec, len);
+ printf ("output:");
+ hexdump (test_case[testno].output, len);
+ printf ("\n");
+ cbc_dec (tmp, test_case[testno].output, ivec, len);
+ if (memcmp (tmp, test_case[testno].input, len)) {
+ printf("cbc decrypt failed!!");
+ hexdump (tmp, len);
+ printf ("\n");
+ exit(1);
+ }
+ }
+ printf ("\n");
+}
+
+static void cts_test ()
+{
+ int testno;
+ unsigned char tmp[4*B];
+
+ printf ("CTS tests:\n");
+ printf ("initial vector:");
+ hexdump (ivec, sizeof(ivec));
+ for (testno = 0; testno < NTESTS; testno++) {
+ unsigned int len = test_case_len[testno];
+ printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("input:");
+ hexdump (test_case[testno].input, len);
+ printf ("\n");
+ cts_enc (test_case[testno].output, test_case[testno].input, ivec, len);
+ printf ("output:");
+ hexdump (test_case[testno].output, len);
+ printf ("\n");
+ cts_dec (tmp, test_case[testno].output, ivec, len);
+ if (memcmp (tmp, test_case[testno].input, len))
+ fprintf (stderr, "cts decrypt failed!!\n"), exit(1);
+ }
+ printf ("\n");
+}
+
+int main ()
+{
+ init ();
+ fips_test ();
+
+ ecb_test();
+ cbc_test();
+ cts_test();
+
+ return 0;
+}
--- /dev/null
+/*
+ -------------------------------------------------------------------------
+ Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
+ All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+ 1. distributions of this source code include the above copyright
+ notice, this list of conditions and the following disclaimer;
+
+ 2. distributions in binary form include the above copyright
+ notice, this list of conditions and the following disclaimer
+ in the documentation and/or other associated materials;
+
+ 3. the copyright holder's name is not used to endorse products
+ built using this software without specific written permission.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explcit or implied warranties
+ in respect of any properties, including, but not limited to, correctness
+ and fitness for purpose.
+ -------------------------------------------------------------------------
+ Issue Date: 21/01/2002
+
+ This file contains the definitions required to use AES (Rijndael) in C.
+*/
+
+#ifndef _AES_H
+#define _AES_H
+
+#include "uitypes.h"
+
+/* BLOCK_SIZE is in BYTES: 16, 24, 32 or undefined for aes.c and 16, 20,
+ 24, 28, 32 or undefined for aespp.c. When left undefined a slower
+ version that provides variable block length is compiled.
+*/
+
+#define BLOCK_SIZE 16
+
+/* key schedule length (in 32-bit words) */
+
+#if !defined(BLOCK_SIZE)
+#define KS_LENGTH 128
+#else
+#define KS_LENGTH 4 * BLOCK_SIZE
+#endif
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+typedef uint16_t aes_fret; /* type for function return value */
+#define aes_bad 0 /* bad function return value */
+#define aes_good 1 /* good function return value */
+#ifndef AES_DLL /* implement normal or DLL functions */
+#define aes_rval aes_fret
+#else
+#define aes_rval aes_fret __declspec(dllexport) _stdcall
+#endif
+
+typedef struct /* the AES context for encryption */
+{ uint32_t k_sch[KS_LENGTH]; /* the encryption key schedule */
+ uint32_t n_rnd; /* the number of cipher rounds */
+ uint32_t n_blk; /* the number of bytes in the state */
+} aes_ctx;
+
+/* for Kerberos 5 tree -- hide names! */
+#define aes_blk_len krb5int_aes_blk_len
+#define aes_enc_key krb5int_aes_enc_key
+#define aes_enc_blk krb5int_aes_enc_blk
+#define aes_dec_key krb5int_aes_dec_key
+#define aes_dec_blk krb5int_aes_dec_blk
+#define fl_tab krb5int_fl_tab
+#define ft_tab krb5int_ft_tab
+#define il_tab krb5int_il_tab
+#define im_tab krb5int_im_tab
+#define it_tab krb5int_it_tab
+#define rcon_tab krb5int_rcon_tab
+
+aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]);
+
+aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+
+aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif
--- /dev/null
+/*
+ * lib/crypto/openssl/aes/aes_s2k.c
+ *
+ * Copyright 2003 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * krb5int_aes_string_to_key
+ */
+
+#include "k5-int.h"
+#include "dk.h"
+#include "aes_s2k.h"
+
+#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
+#define MAX_ITERATION_COUNT 0x1000000L
+
+krb5_error_code
+krb5int_aes_string_to_key(const struct krb5_enc_provider *enc,
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key)
+{
+ unsigned long iter_count;
+ krb5_data out;
+ static const krb5_data usage = { KV5M_DATA, 8, "kerberos" };
+ krb5_error_code err;
+
+ if (params) {
+ unsigned char *p = (unsigned char *) params->data;
+ if (params->length != 4)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ /* The first two need casts in case 'int' is 16 bits. */
+ iter_count = load_32_be(p);
+ if (iter_count == 0) {
+ iter_count = (1UL << 16) << 16;
+ if (((iter_count >> 16) >> 16) != 1)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ }
+ } else
+ iter_count = DEFAULT_ITERATION_COUNT;
+
+ /* This is not a protocol specification constraint; this is an
+ implementation limit, which should eventually be controlled by
+ a config file. */
+ if (iter_count >= MAX_ITERATION_COUNT)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+
+ /*
+ * Dense key space, no parity bits or anything, so take a shortcut
+ * and use the key contents buffer for the generated bytes.
+ */
+ out.data = (char *) key->contents;
+ out.length = key->length;
+ if (out.length != 16 && out.length != 32)
+ return KRB5_CRYPTO_INTERNAL;
+
+ err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt);
+ if (err) {
+ memset(out.data, 0, out.length);
+ return err;
+ }
+
+ err = krb5_derive_key (enc, key, key, &usage);
+ if (err) {
+ memset(out.data, 0, out.length);
+ return err;
+ }
+ return 0;
+}
--- /dev/null
+/*
+ * lib/crypto/openssl/aes/aes_s2k.h
+ */
+
+
+extern krb5_error_code
+krb5int_aes_string_to_key (const struct krb5_enc_provider *,
+ const krb5_data *, const krb5_data *,
+ const krb5_data *, krb5_keyblock *key);
--- /dev/null
+
+/*
+ -------------------------------------------------------------------------
+ Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
+ All rights reserved.
+
+ TERMS
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted subject to the following conditions:
+
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ 3. The copyright holder's name must not be used to endorse or promote
+ any products derived from this software without his specific prior
+ written permission.
+
+ This software is provided 'as is' with no express or implied warranties
+ of correctness or fitness for purpose.
+ -------------------------------------------------------------------------
+ Issue Date: 21/01/2002
+
+ This file contains the definitions required to use AES (Rijndael) in C++.
+*/
+
+#ifndef _AESCPP_H
+#define _AESCPP_H
+
+#include "aes.h"
+
+class AESclass
+{ aes_ctx cx[1];
+public:
+#if defined(BLOCK_SIZE)
+ AESclass() { cx->n_blk = BLOCK_SIZE; cx->n_rnd = 0; }
+#else
+ AESclass(unsigned int blen = 16) { cx->n_blk = blen; cx->n_rnd = 0; }
+#endif
+ aes_rval blk_len(unsigned int blen) { return aes_blk_len(blen, cx); }
+ aes_rval enc_key(const unsigned char in_key[], unsigned int klen)
+ { return aes_enc_key(in_key, klen, cx); }
+ aes_rval dec_key(const unsigned char in_key[], unsigned int klen)
+ { return aes_dec_key(in_key, klen, cx); }
+ aes_rval enc_blk(const unsigned char in_blk[], unsigned char out_blk[])
+ { return aes_enc_blk(in_blk, out_blk, cx); }
+ aes_rval dec_blk(const unsigned char in_blk[], unsigned char out_blk[])
+ { return aes_dec_blk(in_blk, out_blk, cx); }
+};
+
+#endif
--- /dev/null
+/* lib/crypto/openssl/aes/aescrypt.c
+ */
+
+#include "aesopt.h"
+
+aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])
+{
+ return aes_bad;
+}
+aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])
+{
+ return aes_bad;
+}
+
--- /dev/null
+/*
+ * lib/crypto/openssl/aes/aeskey.c
+ */
+
+#include "aesopt.h"
+
+aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1])
+{
+ return aes_bad;
+}
+aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1])
+{
+ return aes_bad;
+}
+
--- /dev/null
+/*
+ -------------------------------------------------------------------------
+ Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
+ All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+ 1. distributions of this source code include the above copyright
+ notice, this list of conditions and the following disclaimer;
+
+ 2. distributions in binary form include the above copyright
+ notice, this list of conditions and the following disclaimer
+ in the documentation and/or other associated materials;
+
+ 3. the copyright holder's name is not used to endorse products
+ built using this software without specific written permission.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explcit or implied warranties
+ in respect of any properties, including, but not limited to, correctness
+ and fitness for purpose.
+ -------------------------------------------------------------------------
+ Issue Date: 07/02/2002
+
+ This file contains the compilation options for AES (Rijndael) and code
+ that is common across encryption, key scheduling and table generation.
+
+
+ OPERATION
+
+ These source code files implement the AES algorithm Rijndael designed by
+ Joan Daemen and Vincent Rijmen. The version in aes.c is designed for
+ block and key sizes of 128, 192 and 256 bits (16, 24 and 32 bytes) while
+ that in aespp.c provides for block and keys sizes of 128, 160, 192, 224
+ and 256 bits (16, 20, 24, 28 and 32 bytes). This file is a common header
+ file for these two implementations and for aesref.c, which is a reference
+ implementation.
+
+ This version is designed for flexibility and speed using operations on
+ 32-bit words rather than operations on bytes. It provides aes_both fixed
+ and dynamic block and key lengths and can also run with either big or
+ little endian internal byte order (see aes.h). It inputs block and key
+ lengths in bytes with the legal values being 16, 24 and 32 for aes.c and
+ 16, 20, 24, 28 and 32 for aespp.c
+
+ THE CIPHER INTERFACE
+
+ uint8_t (an unsigned 8-bit type)
+ uint32_t (an unsigned 32-bit type)
+ aes_fret (a signed 16 bit type for function return values)
+ aes_good (value != 0, a good return)
+ aes_bad (value == 0, an error return)
+ struct aes_ctx (structure for the cipher encryption context)
+ struct aes_ctx (structure for the cipher decryption context)
+ aes_rval the function return type (aes_fret if not DLL)
+
+ C subroutine calls:
+
+ aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]);
+ aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+ aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+
+ aes_rval aes_dec_len(unsigned int blen, aes_ctx cx[1]);
+ aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
+ aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
+
+ IMPORTANT NOTE: If you are using this C interface and your compiler does
+ not set the memory used for objects to zero before use, you will need to
+ ensure that cx.s_flg is set to zero before using these subroutine calls.
+
+ C++ aes class subroutines:
+
+ class AESclass for encryption
+ class AESclass for decryption
+
+ aes_rval len(unsigned int blen = 16);
+ aes_rval key(const unsigned char in_key[], unsigned int klen);
+ aes_rval blk(const unsigned char in_blk[], unsigned char out_blk[]);
+
+ aes_rval len(unsigned int blen = 16);
+ aes_rval key(const unsigned char in_key[], unsigned int klen);
+ aes_rval blk(const unsigned char in_blk[], unsigned char out_blk[]);
+
+ The block length inputs to set_block and set_key are in numbers of
+ BYTES, not bits. The calls to subroutines must be made in the above
+ order but multiple calls can be made without repeating earlier calls
+ if their parameters have not changed. If the cipher block length is
+ variable but set_blk has not been called before cipher operations a
+ value of 16 is assumed (that is, the AES block size). In contrast to
+ earlier versions the block and key length parameters are now checked
+ for correctness and the encryption and decryption routines check to
+ ensure that an appropriate key has been set before they are called.
+
+ COMPILATION
+
+ The files used to provide AES (Rijndael) are
+
+ a. aes.h for the definitions needed for use in C.
+ b. aescpp.h for the definitions needed for use in C++.
+ c. aesopt.h for setting compilation options (also includes common
+ code).
+ d. aescrypt.c for encryption and decrytpion, or
+ e. aescrypt.asm for encryption and decryption using assembler code.
+ f. aeskey.c for key scheduling.
+ g. aestab.c for table loading or generation.
+ h. uitypes.h for defining fixed length unsigned integers.
+
+ The assembler code uses the NASM assembler. The above files provice
+ block and key lengths of 16, 24 and 32 bytes (128, 192 and 256 bits).
+ If aescrypp.c and aeskeypp.c are used instead of aescrypt.c and
+ aeskey.c respectively, the block and key lengths can then be 16, 20,
+ 24, 28 or 32 bytes. However this code has not been optimised to the
+ same extent and is hence slower (esepcially for the AES block size
+ of 16 bytes).
+
+ To compile AES (Rijndael) for use in C code use aes.h and exclude
+ the AES_DLL define in aes.h
+
+ To compile AES (Rijndael) for use in in C++ code use aescpp.h and
+ exclude the AES_DLL define in aes.h
+
+ To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
+ aes.h, include the AES_DLL define and compile the DLL. If using
+ the test files to test the DLL, exclude aes.c from the test build
+ project and compile it with the same defines as used for the DLL
+ (ensure that the DLL path is correct)
+
+ CONFIGURATION OPTIONS (here and in aes.h)
+
+ a. define BLOCK_SIZE in aes.h to set the cipher block size (16, 24
+ or 32 for the standard code, or 16, 20, 24, 28 or 32 for the
+ extended code) or leave this undefined for dynamically variable
+ block size (this will result in much slower code).
+ b. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
+ c. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
+ d. If you want the code to run in a specific internal byte order, then
+ INTERNAL_BYTE_ORDER must be set accordingly.
+ e. set other configuration options decribed below.
+*/
+
+#ifndef _AESOPT_H
+#define _AESOPT_H
+
+/* START OF CONFIGURATION OPTIONS
+
+ USE OF DEFINES
+
+ Later in this section there are a number of defines that control
+ the operation of the code. In each section, the purpose of each
+ define is explained so that the relevant form can be included or
+ excluded by setting either 1's or 0's respectively on the branches
+ of the related #if clauses.
+*/
+
+#include "autoconf.h"
+
+/* 1. PLATFORM SPECIFIC INCLUDES */
+
+#if /* defined(__GNUC__) || */ defined(__GNU_LIBRARY__)
+# include <endian.h>
+# include <byteswap.h>
+#elif defined(__CRYPTLIB__)
+# if defined( INC_ALL )
+# include "crypt.h"
+# elif defined( INC_CHILD )
+# include "../crypt.h"
+# else
+# include "crypt.h"
+# endif
+# if defined(DATA_LITTLEENDIAN)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+# else
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+# endif
+#elif defined(_MSC_VER)
+# include <stdlib.h>
+#elif defined(__m68k__) && defined(__palmos__)
+# include <FloatMgr.h> /* defines BIG_ENDIAN */
+#elif defined(_MIPSEB)
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+#elif defined(_MIPSEL)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+#elif defined(_WIN32)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+#elif !defined(_WIN32)
+# include <stdlib.h>
+# if defined(HAVE_ENDIAN_H)
+# include <endian.h>
+# elif defined(HAVE_MACHINE_ENDIAN_H)
+# include <machine/endian.h>
+# else
+# include <sys/param.h>
+# endif
+#endif
+
+/* 2. BYTE ORDER IN 32-BIT WORDS
+
+ To obtain the highest speed on processors with 32-bit words, this code
+ needs to determine the order in which bytes are packed into such words.
+ The following block of code is an attempt to capture the most obvious
+ ways in which various environemnts specify heir endian definitions. It
+ may well fail, in which case the definitions will need to be set by
+ editing at the points marked **** EDIT HERE IF NECESSARY **** below.
+*/
+#define AES_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
+#define AES_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
+
+#if !defined(PLATFORM_BYTE_ORDER)
+#if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
+# if defined(LITTLE_ENDIAN) && defined(BIG_ENDIAN)
+# if defined(BYTE_ORDER)
+# if (BYTE_ORDER == LITTLE_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+# elif (BYTE_ORDER == BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+# endif
+# endif
+# elif defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+# elif !defined(LITTLE_ENDIAN) && defined(BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+# endif
+#elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
+# if defined(_LITTLE_ENDIAN) && defined(_BIG_ENDIAN)
+# if defined(_BYTE_ORDER)
+# if (_BYTE_ORDER == _LITTLE_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+# elif (_BYTE_ORDER == _BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+# endif
+# endif
+# elif defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+# elif !defined(_LITTLE_ENDIAN) && defined(_BIG_ENDIAN)
+# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+# endif
+#elif 0 /* **** EDIT HERE IF NECESSARY **** */
+#define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+#elif 0 /* **** EDIT HERE IF NECESSARY **** */
+#define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
+#elif 1
+#define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
+#define UNKNOWN_BYTE_ORDER /* we're guessing */
+#endif
+#endif
+
+/* 3. ASSEMBLER SUPPORT
+
+ If the assembler code is used for encryption and decryption this file only
+ provides key scheduling so the following defines are used
+*/
+#ifdef AES_ASM
+#define ENCRYPTION_KEY_SCHEDULE
+#define DECRYPTION_KEY_SCHEDULE
+#endif
+
+/* 4. FUNCTIONS REQUIRED
+
+ This implementation provides five main subroutines which provide for
+ setting block length, setting encryption and decryption keys and for
+ encryption and decryption. When the assembler code is not being used
+ the following definition blocks allow the selection of the routines
+ that are to be included in the compilation.
+*/
+#if 1
+#ifndef AES_ASM
+#define SET_BLOCK_LENGTH
+#endif
+#endif
+
+#if 1
+#ifndef AES_ASM
+#define ENCRYPTION_KEY_SCHEDULE
+#endif
+#endif
+
+#if 1
+#ifndef AES_ASM
+#define DECRYPTION_KEY_SCHEDULE
+#endif
+#endif
+
+#if 1
+#ifndef AES_ASM
+#define ENCRYPTION
+#endif
+#endif
+
+#if 1
+#ifndef AES_ASM
+#define DECRYPTION
+#endif
+#endif
+
+/* 5. BYTE ORDER WITHIN 32 BIT WORDS
+
+ The fundamental data processing units in Rijndael are 8-bit bytes. The
+ input, output and key input are all enumerated arrays of bytes in which
+ bytes are numbered starting at zero and increasing to one less than the
+ number of bytes in the array in question. This enumeration is only used
+ for naming bytes and does not imply any adjacency or order relationship
+ from one byte to another. When these inputs and outputs are considered
+ as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
+ byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
+ In this implementation bits are numbered from 0 to 7 starting at the
+ numerically least significant end of each byte (bit n represents 2^n).
+
+ However, Rijndael can be implemented more efficiently using 32-bit
+ words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
+ into word[n]. While in principle these bytes can be assembled into words
+ in any positions, this implementation only supports the two formats in
+ which bytes in adjacent positions within words also have adjacent byte
+ numbers. This order is called big-endian if the lowest numbered bytes
+ in words have the highest numeric significance and little-endian if the
+ opposite applies.
+
+ This code can work in either order irrespective of the order used by the
+ machine on which it runs. Normally the internal byte order will be set
+ to the order of the processor on which the code is to be run but this
+ define can be used to reverse this in special situations
+*/
+#if 1
+#define INTERNAL_BYTE_ORDER PLATFORM_BYTE_ORDER
+#elif defined(AES_LITTLE_ENDIAN)
+#define INTERNAL_BYTE_ORDER AES_LITTLE_ENDIAN
+#elif defined(AES_BIG_ENDIAN)
+#define INTERNAL_BYTE_ORDER AES_BIG_ENDIAN
+#endif
+
+/* 6. FAST INPUT/OUTPUT OPERATIONS.
+
+ On some machines it is possible to improve speed by transferring the
+ bytes in the input and output arrays to and from the internal 32-bit
+ variables by addressing these arrays as if they are arrays of 32-bit
+ words. On some machines this will always be possible but there may
+ be a large performance penalty if the byte arrays are not aligned on
+ the normal word boundaries. On other machines this technique will
+ lead to memory access errors when such 32-bit word accesses are not
+ properly aligned. The option SAFE_IO avoids such problems but will
+ often be slower on those machines that support misaligned access
+ (especially so if care is taken to align the input and output byte
+ arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
+ assumed that access to byte arrays as if they are arrays of 32-bit
+ words will not cause problems when such accesses are misaligned.
+*/
+#if 1
+#define SAFE_IO
+#endif
+
+/*
+ * If PLATFORM_BYTE_ORDER does not match the actual machine byte
+ * order, the fast word-access code will cause incorrect results.
+ * Therefore, SAFE_IO is required when the byte order is unknown.
+ */
+#if !defined(SAFE_IO) && defined(UNKNOWN_BYTE_ORDER)
+# error "SAFE_IO must be defined if machine byte order is unknown."
+#endif
+
+/* 7. LOOP UNROLLING
+
+ The code for encryption and decrytpion cycles through a number of rounds
+ that can be implemented either in a loop or by expanding the code into a
+ long sequence of instructions, the latter producing a larger program but
+ one that will often be much faster. The latter is called loop unrolling.
+ There are also potential speed advantages in expanding two iterations in
+ a loop with half the number of iterations, which is called partial loop
+ unrolling. The following options allow partial or full loop unrolling
+ to be set independently for encryption and decryption
+*/
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
+#define ENC_UNROLL FULL
+#elif 0
+#define ENC_UNROLL PARTIAL
+#else
+#define ENC_UNROLL NONE
+#endif
+
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
+#define DEC_UNROLL FULL
+#elif 0
+#define DEC_UNROLL PARTIAL
+#else
+#define DEC_UNROLL NONE
+#endif
+
+/* 8. FIXED OR DYNAMIC TABLES
+
+ When this section is included the tables used by the code are compiled
+ statically into the binary file. Otherwise they are computed once when
+ the code is first used.
+*/
+#if 1
+#define FIXED_TABLES
+#endif
+
+/* 9. FAST FINITE FIELD OPERATIONS
+
+ If this section is included, tables are used to provide faster finite
+ field arithmetic (this has no effect if FIXED_TABLES is defined).
+*/
+#if 1
+#define FF_TABLES
+#endif
+
+/* 10. INTERNAL STATE VARIABLE FORMAT
+
+ The internal state of Rijndael is stored in a number of local 32-bit
+ word varaibles which can be defined either as an array or as individual
+ names variables. Include this section if you want to store these local
+ varaibles in arrays. Otherwise individual local variables will be used.
+*/
+#if 1
+#define ARRAYS
+#endif
+
+/* In this implementation the columns of the state array are each held in
+ 32-bit words. The state array can be held in various ways: in an array
+ of words, in a number of individual word variables or in a number of
+ processor registers. The following define maps a variable name x and
+ a column number c to the way the state array variable is to be held.
+ The first define below maps the state into an array x[c] whereas the
+ second form maps the state into a number of individual variables x0,
+ x1, etc. Another form could map individual state colums to machine
+ register names.
+*/
+
+#if defined(ARRAYS)
+#define s(x,c) x[c]
+#else
+#define s(x,c) x##c
+#endif
+
+/* 11. VARIABLE BLOCK SIZE SPEED
+
+ This section is only relevant if you wish to use the variable block
+ length feature of the code. Include this section if you place more
+ emphasis on speed rather than code size.
+*/
+#if 1
+#define FAST_VARIABLE
+#endif
+
+/* 12. INTERNAL TABLE CONFIGURATION
+
+ This cipher proceeds by repeating in a number of cycles known as 'rounds'
+ which are implemented by a round function which can optionally be speeded
+ up using tables. The basic tables are each 256 32-bit words, with either
+ one or four tables being required for each round function depending on
+ how much speed is required. The encryption and decryption round functions
+ are different and the last encryption and decrytpion round functions are
+ different again making four different round functions in all.
+
+ This means that:
+ 1. Normal encryption and decryption rounds can each use either 0, 1
+ or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
+ 2. The last encryption and decryption rounds can also use either 0, 1
+ or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
+
+ Include or exclude the appropriate definitions below to set the number
+ of tables used by this implementation.
+*/
+
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the normal encryption round */
+#define ENC_ROUND FOUR_TABLES
+#elif 0
+#define ENC_ROUND ONE_TABLE
+#else
+#define ENC_ROUND NO_TABLES
+#endif
+
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the last encryption round */
+#define LAST_ENC_ROUND FOUR_TABLES
+#elif 0
+#define LAST_ENC_ROUND ONE_TABLE
+#else
+#define LAST_ENC_ROUND NO_TABLES
+#endif
+
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the normal decryption round */
+#define DEC_ROUND FOUR_TABLES
+#elif 0
+#define DEC_ROUND ONE_TABLE
+#else
+#define DEC_ROUND NO_TABLES
+#endif
+
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the last decryption round */
+#define LAST_DEC_ROUND FOUR_TABLES
+#elif 0
+#define LAST_DEC_ROUND ONE_TABLE
+#else
+#define LAST_DEC_ROUND NO_TABLES
+#endif
+
+/* The decryption key schedule can be speeded up with tables in the same
+ way that the round functions can. Include or exclude the following
+ defines to set this requirement.
+*/
+#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
+#define KEY_SCHED FOUR_TABLES
+#elif 0
+#define KEY_SCHED ONE_TABLE
+#else
+#define KEY_SCHED NO_TABLES
+#endif
+
+/* END OF CONFIGURATION OPTIONS */
+
+#define NO_TABLES 0 /* DO NOT CHANGE */
+#define ONE_TABLE 1 /* DO NOT CHANGE */
+#define FOUR_TABLES 4 /* DO NOT CHANGE */
+#define NONE 0 /* DO NOT CHANGE */
+#define PARTIAL 1 /* DO NOT CHANGE */
+#define FULL 2 /* DO NOT CHANGE */
+
+#if defined(BLOCK_SIZE) && ((BLOCK_SIZE & 3) || BLOCK_SIZE < 16 || BLOCK_SIZE > 32)
+#error An illegal block size has been specified.
+#endif
+
+#if !defined(BLOCK_SIZE)
+#define RC_LENGTH 29
+#else
+#define RC_LENGTH 5 * BLOCK_SIZE / 4 - (BLOCK_SIZE == 16 ? 10 : 11)
+#endif
+
+/* Disable at least some poor combinations of options */
+
+#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
+#undef LAST_ENC_ROUND
+#define LAST_ENC_ROUND NO_TABLES
+#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
+#undef LAST_ENC_ROUND
+#define LAST_ENC_ROUND ONE_TABLE
+#endif
+
+#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
+#undef ENC_UNROLL
+#define ENC_UNROLL NONE
+#endif
+
+#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
+#undef LAST_DEC_ROUND
+#define LAST_DEC_ROUND NO_TABLES
+#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
+#undef LAST_DEC_ROUND
+#define LAST_DEC_ROUND ONE_TABLE
+#endif
+
+#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
+#undef DEC_UNROLL
+#define DEC_UNROLL NONE
+#endif
+
+#include "aes.h"
+
+ /*
+ upr(x,n): rotates bytes within words by n positions, moving bytes to
+ higher index positions with wrap around into low positions
+ ups(x,n): moves bytes by n positions to higher index positions in
+ words but without wrap around
+ bval(x,n): extracts a byte from a word
+ */
+
+#if (INTERNAL_BYTE_ORDER == AES_LITTLE_ENDIAN)
+#if defined(_MSC_VER)
+#define upr(x,n) _lrotl((x), 8 * (n))
+#else
+#define upr(x,n) (((x) << (8 * (n))) | ((x) >> (32 - 8 * (n))))
+#endif
+#define ups(x,n) ((x) << (8 * (n)))
+#define bval(x,n) ((uint8_t)((x) >> (8 * (n))))
+#define bytes2word(b0, b1, b2, b3) \
+ (((uint32_t)(b3) << 24) | ((uint32_t)(b2) << 16) | ((uint32_t)(b1) << 8) | (b0))
+#endif
+
+#if (INTERNAL_BYTE_ORDER == AES_BIG_ENDIAN)
+#define upr(x,n) (((x) >> (8 * (n))) | ((x) << (32 - 8 * (n))))
+#define ups(x,n) ((x) >> (8 * (n))))
+#define bval(x,n) ((uint8_t)((x) >> (24 - 8 * (n))))
+#define bytes2word(b0, b1, b2, b3) \
+ (((uint32_t)(b0) << 24) | ((uint32_t)(b1) << 16) | ((uint32_t)(b2) << 8) | (b3))
+#endif
+
+#if defined(SAFE_IO)
+
+#define word_in(x) bytes2word((x)[0], (x)[1], (x)[2], (x)[3])
+#define word_out(x,v) { (x)[0] = bval(v,0); (x)[1] = bval(v,1); \
+ (x)[2] = bval(v,2); (x)[3] = bval(v,3); }
+
+#elif (INTERNAL_BYTE_ORDER == PLATFORM_BYTE_ORDER)
+
+#define word_in(x) *(uint32_t*)(x)
+#define word_out(x,v) *(uint32_t*)(x) = (v)
+
+#else
+
+#if !defined(bswap_32)
+#if !defined(_MSC_VER)
+#define _lrotl(x,n) (((x) << n) | ((x) >> (32 - n)))
+#endif
+#define bswap_32(x) ((_lrotl((x),8) & 0x00ff00ff) | (_lrotl((x),24) & 0xff00ff00))
+#endif
+
+#define word_in(x) bswap_32(*(uint32_t*)(x))
+#define word_out(x,v) *(uint32_t*)(x) = bswap_32(v)
+
+#endif
+
+/* the finite field modular polynomial and elements */
+
+#define WPOLY 0x011b
+#define BPOLY 0x1b
+
+/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+#define m1 0x80808080
+#define m2 0x7f7f7f7f
+#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
+
+/* The following defines provide alternative definitions of FFmulX that might
+ give improved performance if a fast 32-bit multiply is not available. Note
+ that a temporary variable u needs to be defined where FFmulX is used.
+
+#define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
+#define m4 (0x01010101 * BPOLY)
+#define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
+*/
+
+/* Work out which tables are needed for the different options */
+
+#ifdef AES_ASM
+#ifdef ENC_ROUND
+#undef ENC_ROUND
+#endif
+#define ENC_ROUND FOUR_TABLES
+#ifdef LAST_ENC_ROUND
+#undef LAST_ENC_ROUND
+#endif
+#define LAST_ENC_ROUND FOUR_TABLES
+#ifdef DEC_ROUND
+#undef DEC_ROUND
+#endif
+#define DEC_ROUND FOUR_TABLES
+#ifdef LAST_DEC_ROUND
+#undef LAST_DEC_ROUND
+#endif
+#define LAST_DEC_ROUND FOUR_TABLES
+#ifdef KEY_SCHED
+#undef KEY_SCHED
+#define KEY_SCHED FOUR_TABLES
+#endif
+#endif
+
+#if defined(ENCRYPTION) || defined(AES_ASM)
+#if ENC_ROUND == ONE_TABLE
+#define FT1_SET
+#elif ENC_ROUND == FOUR_TABLES
+#define FT4_SET
+#else
+#define SBX_SET
+#endif
+#if LAST_ENC_ROUND == ONE_TABLE
+#define FL1_SET
+#elif LAST_ENC_ROUND == FOUR_TABLES
+#define FL4_SET
+#elif !defined(SBX_SET)
+#define SBX_SET
+#endif
+#endif
+
+#if defined(DECRYPTION) || defined(AES_ASM)
+#if DEC_ROUND == ONE_TABLE
+#define IT1_SET
+#elif DEC_ROUND == FOUR_TABLES
+#define IT4_SET
+#else
+#define ISB_SET
+#endif
+#if LAST_DEC_ROUND == ONE_TABLE
+#define IL1_SET
+#elif LAST_DEC_ROUND == FOUR_TABLES
+#define IL4_SET
+#elif !defined(ISB_SET)
+#define ISB_SET
+#endif
+#endif
+
+#if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
+#if KEY_SCHED == ONE_TABLE
+#define LS1_SET
+#define IM1_SET
+#elif KEY_SCHED == FOUR_TABLES
+#define LS4_SET
+#define IM4_SET
+#elif !defined(SBX_SET)
+#define SBX_SET
+#endif
+#endif
+
+#ifdef FIXED_TABLES
+#define prefx extern const
+#else
+#define prefx extern
+extern uint8_t tab_init;
+void gen_tabs(void);
+#endif
+
+prefx uint32_t rcon_tab[0];
+
+#ifdef SBX_SET
+prefx uint8_t s_box[256];
+#endif
+
+#ifdef ISB_SET
+prefx uint8_t inv_s_box[256];
+#endif
+
+#ifdef FT1_SET
+prefx uint32_t ft_tab[256];
+#endif
+
+#ifdef FT4_SET
+prefx uint32_t ft_tab[4][256];
+#endif
+
+#ifdef FL1_SET
+prefx uint32_t fl_tab[256];
+#endif
+
+#ifdef FL4_SET
+prefx uint32_t fl_tab[4][256];
+#endif
+
+#ifdef IT1_SET
+prefx uint32_t it_tab[256];
+#endif
+
+#ifdef IT4_SET
+prefx uint32_t it_tab[4][256];
+#endif
+
+#ifdef IL1_SET
+prefx uint32_t il_tab[256];
+#endif
+
+#ifdef IL4_SET
+prefx uint32_t il_tab[4][256];
+#endif
+
+#ifdef LS1_SET
+#ifdef FL1_SET
+#undef LS1_SET
+#else
+prefx uint32_t ls_tab[256];
+#endif
+#endif
+
+#ifdef LS4_SET
+#ifdef FL4_SET
+#undef LS4_SET
+#else
+prefx uint32_t ls_tab[4][256];
+#endif
+#endif
+
+#ifdef IM1_SET
+prefx uint32_t im_tab[256];
+#endif
+
+#ifdef IM4_SET
+prefx uint32_t im_tab[4][256];
+#endif
+
+/* Set the number of columns in nc. Note that it is important */
+/* that nc is a constant which is known at compile time if the */
+/* highest speed version of the code is needed */
+
+#if defined(BLOCK_SIZE)
+#define nc (BLOCK_SIZE >> 2)
+#else
+#define nc (cx->n_blk >> 2)
+#endif
+
+/* generic definitions of Rijndael macros that use of tables */
+
+#define no_table(x,box,vf,rf,c) bytes2word( \
+ box[bval(vf(x,0,c),rf(0,c))], \
+ box[bval(vf(x,1,c),rf(1,c))], \
+ box[bval(vf(x,2,c),rf(2,c))], \
+ box[bval(vf(x,3,c),rf(3,c))])
+
+#define one_table(x,op,tab,vf,rf,c) \
+ ( tab[bval(vf(x,0,c),rf(0,c))] \
+ ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
+ ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
+ ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
+
+#define four_tables(x,tab,vf,rf,c) \
+ ( tab[0][bval(vf(x,0,c),rf(0,c))] \
+ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
+ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
+ ^ tab[3][bval(vf(x,3,c),rf(3,c))])
+
+#define vf1(x,r,c) (x)
+#define rf1(r,c) (r)
+#define rf2(r,c) ((r-c)&3)
+
+/* perform forward and inverse column mix operation on four bytes in long word x in */
+/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */
+
+#define dec_fmvars
+#if defined(FM4_SET) /* not currently used */
+#define fwd_mcol(x) four_tables(x,fm_tab,vf1,rf1,0)
+#elif defined(FM1_SET) /* not currently used */
+#define fwd_mcol(x) one_table(x,upr,fm_tab,vf1,rf1,0)
+#else
+#undef dec_fmvars
+#define dec_fmvars uint32_t f1, f2;
+#define fwd_mcol(x) (f1 = (x), f2 = FFmulX(f1), f2 ^ upr(f1 ^ f2, 3) ^ upr(f1, 2) ^ upr(f1, 1))
+#endif
+
+#define dec_imvars
+#if defined(IM4_SET)
+#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
+#elif defined(IM1_SET)
+#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
+#else
+#undef dec_imvars
+#define dec_imvars uint32_t f2, f4, f8, f9;
+#define inv_mcol(x) \
+ (f9 = (x), f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
+ f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
+#endif
+
+#if defined(FL4_SET)
+#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
+#elif defined(LS4_SET)
+#define ls_box(x,c) four_tables(x,ls_tab,vf1,rf2,c)
+#elif defined(FL1_SET)
+#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
+#elif defined(LS1_SET)
+#define ls_box(x,c) one_table(x,upr,ls_tab,vf1,rf2,c)
+#else
+#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
+#endif
+
+#endif
--- /dev/null
+/* lib/crypto/openssl/aes/aestab.c
+ */
+
+#include "aesopt.h"
+const uint32_t rcon_tab[0]={};
+
--- /dev/null
+/*
+ -------------------------------------------------------------------------
+ Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
+ All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+ 1. distributions of this source code include the above copyright
+ notice, this list of conditions and the following disclaimer;
+
+ 2. distributions in binary form include the above copyright
+ notice, this list of conditions and the following disclaimer
+ in the documentation and/or other associated materials;
+
+ 3. the copyright holder's name is not used to endorse products
+ built using this software without specific written permission.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explcit or implied warranties
+ in respect of any properties, including, but not limited to, correctness
+ and fitness for purpose.
+ -------------------------------------------------------------------------
+ Issue Date: 01/02/2002
+
+ This file contains code to obtain or set the definitions for fixed length
+ unsigned integer types.
+*/
+
+#ifndef _UITYPES_H
+#define _UITYPES_H
+
+#include "autoconf.h"
+
+#if defined(__GNU_LIBRARY__)
+#define HAS_INTTYPES_H
+#elif !defined(_MSC_VER)
+#include <limits.h>
+#if ULONG_MAX > 0xFFFFFFFFUL
+ #define MODEL_64
+#else
+ #define MODEL_32
+#endif
+#endif
+
+#if defined HAS_INTTYPES_H || defined HAVE_INTTYPES_H
+#include <inttypes.h>
+#define s_u32 u
+#define s_u64 ull
+#elif defined MODEL_32
+typedef unsigned char uint8_t;
+typedef unsigned short int uint16_t;
+typedef unsigned int uint32_t;
+typedef unsigned long long int uint64_t;
+#define s_u32 u
+#define s_u64 ull
+#elif defined MODEL_64
+typedef unsigned char uint8_t;
+typedef unsigned short int uint16_t;
+typedef unsigned int uint32_t;
+typedef unsigned long int uint64_t;
+#define s_u32 u
+#define s_u64 ul
+#elif defined(_MSC_VER)
+typedef unsigned __int8 uint8_t;
+typedef unsigned __int16 uint16_t;
+typedef unsigned __int32 uint32_t;
+typedef unsigned __int64 uint64_t;
+#define s_u32 ui32
+#define s_u64 ui64
+#else
+#error You need to define fixed length types in uitypes.h
+#endif
+
+#define sfx_lo(x,y) x##y
+#define sfx_hi(x,y) sfx_lo(x,y)
+#define x_32(p) sfx_hi(0x##p,s_u32)
+#define x_64(p) sfx_hi(0x##p,s_u64)
+
+#endif
#include "k5-int.h"
#include "enc_provider.h"
+#include "rand2key.h"
#include "aes.h"
-#include <aead.h>
-#include <hash_provider/hash_provider.h>
+#include "aead.h"
+#include "hash_provider/hash_provider.h"
#include <openssl/evp.h>
#include <openssl/aes.h>
#include <openssl/modes.h>
-#include <rand2key.h>
/* proto's */
static krb5_error_code
static krb5_error_code
cbc_decr(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output);
+static krb5_error_code
+cts_encr_iov(const krb5_keyblock *key, const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data, size_t dlen);
+static krb5_error_code
+cts_decr_iov(const krb5_keyblock *key, const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data, size_t dlen);
+
+#define NUM_BITS 8
+#define IV_CTS_BUF_SIZE 16 /* 16 - hardcoded in CRYPTO_cts128_en/decrypt */
static const EVP_CIPHER *
-map_mode( unsigned int len)
+map_mode(unsigned int len)
{
if (len==16)
return EVP_aes_128_cbc();
return NULL;
}
-static inline void enc(char *out, const char *in, aes_ctx *ctx)
-{
- if (aes_enc_blk((const unsigned char *)in, (unsigned char *)out, ctx)
- != aes_good)
- abort();
-}
-static inline void dec(char *out, const char *in, aes_ctx *ctx)
-{
- if (aes_dec_blk((const unsigned char *)in, (unsigned char *)out, ctx)
- != aes_good)
- abort();
-}
-static void xorblock(char *out, const char *in)
-{
- int z;
- for (z = 0; z < BLOCK_SIZE; z++)
- out[z] ^= in[z];
-}
-
-
static krb5_error_code
cbc_enc(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output)
{
- EVP_CIPHER_CTX ciph_ctx;
- unsigned char *key_buf = NULL;
+ int ret = 0, tmp_len = 0;
+ unsigned char *key_buf = NULL;
unsigned char *tmp_buf = NULL;
- int ret = 0, tmp_len = 0;
+ EVP_CIPHER_CTX ciph_ctx;
key_buf = OPENSSL_malloc(key->length);
if (!key_buf)
return ENOMEM;
+
tmp_len = input->length;
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf){
EVP_CIPHER_CTX_init(&ciph_ctx);
- if (ivec && ivec->data && (ivec->length <= EVP_MAX_IV_LENGTH)){
- ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->length),
- NULL, key_buf, (unsigned char*)ivec->data);
- } else {
- ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->length),
- NULL, key_buf, NULL);
- }
+ ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->length),
+ NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1){
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
(unsigned char *)input->data, input->length);
-
output->length = tmp_len;
if(ret)
ret = EVP_EncryptFinal_ex(&ciph_ctx,tmp_buf+tmp_len,&tmp_len);
ret = KRB5_CRYPTO_INTERNAL;
}
+ memset(key_buf, 0, key->length);
+ memset(tmp_buf, 0, input->length);
OPENSSL_free(key_buf);
OPENSSL_free(tmp_buf);
cbc_decr(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output)
{
- int ret = 0;
- int tmp_len = 0;
+ int ret = 0, tmp_len = 0;
unsigned char *key_buf = NULL;
unsigned char *tmp_buf = NULL;
- EVP_CIPHER_CTX ciph_ctx;
-
+ EVP_CIPHER_CTX ciph_ctx;
key_buf = OPENSSL_malloc(key->length);
if (!key_buf)
return ENOMEM;
+
tmp_len = input->length;
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf){
EVP_CIPHER_CTX_init(&ciph_ctx);
- if (ivec && ivec->data && (ivec->length <= EVP_MAX_IV_LENGTH)) {
- ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->length),
- NULL, key_buf, (unsigned char*)ivec->data);
- } else
- ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->length),
- NULL, key_buf, NULL);
-
+ ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->length),
+ NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
ret = KRB5_CRYPTO_INTERNAL;
}
+ memset(key_buf, 0, key->length);
+ memset(tmp_buf, 0, input->length);
OPENSSL_free(key_buf);
OPENSSL_free(tmp_buf);
cts_enc(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output)
{
- size_t size = 0;
int ret = 0, tmp_len = 0;
- unsigned char iv_cts[EVP_MAX_IV_LENGTH*4];
+ size_t size = 0;
+ unsigned char iv_cts[IV_CTS_BUF_SIZE];
unsigned char *tmp_buf = NULL;
AES_KEY enck;
memset(iv_cts,0,sizeof(iv_cts));
- if (ivec && ivec->data && (ivec->length <= sizeof(iv_cts)))
+ if (ivec && ivec->data){
+ if (ivec->length != sizeof(iv_cts))
+ return KRB5_CRYPTO_INTERNAL;
memcpy(iv_cts, ivec->data,ivec->length);
+ }
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf)
return ENOMEM;
tmp_len = input->length;
- AES_set_encrypt_key(key->contents, 8*key->length, &enck);
+ AES_set_encrypt_key(key->contents, NUM_BITS * key->length, &enck);
size = CRYPTO_cts128_encrypt((unsigned char *)input->data, tmp_buf,
- input->length, &enck,
- iv_cts, (cbc128_f)AES_cbc_encrypt);
-
+ input->length, &enck,
+ iv_cts, (cbc128_f)AES_cbc_encrypt);
if (size <= 0 || output->length < size) {
ret = KRB5_CRYPTO_INTERNAL;
} else {
ret = 0;
}
+ if (!ret && ivec && ivec->data)
+ memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+ memset(tmp_buf, 0, input->length);
OPENSSL_free(tmp_buf);
return ret;
cts_decr(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output)
{
- size_t size = 0;
int ret = 0, tmp_len = 0;
- unsigned char iv_cts[EVP_MAX_IV_LENGTH*4];
+ size_t size = 0;
+ unsigned char iv_cts[IV_CTS_BUF_SIZE];
unsigned char *tmp_buf = NULL;
AES_KEY deck;
- memset(iv_cts,0,EVP_MAX_IV_LENGTH*4);
- if (ivec && ivec->data && (ivec->length <= EVP_MAX_IV_LENGTH))
+ memset(iv_cts,0,sizeof(iv_cts));
+ if (ivec && ivec->data){
+ if (ivec->length != sizeof(iv_cts))
+ return KRB5_CRYPTO_INTERNAL;
memcpy(iv_cts, ivec->data,ivec->length);
+ }
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf)
return ENOMEM;
tmp_len = input->length;
- AES_set_decrypt_key(key->contents, 8*key->length, &deck);
+ AES_set_decrypt_key(key->contents, NUM_BITS * key->length, &deck);
size = CRYPTO_cts128_decrypt((unsigned char *)input->data, tmp_buf,
- input->length, &deck,
- iv_cts, (cbc128_f)AES_cbc_encrypt);
-
-
+ input->length, &deck,
+ iv_cts, (cbc128_f)AES_cbc_encrypt);
if (size <= 0 || output->length < size) {
ret = KRB5_CRYPTO_INTERNAL;
} else {
ret = 0;
}
+ if (!ret && ivec && ivec->data)
+ memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+ memset(tmp_buf, 0, input->length);
OPENSSL_free(tmp_buf);
return ret;
}
+static krb5_error_code
+cts_encr_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data, size_t dlen)
+{
+ int ret = 0;
+ int oblock_len = BLOCK_SIZE * num_data;
+ size_t size = 0, tlen = 0;
+ unsigned char *oblock = NULL, *dbuf = NULL;
+ unsigned char iv_cts[IV_CTS_BUF_SIZE];
+ unsigned char iblock[BLOCK_SIZE];
+ struct iov_block_state input_pos, output_pos;
+ AES_KEY enck;
+
+ memset(iv_cts,0,sizeof(iv_cts));
+ if (ivec && ivec->data){
+ if (ivec->length != sizeof(iv_cts))
+ return KRB5_CRYPTO_INTERNAL;
+ memcpy(iv_cts, ivec->data,ivec->length);
+ }
+
+ oblock = OPENSSL_malloc(oblock_len);
+ if (!oblock){
+ return ENOMEM;
+ }
+ dbuf = OPENSSL_malloc(dlen);
+ if (!dbuf){
+ OPENSSL_free(oblock);
+ return ENOMEM;
+ }
+
+ memset(oblock, 0, oblock_len);
+ memset(dbuf, 0, dlen);
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ tlen = 0;
+ for (;;) {
+ if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE,
+ data, num_data, &input_pos)){
+ memcpy(dbuf+tlen,iblock, BLOCK_SIZE);
+
+ tlen += BLOCK_SIZE;
+ } else {
+ memcpy(dbuf+tlen,iblock, dlen - tlen);
+ break;
+ }
+
+ if (tlen > dlen) break;
+ }
+
+ AES_set_encrypt_key(key->contents, NUM_BITS * key->length, &enck);
+
+ size = CRYPTO_cts128_encrypt((unsigned char *)dbuf, oblock, dlen, &enck,
+ iv_cts, (cbc128_f)AES_cbc_encrypt);
+ if (size <= 0) {
+ ret = KRB5_CRYPTO_INTERNAL;
+ } else {
+ krb5int_c_iov_put_block(data, num_data,
+ oblock, dlen, &output_pos);
+ }
+
+ if (!ret && ivec && ivec->data)
+ memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+ memset(oblock,0,oblock_len);
+ memset(dbuf,0,dlen);
+ OPENSSL_free(oblock);
+ OPENSSL_free(dbuf);
+
+ return ret;
+}
+
+static krb5_error_code
+cts_decr_iov(const krb5_keyblock *key,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data, size_t dlen)
+{
+ int ret = 0;
+ int oblock_len = BLOCK_SIZE*num_data;
+ size_t size = 0, tlen = 0;
+ unsigned char *oblock = NULL;
+ unsigned char *dbuf = NULL;
+ unsigned char iblock[BLOCK_SIZE];
+ unsigned char iv_cts[IV_CTS_BUF_SIZE];
+ struct iov_block_state input_pos, output_pos;
+ AES_KEY deck;
+
+ memset(iv_cts,0,sizeof(iv_cts));
+ if (ivec && ivec->data){
+ if (ivec->length <= sizeof(iv_cts))
+ return KRB5_CRYPTO_INTERNAL;
+ memcpy(iv_cts, ivec->data,ivec->length);
+ }
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ oblock = OPENSSL_malloc(oblock_len);
+ if (!oblock)
+ return ENOMEM;
+ dbuf = OPENSSL_malloc(dlen);
+ if (!dbuf){
+ OPENSSL_free(oblock);
+ return ENOMEM;
+ }
+
+ memset(oblock, 0, oblock_len);
+ memset(dbuf, 0, dlen);
+
+ AES_set_decrypt_key(key->contents, NUM_BITS * key->length, &deck);
+
+ tlen = 0;
+ for (;;) {
+ if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE,
+ data, num_data, &input_pos)){
+ memcpy(dbuf+tlen,iblock, BLOCK_SIZE);
+
+ tlen += BLOCK_SIZE;
+ } else {
+ memcpy(dbuf+tlen,iblock, dlen - tlen);
+ break;
+ }
+
+ if (tlen > dlen) break;
+ }
+
+ size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
+ dlen, &deck,
+ iv_cts, (cbc128_f)AES_cbc_encrypt);
+ if (size <= 0)
+ ret = KRB5_CRYPTO_INTERNAL;
+ else {
+ krb5int_c_iov_put_block(data, num_data, oblock, dlen, &output_pos);
+ }
+
+ if (!ret && ivec && ivec->data)
+ memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+ memset(oblock,0,oblock_len);
+ memset(dbuf,0,dlen);
+ OPENSSL_free(oblock);
+ OPENSSL_free(dbuf);
+
+ return ret;
+}
+
krb5_error_code
krb5int_aes_encrypt(const krb5_keyblock *key, const krb5_data *ivec,
const krb5_data *input, krb5_data *output)
{
int ret = 0;
- if ( input->length < BLOCK_SIZE * 2) {
-
+ if (input->length <= BLOCK_SIZE){
ret = cbc_enc(key, ivec, input, output);
-
} else {
-
ret = cts_enc(key, ivec, input, output);
}
const krb5_data *input, krb5_data *output)
{
int ret = 0;
+ int nblocks = 0;
- if ( input->length < BLOCK_SIZE*2) {
+ if (input->length < BLOCK_SIZE)
+ abort();
+ if (input->length == BLOCK_SIZE){
ret = cbc_decr(key, ivec, input, output);
-
} else {
-
ret = cts_decr(key, ivec, input, output);
-
}
return ret;
krb5_crypto_iov *data,
size_t num_data)
{
- aes_ctx ctx;
- char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE];
- int nblocks = 0, blockno;
+ int ret = 0;
+ int nblocks = 0;
size_t input_length, i;
- if (aes_enc_key(key->contents, key->length, &ctx) != aes_good)
- abort();
-
- if (ivec != NULL)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
- else
- memset(tmp, 0, BLOCK_SIZE);
-
- for (i = 0, input_length = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ for (i = 0, input_length = 0; i < num_data; i++){
+ krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
-
assert(nblocks > 1);
- {
- char blockN2[BLOCK_SIZE]; /* second last */
- char blockN1[BLOCK_SIZE]; /* last block */
- struct iov_block_state input_pos, output_pos;
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- char blockN[BLOCK_SIZE];
-
- krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
- xorblock(tmp, blockN);
- enc(tmp2, tmp, &ctx);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
-
- /* Set up for next block. */
- memcpy(tmp, tmp2, BLOCK_SIZE);
- }
-
- /* Do final CTS step for last two blocks (the second of which
- may or may not be incomplete). */
-
- /* First, get the last two blocks */
- memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
- krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
- krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+ ret = cts_encr_iov(key, ivec, data, num_data, input_length);
- /* Encrypt second last block */
- xorblock(tmp, blockN2);
- enc(tmp2, tmp, &ctx);
- memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */
- memcpy(tmp, tmp2, BLOCK_SIZE);
-
- /* Encrypt last block */
- xorblock(tmp, blockN1);
- enc(tmp2, tmp, &ctx);
- memcpy(blockN1, tmp2, BLOCK_SIZE);
-
- /* Put the last two blocks back into the iovec (reverse order) */
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
-
- if (ivec != NULL)
- memcpy(ivec->data, blockN1, BLOCK_SIZE);
- }
-
- return 0;
+ return ret;
}
static krb5_error_code
krb5_crypto_iov *data,
size_t num_data)
{
- aes_ctx ctx;
- char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
- int nblocks = 0, blockno;
- unsigned int i;
- size_t input_length;
-
- if (aes_dec_key(key->contents, key->length, &ctx) != aes_good)
- abort();
-
- if (ivec != NULL)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
- else
- memset(tmp, 0, BLOCK_SIZE);
+ int ret = 0;
+ int nblocks = 0;
+ size_t input_length, i;
for (i = 0, input_length = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
assert(nblocks > 1);
- {
- char blockN2[BLOCK_SIZE]; /* second last */
- char blockN1[BLOCK_SIZE]; /* last block */
- struct iov_block_state input_pos, output_pos;
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- char blockN[BLOCK_SIZE];
-
- krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
- dec(tmp2, blockN, &ctx);
- xorblock(tmp2, tmp);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
- memcpy(tmp, blockN, BLOCK_SIZE);
- }
-
- /* Do last two blocks, the second of which (next-to-last block
- of plaintext) may be incomplete. */
-
- /* First, get the last two encrypted blocks */
- memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
- krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
- krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
-
- /* Decrypt second last block */
- dec(tmp2, blockN2, &ctx);
- /* Set tmp2 to last (possibly partial) plaintext block, and
- save it. */
- xorblock(tmp2, blockN1);
- memcpy(blockN2, tmp2, BLOCK_SIZE);
-
- /* Maybe keep the trailing part, and copy in the last
- ciphertext block. */
- input_length %= BLOCK_SIZE;
- memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE);
- dec(tmp3, tmp2, &ctx);
- xorblock(tmp3, tmp);
- /* Copy out ivec first before we clobber blockN1 with plaintext */
- if (ivec != NULL)
- memcpy(ivec->data, blockN1, BLOCK_SIZE);
- memcpy(blockN1, tmp3, BLOCK_SIZE);
-
- /* Put the last two blocks back into the iovec */
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
- }
+ ret = cts_decr_iov(key, ivec, data, num_data, input_length);
- return 0;
+ return ret;
}
static krb5_error_code
memset(state->data, 0, state->length);
return 0;
}
-
const struct krb5_enc_provider krb5int_enc_aes128 = {
16,
16, 16,
void shsFinal(SHS_INFO *shsInfo)
{
- EVP_DigestFinal_ex(&shsInfo->ossl_sha1_ctx ,(unsigned char *)shsInfo->digestBuf , &shsInfo->digestLen);
+ EVP_DigestFinal_ex(&shsInfo->ossl_sha1_ctx ,(unsigned char *)shsInfo->digestBuf , &shsInfo->digestLen);
EVP_MD_CTX_cleanup(&shsInfo->ossl_sha1_ctx );
}
/* The structure for storing SHS info */
typedef struct {
- EVP_MD_CTX ossl_sha1_ctx;
+ EVP_MD_CTX ossl_sha1_ctx;
unsigned char digestBuf[SHS_DIGESTSIZE]; /* output */
unsigned int digestLen; /* output */
} SHS_INFO;
gss_iov_buffer_desc *, /* iov */
int); /* iov_count */
-
/*
* Protocol transition
*/
OM_uint32 *, /* initiator_time_rec */
OM_uint32 *); /* acceptor_time_rec */
+/*
+ * Naming extensions
+ */
+OM_uint32 KRB5_CALLCONV gss_display_name_ext
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_OID, /* display_as_name_type */
+ gss_buffer_t /* display_name */
+);
+
+OM_uint32 KRB5_CALLCONV gss_inquire_name
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int *, /* name_is_MN */
+ gss_OID *, /* MN_mech */
+ gss_buffer_set_t * /* attrs */
+);
+
+OM_uint32 KRB5_CALLCONV gss_get_name_attribute
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t, /* attr */
+ int *, /* authenticated */
+ int *, /* complete */
+ gss_buffer_t, /* value */
+ gss_buffer_t, /* display_value */
+ int * /* more */
+);
+
+OM_uint32 KRB5_CALLCONV gss_set_name_attribute
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int, /* complete */
+ gss_buffer_t, /* attr */
+ gss_buffer_t /* value */
+);
+
+OM_uint32 KRB5_CALLCONV gss_delete_name_attribute
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t /* attr */
+);
+
+OM_uint32 KRB5_CALLCONV gss_export_name_composite
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t /* exp_composite_name */
+);
+
+typedef struct gss_any *gss_any_t;
+
+OM_uint32 KRB5_CALLCONV gss_map_name_to_any
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int, /* authenticated */
+ gss_buffer_t, /* type_id */
+ gss_any_t * /* output */
+);
+
+OM_uint32 KRB5_CALLCONV gss_release_any_name_mapping
+(
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t, /* type_id */
+ gss_any_t * /* input */
+);
+
#ifdef __cplusplus
}
#endif
$(srcdir)/k5unsealiov.c \
$(srcdir)/krb5_gss_glue.c \
$(srcdir)/lucid_context.c \
+ $(srcdir)/naming_exts.c \
$(srcdir)/process_context_token.c \
$(srcdir)/rel_cred.c \
$(srcdir)/rel_oid.c \
$(OUTPRE)k5unsealiov.$(OBJEXT) \
$(OUTPRE)krb5_gss_glue.$(OBJEXT) \
$(OUTPRE)lucid_context.$(OBJEXT) \
+ $(OUTPRE)naming_exts.$(OBJEXT) \
$(OUTPRE)process_context_token.$(OBJEXT) \
$(OUTPRE)rel_cred.$(OBJEXT) \
$(OUTPRE)rel_oid.$(OBJEXT) \
k5unsealiov.o \
krb5_gss_glue.o \
lucid_context.o \
+ naming_exts.o \
process_context_token.o \
rel_cred.o \
rel_oid.o \
/* copy the client principle into it... */
if ((retval =
- krb5_copy_principal(context, creds[0]->client, &(cred->princ)))) {
+ kg_init_name(context, creds[0]->client, NULL, 0, &cred->name))) {
k5_mutex_destroy(&cred->lock);
retval = ENOMEM; /* out of memory? */
xfree(cred); /* clean up memory on failure */
}
cred->usage = GSS_C_INITIATE; /* we can't accept with this */
- /* cred->princ already set */
+ /* cred->name already set */
cred->prerfc_mech = 1; /* this cred will work with all three mechs */
cred->rfc_mech = 1;
cred->keytab = NULL; /* no keytab associated with this... */
krb5_error_code code;
krb5_gss_ctx_id_rec *ctx = 0;
krb5_timestamp now;
- krb5_principal name = NULL;
+ krb5_gss_name_t name = NULL;
krb5_ui_4 nonce = 0;
krb5_data ap_rep;
OM_uint32 major_status = GSS_S_FAILURE;
ctx->established = 1;
if (src_name) {
- if ((code = krb5_copy_principal(ctx->k5_context, ctx->there, &name))) {
- major_status = GSS_S_FAILURE;
- goto fail;
- }
- /* intern the src_name */
- if (! kg_save_name((gss_name_t) name)) {
- code = G_VALIDATE_FAILED;
+ if ((code = kg_duplicate_name(ctx->k5_context, ctx->there,
+ KG_INIT_NAME_INTERN, &name))) {
major_status = GSS_S_FAILURE;
goto fail;
}
krb5_address addr, *paddr;
krb5_authenticator *authdat = 0;
krb5_checksum reqcksum;
- krb5_principal name = NULL;
+ krb5_gss_name_t name = NULL;
krb5_ui_4 gss_flags = 0;
int decode_req_message = 0;
krb5_gss_ctx_id_rec *ctx = NULL;
krb5_flags ap_req_options = 0;
krb5_enctype negotiated_etype;
krb5_keyblock *keyblock = NULL;
+ krb5_authdata_context ad_context = NULL;
code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
if (code) {
goto fail;
}
- if ((code = krb5_rd_req(context, &auth_context, &ap_req, cred->princ,
- cred->keytab, &ap_req_options, &ticket))) {
+ if ((code = krb5_rd_req(context, &auth_context, &ap_req,
+ cred->name ? cred->name->princ : NULL,
+ cred->keytab,
+ &ap_req_options,
+ &ticket))) {
major_status = GSS_S_FAILURE;
goto fail;
}
major_status = GSS_S_FAILURE;
goto fail;
}
- if ((code = krb5_copy_principal(context, ticket->server, &ctx->here))) {
+ if ((code = kg_init_name(context, ticket->server, NULL, 0, &ctx->here))) {
major_status = GSS_S_FAILURE;
goto fail;
}
-
- if ((code = krb5_copy_principal(context, authdat->client, &ctx->there))) {
+ if ((code = krb5_auth_con_get_authdata_context(context, auth_context,
+ &ad_context))) {
major_status = GSS_S_FAILURE;
goto fail;
}
+ if ((code = kg_init_name(context, authdat->client,
+ ad_context, KG_INIT_NAME_NO_COPY, &ctx->there))) {
+ major_status = GSS_S_FAILURE;
+ goto fail;
+ }
+ /* Now owned by ctx->there */
+ authdat->client = NULL;
+ krb5_auth_con_set_authdata_context(context, auth_context, NULL);
if ((code = krb5_auth_con_getrecvsubkey(context, auth_context,
&keyblock))) {
/* set the return arguments */
if (src_name) {
- if ((code = krb5_copy_principal(context, ctx->there, &name))) {
- major_status = GSS_S_FAILURE;
- goto fail;
- }
- /* intern the src_name */
- if (! kg_save_name((gss_name_t) name)) {
- code = G_VALIDATE_FAILED;
+ if ((code = kg_duplicate_name(context, ctx->there,
+ KG_INIT_NAME_INTERN, &name))) {
major_status = GSS_S_FAILURE;
goto fail;
}
if (deleg_cred) { /* free memory associated with the deleg credential */
if (deleg_cred->ccache)
(void)krb5_cc_close(context, deleg_cred->ccache);
- if (deleg_cred->princ)
- krb5_free_principal(context, deleg_cred->princ);
+ if (deleg_cred->name)
+ kg_release_name(context, 0, &deleg_cred->name);
xfree(deleg_cred);
}
if (token.value)
xfree(token.value);
if (name) {
- (void) kg_delete_name((gss_name_t) name);
- krb5_free_principal(context, name);
+ (void) kg_release_name(context, 0, &name);
}
*minor_status = code;
krb_error_data.error = code;
(void) krb5_us_timeofday(context, &krb_error_data.stime,
&krb_error_data.susec);
- krb_error_data.server = cred->princ;
+ krb_error_data.server = cred->name ? cred->name->princ : NULL;
code = krb5_mk_error(context, &krb_error_data, &scratch);
if (code)
}
/* get credentials corresponding to a key in the krb5 keytab.
- If the default name is requested, return the name in output_princ.
- If output_princ is non-NULL, the caller will use or free it, regardless
+ If the default name is requested, return the name in output_name.
+ If output_name is non-NULL, the caller will use or free it, regardless
of the return value.
If successful, set the keytab-specific fields in cred
*/
static OM_uint32
-acquire_accept_cred(context, minor_status, desired_name, output_princ, cred)
+acquire_accept_cred(context, minor_status, desired_name, output_name, cred)
krb5_context context;
OM_uint32 *minor_status;
- gss_name_t desired_name;
- krb5_principal *output_princ;
+ krb5_gss_name_t desired_name;
+ krb5_gss_name_t *output_name;
krb5_gss_cred_id_rec *cred;
{
krb5_error_code code;
krb5_keytab kt;
krb5_keytab_entry entry;
- *output_princ = NULL;
+ *output_name = NULL;
cred->keytab = NULL;
/* open the default keytab */
return(GSS_S_CRED_UNAVAIL);
}
- if (desired_name != GSS_C_NO_NAME) {
- princ = (krb5_principal) desired_name;
+ if (desired_name != NULL) {
+ princ = desired_name->princ;
if ((code = krb5_kt_get_entry(context, kt, princ, 0, 0, &entry))) {
(void) krb5_kt_close(context, kt);
if (code == KRB5_KT_NOTFOUND) {
#endif /* LEAN_CLIENT */
/* get credentials corresponding to the default credential cache.
- If the default name is requested, return the name in output_princ.
- If output_princ is non-NULL, the caller will use or free it, regardless
+ If the default name is requested, return the name in output_name.
+ If output_name is non-NULL, the caller will use or free it, regardless
of the return value.
If successful, set the ccache-specific fields in cred.
*/
static OM_uint32
-acquire_init_cred(context, minor_status, desired_name, output_princ, cred)
+acquire_init_cred(context, minor_status, desired_name, output_name, cred)
krb5_context context;
OM_uint32 *minor_status;
- gss_name_t desired_name;
- krb5_principal *output_princ;
+ krb5_gss_name_t desired_name;
+ krb5_gss_name_t *output_name;
krb5_gss_cred_id_rec *cred;
{
krb5_error_code code;
kim_ccache kimccache = NULL;
kim_identity identity = NULL;
kim_credential_state state;
- krb5_principal desired_princ = (krb5_principal) desired_name;
err = kim_identity_create_from_krb5_principal (&identity,
context,
- desired_princ);
+ desired_name->princ);
if (!err) {
err = kim_ccache_create_from_client_identity (&kimccache, identity);
if ( pLeash_AcquireInitialTicketsIfNeeded ) {
char ccname[256]="";
- pLeash_AcquireInitialTicketsIfNeeded(context, (krb5_principal) desired_name, ccname, sizeof(ccname));
+ pLeash_AcquireInitialTicketsIfNeeded(context, desired_name->princ, ccname, sizeof(ccname));
if (!ccname[0]) {
*minor_status = KRB5_CC_NOTFOUND;
return(GSS_S_CRED_UNAVAIL);
return(GSS_S_FAILURE);
}
- if (desired_name != (gss_name_t) NULL) {
- if (! krb5_principal_compare(context, princ, (krb5_principal) desired_name)) {
+ if (desired_name != (krb5_gss_name_t)NULL) {
+ if (! krb5_principal_compare(context, princ, desired_name->princ)) {
(void)krb5_free_principal(context, princ);
(void)krb5_cc_close(context, ccache);
*minor_status = KG_CCACHE_NOMATCH;
return(GSS_S_CRED_UNAVAIL);
}
(void)krb5_free_principal(context, princ);
- princ = (krb5_principal) desired_name;
+ princ = desired_name->princ;
} else {
- *output_princ = princ;
+ if ((code = kg_init_name(context, princ, NULL,
+ KG_INIT_NAME_NO_COPY | KG_INIT_NAME_INTERN,
+ output_name))) {
+ (void)krb5_free_principal(context, princ);
+ (void)krb5_cc_close(context, ccache);
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
}
/* iterate over the ccache, find the tgt */
/* validate the name */
/*SUPPRESS 29*/
- if ((desired_name != (gss_name_t) NULL) &&
+ if ((desired_name != GSS_C_NO_NAME) &&
(! kg_validate_name(desired_name))) {
*minor_status = (OM_uint32) G_VALIDATE_FAILED;
krb5_free_context(context);
memset(cred, 0, sizeof(krb5_gss_cred_id_rec));
cred->usage = cred_usage;
- cred->princ = NULL;
+ cred->name = NULL;
cred->prerfc_mech = (req_old != 0);
cred->rfc_mech = (req_new != 0);
}
/* if requested, acquire credentials for accepting */
- /* this will fill in cred->princ if the desired_name is not specified */
+ /* this will fill in cred->name if the desired_name is not specified */
#ifndef LEAN_CLIENT
if ((cred_usage == GSS_C_ACCEPT) ||
(cred_usage == GSS_C_BOTH))
if ((ret = acquire_accept_cred(context, minor_status, desired_name,
- &(cred->princ), cred))
+ &(cred->name), cred))
!= GSS_S_COMPLETE) {
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
k5_mutex_destroy(&cred->lock);
xfree(cred);
/* minor_status set by acquire_accept_cred() */
#endif /* LEAN_CLIENT */
/* if requested, acquire credentials for initiation */
- /* this will fill in cred->princ if it wasn't set above, and
+ /* this will fill in cred->name if it wasn't set above, and
the desired_name is not specified */
if ((cred_usage == GSS_C_INITIATE) ||
(cred_usage == GSS_C_BOTH))
if ((ret =
acquire_init_cred(context, minor_status,
- cred->princ?(gss_name_t)cred->princ:desired_name,
- &(cred->princ), cred))
+ cred->name?cred->name:(krb5_gss_name_t)desired_name,
+ &cred->name, cred))
!= GSS_S_COMPLETE) {
#ifndef LEAN_CLIENT
if (cred->keytab)
krb5_kt_close(context, cred->keytab);
#endif /* LEAN_CLIENT */
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
k5_mutex_destroy(&cred->lock);
xfree(cred);
/* minor_status set by acquire_init_cred() */
/* if the princ wasn't filled in already, fill it in now */
- if (!cred->princ && (desired_name != GSS_C_NO_NAME))
- if ((code = krb5_copy_principal(context, (krb5_principal) desired_name,
- &(cred->princ)))) {
+ if (!cred->name && (desired_name != GSS_C_NO_NAME))
+ if ((code = kg_duplicate_name(context,
+ (krb5_gss_name_t)desired_name,
+ 0, &cred->name))) {
if (cred->ccache)
(void)krb5_cc_close(context, cred->ccache);
#ifndef LEAN_CLIENT
if (cred->keytab)
(void)krb5_kt_close(context, cred->keytab);
#endif /* LEAN_CLIENT */
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
k5_mutex_destroy(&cred->lock);
xfree(cred);
*minor_status = code;
if (cred->keytab)
(void)krb5_kt_close(context, cred->keytab);
#endif /* LEAN_CLIENT */
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
k5_mutex_destroy(&cred->lock);
xfree(cred);
/* *minor_status set above */
if (cred->keytab)
(void)krb5_kt_close(context, cred->keytab);
#endif /* LEAN_CLIENT */
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
k5_mutex_destroy(&cred->lock);
xfree(cred);
*minor_status = (OM_uint32) G_VALIDATE_FAILED;
/* make sure the desired_name is the same as the existing one */
if (desired_name &&
- !krb5_principal_compare(context, (krb5_principal) desired_name,
- cred->princ)) {
+ !kg_compare_name(context, (krb5_gss_name_t)desired_name, cred->name)) {
*minor_status = 0;
krb5_free_context(context);
return(GSS_S_BAD_NAME);
new_cred->rfc_mech = cred->rfc_mech;
new_cred->tgt_expire = cred->tgt_expire;
- if (cred->princ)
- code = krb5_copy_principal(context, cred->princ, &new_cred->princ);
+ if (cred->name)
+ code = kg_duplicate_name(context, cred->name, 0, &new_cred->name);
if (code) {
xfree(new_cred);
if (cred->keytab) {
kttype = krb5_kt_get_type(context, cred->keytab);
if ((strlen(kttype)+2) > sizeof(ktboth)) {
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
*minor_status = ENOMEM;
ktboth+strlen(ktboth),
sizeof(ktboth)-strlen(ktboth));
if (code) {
- if(new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if(new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
*minor_status = code;
code = krb5_kt_resolve(context, ktboth, &new_cred->keytab);
if (code) {
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
*minor_status = code;
if (cred->rcache) {
/* Open the replay cache for this principal. */
+ assert(cred->name->princ != NULL);
+
if ((code = krb5_get_server_rcache(context,
- krb5_princ_component(context, cred->princ, 0),
+ krb5_princ_component(context, cred->name->princ, 0),
&new_cred->rcache))) {
#ifndef LEAN_CLIENT
if (new_cred->keytab)
krb5_kt_close(context, new_cred->keytab);
#endif /* LEAN_CLIENT */
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
*minor_status = code;
if (new_cred->keytab)
krb5_kt_close(context, new_cred->keytab);
#endif /* LEAN_CLIENT */
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
krb5_free_context(context);
if (new_cred->keytab)
krb5_kt_close(context, new_cred->keytab);
#endif /* LEAN_CLIENT */
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
*minor_status = code;
if (new_cred->keytab)
krb5_kt_close(context, new_cred->keytab);
#endif /* LEAN_CLIENT */
- if (new_cred->princ)
- krb5_free_principal(context, new_cred->princ);
+ if (new_cred->name)
+ kg_release_name(context, 0, &new_cred->name);
xfree(new_cred);
krb5_free_context(context);
}
*minor_status = 0;
- *name_equal = krb5_principal_compare(context, (krb5_principal) name1,
- (krb5_principal) name2);
+ *name_equal = kg_compare_name(context,
+ (krb5_gss_name_t)name1,
+ (krb5_gss_name_t)name2);
krb5_free_context(context);
return(GSS_S_COMPLETE);
}
krb5_k_free_key(context, ctx->seq);
if (ctx->here)
- krb5_free_principal(context, ctx->here);
+ kg_release_name(context, 0, &ctx->here);
if (ctx->there)
- krb5_free_principal(context, ctx->there);
+ kg_release_name(context, 0, &ctx->there);
if (ctx->subkey)
krb5_k_free_key(context, ctx->subkey);
if (ctx->acceptor_subkey)
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h accept_sec_context.c \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ accept_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h
acquire_cred.so acquire_cred.po $(OUTPRE)acquire_cred.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h acquire_cred.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ acquire_cred.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
add_cred.so add_cred.po $(OUTPRE)add_cred.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h add_cred.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ add_cred.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
canon_name.so canon_name.po $(OUTPRE)canon_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h canon_name.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ canon_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
compare_name.so compare_name.po $(OUTPRE)compare_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h compare_name.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ compare_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
context_time.so context_time.po $(OUTPRE)context_time.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h context_time.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ context_time.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
copy_ccache.so copy_ccache.po $(OUTPRE)copy_ccache.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h copy_ccache.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ copy_ccache.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
delete_sec_context.so delete_sec_context.po $(OUTPRE)delete_sec_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h delete_sec_context.c \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ delete_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h
disp_name.so disp_name.po $(OUTPRE)disp_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h disp_name.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ disp_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
disp_status.so disp_status.po $(OUTPRE)disp_status.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h disp_status.c error_map.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ disp_status.c error_map.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h
duplicate_name.so duplicate_name.po $(OUTPRE)duplicate_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h duplicate_name.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ duplicate_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
export_name.so export_name.po $(OUTPRE)export_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h export_name.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ export_name.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
export_sec_context.so export_sec_context.po $(OUTPRE)export_sec_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h export_sec_context.c \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ export_sec_context.c gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h
get_tkt_flags.so get_tkt_flags.po $(OUTPRE)get_tkt_flags.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h get_tkt_flags.c gssapiP_krb5.h \
- gssapi_err_krb5.h gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ get_tkt_flags.c gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h
gssapi_krb5.so gssapi_krb5.po $(OUTPRE)gssapi_krb5.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.c gssapi_krb5.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \
+ $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.c gssapi_krb5.h
import_name.so import_name.po $(OUTPRE)import_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h import_name.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h import_name.c
import_sec_context.so import_sec_context.po $(OUTPRE)import_sec_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h import_sec_context.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h import_sec_context.c
indicate_mechs.so indicate_mechs.po $(OUTPRE)indicate_mechs.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h indicate_mechs.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \
+ $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h indicate_mechs.c
init_sec_context.so init_sec_context.po $(OUTPRE)init_sec_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h init_sec_context.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h init_sec_context.c
inq_context.so inq_context.po $(OUTPRE)inq_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h inq_context.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_context.c
inq_cred.so inq_cred.po $(OUTPRE)inq_cred.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h inq_cred.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_cred.c
inq_names.so inq_names.po $(OUTPRE)inq_names.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h inq_names.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h inq_names.c
k5seal.so k5seal.po $(OUTPRE)k5seal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5seal.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h k5seal.c
k5sealiov.so k5sealiov.po $(OUTPRE)k5sealiov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h k5sealiov.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealiov.c
k5sealv3.so k5sealv3.po $(OUTPRE)k5sealv3.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h k5sealv3.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealv3.c
k5sealv3iov.so k5sealv3iov.po $(OUTPRE)k5sealv3iov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h k5sealv3iov.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5sealv3iov.c
k5unseal.so k5unseal.po $(OUTPRE)k5unseal.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h k5unseal.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5unseal.c
k5unsealiov.so k5unsealiov.po $(OUTPRE)k5unsealiov.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h k5unsealiov.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h k5unsealiov.c
krb5_gss_glue.so krb5_gss_glue.po $(OUTPRE)krb5_gss_glue.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h krb5_gss_glue.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h krb5_gss_glue.c
lucid_context.so lucid_context.po $(OUTPRE)lucid_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h lucid_context.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h lucid_context.c
+naming_exts.so naming_exts.po $(OUTPRE)naming_exts.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
+ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+ $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
+ $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
+ $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h naming_exts.c
process_context_token.so process_context_token.po $(OUTPRE)process_context_token.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h process_context_token.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h process_context_token.c
rel_cred.so rel_cred.po $(OUTPRE)rel_cred.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h rel_cred.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h rel_cred.c
rel_oid.so rel_oid.po $(OUTPRE)rel_oid.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h rel_oid.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h rel_oid.c
rel_name.so rel_name.po $(OUTPRE)rel_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h rel_name.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h rel_name.c
s4u_gss_glue.so s4u_gss_glue.po $(OUTPRE)s4u_gss_glue.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h s4u_gss_glue.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h s4u_gss_glue.c
seal.so seal.po $(OUTPRE)seal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h seal.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h seal.c
set_allowable_enctypes.so set_allowable_enctypes.po \
$(OUTPRE)set_allowable_enctypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h set_allowable_enctypes.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h set_allowable_enctypes.c
ser_sctx.so ser_sctx.po $(OUTPRE)ser_sctx.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h ser_sctx.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h ser_sctx.c
set_ccache.so set_ccache.po $(OUTPRE)set_ccache.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h set_ccache.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h set_ccache.c
sign.so sign.po $(OUTPRE)sign.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h sign.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h sign.c
unseal.so unseal.po $(OUTPRE)unseal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h unseal.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h unseal.c
util_cksum.so util_cksum.po $(OUTPRE)util_cksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h util_cksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_cksum.c
util_crypt.so util_crypt.po $(OUTPRE)util_crypt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h util_crypt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_crypt.c
util_seed.so util_seed.po $(OUTPRE)util_seed.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h util_seed.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_seed.c
util_seqnum.so util_seqnum.po $(OUTPRE)util_seqnum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h util_seqnum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h util_seqnum.c
val_cred.so val_cred.po $(OUTPRE)val_cred.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h val_cred.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h val_cred.c
verify.so verify.po $(OUTPRE)verify.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
- $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
- gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h verify.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
+ gssapi_krb5.h verify.c
wrap_size_limit.so wrap_size_limit.po $(OUTPRE)wrap_size_limit.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- ../generic/gssapi_err_generic.h gssapiP_krb5.h gssapi_err_krb5.h \
- gssapi_krb5.h wrap_size_limit.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h ../generic/gssapi_err_generic.h \
+ gssapiP_krb5.h gssapi_err_krb5.h gssapi_krb5.h wrap_size_limit.c
}
if ((code = krb5_unparse_name(context,
- (krb5_principal) input_name, &str))) {
+ ((krb5_gss_name_t) input_name)->princ,
+ &str))) {
*minor_status = code;
save_error_info(*minor_status, context);
krb5_free_context(context);
{
krb5_context context;
krb5_error_code code;
- krb5_principal princ, outprinc;
+ krb5_gss_name_t princ, outprinc;
if (minor_status)
*minor_status = 0;
return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME);
}
- princ = (krb5_principal)input_name;
- if ((code = krb5_copy_principal(context, princ, &outprinc))) {
+ princ = (krb5_gss_name_t)input_name;
+ if ((code = kg_duplicate_name(context, princ, KG_INIT_NAME_INTERN, &outprinc))) {
*minor_status = code;
save_error_info(*minor_status, context);
krb5_free_context(context);
return(GSS_S_FAILURE);
}
-
- if (! kg_save_name((gss_name_t) outprinc)) {
- krb5_free_principal(context, outprinc);
- krb5_free_context(context);
- *minor_status = (OM_uint32) G_VALIDATE_FAILED;
- return(GSS_S_FAILURE);
- }
-
krb5_free_context(context);
*dest_name = (gss_name_t) outprinc;
+ assert(kg_validate_name(*dest_name));
return(GSS_S_COMPLETE);
}
return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME);
}
- if ((code = krb5_unparse_name(context, (krb5_principal) input_name,
+ if ((code = krb5_unparse_name(context, ((krb5_gss_name_t) input_name)->princ,
&str))) {
if (minor_status)
*minor_status = code;
/** internal types **/
-typedef krb5_principal krb5_gss_name_t;
+typedef struct _krb5_gss_name_rec {
+ krb5_principal princ; /* immutable */
+ k5_mutex_t lock; /* protects ad_context only for now */
+ krb5_authdata_context ad_context;
+} krb5_gss_name_rec, *krb5_gss_name_t;
typedef struct _krb5_gss_cred_id_rec {
/* protect against simultaneous accesses */
/* name/type of credential */
gss_cred_usage_t usage;
- krb5_principal princ; /* this is not interned as a gss_name_t */
+ krb5_gss_name_t name;
unsigned int prerfc_mech : 1;
unsigned int rfc_mech : 1;
unsigned int proxy_cred : 1;
unsigned int seed_init : 1; /* XXX tested but never actually set */
OM_uint32 gss_flags;
unsigned char seed[16];
- krb5_principal here;
- krb5_principal there;
+ krb5_gss_name_t here;
+ krb5_gss_name_t there;
krb5_key subkey; /* One of two potential keys to use with RFC 4121
* packets; this key must always be set. */
int signalg;
int gss_krb5int_rotate_left (void *ptr, size_t bufsiz, size_t rc);
+/* naming_exts.c */
+#define KG_INIT_NAME_INTERN 0x1
+#define KG_INIT_NAME_NO_COPY 0x2
+
+krb5_error_code
+kg_init_name(krb5_context context,
+ krb5_principal principal,
+ krb5_authdata_context ad_context,
+ krb5_flags flags,
+ krb5_gss_name_t *name);
+
+krb5_error_code
+kg_release_name(krb5_context context,
+ krb5_flags flags,
+ krb5_gss_name_t *name);
+
+krb5_error_code
+kg_duplicate_name(krb5_context context,
+ const krb5_gss_name_t src,
+ krb5_flags flags,
+ krb5_gss_name_t *dst);
+
+krb5_boolean
+kg_compare_name(krb5_context context,
+ krb5_gss_name_t name1,
+ krb5_gss_name_t name2);
+
+OM_uint32
+krb5_gss_display_name_ext(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_OID display_as_name_type,
+ gss_buffer_t display_name);
+
+OM_uint32
+krb5_gss_inquire_name(OM_uint32 *minor_status,
+ gss_name_t name,
+ int *name_is_MN,
+ gss_OID *MN_mech,
+ gss_buffer_set_t *attrs);
+
+OM_uint32
+krb5_gss_get_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr,
+ int *authenticated,
+ int *complete,
+ gss_buffer_t value,
+ gss_buffer_t display_value,
+ int *more);
+
+OM_uint32
+krb5_gss_set_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ int complete,
+ gss_buffer_t attr,
+ gss_buffer_t value);
+
+OM_uint32
+krb5_gss_delete_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr);
+
+OM_uint32
+krb5_gss_export_name_composite(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t exp_composite_name);
+
+OM_uint32
+krb5_gss_map_name_to_any(OM_uint32 *minor_status,
+ gss_name_t name,
+ int authenticated,
+ gss_buffer_t type_id,
+ gss_any_t *output);
+
+OM_uint32
+krb5_gss_release_any_name_mapping(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t type_id,
+ gss_any_t *input);
+
/* s4u_gss_glue.c */
OM_uint32
kg_compose_deleg_cred(OM_uint32 *minor_status,
OM_uint32 *time_rec,
krb5_context context);
-
/*
* These take unglued krb5-mech-specific contexts.
*/
NULL, /* complete_auth_token */
krb5_gss_acquire_cred_impersonate_name,
NULL, /* krb5_gss_add_cred_impersonate_name */
+ NULL, /* display_name_ext */
+ krb5_gss_inquire_name,
+ krb5_gss_get_name_attribute,
+ krb5_gss_set_name_attribute,
+ krb5_gss_delete_name_attribute,
+ krb5_gss_export_name_composite,
+ krb5_gss_map_name_to_any,
+ krb5_gss_release_any_name_mapping,
};
* GSS_S_FAILURE if memory allocation fails
*/
+/*
+ * Import serialized authdata context
+ */
+static krb5_error_code
+import_name_composite(krb5_context context,
+ unsigned char *enc_data, size_t enc_length,
+ krb5_authdata_context *pad_context)
+{
+ krb5_authdata_context ad_context;
+ krb5_error_code code;
+ krb5_data data;
+
+ code = krb5_authdata_context_init(context, &ad_context);
+ if (code != 0)
+ return code;
+
+ data.data = (char *)enc_data;
+ data.length = enc_length;
+
+ code = krb5_authdata_import_attributes(context,
+ ad_context,
+ AD_USAGE_MASK,
+ &data);
+ if (code != 0) {
+ krb5_authdata_context_free(context, ad_context);
+ return code;
+ }
+
+ *pad_context = ad_context;
+
+ return 0;
+}
+
OM_uint32
krb5_gss_import_name(minor_status, input_name_buffer,
input_name_type, output_name)
gss_name_t *output_name;
{
krb5_context context;
- krb5_principal princ;
+ krb5_principal princ = NULL;
krb5_error_code code;
- char *stringrep, *tmp, *tmp2, *cp;
- OM_uint32 length;
+ unsigned char *cp, *end;
+ char *tmp, *stringrep, *tmp2;
+ ssize_t length;
#ifndef NO_PASSWORD
struct passwd *pw;
#endif
+ int has_ad = 0;
+ krb5_authdata_context ad_context = NULL;
code = krb5_gss_init_context(&context);
if (code) {
char *service, *host;
if ((tmp =
- (char *) xmalloc(input_name_buffer->length + 1)) == NULL) {
+ xmalloc(input_name_buffer->length + 1)) == NULL) {
*minor_status = ENOMEM;
krb5_free_context(context);
return(GSS_S_FAILURE);
goto do_getpwuid;
#endif
} else if (g_OID_equal(input_name_type, gss_nt_exported_name)) {
- cp = tmp;
+#define BOUNDS_CHECK(cp, end, n) do { if ((end) - (cp) < (n)) goto fail_name; } while (0)
+ cp = (unsigned char *)tmp;
+ end = cp + input_name_buffer->length;
+
+ BOUNDS_CHECK(cp, end, 2);
if (*cp++ != 0x04)
goto fail_name;
- if (*cp++ != 0x01)
+ switch (*cp++) {
+ case 0x01:
+ break;
+ case 0x02:
+ has_ad++;
+ break;
+ default:
goto fail_name;
+ }
+
+ BOUNDS_CHECK(cp, end, 2);
if (*cp++ != 0x00)
goto fail_name;
length = *cp++;
- if (length != gss_mech_krb5->length+2)
+ if (length != (ssize_t)gss_mech_krb5->length+2)
goto fail_name;
+
+ BOUNDS_CHECK(cp, end, 2);
if (*cp++ != 0x06)
goto fail_name;
length = *cp++;
- if (length != gss_mech_krb5->length)
+ if (length != (ssize_t)gss_mech_krb5->length)
goto fail_name;
+
+ BOUNDS_CHECK(cp, end, length);
if (memcmp(cp, gss_mech_krb5->elements, length) != 0)
goto fail_name;
cp += length;
+
+ BOUNDS_CHECK(cp, end, 4);
length = *cp++;
length = (length << 8) | *cp++;
length = (length << 8) | *cp++;
length = (length << 8) | *cp++;
+
+ BOUNDS_CHECK(cp, end, length);
tmp2 = malloc(length+1);
if (tmp2 == NULL) {
xfree(tmp);
krb5_free_context(context);
return GSS_S_FAILURE;
}
- strncpy(tmp2, cp, length);
+ strncpy(tmp2, (char *)cp, length);
tmp2[length] = 0;
-
stringrep = tmp2;
+ cp += length;
+
+ if (has_ad) {
+ BOUNDS_CHECK(cp, end, 4);
+ length = *cp++;
+ length = (length << 8) | *cp++;
+ length = (length << 8) | *cp++;
+ length = (length << 8) | *cp++;
+
+ BOUNDS_CHECK(cp, end, length);
+ code = import_name_composite(context,
+ cp, length,
+ &ad_context);
+ if (code != 0)
+ goto fail_name;
+ cp += length;
+ }
+ assert(cp == end);
} else {
xfree(tmp);
krb5_free_context(context);
if (code) {
*minor_status = (OM_uint32) code;
save_error_info(*minor_status, context);
+ krb5_authdata_context_free(context, ad_context);
krb5_free_context(context);
return(GSS_S_BAD_NAME);
}
/* save the name in the validation database */
-
- if (! kg_save_name((gss_name_t) princ)) {
+ code = kg_init_name(context, princ, ad_context,
+ KG_INIT_NAME_INTERN | KG_INIT_NAME_NO_COPY,
+ (krb5_gss_name_t *)output_name);
+ if (code != 0) {
+ *minor_status = (OM_uint32) code;
+ save_error_info(*minor_status, context);
krb5_free_principal(context, princ);
+ krb5_authdata_context_free(context, ad_context);
krb5_free_context(context);
- *minor_status = (OM_uint32) G_VALIDATE_FAILED;
return(GSS_S_FAILURE);
}
/* return it */
- *output_name = (gss_name_t) princ;
return(GSS_S_COMPLETE);
}
endtime, out_creds)
krb5_context context;
krb5_gss_cred_id_t cred;
- krb5_principal server;
+ krb5_gss_name_t server;
krb5_timestamp now;
krb5_timestamp endtime;
krb5_creds **out_creds;
memset(&evidence_creds, 0, sizeof(krb5_creds));
in_creds.client = in_creds.server = NULL;
+ assert(cred->name != NULL);
+
if ((code = krb5_cc_get_principal(context, cred->ccache, &cc_princ)))
goto cleanup;
* we can just use the S4U2Self or evidence ticket directly).
*/
if (cred->proxy_cred &&
- !krb5_principal_compare(context, cc_princ, server)) {
+ !krb5_principal_compare(context, cc_princ, server->princ)) {
krb5_creds mcreds;
flags |= KRB5_GC_CANONICALIZE |
mcreds.magic = KV5M_CREDS;
mcreds.times.endtime = cred->tgt_expire;
mcreds.server = cc_princ;
- mcreds.client = cred->princ;
+ mcreds.client = cred->name->princ;
code = krb5_cc_retrieve_cred(context, cred->ccache,
- KRB5_TC_MATCH_TIMES, &mcreds,
+ KRB5_TC_MATCH_TIMES | KRB5_TC_MATCH_AUTHDATA,
+ &mcreds,
&evidence_creds);
if (code)
goto cleanup;
in_creds.client = cc_princ;
in_creds.second_ticket = evidence_creds.ticket;
} else {
- in_creds.client = cred->princ;
+ in_creds.client = cred->name->princ;
}
- in_creds.server = server;
+ in_creds.server = server->princ;
in_creds.times.endtime = endtime;
+ in_creds.authdata = NULL;
+ in_creds.keyblock.enctype = 0;
+
+ /*
+ * cred->name is immutable, so there is no need to acquire
+ * cred->name->lock.
+ */
+ if (cred->name->ad_context != NULL) {
+ code = krb5_authdata_export_authdata(context,
+ cred->name->ad_context,
+ AD_USAGE_TGS_REQ,
+ &in_creds.authdata);
+ if (code != 0)
+ goto cleanup;
+ }
code = krb5_get_credentials(context, flags, cred->ccache,
&in_creds, out_creds);
goto cleanup;
if (flags & KRB5_GC_CONSTRAINED_DELEGATION) {
- if (!krb5_principal_compare(context, cred->princ,
+ if (!krb5_principal_compare(context, cred->name->princ,
(*out_creds)->client)) {
/* server did not support constrained delegation */
code = KRB5_KDCREP_MODIFIED;
}
cleanup:
- if (cc_princ)
- krb5_free_principal(context, cc_princ);
+ krb5_free_authdata(context, in_creds.authdata);
+ krb5_free_principal(context, cc_princ);
krb5_free_cred_contents(context, &evidence_creds);
return code;
krb5_auth_con_setflags(context, auth_context,
con_flags & ~KRB5_AUTH_CONTEXT_DO_TIME);
+ assert(data->cred->name != NULL);
+
code = krb5_fwd_tgt_creds(context, auth_context, 0,
- data->cred->princ, data->ctx->there,
+ data->cred->name->princ, data->ctx->there->princ,
data->cred->ccache, 1,
&credmsg);
}
static krb5_error_code
-make_ap_req_v1(context, ctx, cred, k_cred, chan_bindings, mech_type, token)
+make_ap_req_v1(context, ctx, cred, k_cred, ad_context,
+ chan_bindings, mech_type, token)
krb5_context context;
krb5_gss_ctx_id_rec *ctx;
krb5_gss_cred_id_t cred;
krb5_creds *k_cred;
+ krb5_authdata_context ad_context;
gss_channel_bindings_t chan_bindings;
gss_OID mech_type;
gss_buffer_t token;
if (ctx->gss_flags & GSS_C_MUTUAL_FLAG)
mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_ETYPE_NEGOTIATION;
+ krb5_auth_con_set_authdata_context(context, ctx->auth_context, ad_context);
code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
checksum_data, k_cred, &ap_req);
+ krb5_auth_con_set_authdata_context(context, ctx->auth_context, NULL);
krb5_free_data_contents(context, &cksum_struct.checksum_data);
if (code)
goto cleanup;
ctx->krb_times.endtime = now + time_req;
}
- if ((code = krb5_copy_principal(context, cred->princ, &ctx->here)))
+ if ((code = kg_duplicate_name(context, cred->name, 0, &ctx->here)))
goto fail;
- if ((code = krb5_copy_principal(context, (krb5_principal) target_name,
- &ctx->there)))
+ if ((code = kg_duplicate_name(context, (krb5_gss_name_t)target_name, 0, &ctx->there)))
goto fail;
code = get_credentials(context, cred, ctx->there, now,
/* gsskrb5 v1 */
krb5_int32 seq_temp;
if ((code = make_ap_req_v1(context, ctx,
- cred, k_cred, input_chan_bindings,
+ cred, k_cred, ctx->here->ad_context,
+ input_chan_bindings,
mech_type, &token))) {
if ((code == KRB5_FCC_NOFILE) || (code == KRB5_CC_NOTFOUND) ||
(code == KG_EMPTY_CCACHE))
if (ctx_free->auth_context)
krb5_auth_con_free(context, ctx_free->auth_context);
if (ctx_free->here)
- krb5_free_principal(context, ctx_free->here);
+ kg_release_name(context, 0, &ctx_free->here);
if (ctx_free->there)
- krb5_free_principal(context, ctx_free->there);
+ kg_release_name(context, 0, &ctx_free->there);
if (ctx_free->subkey)
krb5_k_free_key(context, ctx_free->subkey);
xfree(ctx_free);
goto fail;
}
- if (! krb5_principal_compare(context, ctx->there,
- (krb5_principal) target_name)) {
+ if (! kg_compare_name(context, ctx->there, (krb5_gss_name_t)target_name)) {
(void)krb5_gss_delete_sec_context(minor_status,
context_handle, NULL);
code = 0;
krb5_context context;
krb5_error_code code;
krb5_gss_ctx_id_rec *ctx;
- krb5_principal initiator, acceptor;
+ krb5_gss_name_t initiator, acceptor;
krb5_timestamp now;
krb5_deltat lifetime;
lifetime = 0;
if (initiator_name) {
- if ((code = krb5_copy_principal(context,
- ctx->initiate?ctx->here:ctx->there,
- &initiator))) {
+ if ((code = kg_duplicate_name(context,
+ ctx->initiate?ctx->here:ctx->there,
+ KG_INIT_NAME_INTERN,
+ &initiator))) {
*minor_status = code;
save_error_info(*minor_status, context);
return(GSS_S_FAILURE);
}
- if (! kg_save_name((gss_name_t) initiator)) {
- krb5_free_principal(context, initiator);
- *minor_status = (OM_uint32) G_VALIDATE_FAILED;
- return(GSS_S_FAILURE);
- }
}
if (acceptor_name) {
- if ((code = krb5_copy_principal(context,
- ctx->initiate?ctx->there:ctx->here,
- &acceptor))) {
- if (initiator) krb5_free_principal(context, initiator);
+ if ((code = kg_duplicate_name(context,
+ ctx->initiate?ctx->there:ctx->here,
+ KG_INIT_NAME_INTERN,
+ &acceptor))) {
+ if (initiator)
+ kg_release_name(context, KG_INIT_NAME_INTERN,
+ &initiator);
*minor_status = code;
save_error_info(*minor_status, context);
return(GSS_S_FAILURE);
}
- if (! kg_save_name((gss_name_t) acceptor)) {
- krb5_free_principal(context, acceptor);
- if (initiator) {
- kg_delete_name((gss_name_t) initiator);
- krb5_free_principal(context, initiator);
- }
- *minor_status = (OM_uint32) G_VALIDATE_FAILED;
- return(GSS_S_FAILURE);
- }
}
if (initiator_name)
krb5_error_code code;
krb5_timestamp now;
krb5_deltat lifetime;
- krb5_principal ret_name;
+ krb5_gss_name_t ret_name;
gss_OID_set mechs;
OM_uint32 ret;
lifetime = GSS_C_INDEFINITE;
if (name) {
- if (cred->princ &&
- (code = krb5_copy_principal(context, cred->princ, &ret_name))) {
+ if (cred->name &&
+ (code = kg_duplicate_name(context, cred->name,
+ KG_INIT_NAME_INTERN, &ret_name))) {
k5_mutex_unlock(&cred->lock);
*minor_status = code;
save_error_info(*minor_status, context);
&mechs)))) {
k5_mutex_unlock(&cred->lock);
if (ret_name)
- krb5_free_principal(context, ret_name);
+ kg_release_name(context, KG_INIT_NAME_INTERN, &ret_name);
/* *minor_status set above */
goto fail;
}
}
if (name) {
- if (ret_name != NULL && ! kg_save_name((gss_name_t) ret_name)) {
- k5_mutex_unlock(&cred->lock);
- if (cred_handle == GSS_C_NO_CREDENTIAL)
- krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred);
-
- (void) generic_gss_release_oid_set(minor_status, &mechs);
- krb5_free_principal(context, ret_name);
- *minor_status = (OM_uint32) G_VALIDATE_FAILED;
- krb5_free_context(context);
- return(GSS_S_FAILURE);
- }
if (ret_name != NULL)
*name = (gss_name_t) ret_name;
else
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * lib/gssapi/krb5/naming_exts.c
+ *
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ */
+
+#include <assert.h>
+#include "k5-int.h" /* for zap() */
+#include "gssapiP_krb5.h"
+#include <stdarg.h>
+
+krb5_error_code
+kg_init_name(krb5_context context,
+ krb5_principal principal,
+ krb5_authdata_context ad_context,
+ krb5_flags flags,
+ krb5_gss_name_t *ret_name)
+{
+ krb5_error_code code;
+ krb5_gss_name_t name;
+
+ *ret_name = NULL;
+
+ assert(principal != NULL);
+
+ if (principal == NULL)
+ return EINVAL;
+
+ name = xmalloc(sizeof(krb5_gss_name_rec));
+ if (name == NULL)
+ return ENOMEM;
+
+ memset(name, 0, sizeof(krb5_gss_name_rec));
+
+ code = k5_mutex_init(&name->lock);
+ if (code != 0)
+ goto cleanup;
+
+ if ((flags & KG_INIT_NAME_NO_COPY) == 0) {
+ code = krb5_copy_principal(context, principal, &name->princ);
+ if (code != 0)
+ goto cleanup;
+
+ if (ad_context != NULL) {
+ code = krb5_authdata_context_copy(context,
+ ad_context,
+ &name->ad_context);
+ if (code != 0)
+ goto cleanup;
+ }
+ } else {
+ name->princ = principal;
+ name->ad_context = ad_context;
+ }
+
+ if ((flags & KG_INIT_NAME_INTERN) &&
+ !kg_save_name((gss_name_t)name)) {
+ code = G_VALIDATE_FAILED;
+ goto cleanup;
+ }
+
+ *ret_name = name;
+
+cleanup:
+ if (code != 0)
+ kg_release_name(context, 0, &name);
+
+ return code;
+}
+
+krb5_error_code
+kg_release_name(krb5_context context,
+ krb5_flags flags,
+ krb5_gss_name_t *name)
+{
+ if (*name != NULL) {
+ if (flags & KG_INIT_NAME_INTERN)
+ kg_delete_name((gss_name_t)*name);
+ krb5_free_principal(context, (*name)->princ);
+ krb5_authdata_context_free(context, (*name)->ad_context);
+ k5_mutex_destroy(&(*name)->lock);
+ free(*name);
+ *name = NULL;
+ }
+
+ return 0;
+}
+
+krb5_error_code
+kg_duplicate_name(krb5_context context,
+ const krb5_gss_name_t src,
+ krb5_flags flags,
+ krb5_gss_name_t *dst)
+{
+ krb5_error_code code;
+
+ code = k5_mutex_lock(&src->lock);
+ if (code != 0)
+ return code;
+
+ code = kg_init_name(context, src->princ,
+ src->ad_context, flags, dst);
+
+ k5_mutex_unlock(&src->lock);
+
+ return code;
+}
+
+
+krb5_boolean
+kg_compare_name(krb5_context context,
+ krb5_gss_name_t name1,
+ krb5_gss_name_t name2)
+{
+ return krb5_principal_compare(context, name1->princ, name2->princ);
+}
+
+static OM_uint32
+kg_map_name_error(OM_uint32 *minor_status, krb5_error_code code)
+{
+ OM_uint32 major_status;
+
+ switch (code) {
+ case 0:
+ major_status = GSS_S_COMPLETE;
+ break;
+ case ENOENT:
+ case EPERM:
+ major_status = GSS_S_UNAVAILABLE;
+ break;
+ default:
+ major_status = GSS_S_FAILURE;
+ break;
+ }
+
+ *minor_status = code;
+
+ return major_status;
+}
+
+/* Owns data on success */
+static krb5_error_code
+kg_data_list_to_buffer_set_nocopy(krb5_data **pdata,
+ gss_buffer_set_t *buffer_set)
+{
+ gss_buffer_set_t set;
+ OM_uint32 minor_status;
+ unsigned int i;
+ krb5_data *data;
+
+ data = *pdata;
+
+ if (data == NULL) {
+ if (buffer_set != NULL)
+ *buffer_set = GSS_C_NO_BUFFER_SET;
+ return 0;
+ } else if (buffer_set == NULL)
+ return EINVAL;
+
+ if (GSS_ERROR(gss_create_empty_buffer_set(&minor_status,
+ &set))) {
+ assert(minor_status != 0);
+ return minor_status;
+ }
+
+ for (i = 0; data[i].data != NULL; i++)
+ ;
+
+ set->count = i;
+ set->elements = calloc(i, sizeof(gss_buffer_desc));
+ if (set->elements == NULL) {
+ gss_release_buffer_set(&minor_status, &set);
+ return ENOMEM;
+ }
+
+ for (i = 0; i < set->count; i++) {
+ set->elements[i].length = data[i].length;
+ set->elements[i].value = data[i].data;
+ }
+
+ free(data);
+ *pdata = NULL;
+
+ *buffer_set = set;
+
+ return 0;
+}
+
+OM_uint32
+krb5_gss_inquire_name(OM_uint32 *minor_status,
+ gss_name_t name,
+ int *name_is_MN,
+ gss_OID *MN_mech,
+ gss_buffer_set_t *attrs)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ krb5_data *kattrs = NULL;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ if (attrs != NULL)
+ *attrs = GSS_C_NO_BUFFER_SET;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0)
+ goto cleanup;
+ }
+
+ code = krb5_authdata_get_attribute_types(context,
+ kname->ad_context,
+ &kattrs);
+ if (code != 0)
+ goto cleanup;
+
+ code = kg_data_list_to_buffer_set_nocopy(&kattrs, attrs);
+ if (code != 0)
+ goto cleanup;
+
+cleanup:
+ k5_mutex_unlock(&kname->lock);
+ krb5int_free_data_list(context, kattrs);
+
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+OM_uint32
+krb5_gss_get_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr,
+ int *authenticated,
+ int *complete,
+ gss_buffer_t value,
+ gss_buffer_t display_value,
+ int *more)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ krb5_data kattr;
+ krb5_boolean kauthenticated;
+ krb5_boolean kcomplete;
+ krb5_data kvalue;
+ krb5_data kdisplay_value;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ krb5_free_context(context);
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0) {
+ *minor_status = code;
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+ }
+
+ kattr.data = (char *)attr->value;
+ kattr.length = attr->length;
+
+ kauthenticated = FALSE;
+ kcomplete = FALSE;
+
+ code = krb5_authdata_get_attribute(context,
+ kname->ad_context,
+ &kattr,
+ &kauthenticated,
+ &kcomplete,
+ value ? &kvalue : NULL,
+ display_value ? &kdisplay_value : NULL,
+ more);
+ if (code == 0) {
+ if (value != NULL) {
+ value->value = kvalue.data;
+ value->length = kvalue.length;
+ }
+
+ if (authenticated != NULL)
+ *authenticated = kauthenticated;
+ if (complete != NULL)
+ *complete = kcomplete;
+
+ if (display_value != NULL) {
+ display_value->value = kdisplay_value.data;
+ display_value->length = kdisplay_value.length;
+ }
+ }
+
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+OM_uint32
+krb5_gss_set_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ int complete,
+ gss_buffer_t attr,
+ gss_buffer_t value)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ krb5_data kattr;
+ krb5_data kvalue;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0) {
+ *minor_status = code;
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+ }
+
+ kattr.data = (char *)attr->value;
+ kattr.length = attr->length;
+
+ kvalue.data = (char *)value->value;
+ kvalue.length = value->length;
+
+ code = krb5_authdata_set_attribute(context,
+ kname->ad_context,
+ complete,
+ &kattr,
+ &kvalue);
+
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+OM_uint32
+krb5_gss_delete_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ krb5_data kattr;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0) {
+ *minor_status = code;
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+ }
+
+ kattr.data = (char *)attr->value;
+ kattr.length = attr->length;
+
+ code = krb5_authdata_delete_attribute(context,
+ kname->ad_context,
+ &kattr);
+
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+OM_uint32
+krb5_gss_map_name_to_any(OM_uint32 *minor_status,
+ gss_name_t name,
+ int authenticated,
+ gss_buffer_t type_id,
+ gss_any_t *output)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ char *kmodule;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0) {
+ *minor_status = code;
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+ }
+
+ kmodule = (char *)type_id->value;
+ if (kmodule[type_id->length] != '\0') {
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+
+ code = krb5_authdata_export_internal(context,
+ kname->ad_context,
+ authenticated,
+ kmodule,
+ (void **)output);
+
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+OM_uint32
+krb5_gss_release_any_name_mapping(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t type_id,
+ gss_any_t *input)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ char *kmodule;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (kname->ad_context == NULL) {
+ code = krb5_authdata_context_init(context, &kname->ad_context);
+ if (code != 0) {
+ *minor_status = code;
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+ }
+
+ kmodule = (char *)type_id->value;
+ if (kmodule[type_id->length] != '\0') {
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+ return GSS_S_UNAVAILABLE;
+ }
+
+ code = krb5_authdata_free_internal(context,
+ kname->ad_context,
+ kmodule,
+ *input);
+ if (code == 0)
+ *input = NULL;
+
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+
+}
+
+OM_uint32
+krb5_gss_export_name_composite(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t exp_composite_name)
+{
+ krb5_context context;
+ krb5_error_code code;
+ krb5_gss_name_t kname;
+ krb5_data *attrs = NULL;
+ char *princstr = NULL;
+ unsigned char *cp;
+ size_t princlen;
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ code = krb5_gss_init_context(&context);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (!kg_validate_name(name)) {
+ *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+ krb5_free_context(context);
+ return GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME;
+ }
+
+ kname = (krb5_gss_name_t)name;
+
+ code = k5_mutex_lock(&kname->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ code = krb5_unparse_name(context, kname->princ, &princstr);
+ if (code != 0)
+ goto cleanup;
+
+ princlen = strlen(princstr);
+
+ if (kname->ad_context != NULL) {
+ code = krb5_authdata_export_attributes(context,
+ kname->ad_context,
+ AD_USAGE_MASK,
+ &attrs);
+ if (code != 0)
+ goto cleanup;
+ }
+
+ /* 04 02 OID Name AuthData */
+
+ exp_composite_name->length = 10 + gss_mech_krb5->length + princlen;
+ if (attrs != NULL)
+ exp_composite_name->length += 4 + attrs->length;
+ exp_composite_name->value = malloc(exp_composite_name->length);
+ if (exp_composite_name->value == NULL) {
+ code = ENOMEM;
+ goto cleanup;
+ }
+
+ cp = exp_composite_name->value;
+
+ /* Note: we assume the OID will be less than 128 bytes... */
+ *cp++ = 0x04;
+ if (attrs != NULL)
+ *cp++ = 0x02;
+ else
+ *cp++ = 0x01;
+
+ store_16_be(gss_mech_krb5->length + 2, cp);
+ cp += 2;
+ *cp++ = 0x06;
+ *cp++ = (gss_mech_krb5->length) & 0xFF;
+ memcpy(cp, gss_mech_krb5->elements, gss_mech_krb5->length);
+ cp += gss_mech_krb5->length;
+
+ store_32_be(princlen, cp);
+ cp += 4;
+ memcpy(cp, princstr, princlen);
+ cp += princlen;
+
+ if (attrs != NULL) {
+ store_32_be(attrs->length, cp);
+ cp += 4;
+ memcpy(cp, attrs->data, attrs->length);
+ cp += attrs->length;
+ }
+
+cleanup:
+ krb5_free_unparsed_name(context, princstr);
+ krb5_free_data(context, attrs);
+ k5_mutex_unlock(&kname->lock);
+ krb5_free_context(context);
+
+ return kg_map_name_error(minor_status, code);
+}
+
+#if 0
+OM_uint32
+krb5_gss_display_name_ext(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_OID display_as_name_type,
+ gss_buffer_t display_name)
+{
+}
+#endif
+
code3 = krb5_rc_close(context, cred->rcache);
else
code3 = 0;
- if (cred->princ)
- krb5_free_principal(context, cred->princ);
+ if (cred->name)
+ kg_release_name(context, 0, &cred->name);
if (cred->req_enctypes)
free(cred->req_enctypes);
return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME);
}
- (void)kg_delete_name(*input_name);
-
- krb5_free_principal(context, (krb5_principal) *input_name);
+ kg_release_name(context, KG_INIT_NAME_INTERN,
+ (krb5_gss_name_t *)input_name);
krb5_free_context(context);
*input_name = (gss_name_t) NULL;
static OM_uint32
kg_impersonate_name(OM_uint32 *minor_status,
const krb5_gss_cred_id_t impersonator_cred,
- const krb5_principal user,
+ const krb5_gss_name_t user,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
krb5_gss_cred_id_t *output_cred,
memset(&in_creds, 0, sizeof(in_creds));
memset(&out_creds, 0, sizeof(out_creds));
- in_creds.client = user;
- in_creds.server = impersonator_cred->princ;
+ in_creds.client = user->princ;
+ in_creds.server = impersonator_cred->name->princ;
if (impersonator_cred->req_enctypes != NULL)
in_creds.keyblock.enctype = impersonator_cred->req_enctypes[0];
+ code = k5_mutex_lock(&user->lock);
+ if (code != 0) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+
+ if (user->ad_context != NULL) {
+ code = krb5_authdata_export_authdata(context,
+ user->ad_context,
+ AD_USAGE_TGS_REQ,
+ &in_creds.authdata);
+ if (code != 0) {
+ k5_mutex_unlock(&user->lock);
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
+ }
+
+ k5_mutex_unlock(&user->lock);
+
code = krb5_get_credentials_for_user(context,
KRB5_GC_CANONICALIZE | KRB5_GC_NO_STORE,
impersonator_cred->ccache,
&in_creds,
NULL, &out_creds);
if (code != 0) {
+ krb5_free_authdata(context, in_creds.authdata);
*minor_status = code;
return GSS_S_FAILURE;
}
time_rec,
context);
+ krb5_free_authdata(context, in_creds.authdata);
krb5_free_creds(context, out_creds);
return major_status;
major_status = kg_impersonate_name(minor_status,
(krb5_gss_cred_id_t)impersonator_cred_handle,
- (krb5_principal)desired_name,
+ (krb5_gss_name_t)desired_name,
time_req,
desired_mechs,
&cred,
k5_mutex_assert_locked(&impersonator_cred->lock);
if (!kg_is_initiator_cred(impersonator_cred) ||
- impersonator_cred->princ == NULL ||
+ impersonator_cred->name == NULL ||
impersonator_cred->proxy_cred) {
code = G_BAD_USAGE;
goto cleanup;
}
+ assert(impersonator_cred->name->princ != NULL);
+
assert(subject_creds != NULL);
assert(subject_creds->client != NULL);
cred->tgt_expire = impersonator_cred->tgt_expire;
- code = krb5_copy_principal(context, subject_creds->client, &cred->princ);
+ code = kg_init_name(context, subject_creds->client, NULL, 0, &cred->name);
if (code != 0)
goto cleanup;
goto cleanup;
code = krb5_cc_initialize(context, cred->ccache,
- cred->proxy_cred ? impersonator_cred->princ :
- (krb5_principal)subject_creds->client);
+ cred->proxy_cred ? impersonator_cred->name->princ :
+ subject_creds->client);
if (code != 0)
goto cleanup;
if (GSS_ERROR(major_status) && cred != NULL) {
k5_mutex_destroy(&cred->lock);
- if (cred->ccache != NULL)
- krb5_cc_destroy(context, cred->ccache);
- if (cred->princ != NULL)
- krb5_free_principal(context, cred->princ);
+ krb5_cc_destroy(context, cred->ccache);
+ kg_release_name(context, 0, &cred->name);
xfree(cred);
}
if (!kret && ctx->here)
kret = krb5_size_opaque(kcontext,
KV5M_PRINCIPAL,
- (krb5_pointer) ctx->here,
+ (krb5_pointer) ctx->here->princ,
&required);
if (!kret && ctx->there)
kret = krb5_size_opaque(kcontext,
KV5M_PRINCIPAL,
- (krb5_pointer) ctx->there,
+ (krb5_pointer) ctx->there->princ,
&required);
if (!kret && ctx->subkey)
&required);
}
}
- if (!kret)
+ if (!kret) {
+ krb5_gss_name_t initiator_name;
+
+ initiator_name = ctx->initiate ? ctx->here : ctx->there;
+
+ if (initiator_name) {
+ kret = krb5_size_opaque(kcontext,
+ KV5M_AUTHDATA_CONTEXT,
+ initiator_name->ad_context,
+ &required);
+ }
+ }
*sizep += required;
}
return(kret);
if (!kret && ctx->here)
kret = krb5_externalize_opaque(kcontext,
KV5M_PRINCIPAL,
- (krb5_pointer) ctx->here,
+ (krb5_pointer) ctx->here->princ,
&bp, &remain);
if (!kret && ctx->there)
kret = krb5_externalize_opaque(kcontext,
KV5M_PRINCIPAL,
- (krb5_pointer) ctx->there,
+ (krb5_pointer) ctx->there->princ,
&bp, &remain);
if (!kret && ctx->subkey)
&remain);
}
}
+ /* authdata context */
+ if (!kret) {
+ krb5_gss_name_t initiator_name;
+
+ initiator_name = ctx->initiate ? ctx->here : ctx->there;
+
+ if (initiator_name) {
+ kret = krb5_externalize_opaque(kcontext,
+ KV5M_AUTHDATA_CONTEXT,
+ initiator_name->ad_context,
+ &bp,
+ &remain);
+ }
+ }
/* trailer */
if (!kret)
kret = krb5_ser_pack_int32(KG_CONTEXT, &bp, &remain);
krb5_octet *bp;
size_t remain;
krb5int_access kaccess;
+ krb5_principal princ;
kret = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
if (kret)
bp = *buffer;
remain = *lenremain;
kret = EINVAL;
+ princ = NULL;
/* Read our magic number */
if (krb5_ser_unpack_int32(&ibuf, &bp, &remain))
ibuf = 0;
kret = 0;
}
/* Now get substructure data */
- if ((kret = krb5_internalize_opaque(kcontext,
- KV5M_PRINCIPAL,
- (krb5_pointer *) &ctx->here,
- &bp, &remain))) {
- if (kret == EINVAL)
- kret = 0;
- }
- if (!kret &&
- (kret = krb5_internalize_opaque(kcontext,
- KV5M_PRINCIPAL,
- (krb5_pointer *) &ctx->there,
- &bp, &remain))) {
- if (kret == EINVAL)
+ kret = krb5_internalize_opaque(kcontext,
+ KV5M_PRINCIPAL,
+ (krb5_pointer *) &princ,
+ &bp, &remain);
+ if (kret == 0) {
+ kret = kg_init_name(kcontext, princ, NULL,
+ KG_INIT_NAME_NO_COPY, &ctx->here);
+ if (kret)
+ krb5_free_principal(kcontext, princ);
+ } else if (kret == EINVAL)
+ kret = 0;
+ if (!kret) {
+ kret = krb5_internalize_opaque(kcontext,
+ KV5M_PRINCIPAL,
+ (krb5_pointer *) &princ,
+ &bp, &remain);
+ if (kret == 0) {
+ kret = kg_init_name(kcontext, princ, NULL,
+ KG_INIT_NAME_NO_COPY, &ctx->there);
+ if (kret)
+ krb5_free_principal(kcontext, princ);
+ } else if (kret == EINVAL)
kret = 0;
}
if (!kret &&
}
}
}
+ /* authdata context */
+ if (!kret) {
+ krb5_gss_name_t initiator_name;
+
+ initiator_name = ctx->initiate ? ctx->here : ctx->there;
+ if (initiator_name == NULL) {
+ kret = EINVAL;
+ } else {
+ kret = krb5_internalize_opaque(kcontext,
+ KV5M_AUTHDATA_CONTEXT,
+ (krb5_pointer *)&initiator_name->ad_context,
+ &bp,
+ &remain);
+ }
+ }
/* Get trailer */
if (!kret)
kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
if (ctx->subkey)
krb5_k_free_key(kcontext, ctx->subkey);
if (ctx->there)
- krb5_free_principal(kcontext, ctx->there);
+ kg_release_name(kcontext, 0, &ctx->there);
if (ctx->here)
- krb5_free_principal(kcontext, ctx->here);
+ kg_release_name(kcontext, 0, &ctx->here);
xfree(ctx);
}
}
return(GSS_S_DEFECTIVE_CREDENTIAL);
}
if (!cred->proxy_cred &&
- !krb5_principal_compare(context, princ, cred->princ)) {
+ !krb5_principal_compare(context, princ, cred->name->princ)) {
k5_mutex_unlock(&cred->lock);
*minor_status = KG_CCACHE_NOMATCH;
return(GSS_S_DEFECTIVE_CREDENTIAL);
gss_context_time
gss_create_empty_buffer_set
gss_create_empty_oid_set
+gss_delete_name_attribute
gss_delete_sec_context
gss_display_name
+gss_display_name_ext
gss_display_status
gss_duplicate_name
gss_export_name
+gss_export_name_composite
gss_export_sec_context
gss_get_mic
+gss_get_name_attribute
gss_import_name
gss_import_sec_context
gss_indicate_mechs
gss_krb5int_unseal_token_v3
gsskrb5_extract_authtime_from_sec_context
gsskrb5_extract_authz_data_from_sec_context
+gss_map_name_to_any
gss_mech_krb5
gss_mech_krb5_old
gss_mech_set_krb5
gss_nt_user_name
gss_oid_to_str
gss_process_context_token
+gss_release_any_name_mapping
gss_release_buffer_set
gss_release_buffer
gss_release_cred
gss_release_oid
gss_release_oid_set
gss_seal
+gss_set_name_attribute
gss_set_sec_context_option
gss_sign
gss_str_to_oid
krb5_gss_dbg_client_expcreds
krb5_gss_register_acceptor_identity
krb5_gss_use_kdc_context
+gss_inquire_name
$(srcdir)/g_complete_auth_token.c \
$(srcdir)/g_context_time.c \
$(srcdir)/g_delete_sec_context.c \
+ $(srcdir)/g_del_name_attr.c \
$(srcdir)/g_dsp_name.c \
+ $(srcdir)/g_dsp_name_ext.c \
$(srcdir)/g_dsp_status.c \
$(srcdir)/g_dup_name.c \
$(srcdir)/g_exp_sec_context.c \
$(srcdir)/g_export_name.c \
+ $(srcdir)/g_export_name_comp.c \
+ $(srcdir)/g_get_name_attr.c \
$(srcdir)/g_glue.c \
$(srcdir)/g_imp_name.c \
$(srcdir)/g_imp_sec_context.c \
$(srcdir)/g_inq_context_oid.c \
$(srcdir)/g_inq_cred.c \
$(srcdir)/g_inq_cred_oid.c \
+ $(srcdir)/g_inq_name.c \
$(srcdir)/g_inq_names.c \
+ $(srcdir)/g_map_name_to_any.c \
$(srcdir)/g_mech_invoke.c \
$(srcdir)/g_mechname.c \
$(srcdir)/g_oid_ops.c \
$(srcdir)/g_rel_buffer.c \
$(srcdir)/g_rel_cred.c \
$(srcdir)/g_rel_name.c \
+ $(srcdir)/g_rel_name_mapping.c \
$(srcdir)/g_rel_oid_set.c \
$(srcdir)/g_seal.c \
$(srcdir)/g_set_context_option.c \
$(srcdir)/g_set_cred_option.c \
+ $(srcdir)/g_set_name_attr.c \
$(srcdir)/g_sign.c \
$(srcdir)/g_store_cred.c \
$(srcdir)/g_unseal.c \
$(OUTPRE)g_complete_auth_token.$(OBJEXT) \
$(OUTPRE)g_context_time.$(OBJEXT) \
$(OUTPRE)g_delete_sec_context.$(OBJEXT) \
+ $(OUTPRE)g_del_name_attr.$(OBJEXT) \
$(OUTPRE)g_dsp_name.$(OBJEXT) \
+ $(OUTPRE)g_dsp_name_ext.$(OBJEXT) \
$(OUTPRE)g_dsp_status.$(OBJEXT) \
$(OUTPRE)g_dup_name.$(OBJEXT) \
$(OUTPRE)g_exp_sec_context.$(OBJEXT) \
$(OUTPRE)g_export_name.$(OBJEXT) \
+ $(OUTPRE)g_export_name_comp.$(OBJEXT) \
+ $(OUTPRE)g_get_name_attr.$(OBJEXT) \
$(OUTPRE)g_glue.$(OBJEXT) \
$(OUTPRE)g_imp_name.$(OBJEXT) \
$(OUTPRE)g_imp_sec_context.$(OBJEXT) \
$(OUTPRE)g_inq_context_oid.$(OBJEXT) \
$(OUTPRE)g_inq_cred.$(OBJEXT) \
$(OUTPRE)g_inq_cred_oid.$(OBJEXT) \
+ $(OUTPRE)g_inq_name.$(OBJEXT) \
$(OUTPRE)g_inq_names.$(OBJEXT) \
+ $(OUTPRE)g_map_name_to_any.$(OBJEXT) \
$(OUTPRE)g_mech_invoke.$(OBJEXT) \
$(OUTPRE)g_mechname.$(OBJEXT) \
$(OUTPRE)g_oid_ops.$(OBJEXT) \
$(OUTPRE)g_rel_buffer.$(OBJEXT) \
$(OUTPRE)g_rel_cred.$(OBJEXT) \
$(OUTPRE)g_rel_name.$(OBJEXT) \
+ $(OUTPRE)g_rel_name_mapping.$(OBJEXT) \
$(OUTPRE)g_rel_oid_set.$(OBJEXT) \
$(OUTPRE)g_seal.$(OBJEXT) \
$(OUTPRE)g_set_context_option.$(OBJEXT) \
$(OUTPRE)g_set_cred_option.$(OBJEXT) \
+ $(OUTPRE)g_set_name_attr.$(OBJEXT) \
$(OUTPRE)g_sign.$(OBJEXT) \
$(OUTPRE)g_store_cred.$(OBJEXT) \
$(OUTPRE)g_unseal.$(OBJEXT) \
g_complete_auth_token.o \
g_context_time.o \
g_delete_sec_context.o \
+ g_del_name_attr.o \
g_dsp_name.o \
+ g_dsp_name_ext.o \
g_dsp_status.o \
g_dup_name.o \
g_exp_sec_context.o \
g_export_name.o \
+ g_export_name_comp.o \
+ g_get_name_attr.o \
g_glue.o \
g_imp_name.o \
g_imp_sec_context.o \
g_inq_context_oid.o \
g_inq_cred.o \
g_inq_cred_oid.o \
+ g_inq_name.o \
g_inq_names.o \
+ g_map_name_to_any.o \
g_mech_invoke.o \
g_mechname.o \
g_oid_ops.o \
g_rel_buffer.o \
g_rel_cred.o \
g_rel_name.o \
+ g_rel_name_mapping.o \
g_rel_oid_set.o \
g_seal.o \
g_set_context_option.o \
g_set_cred_option.o \
+ g_set_name_attr.o \
g_sign.o \
g_store_cred.o \
g_unseal.o \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_delete_sec_context.c \
mechglue.h mglueP.h
+g_del_name_attr.so g_del_name_attr.po $(OUTPRE)g_del_name_attr.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_del_name_attr.c mechglue.h \
+ mglueP.h
g_dsp_name.so g_dsp_name.po $(OUTPRE)g_dsp_name.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_dsp_name.c mechglue.h \
mglueP.h
+g_dsp_name_ext.so g_dsp_name_ext.po $(OUTPRE)g_dsp_name_ext.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_dsp_name_ext.c mechglue.h \
+ mglueP.h
g_dsp_status.so g_dsp_status.po $(OUTPRE)g_dsp_status.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_export_name.c mechglue.h \
mglueP.h
+g_export_name_comp.so g_export_name_comp.po $(OUTPRE)g_export_name_comp.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_export_name_comp.c \
+ mechglue.h mglueP.h
+g_get_name_attr.so g_get_name_attr.po $(OUTPRE)g_get_name_attr.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_get_name_attr.c mechglue.h \
+ mglueP.h
g_glue.so g_glue.po $(OUTPRE)g_glue.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- $(srcdir)/../krb5/gssapiP_krb5.h $(srcdir)/../spnego/gssapiP_spnego.h \
- ../generic/gssapi_err_generic.h ../krb5/gssapi_err_krb5.h \
- ../krb5/gssapi_krb5.h g_initialize.c mechglue.h mglueP.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../krb5/gssapiP_krb5.h \
+ $(srcdir)/../spnego/gssapiP_spnego.h ../generic/gssapi_err_generic.h \
+ ../krb5/gssapi_err_krb5.h ../krb5/gssapi_krb5.h g_initialize.c \
+ mechglue.h mglueP.h
g_inq_context.so g_inq_context.po $(OUTPRE)g_inq_context.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_inq_cred_oid.c mechglue.h \
mglueP.h
+g_inq_name.so g_inq_name.po $(OUTPRE)g_inq_name.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_inq_name.c mechglue.h \
+ mglueP.h
g_inq_names.so g_inq_names.po $(OUTPRE)g_inq_names.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_inq_names.c mechglue.h \
mglueP.h
+g_map_name_to_any.so g_map_name_to_any.po $(OUTPRE)g_map_name_to_any.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_map_name_to_any.c \
+ mechglue.h mglueP.h
g_mech_invoke.so g_mech_invoke.po $(OUTPRE)g_mech_invoke.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_rel_name.c mechglue.h \
mglueP.h
+g_rel_name_mapping.so g_rel_name_mapping.po $(OUTPRE)g_rel_name_mapping.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_rel_name_mapping.c \
+ mechglue.h mglueP.h
g_rel_oid_set.so g_rel_oid_set.po $(OUTPRE)g_rel_oid_set.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
$(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
../generic/gssapi_err_generic.h g_set_cred_option.c \
mechglue.h mglueP.h
+g_set_name_attr.so g_set_name_attr.po $(OUTPRE)g_set_name_attr.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(COM_ERR_DEPS) \
+ $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-thread.h $(srcdir)/../generic/gssapiP_generic.h \
+ $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
+ ../generic/gssapi_err_generic.h g_set_name_attr.c mechglue.h \
+ mglueP.h
g_sign.so g_sign.po $(OUTPRE)g_sign.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-platform.h \
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_delete_name_attribute
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_delete_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_delete_name_attribute == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_delete_name_attribute)(minor_status,
+ union_name->mech_name,
+ attr);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
/* #pragma ident "@(#)g_dsp_name.c 1.13 04/02/23 SMI" */
-
/*
* Copyright 1996 by Sun Microsystems, Inc.
- *
+ *
* Permission to use, copy, modify, distribute, and sell this software
* and its documentation for any purpose is hereby granted without fee,
* provided that the above copyright notice appears in all copies and
* without specific, written prior permission. Sun Microsystems makes no
* representations about the suitability of this software for any
* purpose. It is provided "as is" without express or implied warranty.
- *
+ *
* SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
* EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
output_name_buffer,
output_name_type));
}
-
+
/*
* copy the value of the external_name component of the union
* name into the output_name_buffer and point the output_name_type
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 1996 by Sun Microsystems, Inc.
+ *
+ * Permission to use, copy, modify, distribute, and sell this software
+ * and its documentation for any purpose is hereby granted without fee,
+ * provided that the above copyright notice appears in all copies and
+ * that both that copyright notice and this permission notice appear in
+ * supporting documentation, and that the name of Sun Microsystems not be used
+ * in advertising or publicity pertaining to distribution of the software
+ * without specific, written prior permission. Sun Microsystems makes no
+ * representations about the suitability of this software for any
+ * purpose. It is provided "as is" without express or implied warranty.
+ *
+ * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+ * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+ * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * glue routine for gss_display_name_ext()
+ *
+ */
+
+#include "mglueP.h"
+#include <stdio.h>
+#ifdef HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
+#include <string.h>
+
+static OM_uint32
+val_dsp_name_ext_args(
+ OM_uint32 *minor_status,
+ gss_name_t input_name,
+ gss_OID display_as_name_type,
+ gss_buffer_t output_name_buffer)
+{
+
+ /* Initialize outputs. */
+
+ if (minor_status != NULL)
+ *minor_status = 0;
+
+ if (output_name_buffer != GSS_C_NO_BUFFER) {
+ output_name_buffer->length = 0;
+ output_name_buffer->value = NULL;
+ }
+
+ /* Validate arguments. */
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (output_name_buffer == GSS_C_NO_BUFFER)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (input_name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ if (display_as_name_type == GSS_C_NO_OID)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAMETYPE;
+
+ return GSS_S_COMPLETE;
+}
+
+
+OM_uint32 KRB5_CALLCONV
+gss_display_name_ext (OM_uint32 *minor_status,
+ gss_name_t input_name,
+ gss_OID display_as_name_type,
+ gss_buffer_t output_name_buffer)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ status = val_dsp_name_ext_args(minor_status,
+ input_name,
+ display_as_name_type,
+ output_name_buffer);
+ if (status != GSS_S_COMPLETE)
+ return status;
+
+ union_name = (gss_union_name_t) input_name;
+
+ if (union_name->mech_type) {
+ mech = gssint_get_mechanism(union_name->mech_type);
+ if (mech == NULL)
+ status = GSS_S_BAD_NAME;
+ else if (mech->gss_display_name_ext == NULL) {
+ if (mech->gss_display_name != NULL &&
+ g_OID_equal(display_as_name_type, union_name->name_type)) {
+ status = (*mech->gss_display_name)(minor_status,
+ union_name->mech_name,
+ output_name_buffer,
+ NULL);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+ } else
+ status = GSS_S_UNAVAILABLE;
+ } else {
+ status = (*mech->gss_display_name_ext)(minor_status,
+ union_name->mech_name,
+ display_as_name_type,
+ output_name_buffer);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+ }
+ return status;
+ }
+
+ if (!g_OID_equal(display_as_name_type, union_name->name_type))
+ return GSS_S_UNAVAILABLE;
+
+ if ((output_name_buffer->value =
+ malloc(union_name->external_name->length + 1)) == NULL) {
+ return GSS_S_FAILURE;
+ }
+ output_name_buffer->length = union_name->external_name->length;
+ (void) memcpy(output_name_buffer->value,
+ union_name->external_name->value,
+ union_name->external_name->length);
+ ((char *)output_name_buffer->value)[output_name_buffer->length] = '\0';
+
+ return GSS_S_COMPLETE;
+}
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_export_name_composite
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_export_name_composite(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t exp_composite_name)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ if (exp_composite_name == GSS_C_NO_BUFFER)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_export_name_composite == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_export_name_composite)(minor_status,
+ union_name->mech_name,
+ exp_composite_name);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_get_name_attribute
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_get_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr,
+ int *authenticated,
+ int *complete,
+ gss_buffer_t value,
+ gss_buffer_t display_value,
+ int *more)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+ if (attr == GSS_C_NO_BUFFER)
+ return GSS_S_CALL_INACCESSIBLE_READ;
+ if (more == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (authenticated != NULL)
+ *authenticated = 0;
+ if (complete != NULL)
+ *complete = 0;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_get_name_attribute == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_get_name_attribute)(minor_status,
+ union_name->mech_name,
+ attr,
+ authenticated,
+ complete,
+ value,
+ display_value,
+ more);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
* Internal routines to get and release an internal mechanism name
*/
-#include "mglueP.h"
+#if 0
+static OM_uint32
+import_internal_name_composite(OM_uint32 *minor_status,
+ gss_mechanism mech,
+ gss_union_name_t union_name,
+ gss_name_t *internal_name)
+{
+ OM_uint32 status, tmp;
+ gss_mechanism name_mech;
+ gss_buffer_desc composite_name;
+
+ if (mech->gss_import_name == NULL)
+ return (GSS_S_UNAVAILABLE);
+
+ name_mech = gssint_get_mechanism(union_name->mech_type);
+ if (name_mech == NULL)
+ return (GSS_S_BAD_MECH);
+
+ if (name_mech->gss_export_name_composite == NULL)
+ return (GSS_S_UNAVAILABLE);
+
+ composite_name.length = 0;
+ composite_name.value = NULL;
+
+ status = (*name_mech->gss_export_name_composite)(minor_status,
+ union_name->mech_name,
+ &composite_name);
+ if (GSS_ERROR(status))
+ return (status);
+
+ status = (*mech->gss_import_name)(minor_status,
+ &composite_name,
+ gss_nt_exported_name,
+ internal_name);
+
+ gss_release_buffer(&tmp, &composite_name);
+
+ return (status);
+}
+#endif
OM_uint32 gssint_import_internal_name (minor_status, mech_type, union_name,
internal_name)
gss_mechanism mech;
mech = gssint_get_mechanism (mech_type);
- if (mech) {
- if (mech->gss_import_name) {
- status = mech->gss_import_name (
- minor_status,
- union_name->external_name,
- union_name->name_type,
- internal_name);
- if (status != GSS_S_COMPLETE)
- map_error(minor_status, mech);
- } else
- status = GSS_S_UNAVAILABLE;
+ if (mech == NULL)
+ return (GSS_S_BAD_MECH);
- return (status);
+#if 0
+ /* Try composite name, it will preserve any extended attributes */
+ if (union_name->mech_type && union_name->mech_name) {
+ status = import_internal_name_composite(minor_status,
+ mech,
+ union_name,
+ internal_name);
+ if (status == GSS_S_COMPLETE)
+ return (GSS_S_COMPLETE);
}
+#endif
- return (GSS_S_BAD_MECH);
+ if (mech->gss_import_name == NULL)
+ return (GSS_S_UNAVAILABLE);
+
+ status = mech->gss_import_name(minor_status,
+ union_name->external_name,
+ union_name->name_type,
+ internal_name);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return (status);
}
OM_uint32 gssint_export_internal_name(minor_status, mech_type,
/*
* GSS export name constants
*/
-static const char *expNameTokId = "\x04\x01";
static const unsigned int expNameTokIdLen = 2;
static const unsigned int mechOidLenLen = 2;
static const unsigned int nameTypeLenLen = 2;
return (GSS_S_DEFECTIVE_TOKEN);
buf = (unsigned char *)expName.value;
- if (memcmp(expNameTokId, buf, expNameTokIdLen) != 0)
+ if (buf[0] != 0x04)
+ return (GSS_S_DEFECTIVE_TOKEN);
+ if (buf[1] != 0x01 && buf[1] != 0x02)
return (GSS_S_DEFECTIVE_TOKEN);
buf += expNameTokIdLen;
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_unwrap_iov);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_wrap_iov_length);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_complete_auth_token);
- /* New for 1.8 */
+ /* Services4User (introduced in 1.8) */
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_impersonate_name);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_add_cred_impersonate_name);
+ /* Naming extensions (introduced in 1.8) */
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_display_name_ext);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_inquire_name);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_get_name_attribute);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_set_name_attribute);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_delete_name_attribute);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_export_name_composite);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_map_name_to_any);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_release_any_name_mapping);
assert(mech_type != GSS_C_NO_OID);
if (status != GSS_S_COMPLETE)
map_error(minor_status, mech);
} else
- status = GSS_S_BAD_MECH;
+ status = GSS_S_UNAVAILABLE;
return status;
}
- return GSS_S_NO_CONTEXT;
+ return GSS_S_BAD_MECH;
}
return status;
}
- status = GSS_S_BAD_MECH;
+ status = GSS_S_UNAVAILABLE;
for (i = 0; i < union_cred->count; i++) {
mech = gssint_get_mechanism(&union_cred->mechs_array[i]);
- if (mech == NULL)
- continue;
+ if (mech == NULL) {
+ status = GSS_S_BAD_MECH;
+ break;
+ }
- if (mech->gss_inquire_cred_by_oid == NULL)
+ if (mech->gss_inquire_cred_by_oid == NULL) {
+ status = GSS_S_UNAVAILABLE;
continue;
+ }
status = (mech->gss_inquire_cred_by_oid)(minor_status,
union_cred->cred_array[i],
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_inquire_name
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_inquire_name(OM_uint32 *minor_status,
+ gss_name_t name,
+ int *name_is_MN,
+ gss_OID *MN_mech,
+ gss_buffer_set_t *attrs)
+{
+ OM_uint32 status, tmp;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ if (MN_mech != NULL)
+ *MN_mech = GSS_C_NO_OID;
+
+ if (attrs != NULL)
+ *attrs = GSS_C_NO_BUFFER_SET;
+
+ *minor_status = 0;
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID) {
+ /* We don't yet support non-mechanism attributes */
+ if (name_is_MN != NULL)
+ name_is_MN = 0;
+ *minor_status = 0;
+ return GSS_S_COMPLETE;
+ }
+
+ if (name_is_MN != NULL)
+ *name_is_MN = 1;
+
+ if (MN_mech != NULL) {
+ status = generic_gss_copy_oid(minor_status,
+ union_name->mech_type,
+ MN_mech);
+ if (GSS_ERROR(status))
+ return status;
+ }
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL) {
+ gss_release_oid(&tmp, MN_mech);
+ return GSS_S_BAD_NAME;
+ }
+
+ if (mech->gss_inquire_name == NULL) {
+ gss_release_oid(&tmp, MN_mech);
+ return GSS_S_UNAVAILABLE;
+ }
+
+ status = (*mech->gss_inquire_name)(minor_status,
+ union_name->mech_name,
+ NULL,
+ NULL,
+ attrs);
+ if (status != GSS_S_COMPLETE) {
+ generic_gss_release_oid(&tmp, MN_mech);
+ map_error(minor_status, mech);
+ }
+
+ return status;
+}
+
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_map_name_to_any
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_map_name_to_any(OM_uint32 *minor_status,
+ gss_name_t name,
+ int authenticated,
+ gss_buffer_t type_id,
+ gss_any_t *output)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ if (type_id == GSS_C_NO_BUFFER)
+ return GSS_S_CALL_INACCESSIBLE_READ;
+
+ if (output == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_map_name_to_any == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_map_name_to_any)(minor_status,
+ union_name->mech_name,
+ authenticated,
+ type_id,
+ output);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_release_any_name_mapping
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_release_any_name_mapping(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t type_id,
+ gss_any_t *input)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ if (type_id == GSS_C_NO_BUFFER)
+ return GSS_S_CALL_INACCESSIBLE_READ;
+
+ if (input == NULL)
+ return GSS_S_CALL_INACCESSIBLE_READ;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_release_any_name_mapping == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_release_any_name_mapping)(minor_status,
+ union_name->mech_name,
+ type_id,
+ input);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
mech = gssint_get_mechanism (ctx->mech_type);
}
- if (mech == NULL || mech->gss_set_sec_context_option == NULL) {
+ if (mech == NULL)
return GSS_S_BAD_MECH;
- }
+ if (mech->gss_set_sec_context_option == NULL)
+ return GSS_S_UNAVAILABLE;
status = mech->gss_set_sec_context_option(minor_status,
ctx ? &ctx->internal_ctx_id :
union_cred = (gss_union_cred_t) cred_handle;
- status = GSS_S_BAD_MECH;
+ status = GSS_S_UNAVAILABLE;
for (i = 0; i < union_cred->count; i++) {
mech = gssint_get_mechanism(&union_cred->mechs_array[i]);
- if (mech == NULL)
- continue;
+ if (mech == NULL) {
+ status = GSS_S_BAD_MECH;
+ break;
+ }
- if (mech->gssspi_set_cred_option == NULL)
+ if (mech->gssspi_set_cred_option == NULL) {
+ status = GSS_S_UNAVAILABLE;
continue;
+ }
status = (mech->gssspi_set_cred_option)(minor_status,
union_cred->cred_array[i],
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * glue routine for gss_set_name_attribute
+ */
+
+#include "mglueP.h"
+
+OM_uint32 KRB5_CALLCONV
+gss_set_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ int complete,
+ gss_buffer_t attr,
+ gss_buffer_t value)
+{
+ OM_uint32 status;
+ gss_union_name_t union_name;
+ gss_mechanism mech;
+
+ if (minor_status == NULL)
+ return GSS_S_CALL_INACCESSIBLE_WRITE;
+
+ if (name == GSS_C_NO_NAME)
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+
+ *minor_status = 0;
+
+ union_name = (gss_union_name_t)name;
+
+ if (union_name->mech_type == GSS_C_NO_OID)
+ return GSS_S_UNAVAILABLE;
+
+ mech = gssint_get_mechanism(name->mech_type);
+ if (mech == NULL)
+ return GSS_S_BAD_NAME;
+
+ if (mech->gss_set_name_attribute == NULL)
+ return GSS_S_UNAVAILABLE;
+
+ status = (*mech->gss_set_name_attribute)(minor_status,
+ union_name->mech_name,
+ complete,
+ attr,
+ value);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
+
+ return status;
+}
+
OM_uint32 * /* acceptor_time_rec */
/* */);
+ OM_uint32 (*gss_display_name_ext)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_OID, /* display_as_name_type */
+ gss_buffer_t /* display_name */
+ /* */);
+
+ OM_uint32 (*gss_inquire_name)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int *, /* name_is_MN */
+ gss_OID *, /* MN_mech */
+ gss_buffer_set_t * /* attrs */
+ /* */);
+
+ OM_uint32 (*gss_get_name_attribute)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t, /* attr */
+ int *, /* authenticated */
+ int *, /* complete */
+ gss_buffer_t, /* value */
+ gss_buffer_t, /* display_value */
+ int * /* more */
+ /* */);
+
+ OM_uint32 (*gss_set_name_attribute)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int, /* complete */
+ gss_buffer_t, /* attr */
+ gss_buffer_t /* value */
+ /* */);
+
+ OM_uint32 (*gss_delete_name_attribute)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t /* attr */
+ /* */);
+
+ OM_uint32 (*gss_export_name_composite)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t /* exp_composite_name */
+ /* */);
+
+ OM_uint32 (*gss_map_name_to_any)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ int, /* authenticated */
+ gss_buffer_t, /* type_id */
+ gss_any_t * /* output */
+ /* */);
+
+ OM_uint32 (*gss_release_any_name_mapping)
+ (
+ OM_uint32 *, /* minor_status */
+ gss_name_t, /* name */
+ gss_buffer_t, /* type_id */
+ gss_any_t * /* input */
+ /* */);
+
} *gss_mechanism;
/* This structure MUST NOT be used by any code outside libgss */
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_ext.h $(srcdir)/../generic/gssapi_generic.h \
- $(srcdir)/../mechglue/mechglue.h $(srcdir)/../mechglue/mglueP.h \
- ../generic/gssapi_err_generic.h gssapiP_spnego.h spnego_mech.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../generic/gssapiP_generic.h $(srcdir)/../generic/gssapi_ext.h \
+ $(srcdir)/../generic/gssapi_generic.h $(srcdir)/../mechglue/mechglue.h \
+ $(srcdir)/../mechglue/mglueP.h ../generic/gssapi_err_generic.h \
+ gssapiP_spnego.h spnego_mech.c
gss_OID_set *, /* actual_mechs */
OM_uint32 *); /* time_rec */
+OM_uint32
+spnego_gss_display_name_ext
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_OID display_as_name_type,
+ gss_buffer_t display_name
+);
+
+OM_uint32
+spnego_gss_inquire_name
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ int *name_is_MN,
+ gss_OID *MN_mech,
+ gss_buffer_set_t *attrs
+);
+
+OM_uint32
+spnego_gss_get_name_attribute
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr,
+ int *authenticated,
+ int *complete,
+ gss_buffer_t value,
+ gss_buffer_t display_value,
+ int *more
+);
+
+OM_uint32
+spnego_gss_set_name_attribute
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ int complete,
+ gss_buffer_t attr,
+ gss_buffer_t value
+);
+
+OM_uint32
+spnego_gss_delete_name_attribute
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr
+);
+
+OM_uint32
+spnego_gss_export_name_composite
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t exp_composite_name
+);
+
+OM_uint32
+spnego_gss_map_name_to_any
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ int authenticated,
+ gss_buffer_t type_id,
+ gss_any_t *output
+);
+
+OM_uint32
+spnego_gss_release_any_name_mapping
+(
+ OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t type_id,
+ gss_any_t *input
+);
+
#ifdef __cplusplus
}
#endif
spnego_gss_complete_auth_token,
spnego_gss_acquire_cred_impersonate_name,
NULL, /* gss_add_cred_impersonate_name */
+ spnego_gss_display_name_ext,
+ spnego_gss_inquire_name,
+ spnego_gss_get_name_attribute,
+ spnego_gss_set_name_attribute,
+ spnego_gss_delete_name_attribute,
+ spnego_gss_export_name_composite,
+ spnego_gss_map_name_to_any,
+ spnego_gss_release_any_name_mapping,
};
#ifdef _GSS_STATIC_LINK
return (status);
}
+OM_uint32
+spnego_gss_display_name_ext(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_OID display_as_name_type,
+ gss_buffer_t display_name)
+{
+ OM_uint32 ret;
+ ret = gss_display_name_ext(minor_status,
+ name,
+ display_as_name_type,
+ display_name);
+ return (ret);
+}
+
+
+OM_uint32
+spnego_gss_inquire_name(OM_uint32 *minor_status,
+ gss_name_t name,
+ int *name_is_MN,
+ gss_OID *MN_mech,
+ gss_buffer_set_t *attrs)
+{
+ OM_uint32 ret;
+ ret = gss_inquire_name(minor_status,
+ name,
+ name_is_MN,
+ MN_mech,
+ attrs);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_get_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr,
+ int *authenticated,
+ int *complete,
+ gss_buffer_t value,
+ gss_buffer_t display_value,
+ int *more)
+{
+ OM_uint32 ret;
+ ret = gss_get_name_attribute(minor_status,
+ name,
+ attr,
+ authenticated,
+ complete,
+ value,
+ display_value,
+ more);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_set_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ int complete,
+ gss_buffer_t attr,
+ gss_buffer_t value)
+{
+ OM_uint32 ret;
+ ret = gss_set_name_attribute(minor_status,
+ name,
+ complete,
+ attr,
+ value);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_delete_name_attribute(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t attr)
+{
+ OM_uint32 ret;
+ ret = gss_delete_name_attribute(minor_status,
+ name,
+ attr);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_export_name_composite(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t exp_composite_name)
+{
+ OM_uint32 ret;
+ ret = gss_export_name_composite(minor_status,
+ name,
+ exp_composite_name);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_map_name_to_any(OM_uint32 *minor_status,
+ gss_name_t name,
+ int authenticated,
+ gss_buffer_t type_id,
+ gss_any_t *output)
+{
+ OM_uint32 ret;
+ ret = gss_map_name_to_any(minor_status,
+ name,
+ authenticated,
+ type_id,
+ output);
+ return (ret);
+}
+
+OM_uint32
+spnego_gss_release_any_name_mapping(OM_uint32 *minor_status,
+ gss_name_t name,
+ gss_buffer_t type_id,
+ gss_any_t *input)
+{
+ OM_uint32 ret;
+ ret = gss_release_any_name_mapping(minor_status,
+ name,
+ type_id,
+ input);
+ return (ret);
+}
+
/*
* We will release everything but the ctx_handle so that it
* can be passed back to init/accept context. This routine should
+++ /dev/null
-/*
- * Data Types for policy and principal information that
- * exists in the respective databases.
- *
- * $Header$
- *
- * This file was originally created with rpcgen.
- * It has been hacked up since then.
- */
-
-#ifndef __ADB_H__
-#define __ADB_H__
-#include <sys/types.h>
-#include <gssrpc/types.h>
-#include "k5-int.h"
-#include <kdb.h>
-#include <db.h>
-#include <kadm5/admin.h>
-#include <kadm5/adb_err.h>
-#include <com_err.h>
-
-typedef long osa_adb_ret_t;
-
-#define OSA_ADB_POLICY_DB_MAGIC 0x12345A00
-#define OSA_ADB_PRINC_DB_MAGIC 0x12345B00
-
-#define OSA_ADB_SHARED 0x7001
-#define OSA_ADB_EXCLUSIVE 0x7002
-#define OSA_ADB_PERMANENT 0x7003
-
-#define OSA_ADB_PRINC_VERSION_MASK 0x12345C00
-#define OSA_ADB_PRINC_VERSION_1 0x12345C01
-#define OSA_ADB_POLICY_VERSION_MASK 0x12345D00
-#define OSA_ADB_POLICY_VERSION_1 0x12345D01
-
-typedef struct _osa_adb_db_lock_ent_t {
- FILE *lockfile;
- char *filename;
- int refcnt, lockmode, lockcnt;
- krb5_context context;
-} osa_adb_lock_ent, *osa_adb_lock_t;
-
-typedef struct _osa_adb_db_ent_t {
- int magic;
- DB *db;
- HASHINFO info;
- BTREEINFO btinfo;
- char *filename;
- osa_adb_lock_t lock;
- int opencnt;
-} osa_adb_db_ent, *osa_adb_db_t, *osa_adb_princ_t, *osa_adb_policy_t;
-
-/* an osa_pw_hist_ent stores all the key_datas for a single password */
-typedef struct _osa_pw_hist_t {
- int n_key_data;
- krb5_key_data *key_data;
-} osa_pw_hist_ent, *osa_pw_hist_t;
-
-typedef struct _osa_princ_ent_t {
- int version;
- char *policy;
- long aux_attributes;
- unsigned int old_key_len;
- unsigned int old_key_next;
- krb5_kvno admin_history_kvno;
- osa_pw_hist_ent *old_keys;
-} osa_princ_ent_rec, *osa_princ_ent_t;
-
-typedef struct _osa_policy_ent_t {
- int version;
- char *name;
- uint32_t pw_min_life;
- uint32_t pw_max_life;
- uint32_t pw_min_length;
- uint32_t pw_min_classes;
- uint32_t pw_history_num;
- uint32_t policy_refcnt;
-} osa_policy_ent_rec, *osa_policy_ent_t;
-
-typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t);
-
-
-/*
- * Return Code (the rest are in adb_err.h)
- */
-
-#define OSA_ADB_OK 0
-
-/*
- * xdr functions
- */
-bool_t xdr_osa_princ_ent_rec(XDR *xdrs, osa_princ_ent_t objp);
-bool_t xdr_osa_policy_ent_rec(XDR *xdrs, osa_policy_ent_t objp);
-bool_t xdr_osa_pw_hist_ent(XDR *xdrs, osa_pw_hist_ent *objp);
-bool_t xdr_krb5_key_data(XDR *xdrs, krb5_key_data *objp);
-
-/*
- * Functions
- */
-
-osa_adb_ret_t osa_adb_create_db(char *filename, char *lockfile, int magic);
-osa_adb_ret_t osa_adb_destroy_db(char *filename, char *lockfile, int magic);
-osa_adb_ret_t osa_adb_rename_db(char *filefrom, char *lockfrom,
- char *fileto, char *lockto, int magic);
-osa_adb_ret_t osa_adb_rename_policy_db(kadm5_config_params *fromparams,
- kadm5_config_params *toparams);
-osa_adb_ret_t osa_adb_init_db(osa_adb_db_t *dbp, char *filename,
- char *lockfile, int magic);
-osa_adb_ret_t osa_adb_fini_db(osa_adb_db_t db, int magic);
-osa_adb_ret_t osa_adb_get_lock(osa_adb_db_t db, int mode);
-osa_adb_ret_t osa_adb_release_lock(osa_adb_db_t db);
-osa_adb_ret_t osa_adb_open_and_lock(osa_adb_princ_t db, int locktype);
-osa_adb_ret_t osa_adb_close_and_unlock(osa_adb_princ_t db);
-
-osa_adb_ret_t osa_adb_create_policy_db(kadm5_config_params *params);
-osa_adb_ret_t osa_adb_destroy_policy_db(kadm5_config_params *params);
-osa_adb_ret_t osa_adb_open_policy(osa_adb_policy_t *db,
- kadm5_config_params *rparams);
-osa_adb_ret_t osa_adb_close_policy(osa_adb_policy_t db);
-osa_adb_ret_t osa_adb_create_policy(osa_adb_policy_t db,
- osa_policy_ent_t entry);
-osa_adb_ret_t osa_adb_destroy_policy(osa_adb_policy_t db,
- kadm5_policy_t name);
-osa_adb_ret_t osa_adb_get_policy(osa_adb_policy_t db,
- kadm5_policy_t name,
- osa_policy_ent_t *entry);
-osa_adb_ret_t osa_adb_put_policy(osa_adb_policy_t db,
- osa_policy_ent_t entry);
-osa_adb_ret_t osa_adb_iter_policy(osa_adb_policy_t db,
- osa_adb_iter_policy_func func,
- void * data);
-void osa_free_policy_ent(osa_policy_ent_t val);
-void osa_free_princ_ent(osa_princ_ent_t val);
-#endif /* __ADB_H__ */
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h client_init.c client_internal.h
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ client_init.c client_internal.h
clnt_privs.so clnt_privs.po $(OUTPRE)clnt_privs.$(OBJEXT): \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h alt_prof.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ alt_prof.c
str_conv.so str_conv.po $(OUTPRE)str_conv.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h admin_internal.h str_conv.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ admin_internal.h str_conv.c
logger.so logger.po $(OUTPRE)logger.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/adm_proto.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h logger.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ logger.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h server_acl.c server_acl.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ server_acl.c server_acl.h
server_kdb.so server_kdb.po $(OUTPRE)server_kdb.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h server_kdb.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ server_kdb.c
server_misc.so server_misc.po $(OUTPRE)server_misc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h server_misc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ server_misc.c
server_init.so server_init.po $(OUTPRE)server_init.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssrpc/types.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../../gssapi/generic/gssapiP_generic.h \
- $(srcdir)/../../gssapi/generic/gssapi_ext.h $(srcdir)/../../gssapi/generic/gssapi_generic.h \
- $(srcdir)/../../gssapi/krb5/gssapiP_krb5.h server_init.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../../gssapi/generic/gssapiP_generic.h $(srcdir)/../../gssapi/generic/gssapi_ext.h \
+ $(srcdir)/../../gssapi/generic/gssapi_generic.h $(srcdir)/../../gssapi/krb5/gssapiP_krb5.h \
+ server_init.c
server_dict.so server_dict.po $(OUTPRE)server_dict.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h setkey-test.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ setkey-test.c
$(OUTPRE)randkey-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h adb_err.h kdb5.c kdb5.h \
- kdb5int.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ adb_err.h kdb5.c kdb5.h kdb5int.h
encrypt_key.so encrypt_key.po $(OUTPRE)encrypt_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h encrypt_key.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ encrypt_key.c
decrypt_key.so decrypt_key.po $(OUTPRE)decrypt_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h decrypt_key.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ decrypt_key.c
kdb_default.so kdb_default.po $(OUTPRE)kdb_default.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb_default.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb_default.c
kdb_cpw.so kdb_cpw.po $(OUTPRE)kdb_cpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb_cpw.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb_cpw.c
adb_err.so adb_err.po $(OUTPRE)adb_err.$(OBJEXT): $(COM_ERR_DEPS) \
adb_err.c
iprop_xdr.so iprop_xdr.po $(OUTPRE)iprop_xdr.$(OBJEXT): \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb_convert.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb_convert.c
kdb_log.so kdb_log.po $(OUTPRE)kdb_log.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb5.h kdb5int.h kdb_log.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb5.h kdb5int.h kdb_log.c
keytab.so keytab.po $(OUTPRE)keytab.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_kt.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- keytab.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h keytab.c
krb5_free_last_req(NULL, val->last_req);
krb5_free_principal(NULL, val->server);
krb5_free_addresses(NULL, val->caddrs);
+ krb5_free_pa_data(NULL, val->enc_padata);
val->session = NULL;
val->last_req = NULL;
val->server = NULL;
decode_ptr( krb5_fast_finished *, asn1_decode_fast_finished);
}
-
+asn1_error_code asn1_decode_ad_kdcissued
+(asn1buf *buf, krb5_ad_kdcissued *val)
+{
+ setup();
+ val->ad_checksum.contents = NULL;
+ val->i_principal = NULL;
+ val->elements = NULL;
+ {begin_structure();
+ get_field(val->ad_checksum, 0, asn1_decode_checksum);
+ if (tagnum == 1) {
+ alloc_principal(val->i_principal);
+ opt_field(val->i_principal, 1, asn1_decode_realm, 0);
+ opt_field(val->i_principal, 2, asn1_decode_principal_name, 0);
+ }
+ get_field(val->elements, 3, asn1_decode_authorization_data);
+ end_structure();
+ }
+ return 0;
+error_out:
+ krb5_free_checksum_contents(NULL, &val->ad_checksum);
+ krb5_free_principal(NULL, val->i_principal);
+ krb5_free_authdata(NULL, val->elements);
+ return retval;
+}
+
#ifndef DISABLE_PKINIT
/* PKINIT */
asn1_error_code asn1_decode_fast_finished_ptr
(asn1buf *buf, krb5_fast_finished **val);
+asn1_error_code asn1_decode_ad_kdcissued
+(asn1buf *buf, krb5_ad_kdcissued *val);
+
+asn1_error_code asn1_decode_ad_kdcissued_ptr
+(asn1buf *buf, krb5_ad_kdcissued **val);
+
#endif
DEFFIELDTYPE(pa_fx_fast_reply, krb5_enc_data,
FIELDOF_ENCODEAS(krb5_enc_data, fast_rep, 0));
+static const struct field_info ad_kdcissued_fields[] = {
+ FIELDOF_NORM(krb5_ad_kdcissued, checksum, ad_checksum, 0),
+ FIELDOF_OPT(krb5_ad_kdcissued, realm_of_principal, i_principal, 1, 1),
+ FIELDOF_OPT(krb5_ad_kdcissued, principal, i_principal, 2, 1),
+ FIELDOF_NORM(krb5_ad_kdcissued, auth_data_ptr, elements, 3),
+};
+
+static unsigned int ad_kdcissued_optional(const void *p)
+{
+ unsigned int optional = 0;
+ const krb5_ad_kdcissued *val = p;
+ if (val->i_principal)
+ optional |= (1u << 1);
+ return optional;
+}
+
+DEFSEQTYPE(ad_kdc_issued, krb5_ad_kdcissued, ad_kdcissued_fields, ad_kdcissued_optional);
MAKE_FULL_ENCODER( encode_krb5_pa_fx_fast_reply, pa_fx_fast_reply);
MAKE_FULL_ENCODER(encode_krb5_fast_response, fast_response);
-
+MAKE_FULL_ENCODER(encode_krb5_ad_kdcissued, ad_kdc_issued);
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_decode.c asn1_decode.h \
- asn1_get.h asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_decode.c asn1_decode.h asn1_get.h asn1buf.h krbasn1.h
asn1_k_decode.so asn1_k_decode.po $(OUTPRE)asn1_k_decode.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_decode.h asn1_get.h \
- asn1_k_decode.c asn1_k_decode.h asn1_misc.h asn1buf.h \
- krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_decode.h asn1_get.h asn1_k_decode.c asn1_k_decode.h \
+ asn1_misc.h asn1buf.h krbasn1.h
asn1_encode.so asn1_encode.po $(OUTPRE)asn1_encode.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_encode.c asn1_encode.h \
- asn1_make.h asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_encode.c asn1_encode.h asn1_make.h asn1buf.h krbasn1.h
asn1_get.so asn1_get.po $(OUTPRE)asn1_get.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_get.c asn1_get.h \
- asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_get.c asn1_get.h asn1buf.h krbasn1.h
asn1_make.so asn1_make.po $(OUTPRE)asn1_make.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_make.c asn1_make.h \
- asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_make.c asn1_make.h asn1buf.h krbasn1.h
asn1buf.so asn1buf.po $(OUTPRE)asn1buf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- asn1_get.h asn1buf.c asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h asn1_get.h asn1buf.c \
+ asn1buf.h krbasn1.h
krb5_decode.so krb5_decode.po $(OUTPRE)krb5_decode.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_decode.h asn1_get.h \
- asn1_k_decode.h asn1buf.h krb5_decode.c krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_decode.h asn1_get.h asn1_k_decode.h asn1buf.h \
+ krb5_decode.c krbasn1.h
krb5_encode.so krb5_encode.po $(OUTPRE)krb5_encode.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_encode.h asn1_k_encode.h \
- asn1_make.h asn1buf.h krb5_encode.c krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_encode.h asn1_k_encode.h asn1_make.h asn1buf.h \
+ krb5_encode.c krbasn1.h
asn1_k_encode.so asn1_k_encode.po $(OUTPRE)asn1_k_encode.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_encode.h asn1_k_encode.c \
- asn1_k_encode.h asn1_make.h asn1buf.h krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_encode.h asn1_k_encode.c asn1_k_encode.h asn1_make.h \
+ asn1buf.h krbasn1.h
ldap_key_seq.so ldap_key_seq.po $(OUTPRE)ldap_key_seq.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_decode.h asn1_encode.h \
- asn1_get.h asn1_k_encode.h asn1_make.h asn1buf.h krbasn1.h \
- ldap_key_seq.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_decode.h asn1_encode.h asn1_get.h asn1_k_encode.h \
+ asn1_make.h asn1buf.h krbasn1.h ldap_key_seq.c
asn1_misc.so asn1_misc.po $(OUTPRE)asn1_misc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h asn1_misc.c asn1_misc.h \
- krbasn1.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ asn1_misc.c asn1_misc.h krbasn1.h
cleanup(free);
}
+krb5_error_code decode_krb5_ad_kdcissued
+(const krb5_data *code, krb5_ad_kdcissued **repptr)
+{
+ setup_buf_only(krb5_ad_kdcissued *);
+ alloc_field(rep);
+
+ retval = asn1_decode_ad_kdcissued(&buf, rep);
+ if (retval) clean_return(retval);
+
+ cleanup(free);
+}
#ifndef DISABLE_PKINIT
krb5_error_code
{
krb5_error_code kret;
krb5_int32 int32;
- krb5_ui_2 ui2;
+ krb5_int16 ui2; /* negative authorization data types are allowed */
k5_cc_mutex_assert_locked(context, &((krb5_fcc_data *) id->data)->lock);
a->magic = KV5M_AUTHDATA;
a->contents = NULL;
- kret = krb5_fcc_read_ui_2(context, id, &ui2);
+ kret = krb5_fcc_read_ui_2(context, id, (krb5_ui_2 *)&ui2);
CHECK(kret);
a->ad_type = (krb5_authdatatype)ui2;
kret = krb5_fcc_read_int32(context, id, &int32);
krb5_principal s1, s2;
/* remove any dups */
- krb5_cc_remove_cred(context, cache, 0, creds);
+ krb5_cc_remove_cred(context, cache, KRB5_TC_MATCH_AUTHDATA, creds);
ret = cache->ops->store(context, cache, creds);
if (ret) return ret;
if (!krb5_principal_compare(context, s1, s2)) {
creds->server = s2;
/* remove any dups */
- krb5_cc_remove_cred(context, cache, 0, creds);
+ krb5_cc_remove_cred(context, cache, KRB5_TC_MATCH_AUTHDATA, creds);
ret = cache->ops->store(context, cache, creds);
creds->server = s1;
}
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- cc-int.h ccbase.c fcc.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h cc-int.h ccbase.c \
+ fcc.h
cccopy.so cccopy.po $(OUTPRE)cccopy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- cccopy.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h cccopy.c
cccursor.so cccursor.po $(OUTPRE)cccursor.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cc-int.h cccursor.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cc-int.h cccursor.c
ccdefault.so ccdefault.po $(OUTPRE)ccdefault.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ccdefault.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ccdefault.c
ccdefops.so ccdefops.po $(OUTPRE)ccdefops.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ccdefops.c fcc.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ccdefops.c fcc.h
cc_retr.so cc_retr.po $(OUTPRE)cc_retr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- cc-int.h cc_retr.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h cc-int.h cc_retr.c
cc_file.so cc_file.po $(OUTPRE)cc_file.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- cc-int.h cc_file.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h cc-int.h cc_file.c
cc_memory.so cc_memory.po $(OUTPRE)cc_memory.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cc-int.h cc_memory.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cc-int.h cc_memory.c
cc_keyring.so cc_keyring.po $(OUTPRE)cc_keyring.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cc-int.h cc_keyring.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cc-int.h cc_keyring.c
ccfns.so ccfns.po $(OUTPRE)ccfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ccfns.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ccfns.c
ser_cc.so ser_cc.po $(OUTPRE)ser_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ser_cc.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ser_cc.c
t_cc.so t_cc.po $(OUTPRE)t_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- t_cc.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h t_cc.c
t_cccursor.so t_cccursor.po $(OUTPRE)t_cccursor.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h t_cccursor.c
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/ccache/cc-int.h \
- $(srcdir)/keytab/kt-int.h $(srcdir)/os/os-proto.h $(srcdir)/rcache/rc-int.h \
- krb5_libinit.c krb5_libinit.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/ccache/cc-int.h $(srcdir)/keytab/kt-int.h \
+ $(srcdir)/os/os-proto.h $(srcdir)/rcache/rc-int.h krb5_libinit.c \
+ krb5_libinit.h
error_code KRB5_RC_TYPE_NOTFOUND, "Replay cache type is unknown"
error_code KRB5_RC_UNKNOWN, "Generic unknown RC error"
error_code KRB5_RC_REPLAY, "Message is a replay"
-error_code KRB5_RC_IO, "Replay I/O operation failed XXX"
+error_code KRB5_RC_IO, "Replay cache I/O operation failed"
error_code KRB5_RC_NOIO, "Replay cache type does not support non-volatile storage"
error_code KRB5_RC_PARSE, "Replay cache name parse/format error"
error_code KV5M_FAST_ARMORED_REQ, "Bad magic number for fast armored request"
error_code KV5M_FAST_REQ, "Bad magic number for FAST request"
error_code KV5M_FAST_RESPONSE, "Bad magic number for FAST response"
+error_code KV5M_AUTHDATA_CONTEXT, "Bad magic number for krb5_authdata_context"
end
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ktadd.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ktadd.c
ktbase.so ktbase.po $(OUTPRE)ktbase.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kt-int.h ktbase.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kt-int.h ktbase.c
ktdefault.so ktdefault.po $(OUTPRE)ktdefault.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ktdefault.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ktdefault.c
ktfr_entry.so ktfr_entry.po $(OUTPRE)ktfr_entry.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ktfr_entry.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ktfr_entry.c
ktremove.so ktremove.po $(OUTPRE)ktremove.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ktremove.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ktremove.c
ktfns.so ktfns.po $(OUTPRE)ktfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ktfns.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ktfns.c
kt_file.so kt_file.po $(OUTPRE)kt_file.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kt_file.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kt_file.c
kt_memory.so kt_memory.po $(OUTPRE)kt_memory.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kt-int.h kt_memory.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kt-int.h kt_memory.c
kt_srvtab.so kt_srvtab.po $(OUTPRE)kt_srvtab.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kt_srvtab.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kt_srvtab.c
read_servi.so read_servi.po $(OUTPRE)read_servi.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h read_servi.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ read_servi.c
t_keytab.so t_keytab.po $(OUTPRE)t_keytab.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h t_keytab.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ t_keytab.c
addr_srch.o \
appdefault.o \
auth_con.o \
+ authdata.o \
bld_pr_ext.o \
bld_princ.o \
chk_trans.o \
$(OUTPRE)addr_srch.$(OBJEXT) \
$(OUTPRE)appdefault.$(OBJEXT) \
$(OUTPRE)auth_con.$(OBJEXT) \
+ $(OUTPRE)authdata.$(OBJEXT) \
$(OUTPRE)bld_pr_ext.$(OBJEXT) \
$(OUTPRE)bld_princ.$(OBJEXT) \
$(OUTPRE)chk_trans.$(OBJEXT) \
$(srcdir)/addr_srch.c \
$(srcdir)/appdefault.c \
$(srcdir)/auth_con.c \
+ $(srcdir)/authdata.c \
$(srcdir)/bld_pr_ext.c \
$(srcdir)/bld_princ.c \
$(srcdir)/brand.c \
T_KERB_OBJS= t_kerb.o conv_princ.o unparse.o set_realm.o str_conv.o
T_SER_OBJS= t_ser.o ser_actx.o ser_adata.o ser_addr.o ser_auth.o ser_cksum.o \
- ser_ctx.o ser_key.o ser_princ.o serialize.o
+ ser_ctx.o ser_key.o ser_princ.o serialize.o authdata.o pac.o copy_data.o
T_DELTAT_OBJS= t_deltat.o deltat.o
-T_PAC_OBJS= t_pac.o pac.o
+T_PAC_OBJS= t_pac.o pac.o copy_data.o
T_PRINC_OBJS= t_princ.o parse.o unparse.o
t_ad_fx_armor: t_ad_fx_armor.o
$(CC_LINK) -o $@ t_ad_fx_armor.o $(KRB5_BASE_LIBS)
-t_authdata: t_authdata.o copy_auth.o
- $(CC_LINK) -o $@ t_authdata.o copy_auth.o $(KRB5_BASE_LIBS)
+t_authdata: t_authdata.o $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $@ t_authdata.o $(KRB5_BASE_LIBS)
t_kerb: $(T_KERB_OBJS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o t_kerb $(T_KERB_OBJS) $(KRB5_BASE_LIBS)
krb5_rc_close(context, auth_context->rcache);
if (auth_context->permitted_etypes)
free(auth_context->permitted_etypes);
+ if (auth_context->ad_context)
+ krb5_authdata_context_free(context, auth_context->ad_context);
free(auth_context);
return 0;
}
return 0;
}
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_get_authdata_context(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context *ad_context)
+{
+ *ad_context = auth_context->ad_context;
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_set_authdata_context(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context ad_context)
+{
+ auth_context->ad_context = ad_context;
+ return 0;
+}
+
krb5_mk_req_checksum_func checksum_func;
void *checksum_func_data;
krb5_enctype negotiated_etype;
+ krb5_authdata_context ad_context;
};
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology. All
+ * Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "k5-int.h"
+#include "authdata.h"
+#include "auth_con.h"
+#include "int-proto.h"
+
+/* Loosely based on preauth2.c */
+
+#define IS_PRIMARY_INSTANCE(_module) ((_module)->client_req_init != NULL)
+
+static const char *objdirs[] = {
+#if TARGET_OS_MAC
+ KRB5_AUTHDATA_PLUGIN_BUNDLE_DIR,
+#endif
+ LIBDIR "/krb5/plugins/authdata",
+ NULL
+ }; /* should be a list */
+
+/* Internal authdata systems */
+static krb5plugin_authdata_client_ftable_v0 *authdata_systems[] = {
+ &krb5int_mspac_authdata_client_ftable,
+ NULL
+};
+
+static inline int
+k5_ad_module_count(krb5plugin_authdata_client_ftable_v0 *table)
+{
+ int i;
+
+ if (table->ad_type_list == NULL)
+ return 0;
+
+ for (i = 0; table->ad_type_list[i]; i++)
+ ;
+
+ return i;
+}
+
+static krb5_error_code
+k5_ad_init_modules(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5plugin_authdata_client_ftable_v0 *table,
+ int *module_count)
+{
+ int j, k = *module_count;
+ krb5_error_code code;
+ void *plugin_context = NULL;
+ void **rcpp;
+
+ if (table->ad_type_list == NULL) {
+#ifdef DEBUG
+ fprintf(stderr, "warning: module \"%s\" does not advertise "
+ "any AD types\n", table->name);
+#endif
+ return ENOENT;
+ }
+
+ if (table->init == NULL)
+ return ENOSYS;
+
+ code = (*table->init)(kcontext, &plugin_context);
+ if (code != 0) {
+#ifdef DEBUG
+ fprintf(stderr, "warning: skipping module \"%s\" which "
+ "failed to initialize\n", table->name);
+#endif
+ return code;
+ }
+
+ for (j = 0; table->ad_type_list[j] != 0; j++) {
+ context->modules[k].ad_type = table->ad_type_list[j];
+ context->modules[k].plugin_context = plugin_context;
+ if (j == 0)
+ context->modules[k].client_fini = table->fini;
+ else
+ context->modules[k].client_fini = NULL;
+ context->modules[k].ftable = table;
+ context->modules[k].name = table->name;
+ if (table->flags != NULL) {
+ (*table->flags)(kcontext, plugin_context,
+ context->modules[k].ad_type,
+ &context->modules[k].flags);
+ } else {
+ context->modules[k].flags = 0;
+ }
+ context->modules[k].request_context = NULL;
+ if (j == 0) {
+ context->modules[k].client_req_init = table->request_init;
+ context->modules[k].client_req_fini = table->request_fini;
+ rcpp = &context->modules[k].request_context;
+
+ /* For now, single request per context. That may change */
+ code = (*table->request_init)(kcontext,
+ context,
+ plugin_context,
+ rcpp);
+ if ((code != 0 && code != ENOMEM) &&
+ (context->modules[k].flags & AD_INFORMATIONAL))
+ code = 0;
+ if (code != 0)
+ break;
+ } else {
+ context->modules[k].client_req_init = NULL;
+ context->modules[k].client_req_fini = NULL;
+ }
+ context->modules[k].request_context_pp = rcpp;
+
+#ifdef DEBUG
+ fprintf(stderr, "init module \"%s\", ad_type %d, flags %08x\n",
+ context->modules[k].name,
+ context->modules[k].ad_type,
+ context->modules[k].flags);
+#endif
+ k++;
+ }
+ *module_count = k;
+
+ return code;
+}
+
+/*
+ * Determine size of to-be-externalized authdata context, for
+ * modules that match given flags mask. Note that this size
+ * does not include the magic identifier/trailer.
+ */
+static krb5_error_code
+k5_ad_size(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ size_t *sizep)
+{
+ int i;
+ krb5_error_code code = 0;
+
+ *sizep += sizeof(krb5_int32); /* count */
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+ size_t size;
+
+ if ((module->flags & flags) == 0)
+ continue;
+
+ /* externalize request context for the first instance only */
+ if (!IS_PRIMARY_INSTANCE(module))
+ continue;
+
+ if (module->ftable->size == NULL)
+ continue;
+
+ assert(module->ftable->externalize != NULL);
+
+ size = sizeof(krb5_int32) /* namelen */ + strlen(module->name);
+
+ code = (*module->ftable->size)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ &size);
+ if (code != 0)
+ break;
+
+ *sizep += size;
+ }
+
+ return code;
+}
+
+/*
+ * Externalize authdata context, for modules that match given flags
+ * mask. Note that the magic identifier/trailer is not included.
+ */
+static krb5_error_code
+k5_ad_externalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ int i;
+ krb5_error_code code;
+ krb5_int32 ad_count = 0;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ /* placeholder for count */
+ code = krb5_ser_pack_int32(0, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+ size_t namelen;
+
+ if ((module->flags & flags) == 0)
+ continue;
+
+ /* externalize request context for the first instance only */
+ if (!IS_PRIMARY_INSTANCE(module))
+ continue;
+
+ if (module->ftable->externalize == NULL)
+ continue;
+
+ /*
+ * We use the module name rather than the authdata type, because
+ * there may be multiple modules for a particular authdata type.
+ */
+ namelen = strlen(module->name);
+
+ code = krb5_ser_pack_int32((krb5_int32)namelen, &bp, &remain);
+ if (code != 0)
+ break;
+
+ code = krb5_ser_pack_bytes((krb5_octet *)module->name,
+ namelen, &bp, &remain);
+ if (code != 0)
+ break;
+
+ code = (*module->ftable->externalize)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ &bp,
+ &remain);
+ if (code != 0)
+ break;
+
+ ad_count++;
+ }
+
+ if (code == 0) {
+ /* store actual count */
+ krb5_ser_pack_int32(ad_count, buffer, lenremain);
+
+ *buffer = bp;
+ *lenremain = remain;
+ }
+
+ return code;
+}
+
+/*
+ * Find authdata module for authdata type that matches flag mask
+ */
+static struct _krb5_authdata_context_module *
+k5_ad_find_module(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ const krb5_data *name)
+{
+ int i;
+ struct _krb5_authdata_context_module *ret = NULL;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+
+ if ((module->flags & flags) == 0)
+ continue;
+
+ /* internalize request context for the first instance only */
+ if (!IS_PRIMARY_INSTANCE(module))
+ continue;
+
+ /* check for name match */
+ if (strlen(module->name) != name->length ||
+ memcmp(module->name, name->data, name->length) != 0)
+ continue;
+
+ ret = module;
+ break;
+ }
+
+ return ret;
+}
+
+/*
+ * In-place internalize authdata context, for modules that match given
+ * flags mask. The magic identifier/trailer is not expected by this.
+ */
+static krb5_error_code
+k5_ad_internalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ krb5_error_code code = 0;
+ krb5_int32 i, count;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ code = krb5_ser_unpack_int32(&count, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ for (i = 0; i < count; i++) {
+ struct _krb5_authdata_context_module *module;
+ krb5_int32 namelen;
+ krb5_data name;
+
+ code = krb5_ser_unpack_int32(&namelen, &bp, &remain);
+ if (code != 0)
+ break;
+
+ if (remain < (size_t)namelen) {
+ code = ENOMEM;
+ break;
+ }
+
+ name.length = namelen;
+ name.data = (char *)bp;
+
+ module = k5_ad_find_module(kcontext, context, flags, &name);
+ if (module == NULL || module->ftable->internalize == NULL) {
+ code = EINVAL;
+ break;
+ }
+
+ bp += namelen;
+ remain -= namelen;
+
+ code = (*module->ftable->internalize)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ &bp,
+ &remain);
+ if (code != 0)
+ break;
+ }
+
+ if (code == 0) {
+ *buffer = bp;
+ *lenremain = remain;
+ }
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_context_init(krb5_context kcontext,
+ krb5_authdata_context *pcontext)
+{
+ int n_modules, n_tables, i, k;
+ void **tables = NULL;
+ krb5plugin_authdata_client_ftable_v0 *table;
+ krb5_authdata_context context = NULL;
+ int internal_count = 0;
+ struct plugin_dir_handle plugins;
+ krb5_error_code code;
+
+ *pcontext = NULL;
+ memset(&plugins, 0, sizeof(plugins));
+
+ n_modules = 0;
+ for (n_tables = 0; authdata_systems[n_tables] != NULL; n_tables++) {
+ n_modules += k5_ad_module_count(authdata_systems[n_tables]);
+ }
+ internal_count = n_tables;
+
+ if (PLUGIN_DIR_OPEN(&plugins) == 0 &&
+ krb5int_open_plugin_dirs(objdirs, NULL,
+ &plugins,
+ &kcontext->err) == 0 &&
+ krb5int_get_plugin_dir_data(&plugins,
+ "authdata_client_0",
+ &tables,
+ &kcontext->err) == 0 &&
+ tables != NULL)
+ {
+ for (; tables[n_tables - internal_count] != NULL; n_tables++) {
+ table = tables[n_tables - internal_count];
+ n_modules += k5_ad_module_count(table);
+ }
+ }
+
+ context = calloc(1, sizeof(*context));
+ if (kcontext == NULL) {
+ if (tables != NULL)
+ krb5int_free_plugin_dir_data(tables);
+ krb5int_close_plugin_dirs(&context->plugins);
+ return ENOMEM;
+ }
+ context->magic = KV5M_AUTHDATA_CONTEXT;
+ context->modules = calloc(n_modules, sizeof(context->modules[0]));
+ if (context->modules == NULL) {
+ if (tables != NULL)
+ krb5int_free_plugin_dir_data(tables);
+ krb5int_close_plugin_dirs(&context->plugins);
+ free(kcontext);
+ return ENOMEM;
+ }
+ context->n_modules = n_modules;
+
+ /* fill in the structure */
+ for (i = 0, k = 0, code = 0; i < n_tables - internal_count; i++) {
+ code = k5_ad_init_modules(kcontext, context, tables[i], &k);
+ if (code != 0)
+ break;
+ }
+
+ if (code == 0) {
+ for (i = 0; i < internal_count; i++) {
+ code = k5_ad_init_modules(kcontext, context, authdata_systems[i], &k);
+ if (code != 0)
+ break;
+ }
+ }
+
+ if (tables != NULL)
+ krb5int_free_plugin_dir_data(tables);
+
+ context->plugins = plugins;
+
+ if (code != 0)
+ krb5_authdata_context_free(kcontext, context);
+ else
+ *pcontext = context;
+
+ return code;
+}
+
+void KRB5_CALLCONV
+krb5_authdata_context_free(krb5_context kcontext,
+ krb5_authdata_context context)
+{
+ int i;
+
+ if (context == NULL)
+ return;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+
+ if (module->client_req_fini != NULL &&
+ module->request_context != NULL)
+ (*module->client_req_fini)(kcontext,
+ context,
+ module->plugin_context,
+ module->request_context);
+
+ if (module->client_fini != NULL)
+ (*module->client_fini)(kcontext, module->plugin_context);
+
+ memset(module, 0, sizeof(*module));
+ }
+
+ if (context->modules != NULL) {
+ free(context->modules);
+ context->modules = NULL;
+ }
+ krb5int_close_plugin_dirs(&context->plugins);
+ memset(context, 0, sizeof(*context));
+ free(context);
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_import_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage,
+ const krb5_data *attrs)
+{
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = (krb5_octet *)attrs->data;
+ remain = attrs->length;
+
+ return k5_ad_internalize(kcontext, context, usage, &bp, &remain);
+}
+
+static krb5_error_code
+k5_get_kdc_issued_authdata(krb5_context kcontext,
+ const krb5_ap_req *ap_req,
+ krb5_principal *kdc_issuer,
+ krb5_authdata ***kdc_issued_authdata)
+{
+ krb5_error_code code;
+ krb5_authdata **authdata;
+ krb5_authdata **ticket_authdata;
+
+ *kdc_issuer = NULL;
+ *kdc_issued_authdata = NULL;
+
+ ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
+
+ code = krb5int_find_authdata(kcontext,
+ ticket_authdata,
+ NULL,
+ KRB5_AUTHDATA_KDC_ISSUED,
+ &authdata);
+ if (code != 0 || authdata == NULL)
+ return code;
+
+ /*
+ * Note: a module must still implement a verify_authdata
+ * method, even it is a NOOP that simply records the value
+ * of the kdc_issued_flag.
+ */
+ code = krb5_verify_authdata_kdc_issued(kcontext,
+ ap_req->ticket->enc_part2->session,
+ authdata[0],
+ kdc_issuer,
+ kdc_issued_authdata);
+
+ assert(code == 0 || *kdc_issued_authdata == NULL);
+
+ krb5_free_authdata(kcontext, authdata);
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_export_authdata(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ krb5_authdata ***pauthdata)
+{
+ int i;
+ krb5_error_code code = 0;
+ krb5_authdata **authdata = NULL;
+ unsigned int len = 0;
+
+ *pauthdata = NULL;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+ krb5_authdata **authdata2 = NULL;
+ int j;
+
+ if ((module->flags & flags) == 0)
+ continue;
+
+ if (module->ftable->export_authdata == NULL)
+ continue;
+
+ code = (*module->ftable->export_authdata)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ flags,
+ &authdata2);
+ if (code == ENOENT)
+ code = 0;
+ else if (code != 0)
+ break;
+
+ if (authdata2 == NULL)
+ continue;
+
+ for (j = 0; authdata2[j] != NULL; j++)
+ ;
+
+ authdata = realloc(authdata, (len + j + 1) * sizeof(krb5_authdata *));
+ if (authdata == NULL)
+ return ENOMEM;
+
+ memcpy(&authdata[len], authdata2, j * sizeof(krb5_authdata *));
+ free(authdata2);
+
+ len += j;
+ }
+
+ if (authdata != NULL)
+ authdata[len] = NULL;
+
+ *pauthdata = authdata;
+
+ return code;
+}
+
+krb5_error_code
+krb5int_authdata_verify(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage,
+ const krb5_auth_context *auth_context,
+ const krb5_keyblock *key,
+ const krb5_ap_req *ap_req)
+{
+ int i;
+ krb5_error_code code = 0;
+ krb5_authdata **authen_authdata;
+ krb5_authdata **ticket_authdata;
+ krb5_principal kdc_issuer = NULL;
+ krb5_authdata **kdc_issued_authdata = NULL;
+
+ authen_authdata = (*auth_context)->authentp->authorization_data;
+ ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
+ k5_get_kdc_issued_authdata(kcontext, ap_req,
+ &kdc_issuer, &kdc_issued_authdata);
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+ krb5_authdata **authdata = NULL;
+ krb5_boolean kdc_issued_flag = FALSE;
+
+ if ((module->flags & usage) == 0)
+ continue;
+
+ if (module->ftable->import_authdata == NULL)
+ continue;
+
+ if (kdc_issued_authdata != NULL) {
+ code = krb5int_find_authdata(kcontext,
+ kdc_issued_authdata,
+ NULL,
+ module->ad_type,
+ &authdata);
+ if (code != 0)
+ break;
+
+ kdc_issued_flag = TRUE;
+ }
+
+ if (authdata == NULL) {
+ code = krb5int_find_authdata(kcontext,
+ ticket_authdata,
+ authen_authdata,
+ module->ad_type,
+ &authdata);
+ if (code != 0)
+ break;
+ }
+
+ if (authdata == NULL)
+ continue;
+
+ assert(authdata[0] != NULL);
+
+ code = (*module->ftable->import_authdata)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ authdata,
+ kdc_issued_flag,
+ kdc_issuer);
+ if (code == 0 && module->ftable->verify != NULL) {
+ code = (*module->ftable->verify)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ auth_context,
+ key,
+ ap_req);
+ }
+ if (code != 0 && (module->flags & AD_INFORMATIONAL))
+ code = 0;
+ krb5_free_authdata(kcontext, authdata);
+ if (code != 0)
+ break;
+ }
+
+ krb5_free_principal(kcontext, kdc_issuer);
+ krb5_free_authdata(kcontext, kdc_issued_authdata);
+
+ return code;
+}
+
+static krb5_error_code
+k5_merge_data_list(krb5_data **dst, krb5_data *src, unsigned int *len)
+{
+ unsigned int i;
+ krb5_data *d;
+
+ if (src == NULL)
+ return 0;
+
+ for (i = 0; src[i].data != NULL; i++)
+ ;
+
+ d = realloc(*dst, (*len + i + 1) * sizeof(krb5_data));
+ if (d == NULL)
+ return ENOMEM;
+
+ memcpy(&d[*len], src, i * sizeof(krb5_data));
+
+ *len += i;
+
+ d[*len].data = NULL;
+ d[*len].length = 0;
+
+ *dst = d;
+
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_data **out_attrs)
+{
+ int i;
+ krb5_error_code code = 0;
+ krb5_data *attrs = NULL;
+ unsigned int attrs_len = 0;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+ krb5_data *attrs2 = NULL;
+
+ if (module->ftable->get_attribute_types == NULL)
+ continue;
+
+ if ((*module->ftable->get_attribute_types)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ &attrs2))
+ continue;
+
+ code = k5_merge_data_list(&attrs, attrs2, &attrs_len);
+ if (code != 0) {
+ krb5int_free_data_list(kcontext, attrs2);
+ break;
+ }
+ if (attrs2 != NULL)
+ free(attrs2);
+ }
+
+ if (code != 0) {
+ krb5int_free_data_list(kcontext, attrs);
+ attrs = NULL;
+ }
+
+ *out_attrs = attrs;
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more)
+{
+ int i;
+ krb5_error_code code = ENOENT;
+
+ *authenticated = FALSE;
+ *complete = FALSE;
+
+ value->data = NULL;
+ value->length = 0;
+
+ display_value->data = NULL;
+ display_value->length = 0;
+
+ /*
+ * NB at present a module is presumed to be authoritative for
+ * an attribute; not sure how to federate "more" across module
+ * yet
+ */
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+
+ if (module->ftable->get_attribute == NULL)
+ continue;
+
+ code = (*module->ftable->get_attribute)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ attribute,
+ authenticated,
+ complete,
+ value,
+ display_value,
+ more);
+ if (code == 0)
+ break;
+ }
+
+ if (code != 0)
+ *more = 0;
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value)
+{
+ int i;
+ krb5_error_code code = 0;
+ int found = 0;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+
+ if (module->ftable->set_attribute == NULL)
+ continue;
+
+ code = (*module->ftable->set_attribute)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ complete,
+ attribute,
+ value);
+ if (code == ENOENT)
+ code = 0;
+ else if (code == 0)
+ found++;
+ else
+ break;
+ }
+
+ if (code == 0 && found == 0)
+ code = ENOENT;
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_delete_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute)
+{
+ int i;
+ krb5_error_code code = ENOENT;
+ int found = 0;
+
+ for (i = 0; i < context->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &context->modules[i];
+
+ if (module->ftable->delete_attribute == NULL)
+ continue;
+
+ code = (*module->ftable->delete_attribute)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ attribute);
+ if (code == ENOENT)
+ code = 0;
+ else if (code == 0)
+ found++;
+ else
+ break;
+ }
+
+ if (code == 0 && found == 0)
+ code = ENOENT;
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_export_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags flags,
+ krb5_data **attrsp)
+{
+ krb5_error_code code;
+ size_t required = 0;
+ krb5_octet *bp;
+ size_t remain;
+ krb5_data *attrs;
+
+ code = k5_ad_size(kcontext, context, AD_USAGE_MASK, &required);
+ if (code != 0)
+ return code;
+
+ attrs = malloc(sizeof(*attrs));
+ if (attrs == NULL)
+ return ENOMEM;
+
+ attrs->magic = KV5M_DATA;
+ attrs->length = 0;
+ attrs->data = malloc(required);
+ if (attrs->data == NULL) {
+ free(attrs);
+ return ENOMEM;
+ }
+
+ bp = (krb5_octet *)attrs->data;
+ remain = required;
+
+ code = k5_ad_externalize(kcontext, context, AD_USAGE_MASK, &bp, &remain);
+ if (code != 0) {
+ krb5_free_data(kcontext, attrs);
+ return code;
+ }
+
+ attrs->length = (bp - (krb5_octet *)attrs->data);
+
+ *attrsp = attrs;
+
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_export_internal(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean restrict_authenticated,
+ const char *module_name,
+ void **ptr)
+{
+ krb5_error_code code;
+ krb5_data name;
+ struct _krb5_authdata_context_module *module;
+
+ *ptr = NULL;
+
+ name.length = strlen(module_name);
+ name.data = (char *)module_name;
+
+ module = k5_ad_find_module(kcontext, context, AD_USAGE_MASK, &name);
+ if (module == NULL)
+ return ENOENT;
+
+ if (module->ftable->export_internal == NULL)
+ return ENOENT;
+
+ code = (*module->ftable->export_internal)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ restrict_authenticated,
+ ptr);
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_free_internal(krb5_context kcontext,
+ krb5_authdata_context context,
+ const char *module_name,
+ void *ptr)
+{
+ krb5_data name;
+ struct _krb5_authdata_context_module *module;
+
+ name.length = strlen(module_name);
+ name.data = (char *)module_name;
+
+ module = k5_ad_find_module(kcontext, context, AD_USAGE_MASK, &name);
+ if (module == NULL)
+ return ENOENT;
+
+ if (module->ftable->free_internal == NULL)
+ return ENOENT;
+
+ (*module->ftable->free_internal)(kcontext,
+ context,
+ module->plugin_context,
+ *(module->request_context_pp),
+ ptr);
+
+ return 0;
+}
+
+static krb5_error_code
+k5_copy_ad_module_data(krb5_context kcontext,
+ krb5_authdata_context context,
+ struct _krb5_authdata_context_module *src_module,
+ krb5_authdata_context dst)
+{
+ int i;
+ krb5_error_code code;
+ struct _krb5_authdata_context_module *dst_module = NULL;
+
+ for (i = 0; i < dst->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &dst->modules[i];
+
+ if (module->ftable == src_module->ftable) {
+ /* XXX is this safe to assume these pointers are interned? */
+ dst_module = module;
+ break;
+ }
+ }
+
+ if (dst_module == NULL)
+ return ENOENT;
+
+ /* copy request context for the first instance only */
+ if (!IS_PRIMARY_INSTANCE(dst_module))
+ return 0;
+
+ assert(strcmp(dst_module->name, src_module->name) == 0);
+
+ /* If copy is unimplemented, externalize/internalize */
+ if (src_module->ftable->copy == NULL) {
+ size_t size = 0, remain;
+ krb5_octet *contents, *bp;
+
+ assert(src_module->ftable->size != NULL);
+ assert(src_module->ftable->externalize != NULL);
+ assert(dst_module->ftable->internalize != NULL);
+
+ code = (*src_module->ftable->size)(kcontext,
+ context,
+ src_module->plugin_context,
+ src_module->request_context,
+ &size);
+ if (code != 0)
+ return code;
+
+ contents = malloc(size);
+ if (contents == NULL)
+ return ENOMEM;
+
+ bp = contents;
+ remain = size;
+
+ code = (*src_module->ftable->externalize)(kcontext,
+ context,
+ src_module->plugin_context,
+ *(src_module->request_context_pp),
+ &bp,
+ &remain);
+ if (code != 0) {
+ free(contents);
+ return code;
+ }
+
+ remain = (bp - contents);
+ bp = contents;
+
+ code = (*dst_module->ftable->internalize)(kcontext,
+ context,
+ dst_module->plugin_context,
+ *(dst_module->request_context_pp),
+ &bp,
+ &remain);
+ if (code != 0) {
+ free(contents);
+ return code;
+ }
+
+ free(contents);
+ } else {
+ assert(src_module->request_context_pp == &src_module->request_context);
+ assert(dst_module->request_context_pp == &dst_module->request_context);
+
+ code = (*src_module->ftable->copy)(kcontext,
+ context,
+ src_module->plugin_context,
+ src_module->request_context,
+ dst_module->plugin_context,
+ dst_module->request_context);
+ }
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_context_copy(krb5_context kcontext,
+ krb5_authdata_context src,
+ krb5_authdata_context *pdst)
+{
+ int i;
+ krb5_error_code code;
+ krb5_authdata_context dst;
+
+ /* XXX we need to init a new context because we can't copy plugins */
+ code = krb5_authdata_context_init(kcontext, &dst);
+ if (code != 0)
+ return code;
+
+ for (i = 0; i < src->n_modules; i++) {
+ struct _krb5_authdata_context_module *module = &src->modules[i];
+
+ code = k5_copy_ad_module_data(kcontext, src, module, dst);
+ if (code != 0)
+ break;
+ }
+
+ if (code != 0) {
+ krb5_authdata_context_free(kcontext, dst);
+ return code;
+ }
+
+ *pdst = dst;
+
+ return 0;
+}
+
+/*
+ * Calculate size of to-be-externalized authdata context.
+ */
+static krb5_error_code
+krb5_authdata_context_size(krb5_context kcontext,
+ krb5_pointer ptr,
+ size_t *sizep)
+{
+ krb5_error_code code;
+ krb5_authdata_context context = (krb5_authdata_context)ptr;
+
+ code = k5_ad_size(kcontext, context, AD_USAGE_MASK, sizep);
+ if (code != 0)
+ return code;
+
+ *sizep += 2 * sizeof(krb5_int32); /* identifier/trailer */
+
+ return 0;
+}
+
+/*
+ * Externalize an authdata context.
+ */
+static krb5_error_code
+krb5_authdata_context_externalize(krb5_context kcontext,
+ krb5_pointer ptr,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ krb5_error_code code;
+ krb5_authdata_context context = (krb5_authdata_context)ptr;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ /* Our identifier */
+ code = krb5_ser_pack_int32(KV5M_AUTHDATA_CONTEXT, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ /* The actual context data */
+ code = k5_ad_externalize(kcontext, context, AD_USAGE_MASK,
+ &bp, &remain);
+ if (code != 0)
+ return code;
+
+ /* Our trailer */
+ code = krb5_ser_pack_int32(KV5M_AUTHDATA_CONTEXT, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ *buffer = bp;
+ *lenremain = remain;
+
+ return 0;
+}
+
+/*
+ * Internalize an authdata context.
+ */
+static krb5_error_code
+krb5_authdata_context_internalize(krb5_context kcontext,
+ krb5_pointer *ptr,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ krb5_error_code code;
+ krb5_authdata_context context;
+ krb5_int32 ibuf;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ code = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ if (ibuf != KV5M_AUTHDATA_CONTEXT)
+ return EINVAL;
+
+ code = krb5_authdata_context_init(kcontext, &context);
+ if (code != 0)
+ return code;
+
+ code = k5_ad_internalize(kcontext, context, AD_USAGE_MASK,
+ &bp, &remain);
+ if (code != 0) {
+ krb5_authdata_context_free(kcontext, context);
+ return code;
+ }
+
+ code = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ if (ibuf != KV5M_AUTHDATA_CONTEXT) {
+ krb5_authdata_context_free(kcontext, context);
+ return EINVAL;
+ }
+
+ *buffer = bp;
+ *lenremain = remain;
+ *ptr = context;
+
+ return 0;
+}
+
+static const krb5_ser_entry krb5_authdata_context_ser_entry = {
+ KV5M_AUTHDATA_CONTEXT,
+ krb5_authdata_context_size,
+ krb5_authdata_context_externalize,
+ krb5_authdata_context_internalize
+};
+
+/*
+ * Register the authdata context serializer.
+ */
+krb5_error_code
+krb5_ser_authdata_context_init(krb5_context kcontext)
+{
+ return krb5_register_serializer(kcontext,
+ &krb5_authdata_context_ser_entry);
+}
+
--- /dev/null
+/*
+ * lib/krb5/krb/authdata.h
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * <<< Description >>>
+ */
+#ifndef KRB_AUTHDATA_H
+
+#define KRB_AUTHDATA_H
+
+#include <k5-int.h>
+
+/* authdata.c */
+krb5_error_code
+krb5int_authdata_verify(krb5_context context,
+ krb5_authdata_context,
+ krb5_flags usage,
+ const krb5_auth_context *auth_context,
+ const krb5_keyblock *key,
+ const krb5_ap_req *ap_req);
+
+/* pac.c */
+extern krb5plugin_authdata_client_ftable_v0 krb5int_mspac_authdata_client_ftable;
+
+#endif /* !KRB_AUTHDATA_H */
+
else krb5_free_authdata(context, fctx.out);
return retval;
}
+
+krb5_error_code KRB5_CALLCONV
+krb5_make_authdata_kdc_issued(krb5_context context,
+ const krb5_keyblock *key,
+ krb5_const_principal issuer,
+ krb5_authdata *const *authdata,
+ krb5_authdata ***ad_kdcissued)
+{
+ krb5_error_code code;
+ krb5_ad_kdcissued ad_kdci;
+ krb5_data *data;
+ krb5_cksumtype cksumtype;
+ krb5_authdata ad_datum;
+ krb5_authdata *ad_data[2];
+
+ *ad_kdcissued = NULL;
+
+ ad_kdci.ad_checksum.contents = NULL;
+ ad_kdci.i_principal = (krb5_principal)issuer;
+ ad_kdci.elements = (krb5_authdata **)authdata;
+
+ code = krb5int_c_mandatory_cksumtype(context, key->enctype,
+ &cksumtype);
+ if (code != 0)
+ return code;
+
+ code = encode_krb5_authdata(ad_kdci.elements, &data);
+ if (code != 0)
+ return code;
+
+ code = krb5_c_make_checksum(context, cksumtype,
+ key, KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM,
+ data, &ad_kdci.ad_checksum);
+ if (code != 0) {
+ krb5_free_data(context, data);
+ return code;
+ }
+
+ krb5_free_data(context, data);
+
+ code = encode_krb5_ad_kdcissued(&ad_kdci, &data);
+ if (code != 0)
+ return code;
+
+ ad_datum.ad_type = KRB5_AUTHDATA_KDC_ISSUED;
+ ad_datum.length = data->length;
+ ad_datum.contents = (unsigned char *)data->data;
+
+ ad_data[0] = &ad_datum;
+ ad_data[1] = NULL;
+
+ code = krb5_copy_authdata(context, ad_data, ad_kdcissued);
+
+ krb5_free_data(context, data);
+ krb5_free_checksum_contents(context, &ad_kdci.ad_checksum);
+
+ return code;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_verify_authdata_kdc_issued(krb5_context context,
+ const krb5_keyblock *key,
+ const krb5_authdata *ad_kdcissued,
+ krb5_principal *issuer,
+ krb5_authdata ***authdata)
+{
+ krb5_error_code code;
+ krb5_ad_kdcissued *ad_kdci;
+ krb5_data data, *data2;
+ krb5_boolean valid = FALSE;
+
+ if ((ad_kdcissued->ad_type & AD_TYPE_FIELD_TYPE_MASK) !=
+ KRB5_AUTHDATA_KDC_ISSUED)
+ return EINVAL;
+
+ if (issuer != NULL)
+ *issuer = NULL;
+ if (authdata != NULL)
+ *authdata = NULL;
+
+ data.length = ad_kdcissued->length;
+ data.data = (char *)ad_kdcissued->contents;
+
+ code = decode_krb5_ad_kdcissued(&data, &ad_kdci);
+ if (code != 0)
+ return code;
+
+ code = encode_krb5_authdata(ad_kdci->elements, &data2);
+ if (code != 0) {
+ krb5_free_ad_kdcissued(context, ad_kdci);
+ return code;
+ }
+
+ code = krb5_c_verify_checksum(context, key,
+ KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM,
+ data2, &ad_kdci->ad_checksum, &valid);
+ if (code != 0) {
+ krb5_free_ad_kdcissued(context, ad_kdci);
+ krb5_free_data(context, data2);
+ }
+
+ krb5_free_data(context, data2);
+
+ if (valid == FALSE) {
+ krb5_free_ad_kdcissued(context, ad_kdci);
+ return KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ }
+
+ if (issuer != NULL) {
+ *issuer = ad_kdci->i_principal;
+ ad_kdci->i_principal = NULL;
+ }
+
+ if (authdata != NULL) {
+ *authdata = ad_kdci->elements;
+ ad_kdci->elements = NULL;
+ }
+
+ krb5_free_ad_kdcissued(context, ad_kdci);
+
+ return 0;
+}
+
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h addr_comp.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ addr_comp.c
addr_order.so addr_order.po $(OUTPRE)addr_order.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h addr_order.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ addr_order.c
addr_srch.so addr_srch.po $(OUTPRE)addr_srch.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h addr_srch.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ addr_srch.c
appdefault.so appdefault.po $(OUTPRE)appdefault.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h appdefault.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ appdefault.c
auth_con.so auth_con.po $(OUTPRE)auth_con.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.c auth_con.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.c auth_con.h
+authdata.so authdata.po $(OUTPRE)authdata.$(OBJEXT): \
+ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+ $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
+ $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
+ $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
+ $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h authdata.c authdata.h int-proto.h
bld_pr_ext.so bld_pr_ext.po $(OUTPRE)bld_pr_ext.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h bld_pr_ext.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ bld_pr_ext.c
bld_princ.so bld_princ.po $(OUTPRE)bld_princ.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h bld_princ.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ bld_princ.c
brand.so brand.po $(OUTPRE)brand.$(OBJEXT): $(SRCTOP)/patchlevel.h \
brand.c
chk_trans.so chk_trans.po $(OUTPRE)chk_trans.$(OBJEXT): \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h chk_trans.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ chk_trans.c
chpw.so chpw.po $(OUTPRE)chpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h chpw.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h chpw.c
conv_creds.so conv_creds.po $(OUTPRE)conv_creds.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h conv_creds.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ conv_creds.c
conv_princ.so conv_princ.po $(OUTPRE)conv_princ.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h conv_princ.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ conv_princ.c
copy_addrs.so copy_addrs.po $(OUTPRE)copy_addrs.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_addrs.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_addrs.c
copy_auth.so copy_auth.po $(OUTPRE)copy_auth.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_auth.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_auth.c
copy_athctr.so copy_athctr.po $(OUTPRE)copy_athctr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_athctr.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_athctr.c
copy_cksum.so copy_cksum.po $(OUTPRE)copy_cksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_cksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_cksum.c
copy_creds.so copy_creds.po $(OUTPRE)copy_creds.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_creds.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_creds.c
copy_data.so copy_data.po $(OUTPRE)copy_data.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_data.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_data.c
copy_key.so copy_key.po $(OUTPRE)copy_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_key.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_key.c
copy_princ.so copy_princ.po $(OUTPRE)copy_princ.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_princ.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_princ.c
copy_tick.so copy_tick.po $(OUTPRE)copy_tick.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h copy_tick.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ copy_tick.c
cp_key_cnt.so cp_key_cnt.po $(OUTPRE)cp_key_cnt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h cp_key_cnt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ cp_key_cnt.c
decode_kdc.so decode_kdc.po $(OUTPRE)decode_kdc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h decode_kdc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ decode_kdc.c
decrypt_tk.so decrypt_tk.po $(OUTPRE)decrypt_tk.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h decrypt_tk.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ decrypt_tk.c
deltat.so deltat.po $(OUTPRE)deltat.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- deltat.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h deltat.c
enc_helper.so enc_helper.po $(OUTPRE)enc_helper.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h enc_helper.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ enc_helper.c
encode_kdc.so encode_kdc.po $(OUTPRE)encode_kdc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h encode_kdc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ encode_kdc.c
encrypt_tk.so encrypt_tk.po $(OUTPRE)encrypt_tk.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h encrypt_tk.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ encrypt_tk.c
fast.so fast.po $(OUTPRE)fast.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- fast.c fast.h int-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h fast.c fast.h int-proto.h
free_rtree.so free_rtree.po $(OUTPRE)free_rtree.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h free_rtree.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ free_rtree.c
fwd_tgt.so fwd_tgt.po $(OUTPRE)fwd_tgt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- fwd_tgt.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h fwd_tgt.c
gc_frm_kdc.so gc_frm_kdc.po $(OUTPRE)gc_frm_kdc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gc_frm_kdc.c int-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gc_frm_kdc.c int-proto.h
gc_via_tkt.so gc_via_tkt.po $(OUTPRE)gc_via_tkt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gc_via_tkt.c int-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gc_via_tkt.c int-proto.h
gen_seqnum.so gen_seqnum.po $(OUTPRE)gen_seqnum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gen_seqnum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gen_seqnum.c
gen_subkey.so gen_subkey.po $(OUTPRE)gen_subkey.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gen_subkey.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gen_subkey.c
get_creds.so get_creds.po $(OUTPRE)get_creds.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h get_creds.c int-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ get_creds.c int-proto.h
get_in_tkt.so get_in_tkt.po $(OUTPRE)get_in_tkt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../os/os-proto.h \
- fast.h get_in_tkt.c int-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../os/os-proto.h fast.h get_in_tkt.c int-proto.h
gic_keytab.so gic_keytab.po $(OUTPRE)gic_keytab.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gic_keytab.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gic_keytab.c
gic_opt.so gic_opt.po $(OUTPRE)gic_opt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- gic_opt.c int-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h gic_opt.c int-proto.h
gic_pwd.so gic_pwd.po $(OUTPRE)gic_pwd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- gic_pwd.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h gic_pwd.c
in_tkt_sky.so in_tkt_sky.po $(OUTPRE)in_tkt_sky.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h in_tkt_sky.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ in_tkt_sky.c
init_ctx.so init_ctx.po $(OUTPRE)init_ctx.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/patchlevel.h \
- $(srcdir)/../krb5_libinit.h brand.c init_ctx.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/patchlevel.h $(srcdir)/../krb5_libinit.h \
+ brand.c init_ctx.c
init_keyblock.so init_keyblock.po $(OUTPRE)init_keyblock.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h init_keyblock.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ init_keyblock.c
kdc_rep_dc.so kdc_rep_dc.po $(OUTPRE)kdc_rep_dc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdc_rep_dc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdc_rep_dc.c
kerrs.so kerrs.po $(OUTPRE)kerrs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kerrs.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kerrs.c
kfree.so kfree.po $(OUTPRE)kfree.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kfree.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kfree.c
mk_cred.so mk_cred.po $(OUTPRE)mk_cred.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h mk_cred.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ mk_cred.c
mk_error.so mk_error.po $(OUTPRE)mk_error.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h mk_error.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ mk_error.c
mk_priv.so mk_priv.po $(OUTPRE)mk_priv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h mk_priv.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ mk_priv.c
mk_rep.so mk_rep.po $(OUTPRE)mk_rep.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h mk_rep.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h mk_rep.c
mk_req.so mk_req.po $(OUTPRE)mk_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h mk_req.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h mk_req.c
mk_req_ext.so mk_req_ext.po $(OUTPRE)mk_req_ext.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.h mk_req_ext.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h mk_req_ext.c
mk_safe.so mk_safe.po $(OUTPRE)mk_safe.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h mk_safe.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ mk_safe.c
pac.so pac.po $(OUTPRE)pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-utf8.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h pac.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ authdata.h pac.c
parse.so parse.po $(OUTPRE)parse.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- parse.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h parse.c
pr_to_salt.so pr_to_salt.po $(OUTPRE)pr_to_salt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h pr_to_salt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ pr_to_salt.c
preauth.so preauth.po $(OUTPRE)preauth.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- preauth.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h preauth.c
preauth2.so preauth2.po $(OUTPRE)preauth2.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h fast.h int-proto.h \
- preauth2.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ fast.h int-proto.h preauth2.c
princ_comp.so princ_comp.po $(OUTPRE)princ_comp.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-unicode.h $(SRCTOP)/include/k5-utf8.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h princ_comp.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ princ_comp.c
rd_cred.so rd_cred.po $(OUTPRE)rd_cred.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h rd_cred.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ rd_cred.c
rd_error.so rd_error.po $(OUTPRE)rd_error.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h rd_error.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ rd_error.c
rd_priv.so rd_priv.po $(OUTPRE)rd_priv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h rd_priv.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ rd_priv.c
rd_rep.so rd_rep.po $(OUTPRE)rd_rep.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h rd_rep.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h rd_rep.c
rd_req.so rd_req.po $(OUTPRE)rd_req.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h rd_req.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h rd_req.c
rd_req_dec.so rd_req_dec.po $(OUTPRE)rd_req_dec.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.h rd_req_dec.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h authdata.h int-proto.h rd_req_dec.c
rd_safe.so rd_safe.po $(OUTPRE)rd_safe.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h cleanup.h rd_safe.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h cleanup.h \
+ rd_safe.c
recvauth.so recvauth.po $(OUTPRE)recvauth.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.h recvauth.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h recvauth.c
s4u_creds.so s4u_creds.po $(OUTPRE)s4u_creds.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h s4u_creds.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h s4u_creds.c
sendauth.so sendauth.po $(OUTPRE)sendauth.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.h sendauth.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h sendauth.c
send_tgs.so send_tgs.po $(OUTPRE)send_tgs.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h send_tgs.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ send_tgs.c
ser_actx.so ser_actx.po $(OUTPRE)ser_actx.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h auth_con.h int-proto.h \
- ser_actx.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ auth_con.h int-proto.h ser_actx.c
ser_adata.so ser_adata.po $(OUTPRE)ser_adata.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h ser_adata.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h ser_adata.c
ser_addr.so ser_addr.po $(OUTPRE)ser_addr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h ser_addr.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h ser_addr.c
ser_auth.so ser_auth.po $(OUTPRE)ser_auth.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h ser_auth.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h ser_auth.c
ser_cksum.so ser_cksum.po $(OUTPRE)ser_cksum.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h ser_cksum.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h ser_cksum.c
ser_ctx.so ser_ctx.po $(OUTPRE)ser_ctx.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ser_ctx.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ser_ctx.c
ser_key.so ser_key.po $(OUTPRE)ser_key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- int-proto.h ser_key.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h int-proto.h ser_key.c
ser_princ.so ser_princ.po $(OUTPRE)ser_princ.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h ser_princ.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h ser_princ.c
serialize.so serialize.po $(OUTPRE)serialize.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h serialize.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ serialize.c
set_realm.so set_realm.po $(OUTPRE)set_realm.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h set_realm.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ set_realm.c
srv_dec_tkt.so srv_dec_tkt.po $(OUTPRE)srv_dec_tkt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h srv_dec_tkt.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ srv_dec_tkt.c
srv_rcache.so srv_rcache.po $(OUTPRE)srv_rcache.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h srv_rcache.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ srv_rcache.c
str_conv.so str_conv.po $(OUTPRE)str_conv.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h str_conv.c
+ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ str_conv.c
t_ad_fx_armor.so t_ad_fx_armor.po $(OUTPRE)t_ad_fx_armor.$(OBJEXT): \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) t_ad_fx_armor.c
tgtname.so tgtname.po $(OUTPRE)tgtname.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- int-proto.h tgtname.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h int-proto.h tgtname.c
unparse.so unparse.po $(OUTPRE)unparse.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- unparse.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h unparse.c
valid_times.so valid_times.po $(OUTPRE)valid_times.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h valid_times.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ valid_times.c
vfy_increds.so vfy_increds.po $(OUTPRE)vfy_increds.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h vfy_increds.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h vfy_increds.c
vic_opt.so vic_opt.po $(OUTPRE)vic_opt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- vic_opt.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h vic_opt.c
walk_rtree.so walk_rtree.po $(OUTPRE)walk_rtree.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h int-proto.h walk_rtree.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ int-proto.h walk_rtree.c
t_walk_rtree.so t_walk_rtree.po $(OUTPRE)t_walk_rtree.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h t_walk_rtree.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ t_walk_rtree.c
t_kerb.so t_kerb.po $(OUTPRE)t_kerb.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \
t_kerb.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- auth_con.h t_ser.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h auth_con.h t_ser.c
t_deltat.so t_deltat.po $(OUTPRE)t_deltat.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h t_deltat.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ t_deltat.c
t_expand.so t_expand.po $(OUTPRE)t_expand.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h chk_trans.c t_expand.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ chk_trans.c t_expand.c
t_pac.so t_pac.po $(OUTPRE)t_pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- t_pac.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h t_pac.c
t_princ.so t_princ.po $(OUTPRE)t_princ.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- t_princ.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h t_princ.c
t_etypes.so t_etypes.po $(OUTPRE)t_etypes.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h t_etypes.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ t_etypes.c
cipher->ciphertext.length = enclen;
if ((cipher->ciphertext.data = (char *) malloc(enclen)) == NULL)
- return(ret);
+ return(ENOMEM);
ret = krb5_c_encrypt(context, key, usage, 0, plain, cipher);
if (ret) {
free(cipher->ciphertext.data);
krb5_boolean old_use_conf_ktypes;
char **hrealms;
unsigned int referral_count, i;
+ krb5_authdata **supplied_authdata, **out_supplied_authdata = NULL;
/*
* Set up client and server pointers. Make a fresh and modifyable
krb5_free_principal(context, server);
return retval;
}
+ if (in_cred->authdata != NULL) {
+ if ((retval = krb5_copy_authdata(context, in_cred->authdata,
+ &out_supplied_authdata)) != 0) {
+ krb5_free_principal(context, out_supplied_server);
+ krb5_free_principal(context, server);
+ return retval;
+ }
+ }
+
supplied_server = in_cred->server;
in_cred->server=server;
+ supplied_authdata = in_cred->authdata;
DUMP_PRINC("gc_from_kdc initial client", client);
DUMP_PRINC("gc_from_kdc initial server", server);
if (tgtptr == &cc_tgt)
krb5_free_cred_contents(context, tgtptr);
tgtptr=*out_cred;
+ /* Save requested auth data with TGT in case it ends up stored */
+ if (supplied_authdata != NULL) {
+ /* Ensure we note TGT contains authorization data */
+ retval = krb5_copy_authdata(context,
+ supplied_authdata,
+ &(*out_cred)->authdata);
+ if (retval)
+ goto cleanup;
+ }
/* Save pointer to tgt in referral_tgts. */
referral_tgts[referral_count]=*out_cred;
*out_cred = NULL;
&server->realm);
if (retval)
goto cleanup;
+ /* Don't ask for KDC to add auth data multiple times */
+ in_cred->authdata = NULL;
/*
* Future work: rewrite server principal per any
* supplied padata.
retval = KRB5_PROG_ETYPE_NOSUPP;
goto cleanup;
}
-
context->use_conf_ktypes = old_use_conf_ktypes;
retval = krb5_get_cred_via_tkt(context, tgtptr,
FLAGS2OPTS(tgtptr->ticket_flags) |
server);
krb5_free_principal(context, server);
in_cred->server = supplied_server;
+ in_cred->authdata = supplied_authdata;
if (*out_cred && !retval) {
/* Success: free server, swap supplied server back in. */
krb5_free_principal (context, (*out_cred)->server);
- (*out_cred)->server= out_supplied_server;
+ (*out_cred)->server = out_supplied_server;
+ assert((*out_cred)->authdata == NULL);
+ (*out_cred)->authdata = out_supplied_authdata;
}
else {
/*
* since it's either null or a referral TGT that we free below,
* and we may need it to return.
*/
- krb5_free_principal (context, out_supplied_server);
+ krb5_free_principal(context, out_supplied_server);
+ krb5_free_authdata(context, out_supplied_authdata);
}
DUMP_PRINC("gc_from_kdc: final server after reversion", in_cred->server);
/*
return ret;
}
+/* Decide whether to continue trying AS-REQ preauthentication. */
+static krb5_boolean
+should_continue_preauth(krb5_ui_4 error, int loopcount)
+{
+ /*
+ * Continue on PREAUTH_FAILED only on the first iteration, which
+ * would imply that we did optimistic preauth unsuccessfully. We
+ * could continue on later iterations if the preauth framework
+ * reliably remembered what mechanisms had been tried, but
+ * currently it does not do so for built-in mechanisms.
+ */
+ return (error == KDC_ERR_PREAUTH_REQUIRED ||
+ (error == KDC_ERR_PREAUTH_FAILED && loopcount == 0));
+}
+
krb5_error_code KRB5_CALLCONV
krb5_get_init_creds(krb5_context context,
krb5_creds *creds,
&out_padata, &retry);
if (ret !=0)
goto cleanup;
- if ((err_reply->error == KDC_ERR_PREAUTH_REQUIRED ||err_reply->error == KDC_ERR_PREAUTH_FAILED)
-&& retry) {
+ if (should_continue_preauth(err_reply->error, loopcount) && retry) {
/* reset the list of preauth types to try */
if (preauth_to_use) {
krb5_free_pa_data(context, preauth_to_use);
}
preauth_to_use = out_padata;
out_padata = NULL;
- if (err_reply->error == KDC_ERR_PREAUTH_REQUIRED) {
- krb5_free_error(context, err_reply);
- err_reply = NULL;
- }
+ krb5_free_error(context, err_reply);
+ err_reply = NULL;
ret = sort_krb5_padata_sequence(context,
&request.server->realm,
preauth_to_use);
krb5_error_code krb5_ser_checksum_init (krb5_context);
krb5_error_code krb5_ser_keyblock_init (krb5_context);
krb5_error_code krb5_ser_principal_init (krb5_context);
+krb5_error_code krb5_ser_authdata_context_init (krb5_context);
krb5_error_code
krb5_preauth_supply_preauth_data(krb5_context context,
void KRB5_CALLCONV
krb5_free_unparsed_name(krb5_context context, char *val)
{
- free(val);
+ if (val != NULL)
+ free(val);
}
void KRB5_CALLCONV
krb5_free_checksum_contents(context, &val->req_checksum);
free(val);
}
+
+void KRB5_CALLCONV
+krb5int_free_data_list(krb5_context context, krb5_data *data)
+{
+ int i;
+
+ if (data == NULL)
+ return;
+
+ for (i = 0; data[i].data != NULL; i++)
+ free(data[i].data);
+
+ free(data);
+}
+
+void KRB5_CALLCONV
+krb5_free_ad_kdcissued(krb5_context context, krb5_ad_kdcissued *val)
+{
+ if (val == NULL)
+ return;
+
+ krb5_free_checksum_contents(context, &val->ad_checksum);
+ krb5_free_principal(context, val->i_principal);
+ krb5_free_authdata(context, val->elements);
+ free(val);
+}
+
krb5_authenticator *, krb5_principal,
krb5_checksum *, krb5_key,
krb5_ui_4, krb5_authdata **,
+ krb5_authdata_context ad_context,
krb5_enctype *desired_etypes,
krb5_enctype tkt_enctype);
(*auth_context)->send_subkey,
(*auth_context)->local_seq_number,
in_creds->authdata,
+ (*auth_context)->ad_context,
desired_etypes,
in_creds->keyblock.enctype)))
goto cleanup_cksum;
&scratch)))
goto cleanup_cksum;
- /* Null out these fields, to prevent pointer sharing problems;
- * they were supplied by the caller
- */
- (*auth_context)->authentp->client = NULL;
- (*auth_context)->authentp->checksum = NULL;
-
/* call the encryption routine */
if ((retval = krb5_encrypt_helper(context, &in_creds->keyblock,
KRB5_KEYUSAGE_AP_REQ_AUTH,
free(toutbuf);
cleanup_cksum:
+ /* Null out these fields, to prevent pointer sharing problems;
+ * they were supplied by the caller
+ */
+ if ((*auth_context)->authentp != NULL) {
+ (*auth_context)->authentp->client = NULL;
+ (*auth_context)->authentp->checksum = NULL;
+ }
if (checksump && checksump->checksum_type != 0x8003)
free(checksump->contents);
krb5_principal client, krb5_checksum *cksum,
krb5_key key, krb5_ui_4 seq_number,
krb5_authdata **authorization,
+ krb5_authdata_context ad_context,
krb5_enctype *desired_etypes,
krb5_enctype tkt_enctype)
{
krb5_error_code retval;
-
+ krb5_authdata **ext_authdata = NULL;
+
authent->client = client;
authent->checksum = cksum;
if (key) {
authent->seq_number = seq_number;
authent->authorization_data = NULL;
- if (authorization != NULL) {
- retval = krb5_copy_authdata(context, authorization,
- &authent->authorization_data);
+ if (ad_context != NULL) {
+ retval = krb5_authdata_export_authdata(context,
+ ad_context,
+ AD_USAGE_AP_REQ,
+ &ext_authdata);
if (retval)
return retval;
}
+
+ if (authorization != NULL || ext_authdata != NULL) {
+ retval = krb5_merge_authdata(context,
+ authorization,
+ ext_authdata,
+ &authent->authorization_data);
+ if (retval) {
+ krb5_free_authdata(context, ext_authdata);
+ return retval;
+ }
+ krb5_free_authdata(context, ext_authdata);
+ }
+
/* Only send EtypeList if we prefer another enctype to tkt_enctype */
if (desired_etypes != NULL && desired_etypes[0] != tkt_enctype) {
retval = make_etype_list(context, desired_etypes, tkt_enctype,
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
#include "k5-int.h"
#include "k5-utf8.h"
+#include "authdata.h"
/* draft-brezak-win2k-krb-authz-00 */
/* ulType */
#define PAC_LOGON_INFO 1
+#define PAC_CREDENTIALS_INFO 2
#define PAC_SERVER_CHECKSUM 6
#define PAC_PRIVSVR_CHECKSUM 7
#define PAC_CLIENT_INFO 10
+#define PAC_DELEGATION_INFO 11
+#define PAC_UPN_DNS_INFO 12
typedef struct _PACTYPE {
krb5_ui_4 cBuffers;
struct krb5_pac_data {
PACTYPE *pac; /* PAC header + info buffer array */
krb5_data data; /* PAC data (including uninitialised header) */
+ krb5_boolean verified;
};
static krb5_error_code
/* Check there isn't already a buffer of this type */
if (k5_pac_locate_buffer(context, pac, type, NULL) == 0) {
- return EINVAL;
+ return EEXIST;
}
header = (PACTYPE *)realloc(pac->pac,
out_data->length = data->length;
}
+ pac->verified = FALSE;
+
return 0;
}
ret = k5_pac_locate_buffer(context, pac, type, &d);
if (ret != 0)
return ret;
-
+
data->data = malloc(d.length);
if (data->data == NULL)
return ENOMEM;
pac->pac = (PACTYPE *)malloc(sizeof(PACTYPE));
if (pac->pac == NULL) {
- free( pac);
+ free(pac);
return ENOMEM;
}
return ENOMEM;
}
+ pac->verified = FALSE;
+
*ppac = pac;
return 0;
}
+static krb5_error_code
+k5_pac_copy(krb5_context context,
+ krb5_pac src,
+ krb5_pac *dst)
+{
+ size_t header_len;
+ krb5_ui_4 cbuffers;
+ krb5_error_code code;
+ krb5_pac pac;
+
+ cbuffers = src->pac->cBuffers;
+ if (cbuffers != 0)
+ cbuffers--;
+
+ header_len = sizeof(PACTYPE) + cbuffers * sizeof(PAC_INFO_BUFFER);
+
+ pac = (krb5_pac)malloc(sizeof(*pac));
+ if (pac == NULL)
+ return ENOMEM;
+
+ pac->pac = (PACTYPE *)malloc(header_len);
+ if (pac->pac == NULL) {
+ free(pac);
+ return ENOMEM;
+ }
+
+ memcpy(pac->pac, src->pac, header_len);
+
+ code = krb5int_copy_data_contents(context, &src->data, &pac->data);
+ if (code != 0) {
+ free(pac->pac);
+ free(pac);
+ return ENOMEM;
+ }
+
+ pac->verified = src->verified;
+ *dst = pac;
+
+ return 0;
+}
+
/*
* Parse the supplied data into the PAC allocated by this function
*/
}
static krb5_error_code
-k5_time_to_seconds_since_1970(krb5_int64 ntTime, krb5_timestamp *elapsedSeconds)
+k5_time_to_seconds_since_1970(krb5_int64 ntTime,
+ krb5_timestamp *elapsedSeconds)
{
krb5_ui_8 abstime;
*elapsedSeconds = abstime;
return 0;
-}
+}
static krb5_error_code
-k5_seconds_since_1970_to_time(krb5_timestamp elapsedSeconds, krb5_ui_8 *ntTime)
+k5_seconds_since_1970_to_time(krb5_timestamp elapsedSeconds,
+ krb5_ui_8 *ntTime)
{
*ntTime = elapsedSeconds;
*ntTime += NT_TIME_EPOCH;
*ntTime *= 10000000;
-
+
return 0;
}
return ret;
if (client_info.length < PAC_CLIENT_INFO_LENGTH + pac_princname_length ||
- pac_princname_length % 2)
+ pac_princname_length % 2)
return ERANGE;
- ret = krb5int_ucs2lecs_to_utf8s(p, (size_t)pac_princname_length / 2, &pac_princname, NULL);
+ ret = krb5int_ucs2lecs_to_utf8s(p, (size_t)pac_princname_length / 2,
+ &pac_princname, NULL);
if (ret != 0)
return ret;
free(pac_princname);
if (pac_authtime != authtime ||
- krb5_principal_compare(context, pac_principal, principal) == FALSE)
+ !krb5_principal_compare_flags(context,
+ pac_principal,
+ principal,
+ KRB5_PRINCIPAL_COMPARE_IGNORE_REALM))
ret = KRB5KRB_AP_WRONG_PRINC;
krb5_free_principal(context, pac_principal);
krb5_boolean valid;
krb5_octet *p;
- ret = k5_pac_locate_buffer(context, pac, PAC_SERVER_CHECKSUM, &checksum_data);
+ ret = k5_pac_locate_buffer(context, pac,
+ PAC_SERVER_CHECKSUM, &checksum_data);
if (ret != 0)
return ret;
memcpy(pac_data.data, pac->data.data, pac->data.length);
/* Zero out both checksum buffers */
- ret = k5_pac_zero_signature(context, pac, PAC_SERVER_CHECKSUM, &pac_data);
+ ret = k5_pac_zero_signature(context, pac,
+ PAC_SERVER_CHECKSUM, &pac_data);
if (ret != 0) {
free(pac_data.data);
return ret;
}
- ret = k5_pac_zero_signature(context, pac, PAC_PRIVSVR_CHECKSUM, &pac_data);
+ ret = k5_pac_zero_signature(context, pac,
+ PAC_PRIVSVR_CHECKSUM, &pac_data);
if (ret != 0) {
free(pac_data.data);
return ret;
}
- ret = krb5_c_verify_checksum(context, server, KRB5_KEYUSAGE_APP_DATA_CKSUM,
+ ret = krb5_c_verify_checksum(context, server,
+ KRB5_KEYUSAGE_APP_DATA_CKSUM,
&pac_data, &checksum, &valid);
free(pac_data.data);
krb5_boolean valid;
krb5_octet *p;
- ret = k5_pac_locate_buffer(context, pac, PAC_PRIVSVR_CHECKSUM, &privsvr_checksum);
+ ret = k5_pac_locate_buffer(context, pac,
+ PAC_PRIVSVR_CHECKSUM, &privsvr_checksum);
if (ret != 0)
return ret;
if (privsvr_checksum.length < PAC_SIGNATURE_DATA_LENGTH)
return KRB5_BAD_MSIZE;
- ret = k5_pac_locate_buffer(context, pac, PAC_SERVER_CHECKSUM, &server_checksum);
+ ret = k5_pac_locate_buffer(context, pac,
+ PAC_SERVER_CHECKSUM, &server_checksum);
if (ret != 0)
return ret;
server_checksum.data += PAC_SIGNATURE_DATA_LENGTH;
server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH;
- ret = krb5_c_verify_checksum(context, privsvr, KRB5_KEYUSAGE_APP_DATA_CKSUM,
+ ret = krb5_c_verify_checksum(context, privsvr,
+ KRB5_KEYUSAGE_APP_DATA_CKSUM,
&server_checksum, &checksum, &valid);
if (ret != 0)
return ret;
return ret;
}
+ pac->verified = TRUE;
+
return 0;
}
krb5_ui_8 nt_authtime;
/* If we already have a CLIENT_INFO buffer, then just validate it */
- if (k5_pac_locate_buffer(context, pac, PAC_CLIENT_INFO, &client_info) == 0) {
+ if (k5_pac_locate_buffer(context, pac,
+ PAC_CLIENT_INFO, &client_info) == 0) {
return k5_pac_validate_client(context, pac, authtime, principal);
}
ret = krb5_unparse_name_flags(context, principal,
- KRB5_PRINCIPAL_UNPARSE_NO_REALM, &princ_name_utf8);
+ KRB5_PRINCIPAL_UNPARSE_NO_REALM,
+ &princ_name_utf8);
if (ret != 0)
goto cleanup;
client_info.length = PAC_CLIENT_INFO_LENGTH + princ_name_ucs2_len;
client_info.data = NULL;
- ret = k5_pac_add_buffer(context, pac, PAC_CLIENT_INFO, &client_info, TRUE, &client_info);
+ ret = k5_pac_add_buffer(context, pac, PAC_CLIENT_INFO,
+ &client_info, TRUE, &client_info);
if (ret != 0)
goto cleanup;
/* copy in principal name */
memcpy(p, princ_name_ucs2, princ_name_ucs2_len);
-
+
cleanup:
- if (princ_name_utf8 != NULL)
- free(princ_name_utf8);
if (princ_name_ucs2 != NULL)
free(princ_name_ucs2);
+ krb5_free_unparsed_name(context, princ_name_utf8);
return ret;
}
ret = k5_pac_locate_buffer(context, pac, type, &cksumdata);
if (ret == 0) {
- /* If we're resigning PAC, make sure we can fit checksum into existing buffer */
+ /*
+ * If we're resigning PAC, make sure we can fit checksum
+ * into existing buffer
+ */
if (cksumdata.length != PAC_SIGNATURE_DATA_LENGTH + len)
return ERANGE;
cksumdata.length = PAC_SIGNATURE_DATA_LENGTH + len;
cksumdata.data = NULL;
- ret = k5_pac_add_buffer(context, pac, type, &cksumdata, TRUE, &cksumdata);
+ ret = k5_pac_add_buffer(context, pac,
+ type, &cksumdata,
+ TRUE, &cksumdata);
if (ret != 0)
return ret;
}
unsigned char *p;
size_t header_len;
- header_len = PACTYPE_LENGTH + (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH);
+ header_len = PACTYPE_LENGTH +
+ (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH);
assert(pac->data.length >= header_len);
p = (unsigned char *)pac->data.data;
return ret;
/* Generate the server checksum over the entire PAC */
- ret = k5_pac_locate_buffer(context, pac, PAC_SERVER_CHECKSUM, &server_cksum);
+ ret = k5_pac_locate_buffer(context, pac,
+ PAC_SERVER_CHECKSUM, &server_cksum);
if (ret != 0)
return ret;
return ret;
/* Generate the privsvr checksum over the server checksum buffer */
- ret = k5_pac_locate_buffer(context, pac, PAC_PRIVSVR_CHECKSUM, &privsvr_cksum);
+ ret = k5_pac_locate_buffer(context, pac,
+ PAC_PRIVSVR_CHECKSUM, &privsvr_cksum);
if (ret != 0)
return ret;
data->length = pac->data.length;
memcpy(data->data, pac->data.data, pac->data.length);
- memset(pac->data.data, 0, PACTYPE_LENGTH + (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH));
+ memset(pac->data.data, 0,
+ PACTYPE_LENGTH + (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH));
+
+ return 0;
+}
+
+/*
+ * PAC auth data attribute backend
+ */
+struct mspac_context {
+ krb5_pac pac;
+};
+
+static krb5_error_code
+mspac_init(krb5_context kcontext, void **plugin_context)
+{
+ *plugin_context = NULL;
+ return 0;
+}
+
+static void
+mspac_flags(krb5_context kcontext,
+ void *plugin_context,
+ krb5_authdatatype ad_type,
+ krb5_flags *flags)
+{
+ *flags = AD_USAGE_KDC_ISSUED;
+}
+
+static void
+mspac_fini(krb5_context kcontext, void *plugin_context)
+{
+ return;
+}
+
+static krb5_error_code
+mspac_request_init(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void **request_context)
+{
+ struct mspac_context *pacctx;
+
+ pacctx = (struct mspac_context *)malloc(sizeof(*pacctx));
+ if (pacctx == NULL)
+ return ENOMEM;
+
+ pacctx->pac = NULL;
+
+ *request_context = pacctx;
+
+ return 0;
+}
+
+static krb5_error_code
+mspac_import_authdata(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_authdata **authdata,
+ krb5_boolean kdc_issued,
+ krb5_const_principal kdc_issuer)
+{
+ krb5_error_code code;
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+
+ if (kdc_issued)
+ return EINVAL;
+
+ if (pacctx->pac != NULL) {
+ krb5_pac_free(kcontext, pacctx->pac);
+ pacctx->pac = NULL;
+ }
+
+ assert(authdata[0] != NULL);
+ assert((authdata[0]->ad_type & AD_TYPE_FIELD_TYPE_MASK) ==
+ KRB5_AUTHDATA_WIN2K_PAC);
+
+ code = krb5_pac_parse(kcontext, authdata[0]->contents,
+ authdata[0]->length, &pacctx->pac);
+
+ return code;
+}
+
+static krb5_error_code
+mspac_export_authdata(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_flags usage,
+ krb5_authdata ***out_authdata)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ krb5_error_code code;
+ krb5_authdata **authdata;
+ krb5_data data;
+
+ if (pacctx->pac == NULL)
+ return 0;
+
+ authdata = calloc(2, sizeof(krb5_authdata *));
+ if (authdata == NULL)
+ return ENOMEM;
+
+ authdata[0] = calloc(1, sizeof(krb5_authdata));
+ if (authdata[0] == NULL) {
+ free(authdata);
+ return ENOMEM;
+ }
+ authdata[1] = NULL;
+
+ code = krb5int_copy_data_contents(kcontext, &pacctx->pac->data, &data);
+ if (code != 0) {
+ krb5_free_authdata(kcontext, authdata);
+ return code;
+ }
+
+ authdata[0]->magic = KV5M_AUTHDATA;
+ authdata[0]->ad_type = KRB5_AUTHDATA_WIN2K_PAC;
+ authdata[0]->length = data.length;
+ authdata[0]->contents = (krb5_octet *)data.data;
+
+ authdata[1] = NULL;
+
+ *out_authdata = authdata;
+
+ return 0;
+}
+
+static krb5_error_code
+mspac_verify(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_auth_context *auth_context,
+ const krb5_keyblock *key,
+ const krb5_ap_req *req)
+{
+ krb5_error_code code;
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+
+ if (pacctx->pac == NULL)
+ return EINVAL;
+
+ code = krb5_pac_verify(kcontext,
+ pacctx->pac,
+ req->ticket->enc_part2->times.authtime,
+ req->ticket->enc_part2->client,
+ key,
+ NULL);
+
+#if 0
+ /*
+ * Now, we could return 0 and just set pac->verified to FALSE.
+ * Thoughts?
+ */
+ if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
+ assert(pacctx->pac->verified == FALSE);
+ code = 0;
+ }
+#endif
+
+ return code;
+}
+
+static void
+mspac_request_fini(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+
+ if (pacctx != NULL) {
+ if (pacctx->pac != NULL)
+ krb5_pac_free(kcontext, pacctx->pac);
+
+ free(pacctx);
+ }
+}
+
+#define STRLENOF(x) (sizeof((x)) - 1)
+
+static struct {
+ krb5_ui_4 type;
+ krb5_data attribute;
+} mspac_attribute_types[] = {
+ { (krb5_ui_4)-1, { KV5M_DATA, STRLENOF("mspac:"), "mspac:" } },
+ { PAC_LOGON_INFO, { KV5M_DATA, STRLENOF("mspac:logon-info"), "mspac:logon-info" } },
+ { PAC_CREDENTIALS_INFO, { KV5M_DATA, STRLENOF("mspac:credentials-info"), "mspac:credentials-info" } },
+ { PAC_SERVER_CHECKSUM, { KV5M_DATA, STRLENOF("mspac:server-checksum"), "mspac:server-checksum" } },
+ { PAC_PRIVSVR_CHECKSUM, { KV5M_DATA, STRLENOF("mspac:privsvr-checksum"), "mspac:privsvr-checksum" } },
+ { PAC_CLIENT_INFO, { KV5M_DATA, STRLENOF("mspac:client-info"), "mspac:client-info" } },
+ { PAC_DELEGATION_INFO, { KV5M_DATA, STRLENOF("mspac:delegation-info"), "mspac:delegation-info" } },
+ { PAC_UPN_DNS_INFO, { KV5M_DATA, STRLENOF("mspac:upn-dns-info"), "mspac:upn-dns-info" } },
+};
+
+#define MSPAC_ATTRIBUTE_COUNT (sizeof(mspac_attribute_types)/sizeof(mspac_attribute_types[0]))
+
+static krb5_error_code
+mspac_type2attr(krb5_ui_4 type, krb5_data *attr)
+{
+ unsigned int i;
+
+ for (i = 0; i < MSPAC_ATTRIBUTE_COUNT; i++) {
+ if (mspac_attribute_types[i].type == type) {
+ *attr = mspac_attribute_types[i].attribute;
+ return 0;
+ }
+ }
+
+ return ENOENT;
+}
+
+static krb5_error_code
+mspac_attr2type(const krb5_data *attr, krb5_ui_4 *type)
+{
+ unsigned int i;
+
+ for (i = 0; i < MSPAC_ATTRIBUTE_COUNT; i++) {
+ if (attr->length == mspac_attribute_types[i].attribute.length &&
+ strncasecmp(attr->data, mspac_attribute_types[i].attribute.data, attr->length) == 0) {
+ *type = mspac_attribute_types[i].type;
+ return 0;
+ }
+ }
+
+ if (attr->length > STRLENOF("mspac:") &&
+ strncasecmp(attr->data, "mspac:", STRLENOF("mspac:")) == 0)
+ {
+ char *p = &attr->data[STRLENOF("mspac:")];
+ char *endptr;
+
+ *type = strtoul(p, &endptr, 10);
+ if (*type != 0 && *endptr == '\0')
+ return 0;
+ }
+
+ return ENOENT;
+}
+
+static krb5_error_code
+mspac_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_data **out_attrs)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ unsigned int i, j;
+ krb5_data *attrs;
+ krb5_error_code code;
+
+ if (pacctx->pac == NULL)
+ return ENOENT;
+
+ attrs = calloc(1 + pacctx->pac->pac->cBuffers + 1, sizeof(krb5_data));
+ if (attrs == NULL)
+ return ENOMEM;
+
+ j = 0;
+
+ /* The entire PAC */
+ code = krb5int_copy_data_contents(kcontext,
+ &mspac_attribute_types[0].attribute,
+ &attrs[j++]);
+ if (code != 0) {
+ free(attrs);
+ return code;
+ }
+
+ /* PAC buffers */
+ for (i = 0; i < pacctx->pac->pac->cBuffers; i++) {
+ krb5_data attr;
+
+ code = mspac_type2attr(pacctx->pac->pac->Buffers[i].ulType, &attr);
+ if (code == 0) {
+ code = krb5int_copy_data_contents(kcontext, &attr, &attrs[j++]);
+ if (code != 0) {
+ krb5int_free_data_list(kcontext, attrs);
+ return code;
+ }
+ } else {
+ int length;
+
+ length = asprintf(&attrs[j].data, "mspac:%d",
+ pacctx->pac->pac->Buffers[i].ulType);
+ if (length < 0) {
+ krb5int_free_data_list(kcontext, attrs);
+ return ENOMEM;
+ }
+ attrs[j++].length = length;
+ }
+ }
+ attrs[j].data = NULL;
+ attrs[j].length = 0;
+
+ *out_attrs = attrs;
return 0;
}
+static krb5_error_code
+mspac_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ krb5_error_code code;
+ krb5_ui_4 type;
+
+ value->data = NULL;
+ value->length = 0;
+
+ if (display_value != NULL) {
+ display_value->data = NULL;
+ display_value->length = 0;
+ }
+
+ if (*more != -1 || pacctx->pac == NULL)
+ return ENOENT;
+
+ code = mspac_attr2type(attribute, &type);
+ if (code != 0)
+ return code;
+
+ /* -1 is a magic type that refers to the entire PAC */
+ if (type == (krb5_ui_4)-1) {
+ if (value != NULL)
+ code = krb5int_copy_data_contents(kcontext,
+ &pacctx->pac->data,
+ value);
+ else
+ code = 0;
+ } else {
+ if (value != NULL)
+ code = krb5_pac_get_buffer(kcontext, pacctx->pac, type, value);
+ else
+ code = k5_pac_locate_buffer(kcontext, pacctx->pac, type, NULL);
+ }
+ if (code == 0) {
+ *authenticated = pacctx->pac->verified;
+ *complete = TRUE;
+ }
+
+ *more = 0;
+
+ return code;
+}
+
+static krb5_error_code
+mspac_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ krb5_error_code code;
+ krb5_ui_4 type;
+
+ if (pacctx->pac == NULL)
+ return ENOENT;
+
+ code = mspac_attr2type(attribute, &type);
+ if (code != 0)
+ return code;
+
+ /* -1 is a magic type that refers to the entire PAC */
+ if (type == (krb5_ui_4)-1) {
+ krb5_pac newpac;
+
+ code = krb5_pac_parse(kcontext, value->data, value->length, &newpac);
+ if (code != 0)
+ return code;
+
+ krb5_pac_free(kcontext, pacctx->pac);
+ pacctx->pac = newpac;
+ } else {
+ code = krb5_pac_add_buffer(kcontext, pacctx->pac, type, value);
+ }
+
+ return code;
+}
+
+static krb5_error_code
+mspac_export_internal(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean restrict_authenticated,
+ void **ptr)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ krb5_error_code code;
+ krb5_pac pac;
+
+ *ptr = NULL;
+
+ if (pacctx->pac == NULL)
+ return 0;
+
+ if (restrict_authenticated && (pacctx->pac->verified) == FALSE)
+ return 0;
+
+ code = krb5_pac_parse(kcontext, pacctx->pac->data.data,
+ pacctx->pac->data.length, &pac);
+ if (code == 0) {
+ pac->verified = pacctx->pac->verified;
+ *ptr = pac;
+ }
+
+ return code;
+}
+
+static void
+mspac_free_internal(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ void *ptr)
+{
+ if (ptr != NULL)
+ krb5_pac_free(kcontext, (krb5_pac)ptr);
+
+ return;
+}
+
+static krb5_error_code
+mspac_size(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ size_t *sizep)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+
+ *sizep += sizeof(krb5_int32);
+
+ if (pacctx->pac != NULL)
+ *sizep += pacctx->pac->data.length;
+
+ *sizep += sizeof(krb5_int32);
+
+ return 0;
+}
+
+static krb5_error_code
+mspac_externalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ krb5_error_code code = 0;
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ size_t required = 0;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ if (pacctx->pac != NULL) {
+ mspac_size(kcontext, context, plugin_context,
+ request_context, &required);
+
+ if (required <= remain) {
+ krb5_ser_pack_int32((krb5_int32)pacctx->pac->data.length,
+ &bp, &remain);
+ krb5_ser_pack_bytes((krb5_octet *)pacctx->pac->data.data,
+ (size_t)pacctx->pac->data.length,
+ &bp, &remain);
+ krb5_ser_pack_int32((krb5_int32)pacctx->pac->verified,
+ &bp, &remain);
+ } else {
+ code = ENOMEM;
+ }
+ } else {
+ krb5_ser_pack_int32(0, &bp, &remain); /* length */
+ krb5_ser_pack_int32(0, &bp, &remain); /* verified */
+ }
+
+ *buffer = bp;
+ *lenremain = remain;
+
+ return code;
+}
+
+static krb5_error_code
+mspac_internalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ struct mspac_context *pacctx = (struct mspac_context *)request_context;
+ krb5_error_code code;
+ krb5_int32 ibuf;
+ krb5_octet *bp;
+ size_t remain;
+ krb5_pac pac = NULL;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ /* length */
+ code = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ if (ibuf != 0) {
+ code = krb5_pac_parse(kcontext, bp, ibuf, &pac);
+ if (code != 0)
+ return code;
+
+ bp += ibuf;
+ remain -= ibuf;
+ }
+
+ /* verified */
+ code = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
+ if (code != 0) {
+ krb5_pac_free(kcontext, pac);
+ return code;
+ }
+
+ if (pac != NULL) {
+ pac->verified = (ibuf != 0);
+ }
+
+ if (pacctx->pac != NULL) {
+ krb5_pac_free(kcontext, pacctx->pac);
+ }
+
+ pacctx->pac = pac;
+
+ *buffer = bp;
+ *lenremain = remain;
+
+ return 0;
+}
+
+static krb5_error_code
+mspac_copy(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ void *dst_plugin_context,
+ void *dst_request_context)
+{
+ struct mspac_context *srcctx = (struct mspac_context *)request_context;
+ struct mspac_context *dstctx = (struct mspac_context *)dst_request_context;
+ krb5_error_code code = 0;
+
+ assert(dstctx != NULL);
+ assert(dstctx->pac == NULL);
+
+ if (srcctx->pac != NULL)
+ code = k5_pac_copy(kcontext, srcctx->pac, &dstctx->pac);
+
+ return code;
+}
+
+static krb5_authdatatype mspac_ad_types[] = { KRB5_AUTHDATA_WIN2K_PAC, 0 };
+
+krb5plugin_authdata_client_ftable_v0 krb5int_mspac_authdata_client_ftable = {
+ "mspac",
+ mspac_ad_types,
+ mspac_init,
+ mspac_fini,
+ mspac_flags,
+ mspac_request_init,
+ mspac_request_fini,
+ mspac_get_attribute_types,
+ mspac_get_attribute,
+ mspac_set_attribute,
+ NULL, /* delete_attribute_proc */
+ mspac_export_authdata,
+ mspac_import_authdata,
+ mspac_export_internal,
+ mspac_free_internal,
+ mspac_verify,
+ mspac_size,
+ mspac_externalize,
+ mspac_internalize,
+ mspac_copy
+};
+
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
*
* krb5_rd_req()
*/
/*
* Parses a KRB_AP_REQ message, returning its contents.
- *
+ *
* server specifies the expected server's name for the ticket.
- *
+ *
* keyproc specifies a procedure to generate a decryption key for the
* ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result
* used as a decryption key. If keyproc is NULL, then fetchfrom is checked;
* if it is non-NULL, it specifies a parameter name from which to retrieve the
* decryption key. If fetchfrom is NULL, then the default key store is
* consulted.
- *
+ *
* returns system errors, encryption errors, replay errors
*/
if (!krb5_is_ap_req(inbuf))
return KRB5KRB_AP_ERR_MSG_TYPE;
-#ifndef LEAN_CLIENT
+#ifndef LEAN_CLIENT
if ((retval = decode_krb5_ap_req(inbuf, &request))) {
switch (retval) {
case KRB5_BADMSGTYPE:
- return KRB5KRB_AP_ERR_BADVERSION;
+ return KRB5KRB_AP_ERR_BADVERSION;
default:
return(retval);
- }
+ }
}
#endif /* LEAN_CLIENT */
}
-#ifndef LEAN_CLIENT
+#ifndef LEAN_CLIENT
/* Get a keytab if necessary. */
if (keytab == NULL) {
if ((retval = krb5_kt_default(context, &new_keytab)))
}
#endif /* LEAN_CLIENT */
- retval = krb5_rd_req_decoded(context, auth_context, request, server,
+ retval = krb5_rd_req_decoded(context, auth_context, request, server,
keytab, ap_req_options, ticket);
-#ifndef LEAN_CLIENT
+#ifndef LEAN_CLIENT
if (new_keytab != NULL)
(void) krb5_kt_close(context, new_keytab);
#endif /* LEAN_CLIENT */
#include "k5-int.h"
#include "auth_con.h"
+#include "authdata.h"
+#include "int-proto.h"
/*
* essentially the same as krb_rd_req, but uses a decoded AP_REQ as
static krb5_error_code
krb5_rd_req_decrypt_tkt_part(krb5_context context, const krb5_ap_req *req,
- krb5_const_principal server, krb5_keytab keytab)
+ krb5_const_principal server, krb5_keytab keytab,
+ krb5_keyblock *key)
{
krb5_error_code retval;
krb5_keytab_entry ktent;
req->ticket->enc_part.enctype, &ktent);
if (retval == 0) {
retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket);
+ if (retval == 0 && key != NULL)
+ retval = krb5_copy_keyblock_contents(context, &ktent.key, key);
(void) krb5_free_keytab_entry_contents(context, &ktent);
}
- } else {
+ } else {
krb5_error_code code;
krb5_kt_cursor cursor;
* server as it appeared in the ticket.
*/
retval = krb5_copy_principal(context, ktent.principal, &tmp);
+ if (retval == 0 && key != NULL)
+ retval = krb5_copy_keyblock_contents(context, &ktent.key, key);
if (retval == 0) {
krb5_free_principal(context, req->ticket->server);
req->ticket->server = tmp;
{
krb5_error_code retval = 0;
krb5_principal_data princ_data;
- krb5_enctype *desired_etypes = NULL;
+ krb5_enctype *desired_etypes = NULL;
int desired_etypes_len = 0;
int rfc4537_etypes_len = 0;
- krb5_enctype *permitted_etypes = NULL;
+ krb5_enctype *permitted_etypes = NULL;
int permitted_etypes_len = 0;
+ krb5_keyblock decrypt_key;
+
+ decrypt_key.enctype = ENCTYPE_NULL;
+ decrypt_key.contents = NULL;
req->ticket->enc_part2 = NULL;
if (server && krb5_is_referral_realm(&server->realm)) {
&(*auth_context)->key->keyblock,
req->ticket)))
goto cleanup;
+ if (check_valid_flag) {
+ decrypt_key = (*auth_context)->key->keyblock;
+ (*auth_context)->key->keyblock.contents = NULL;
+ }
krb5_k_free_key(context, (*auth_context)->key);
(*auth_context)->key = NULL;
} else {
- if ((retval = krb5_rd_req_decrypt_tkt_part(context, req, server, keytab)))
+ if ((retval = krb5_rd_req_decrypt_tkt_part(context, req,
+ server, keytab,
+ check_valid_flag ? &decrypt_key : NULL)))
goto cleanup;
}
- /* XXX this is an evil hack. check_valid_flag is set iff the call
+ /* XXX this is an evil hack. check_valid_flag is set iff the call
is not from inside the kdc. we can use this to determine which
key usage to use */
#ifndef LEAN_CLIENT
/* If the transited list is empty, then we have at most one hop */
if (trans->tr_contents.data && trans->tr_contents.data[0])
- retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
+ retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
}
#elif defined(_NO_CROSS_REALM)
/*
* If the transited list is not empty, then check that all realms
* transited are within the hierarchy between the client's realm
- * and the local realm.
+ * and the local realm.
*/
if (trans->tr_contents.data && trans->tr_contents.data[0]) {
retval = krb5_check_transited_list(context, &(trans->tr_contents),
if ((*auth_context)->rcache) {
krb5_donot_replay rep;
- krb5_tkt_authent tktauthent;
+ krb5_tkt_authent tktauthent;
tktauthent.ticket = req->ticket;
tktauthent.authenticator = (*auth_context)->authentp;
retval = KRB5KRB_AP_ERR_TKT_INVALID;
goto cleanup;
}
+
+ if ((retval = krb5_authdata_context_init(context,
+ &(*auth_context)->ad_context)))
+ goto cleanup;
+ if ((retval = krb5int_authdata_verify(context,
+ (*auth_context)->ad_context,
+ AD_USAGE_MASK,
+ auth_context,
+ &decrypt_key,
+ req)))
+ goto cleanup;
}
/* read RFC 4537 etype list from sender */
krb5_free_enc_tkt_part(context, req->ticket->enc_part2);
req->ticket->enc_part2 = NULL;
}
+ if (check_valid_flag)
+ krb5_free_keyblock_contents(context, &decrypt_key);
+
return retval;
}
krb5_error_code
krb5_rd_req_decoded(krb5_context context, krb5_auth_context *auth_context,
- const krb5_ap_req *req, krb5_const_principal server,
- krb5_keytab keytab, krb5_flags *ap_req_options,
- krb5_ticket **ticket)
+ const krb5_ap_req *req, krb5_const_principal server,
+ krb5_keytab keytab, krb5_flags *ap_req_options,
+ krb5_ticket **ticket)
{
krb5_error_code retval;
retval = krb5_rd_req_decoded_opt(context, auth_context,
- req, server, keytab,
+ req, server, keytab,
ap_req_options, ticket,
1); /* check_valid_flag */
return retval;
krb5_error_code
krb5_rd_req_decoded_anyflag(krb5_context context,
- krb5_auth_context *auth_context,
- const krb5_ap_req *req,
- krb5_const_principal server, krb5_keytab keytab,
- krb5_flags *ap_req_options, krb5_ticket **ticket)
+ krb5_auth_context *auth_context,
+ const krb5_ap_req *req,
+ krb5_const_principal server, krb5_keytab keytab,
+ krb5_flags *ap_req_options, krb5_ticket **ticket)
{
krb5_error_code retval;
retval = krb5_rd_req_decoded_opt(context, auth_context,
- req, server, keytab,
+ req, server, keytab,
ap_req_options, ticket,
0); /* don't check_valid_flag */
return retval;
client = &client_data;
}
- code = krb5_get_init_creds(context, &creds, in_creds->client,
+ code = krb5_get_init_creds(context, &creds, client,
NULL, NULL, 0, NULL, opte,
krb5_get_as_key_noop, &userid,
&use_master, NULL);
kret = krb5_ser_keyblock_init(kcontext);
if (!kret)
kret = krb5_ser_principal_init(kcontext);
+ if (!kret)
+ kret = krb5_ser_authdata_context_init(kcontext);
return(kret);
}
krb5_authdata *adseq2[] = {&ad3, NULL};
+krb5_keyblock key = {
+ KV5M_KEYBLOCK,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ 16,
+ (unsigned char *)"1234567890ABCDEF"
+};
+
static void compare_authdata(const krb5_authdata *adc1, krb5_authdata *adc2) {
assert(adc1->ad_type == adc2->ad_type);
assert(adc1->length == adc2->length);
krb5_authdata **results;
krb5_authdata *container[2];
krb5_authdata **container_out;
-
+ krb5_authdata **kdci;
assert(krb5_init_context(&context) == 0);
assert(krb5_merge_authdata(context, adseq1, adseq2, &results) == 0);
compare_authdata( results[1], &ad4);
compare_authdata( results[2], &ad3);
assert( results[3] == NULL);
+ krb5_free_authdata(context, container_out);
+ assert(krb5_make_authdata_kdc_issued(context, &key, NULL, results, &kdci) == 0);
+ assert(krb5_verify_authdata_kdc_issued(context, &key, kdci[0], NULL, &container_out) == 0);
+ compare_authdata(container_out[0], results[0]);
+ compare_authdata(container_out[1], results[1]);
+ compare_authdata(container_out[2], results[2]);
+ krb5_free_authdata(context, kdci);
krb5_free_authdata(context, results);
krb5_free_authdata(context, container_out);
krb5_free_context(context);
_krb5_conf_boolean
+decode_krb5_ad_kdcissued
decode_krb5_alt_method
decode_krb5_ap_rep
decode_krb5_ap_rep_enc_part
decode_krb5_tgs_req
decode_krb5_ticket
decode_krb5_typed_data
+encode_krb5_ad_kdcissued
encode_krb5_alt_method
encode_krb5_ap_rep
encode_krb5_ap_rep_enc_part
krb5_auth_con_free
krb5_auth_con_genaddrs
krb5_auth_con_get_checksum_func
+krb5_auth_con_get_authdata_context
krb5_auth_con_getaddrs
krb5_auth_con_getauthenticator
krb5_auth_con_getflags
krb5_auth_con_getsendsubkey
krb5_auth_con_init
krb5_auth_con_initivector
+krb5_auth_con_set_authdata_context
krb5_auth_con_set_checksum_func
krb5_auth_con_set_req_cksumtype
krb5_auth_con_set_safe_cksumtype
krb5_auth_con_setsendsubkey
krb5_auth_con_setuseruserkey
krb5_auth_to_rep
+krb5_authdata_context_copy
+krb5_authdata_context_free
+krb5_authdata_context_init
+krb5_authdata_delete_attribute
+krb5_authdata_get_attribute_types
+krb5_authdata_get_attribute
+krb5_authdata_set_attribute
+krb5_authdata_export_attributes
+krb5_authdata_export_authdata
+krb5_authdata_export_internal
+krb5_authdata_free_internal
+krb5_authdata_import_attributes
krb5_build_principal
krb5_build_principal_alloc_va
krb5_build_principal_ext
krb5_externalize_opaque
krb5_fcc_ops
krb5_find_serializer
+krb5_free_ad_kdcissued
krb5_free_address
krb5_free_addresses
krb5_free_alt_method
krb5_libdefault_boolean
krb5_locate_kdc
krb5_lock_file
+krb5_make_authdata_kdc_issued
krb5_make_full_ipaddr
krb5_make_fulladdr
krb5_max_dgram_size
krb5_us_timeofday
krb5_use_natural_time
krb5_validate_times
+krb5_verify_authdata_kdc_issued
krb5_verify_init_creds
krb5_verify_init_creds_opt_init
krb5_verify_init_creds_opt_set_ap_req_nofail
krb5int_find_pa_data
krb5int_foreach_localaddr
krb5int_free_addrlist
+krb5int_free_data_list
krb5int_get_domain_realm_mapping
krb5int_init_context_kdc
krb5int_initialize_library
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h accessor.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ accessor.c os-proto.h
an_to_ln.so an_to_ln.po $(OUTPRE)an_to_ln.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h an_to_ln.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ an_to_ln.c
c_ustime.so c_ustime.po $(OUTPRE)c_ustime.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h c_ustime.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ c_ustime.c
def_realm.so def_realm.po $(OUTPRE)def_realm.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h def_realm.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ def_realm.c os-proto.h
ccdefname.so ccdefname.po $(OUTPRE)ccdefname.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ccdefname.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ccdefname.c
changepw.so changepw.po $(OUTPRE)changepw.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../krb/auth_con.h \
- changepw.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/../krb/auth_con.h changepw.c os-proto.h
dnsglue.so dnsglue.po $(OUTPRE)dnsglue.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- dnsglue.c dnsglue.h os-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h dnsglue.c dnsglue.h \
+ os-proto.h
dnssrv.so dnssrv.po $(OUTPRE)dnssrv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- dnsglue.h dnssrv.c os-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h dnsglue.h dnssrv.c \
+ os-proto.h
free_krbhs.so free_krbhs.po $(OUTPRE)free_krbhs.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h free_krbhs.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ free_krbhs.c
free_hstrl.so free_hstrl.po $(OUTPRE)free_hstrl.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h free_hstrl.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ free_hstrl.c
full_ipadr.so full_ipadr.po $(OUTPRE)full_ipadr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h full_ipadr.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ full_ipadr.c os-proto.h
get_krbhst.so get_krbhst.po $(OUTPRE)get_krbhst.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h get_krbhst.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ get_krbhst.c
gen_port.so gen_port.po $(OUTPRE)gen_port.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gen_port.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gen_port.c os-proto.h
genaddrs.so genaddrs.po $(OUTPRE)genaddrs.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h genaddrs.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ genaddrs.c os-proto.h
gen_rname.so gen_rname.po $(OUTPRE)gen_rname.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h gen_rname.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ gen_rname.c os-proto.h
hostaddr.so hostaddr.po $(OUTPRE)hostaddr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- hostaddr.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h hostaddr.c
hst_realm.so hst_realm.po $(OUTPRE)hst_realm.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- dnsglue.h hst_realm.c os-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h dnsglue.h hst_realm.c \
+ os-proto.h
init_os_ctx.so init_os_ctx.po $(OUTPRE)init_os_ctx.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/util/profile/prof_int.h \
- init_os_ctx.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/util/profile/prof_int.h init_os_ctx.c os-proto.h
krbfileio.so krbfileio.po $(OUTPRE)krbfileio.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h krbfileio.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ krbfileio.c
ktdefname.so ktdefname.po $(OUTPRE)ktdefname.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ktdefname.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ktdefname.c
kuserok.so kuserok.po $(OUTPRE)kuserok.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kuserok.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kuserok.c
mk_faddr.so mk_faddr.po $(OUTPRE)mk_faddr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h mk_faddr.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ mk_faddr.c os-proto.h
localaddr.so localaddr.po $(OUTPRE)localaddr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- localaddr.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h localaddr.c
locate_kdc.so locate_kdc.po $(OUTPRE)locate_kdc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- locate_kdc.c os-proto.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h locate_kdc.c os-proto.h
lock_file.so lock_file.po $(OUTPRE)lock_file.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h lock_file.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ lock_file.c
net_read.so net_read.po $(OUTPRE)net_read.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h net_read.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ net_read.c
net_write.so net_write.po $(OUTPRE)net_write.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h net_write.c os-proto.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ net_write.c os-proto.h
osconfig.so osconfig.po $(OUTPRE)osconfig.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h osconfig.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ osconfig.c
prompter.so prompter.po $(OUTPRE)prompter.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h prompter.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ prompter.c
read_msg.so read_msg.po $(OUTPRE)read_msg.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h read_msg.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ read_msg.c
read_pwd.so read_pwd.po $(OUTPRE)read_pwd.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h read_pwd.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ read_pwd.c
realm_dom.so realm_dom.po $(OUTPRE)realm_dom.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h realm_dom.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ realm_dom.c
realm_iter.so realm_iter.po $(OUTPRE)realm_iter.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h realm_iter.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ realm_iter.c
port2ip.so port2ip.po $(OUTPRE)port2ip.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- os-proto.h port2ip.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h os-proto.h port2ip.c
sendto_kdc.so sendto_kdc.po $(OUTPRE)sendto_kdc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h os-proto.h sendto_kdc.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ os-proto.h sendto_kdc.c
sn2princ.so sn2princ.po $(OUTPRE)sn2princ.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- os-proto.h sn2princ.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h os-proto.h sn2princ.c
thread_safe.so thread_safe.po $(OUTPRE)thread_safe.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h thread_safe.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ thread_safe.c
timeofday.so timeofday.po $(OUTPRE)timeofday.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h timeofday.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ timeofday.c
toffset.so toffset.po $(OUTPRE)toffset.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- toffset.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h toffset.c
unlck_file.so unlck_file.po $(OUTPRE)unlck_file.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h unlck_file.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ unlck_file.c
ustime.so ustime.po $(OUTPRE)ustime.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- ustime.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h ustime.c
write_msg.so write_msg.po $(OUTPRE)write_msg.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h os-proto.h write_msg.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ os-proto.h write_msg.c
t_an_to_ln.so t_an_to_ln.po $(OUTPRE)t_an_to_ln.$(OBJEXT): \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \
t_an_to_ln.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- dnsglue.c dnsglue.h dnssrv.c locate_kdc.c os-proto.h \
- t_locate_kdc.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h dnsglue.c dnsglue.h \
+ dnssrv.c locate_kdc.c os-proto.h t_locate_kdc.c
t_realm_iter.so t_realm_iter.po $(OUTPRE)t_realm_iter.$(OBJEXT): \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \
t_realm_iter.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- os-proto.h t_std_conf.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h os-proto.h t_std_conf.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h rc_base.c rc_base.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h rc_base.c \
+ rc_base.h
rc_dfl.so rc_dfl.po $(OUTPRE)rc_dfl.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h rc_base.h rc_dfl.c rc_dfl.h rc_io.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h rc_base.h \
+ rc_dfl.c rc_dfl.h rc_io.h
rc_io.so rc_io.po $(OUTPRE)rc_io.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc_base.h rc_dfl.h rc_io.c rc_io.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc_base.h rc_dfl.h \
+ rc_io.c rc_io.h
rcdef.so rcdef.po $(OUTPRE)rcdef.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h rc_dfl.h rcdef.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h rc_dfl.h \
+ rcdef.c
rc_none.so rc_none.po $(OUTPRE)rc_none.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h rc_none.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h rc_none.c
rc_conv.so rc_conv.po $(OUTPRE)rc_conv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc_base.h rc_conv.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc_base.h rc_conv.c
ser_rc.so ser_rc.po $(OUTPRE)ser_rc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h ser_rc.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h ser_rc.c
rcfns.so rcfns.po $(OUTPRE)rcfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- rc-int.h rcfns.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h rc-int.h rcfns.c
t_replay.so t_replay.po $(OUTPRE)t_replay.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h t_replay.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ t_replay.c
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/k5-unicode.h \
$(SRCTOP)/include/k5-utf8.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/ucdata/ucdata.h ucstr.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/ucdata/ucdata.h \
+ ucstr.c
--- /dev/null
+thisconfigdir=../../..
+myfulldir=plugins/authdata/greet_client
+mydir=plugins/authdata/greet_client
+BUILDTOP=$(REL)..$(S)..$(S)..
+KRB5_RUN_ENV = @KRB5_RUN_ENV@
+KRB5_CONFIG_SETUP = KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; export KRB5_CONFIG ;
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR)
+DEFS=@DEFS@
+
+LOCALINCLUDES = -I../../../include/krb5
+
+LIBBASE=greet_client
+LIBMAJOR=0
+LIBMINOR=0
+SO_EXT=.so
+SHLIB_EXPDEPS = $(TOPLIBD)/libk5crypto$(SHLIBEXT) \
+ $(TOPLIBD)/libkrb5$(SHLIBEXT)
+SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS)
+
+SHLIB_DIRS=-L$(TOPLIBD)
+SHLIB_RDIRS=$(KRB5_LIBDIR)
+STOBJLISTS=OBJS.ST
+STLIBOBJS= greet.o
+
+SRCS= greet.c
+
+all-unix:: all-liblinks
+install-unix:: install-libs
+clean-unix:: clean-libs clean-libobjs
+
+clean::
+ $(RM) lib$(LIBBASE)$(SO_EXT)
+
+@libnover_frag@
+@libobj_frag@
+
--- /dev/null
+#
+# Generated makefile dependencies follow.
+#
+greet_auth.so greet_auth.po $(OUTPRE)greet_auth.$(OBJEXT): \
+ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5/authdata_plugin.h \
+ greet_auth.c
--- /dev/null
+/*
+ * plugins/authdata/greet_client/
+ *
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Sample authorization data plugin
+ */
+
+#include <string.h>
+#include <errno.h>
+#include "k5-int.h"
+#include <krb5/authdata_plugin.h>
+#include <assert.h>
+
+struct greet_context {
+ krb5_data greeting;
+ krb5_boolean verified;
+};
+
+static krb5_data greet_attr = {
+ KV5M_DATA, sizeof("greet:greeting") - 1, "greet:greeting" };
+
+static krb5_error_code
+greet_init(krb5_context kcontext, void **plugin_context)
+{
+ *plugin_context = 0;
+ return 0;
+}
+
+static void
+greet_flags(krb5_context kcontext,
+ void *plugin_context,
+ krb5_authdatatype ad_type,
+ krb5_flags *flags)
+{
+ *flags = AD_USAGE_AP_REQ | AD_USAGE_KDC_ISSUED | AD_INFORMATIONAL;
+}
+
+static void
+greet_fini(krb5_context kcontext, void *plugin_context)
+{
+ return;
+}
+
+static krb5_error_code
+greet_request_init(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void **request_context)
+{
+ struct greet_context *greet;
+
+ greet = malloc(sizeof(*greet));
+ if (greet == NULL)
+ return ENOMEM;
+
+ greet->greeting.data = NULL;
+ greet->greeting.length = 0;
+ greet->verified = FALSE;
+
+ *request_context = greet;
+
+ return 0;
+}
+
+static krb5_error_code
+greet_export_authdata(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_flags usage,
+ krb5_authdata ***out_authdata)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+ krb5_authdata *data[2];
+ krb5_authdata datum;
+ krb5_error_code code;
+
+ datum.ad_type = -42;
+ datum.length = greet->greeting.length;
+ datum.contents = (krb5_octet *)greet->greeting.data;
+
+ data[0] = &datum;
+ data[1] = NULL;
+
+ code = krb5_copy_authdata(kcontext, data, out_authdata);
+
+ return code;
+}
+
+static krb5_error_code
+greet_import_authdata(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_authdata **authdata,
+ krb5_boolean kdc_issued_flag,
+ krb5_const_principal issuer)
+{
+ krb5_error_code code;
+ struct greet_context *greet = (struct greet_context *)request_context;
+ krb5_data data;
+
+ krb5_free_data_contents(kcontext, &greet->greeting);
+ greet->verified = FALSE;
+
+ assert(authdata[0] != NULL);
+
+ data.length = authdata[0]->length;
+ data.data = (char *)authdata[0]->contents;
+
+ code = krb5int_copy_data_contents_add0(kcontext, &data, &greet->greeting);
+ if (code == 0)
+ greet->verified = kdc_issued_flag;
+
+ return code;
+}
+
+static void
+greet_request_fini(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+
+ if (greet != NULL) {
+ krb5_free_data_contents(kcontext, &greet->greeting);
+ free(greet);
+ }
+}
+
+static krb5_error_code
+greet_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_data **out_attrs)
+{
+ krb5_error_code code;
+ struct greet_context *greet = (struct greet_context *)request_context;
+
+ if (greet->greeting.length == 0)
+ return ENOENT;
+
+ *out_attrs = calloc(2, sizeof(krb5_data));
+ if (*out_attrs == NULL)
+ return ENOMEM;
+
+ code = krb5int_copy_data_contents_add0(kcontext,
+ &greet_attr,
+ &(*out_attrs)[0]);
+ if (code != 0) {
+ free(*out_attrs);
+ *out_attrs = NULL;
+ return code;
+ }
+
+ return 0;
+}
+
+static krb5_error_code
+greet_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+ krb5_error_code code;
+
+ if (!data_eq(*attribute, greet_attr) || greet->greeting.length == 0)
+ return ENOENT;
+
+ *authenticated = greet->verified;
+ *complete = TRUE;
+ *more = 0;
+
+ code = krb5int_copy_data_contents_add0(kcontext, &greet->greeting, value);
+ if (code == 0) {
+ code = krb5int_copy_data_contents_add0(kcontext,
+ &greet->greeting,
+ display_value);
+ if (code != 0)
+ krb5_free_data_contents(kcontext, value);
+ }
+
+ return code;
+}
+
+static krb5_error_code
+greet_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+ krb5_data data;
+ krb5_error_code code;
+
+ if (greet->greeting.data != NULL)
+ return EEXIST;
+
+ code = krb5int_copy_data_contents_add0(kcontext, value, &data);
+ if (code != 0)
+ return code;
+
+ krb5_free_data_contents(kcontext, &greet->greeting);
+ greet->greeting = data;
+ greet->verified = FALSE;
+
+ return 0;
+}
+
+static krb5_error_code
+greet_delete_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+
+ krb5_free_data_contents(kcontext, &greet->greeting);
+ greet->verified = FALSE;
+
+ return 0;
+}
+
+static krb5_error_code
+greet_size(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ size_t *sizep)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+
+ *sizep += sizeof(krb5_int32) +
+ greet->greeting.length +
+ sizeof(krb5_int32);
+
+ return 0;
+}
+
+static krb5_error_code
+greet_externalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ size_t required = 0;
+ struct greet_context *greet = (struct greet_context *)request_context;
+
+ greet_size(kcontext, context, plugin_context,
+ request_context, &required);
+
+ if (*lenremain < required)
+ return ENOMEM;
+
+ /* Greeting Length | Greeting Contents | Verified */
+ krb5_ser_pack_int32(greet->greeting.length, buffer, lenremain);
+ krb5_ser_pack_bytes((krb5_octet *)greet->greeting.data,
+ (size_t)greet->greeting.length,
+ buffer, lenremain);
+ krb5_ser_pack_int32((krb5_int32)greet->verified, buffer, lenremain);
+
+ return 0;
+}
+
+static krb5_error_code
+greet_internalize(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain)
+{
+ struct greet_context *greet = (struct greet_context *)request_context;
+ krb5_error_code code;
+ krb5_int32 length;
+ krb5_octet *contents = NULL;
+ krb5_int32 verified;
+ krb5_octet *bp;
+ size_t remain;
+
+ bp = *buffer;
+ remain = *lenremain;
+
+ /* Greeting Length */
+ code = krb5_ser_unpack_int32(&length, &bp, &remain);
+ if (code != 0)
+ return code;
+
+ /* Greeting Contents */
+ if (length != 0) {
+ contents = malloc(length);
+ if (contents == NULL)
+ return ENOMEM;
+
+ code = krb5_ser_unpack_bytes(contents, (size_t)length, &bp, &remain);
+ if (code != 0) {
+ free(contents);
+ return code;
+ }
+ }
+
+ /* Verified */
+ code = krb5_ser_unpack_int32(&verified, &bp, &remain);
+ if (code != 0) {
+ free(contents);
+ return code;
+ }
+
+ krb5_free_data_contents(kcontext, &greet->greeting);
+ greet->greeting.length = length;
+ greet->greeting.data = (char *)contents;
+ greet->verified = (verified != 0);
+
+ *buffer = bp;
+ *lenremain = remain;
+
+ return 0;
+}
+
+static krb5_authdatatype greet_ad_types[] = { -42, 0 };
+
+krb5plugin_authdata_client_ftable_v0 authdata_client_0 = {
+ "greet",
+ greet_ad_types,
+ greet_init,
+ greet_fini,
+ greet_flags,
+ greet_request_init,
+ greet_request_fini,
+ greet_get_attribute_types,
+ greet_get_attribute,
+ greet_set_attribute,
+ greet_delete_attribute,
+ greet_export_authdata,
+ greet_import_authdata,
+ NULL,
+ NULL,
+ NULL,
+ greet_size,
+ greet_externalize,
+ greet_internalize,
+ NULL
+};
--- /dev/null
+authdata_client_0
--- /dev/null
+thisconfigdir=../../..
+myfulldir=plugins/authdata/greet_server
+mydir=plugins/authdata/greet_server
+BUILDTOP=$(REL)..$(S)..$(S)..
+KRB5_RUN_ENV = @KRB5_RUN_ENV@
+KRB5_CONFIG_SETUP = KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; export KRB5_CONFIG ;
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR)
+DEFS=@DEFS@
+
+LOCALINCLUDES = -I../../../include/krb5
+
+LIBBASE=greet_server
+LIBMAJOR=1
+LIBMINOR=0
+SO_EXT=.so
+SHLIB_EXPDEPS = $(TOPLIBD)/libk5crypto$(SHLIBEXT) \
+ $(TOPLIBD)/libkrb5$(SHLIBEXT)
+SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS)
+
+SHLIB_DIRS=-L$(TOPLIBD)
+SHLIB_RDIRS=$(KRB5_LIBDIR)
+STOBJLISTS=OBJS.ST
+STLIBOBJS= greet_auth.o
+
+SRCS= greet_auth.c
+
+all-unix:: all-liblinks
+install-unix:: install-libs
+clean-unix:: clean-libs clean-libobjs
+
+clean::
+ $(RM) lib$(LIBBASE)$(SO_EXT)
+
+@libnover_frag@
+@libobj_frag@
+
--- /dev/null
+#
+# Generated makefile dependencies follow.
+#
+greet_auth.so greet_auth.po $(OUTPRE)greet_auth.$(OBJEXT): \
+ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5/authdata_plugin.h \
+ greet_auth.c
--- /dev/null
+/*
+ * plugins/authdata/greet_server/
+ *
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Sample authorization data plugin
+ */
+
+#include <string.h>
+#include <errno.h>
+#include <k5-int.h>
+#include <krb5/authdata_plugin.h>
+#include <kdb.h>
+#include <kdb_ext.h>
+
+static krb5_error_code
+greet_init(krb5_context ctx, void **blob)
+{
+ return 0;
+}
+
+static void
+greet_fini(krb5_context ctx, void *blob)
+{
+}
+
+static krb5_error_code greet_hello(krb5_context context, krb5_data **ret)
+{
+ krb5_data tmp;
+
+ tmp.data = "Hello, KDC issued acceptor world!";
+ tmp.length = strlen(tmp.data);
+
+ return krb5_copy_data(context, &tmp, ret);
+}
+
+static krb5_error_code
+greet_kdc_verify(krb5_context context,
+ krb5_enc_tkt_part *enc_tkt_request,
+ krb5_data **greeting)
+{
+ krb5_error_code code;
+ krb5_authdata **tgt_authdata = NULL;
+ krb5_authdata **kdc_issued = NULL;
+ krb5_authdata **greet = NULL;
+
+ code = krb5int_find_authdata(context,
+ enc_tkt_request->authorization_data,
+ NULL,
+ KRB5_AUTHDATA_KDC_ISSUED,
+ &tgt_authdata);
+ if (code != 0)
+ return 0;
+
+ code = krb5_verify_authdata_kdc_issued(context,
+ enc_tkt_request->session,
+ tgt_authdata[0],
+ NULL,
+ &kdc_issued);
+ if (code != 0) {
+ krb5_free_authdata(context, tgt_authdata);
+ return code;
+ }
+
+ code = krb5int_find_authdata(context,
+ kdc_issued,
+ NULL,
+ -42,
+ &greet);
+ if (code == 0) {
+ krb5_data tmp;
+
+ tmp.data = (char *)greet[0]->contents;
+ tmp.length = greet[0]->length;
+
+ code = krb5_copy_data(context, &tmp, greeting);
+ } else
+ code = 0;
+
+ krb5_free_authdata(context, tgt_authdata);
+ krb5_free_authdata(context, kdc_issued);
+ krb5_free_authdata(context, greet);
+
+ return code;
+}
+
+static krb5_error_code
+greet_kdc_sign(krb5_context context,
+ krb5_enc_tkt_part *enc_tkt_reply,
+ krb5_const_principal tgs,
+ krb5_data *greeting)
+{
+ krb5_error_code code;
+ krb5_authdata ad_datum, *ad_data[2], **kdc_issued = NULL;
+ krb5_authdata **if_relevant = NULL;
+
+ ad_datum.ad_type = -42;
+ ad_datum.contents = (krb5_octet *)greeting->data;
+ ad_datum.length = greeting->length;
+
+ ad_data[0] = &ad_datum;
+ ad_data[1] = NULL;
+
+ code = krb5_make_authdata_kdc_issued(context,
+ enc_tkt_reply->session,
+ tgs,
+ ad_data,
+ &kdc_issued);
+ if (code != 0)
+ return code;
+
+ code = krb5_encode_authdata_container(context,
+ KRB5_AUTHDATA_IF_RELEVANT,
+ kdc_issued,
+ &if_relevant);
+ if (code != 0) {
+ krb5_free_authdata(context, kdc_issued);
+ return code;
+ }
+
+ /* this isn't very friendly to other plugins... */
+ krb5_free_authdata(context, enc_tkt_reply->authorization_data);
+ enc_tkt_reply->authorization_data = if_relevant;
+
+ krb5_free_authdata(context, kdc_issued);
+
+ return 0;
+}
+
+static krb5_error_code
+greet_authdata(krb5_context context,
+ unsigned int flags,
+ krb5_db_entry *client,
+ krb5_db_entry *server,
+ krb5_db_entry *tgs,
+ krb5_keyblock *client_key,
+ krb5_keyblock *server_key,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_const_principal for_user_princ,
+ krb5_enc_tkt_part *enc_tkt_request,
+ krb5_enc_tkt_part *enc_tkt_reply)
+{
+ krb5_error_code code;
+ krb5_data *greeting = NULL;
+
+ if (request->msg_type == KRB5_TGS_REQ) {
+ code = greet_kdc_verify(context, enc_tkt_request, &greeting);
+ if (code != 0)
+ return code;
+ }
+
+ if (greeting == NULL) {
+ code = greet_hello(context, &greeting);
+ if (code != 0)
+ return code;
+ }
+
+ code = greet_kdc_sign(context, enc_tkt_reply, tgs->princ, greeting);
+
+ krb5_free_data(context, greeting);
+
+ return code;
+}
+
+krb5plugin_authdata_server_ftable_v1 authdata_server_1 = {
+ "greet",
+ greet_init,
+ greet_fini,
+ greet_authdata,
+};
--- /dev/null
+authdata_server_1
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb_xdr.c kdb_xdr.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb_xdr.c kdb_xdr.h
adb_openclose.so adb_openclose.po $(OUTPRE)adb_openclose.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h adb_openclose.c policy_db.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ adb_openclose.c policy_db.h
adb_policy.so adb_policy.po $(OUTPRE)adb_policy.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/lib/kdb/adb_err.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_db2.c kdb_db2.h kdb_xdr.h policy_db.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_db2.c kdb_db2.h kdb_xdr.h \
+ policy_db.h
pol_xdr.so pol_xdr.po $(OUTPRE)pol_xdr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/lib/kdb/adb_err.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- db2_exp.c kdb_db2.h kdb_xdr.h policy_db.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h db2_exp.c kdb_db2.h kdb_xdr.h \
+ policy_db.h
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- $(srcdir)/libkdb_ldap/kdb_ldap.h $(srcdir)/libkdb_ldap/ldap_krbcontainer.h \
- $(srcdir)/libkdb_ldap/ldap_principal.h $(srcdir)/libkdb_ldap/ldap_pwd_policy.h \
- $(srcdir)/libkdb_ldap/ldap_realm.h $(srcdir)/libkdb_ldap/ldap_tkt_policy.h \
- ldap_exp.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h $(srcdir)/libkdb_ldap/kdb_ldap.h \
+ $(srcdir)/libkdb_ldap/ldap_krbcontainer.h $(srcdir)/libkdb_ldap/ldap_principal.h \
+ $(srcdir)/libkdb_ldap/ldap_pwd_policy.h $(srcdir)/libkdb_ldap/ldap_realm.h \
+ $(srcdir)/libkdb_ldap/ldap_tkt_policy.h ldap_exp.c
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.c kdb_ldap.h ldap_err.h \
- ldap_krbcontainer.h ldap_misc.h ldap_realm.h ldap_services.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
+ kdb_ldap.c kdb_ldap.h ldap_err.h ldap_krbcontainer.h \
+ ldap_misc.h ldap_realm.h ldap_services.h
kdb_ldap_conn.so kdb_ldap_conn.po $(OUTPRE)kdb_ldap_conn.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h kdb_ldap_conn.c ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_service_stash.h \
- ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h kdb_ldap_conn.c \
+ ldap_handle.h ldap_krbcontainer.h ldap_main.h ldap_misc.h \
+ ldap_realm.h ldap_service_stash.h ldap_services.h
ldap_realm.so ldap_realm.po $(OUTPRE)ldap_realm.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_principal.h ldap_pwd_policy.h \
- ldap_realm.c ldap_realm.h ldap_services.h ldap_tkt_policy.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.h \
+ ldap_pwd_policy.h ldap_realm.c ldap_realm.h ldap_services.h \
+ ldap_tkt_policy.h
ldap_create.so ldap_create.po $(OUTPRE)ldap_create.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_create.c ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_principal.h ldap_realm.h \
- ldap_services.h ldap_tkt_policy.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_create.c ldap_err.h \
+ ldap_handle.h ldap_krbcontainer.h ldap_main.h ldap_misc.h \
+ ldap_principal.h ldap_realm.h ldap_services.h ldap_tkt_policy.h
ldap_krbcontainer.so ldap_krbcontainer.po $(OUTPRE)ldap_krbcontainer.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.c \
- ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
- ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.c ldap_krbcontainer.h ldap_main.h \
+ ldap_misc.h ldap_realm.h ldap_services.h
ldap_principal.so ldap_principal.po $(OUTPRE)ldap_principal.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_principal.c ldap_principal.h \
- ldap_realm.h ldap_services.h ldap_tkt_policy.h princ_xdr.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.c \
+ ldap_principal.h ldap_realm.h ldap_services.h ldap_tkt_policy.h \
+ princ_xdr.h
ldap_principal2.so ldap_principal2.po $(OUTPRE)ldap_principal2.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
- ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.h \
- ldap_principal2.c ldap_pwd_policy.h ldap_realm.h ldap_services.h \
- ldap_tkt_policy.h princ_xdr.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
+ kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
+ ldap_main.h ldap_misc.h ldap_principal.h ldap_principal2.c \
+ ldap_pwd_policy.h ldap_realm.h ldap_services.h ldap_tkt_policy.h \
+ princ_xdr.h
ldap_pwd_policy.so ldap_pwd_policy.po $(OUTPRE)ldap_pwd_policy.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_pwd_policy.c ldap_pwd_policy.h \
- ldap_realm.h ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_pwd_policy.c \
+ ldap_pwd_policy.h ldap_realm.h ldap_services.h
ldap_misc.so ldap_misc.po $(OUTPRE)ldap_misc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_misc.c ldap_misc.h ldap_principal.h ldap_pwd_policy.h \
- ldap_realm.h ldap_services.h ldap_tkt_policy.h princ_xdr.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_misc.c ldap_misc.h ldap_principal.h \
+ ldap_pwd_policy.h ldap_realm.h ldap_services.h ldap_tkt_policy.h \
+ princ_xdr.h
ldap_handle.so ldap_handle.po $(OUTPRE)ldap_handle.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_handle.c ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_handle.c ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
+ ldap_services.h
ldap_tkt_policy.so ldap_tkt_policy.po $(OUTPRE)ldap_tkt_policy.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h \
- ldap_tkt_policy.c ldap_tkt_policy.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
+ ldap_services.h ldap_tkt_policy.c ldap_tkt_policy.h
ldap_services.so ldap_services.po $(OUTPRE)ldap_services.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_services.c \
- ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
+ ldap_services.c ldap_services.h
ldap_service_rights.so ldap_service_rights.po $(OUTPRE)ldap_service_rights.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_service_rights.c \
- ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
+ ldap_service_rights.c ldap_services.h
princ_xdr.so princ_xdr.po $(OUTPRE)princ_xdr.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
$(SRCTOP)/include/kdb_ext.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_krbcontainer.h \
- ldap_principal.h ldap_realm.h ldap_tkt_policy.h princ_xdr.c \
- princ_xdr.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
+ kdb_ldap.h ldap_krbcontainer.h ldap_principal.h ldap_realm.h \
+ ldap_tkt_policy.h princ_xdr.c princ_xdr.h
ldap_fetch_mkey.so ldap_fetch_mkey.po $(OUTPRE)ldap_fetch_mkey.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_fetch_mkey.c ldap_handle.h ldap_krbcontainer.h \
- ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_fetch_mkey.c \
+ ldap_handle.h ldap_krbcontainer.h ldap_main.h ldap_misc.h \
+ ldap_realm.h ldap_services.h
ldap_service_stash.so ldap_service_stash.po $(OUTPRE)ldap_service_stash.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_ext.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_handle.h ldap_krbcontainer.h ldap_main.h \
- ldap_misc.h ldap_realm.h ldap_service_stash.c ldap_service_stash.h \
- ldap_services.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_handle.h ldap_krbcontainer.h \
+ ldap_main.h ldap_misc.h ldap_realm.h ldap_service_stash.c \
+ ldap_service_stash.h ldap_services.h
kdb_xdr.so kdb_xdr.po $(OUTPRE)kdb_xdr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kdb_xdr.c kdb_xdr.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kdb_xdr.c kdb_xdr.h
ldap_err.so ldap_err.po $(OUTPRE)ldap_err.$(OBJEXT): \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \
ldap_err.c ldap_err.h
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../fast_factor.h encrypted_challenge_main.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(srcdir)/../fast_factor.h \
+ encrypted_challenge_main.c
if (buf == NULL)
goto cleanup;
- retval = EVP_PKEY_decrypt(buf, data, (int)data_len, pkey);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ retval = EVP_PKEY_decrypt_old(buf, data, (int)data_len, pkey);
+#else
+ retval = EVP_PKEY_decrypt(buf, data, (int)data_len, pkey);
+#endif
if (retval <= 0) {
pkiDebug("unable to decrypt received data (len=%d)\n", data_len);
goto cleanup;
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kprop.c kprop.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kprop.c kprop.h
$(OUTPRE)kpropd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kprop.h kpropd.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kprop.h kpropd.c
$(OUTPRE)kpropd_rpc.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(SRCTOP)/include/gssrpc/auth.h \
$(SRCTOP)/include/gssrpc/auth_gss.h $(SRCTOP)/include/gssrpc/auth_unix.h \
$(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h kproplog.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ kproplog.c
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/krb5/asn.1/asn1buf.h \
- $(SRCTOP)/lib/krb5/asn.1/krbasn1.h debug.h krb5_encode_test.c \
- ktest.h utility.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/krb5/asn.1/asn1buf.h $(SRCTOP)/lib/krb5/asn.1/krbasn1.h \
+ debug.h krb5_encode_test.c ktest.h utility.h
$(OUTPRE)krb5_decode_test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/krb5/asn.1/asn1buf.h \
- $(SRCTOP)/lib/krb5/asn.1/krbasn1.h debug.h krb5_decode_test.c \
- ktest.h ktest_equal.h utility.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/krb5/asn.1/asn1buf.h $(SRCTOP)/lib/krb5/asn.1/krbasn1.h \
+ debug.h krb5_decode_test.c ktest.h ktest_equal.h utility.h
$(OUTPRE)krb5_decode_leak.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/krb5/asn.1/asn1buf.h \
- $(SRCTOP)/lib/krb5/asn.1/krbasn1.h debug.h krb5_decode_leak.c \
- ktest.h utility.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/krb5/asn.1/asn1buf.h $(SRCTOP)/lib/krb5/asn.1/krbasn1.h \
+ debug.h krb5_decode_leak.c ktest.h utility.h
$(OUTPRE)ktest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/krb5/asn.1/asn1buf.h \
- $(SRCTOP)/lib/krb5/asn.1/krbasn1.h ktest.c ktest.h \
- utility.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/lib/krb5/asn.1/asn1buf.h $(SRCTOP)/lib/krb5/asn.1/krbasn1.h \
+ ktest.c ktest.h utility.h
$(OUTPRE)ktest_equal.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h ktest_equal.c ktest_equal.h
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ ktest_equal.c ktest_equal.h
$(OUTPRE)utility.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(SRCTOP)/lib/krb5/asn.1/asn1buf.h $(SRCTOP)/lib/krb5/asn.1/krbasn1.h \
- utility.c utility.h
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/krb5/asn.1/asn1buf.h \
+ $(SRCTOP)/lib/krb5/asn.1/krbasn1.h utility.c utility.h
$(OUTPRE)trval.$(OBJEXT): trval.c
$(OUTPRE)t_trval.$(OBJEXT): t_trval.c trval.c
/* encode_krb5_pa_s4u_x509_user */
{
krb5_pa_s4u_x509_user s4u, *tmp;
-
setup(s4u, "pa_s4u_x509_user",
ktest_make_sample_pa_s4u_x509_user);
leak_test(s4u, encode_krb5_pa_s4u_x509_user,
krb5_free_pa_s4u_x509_user);
ktest_empty_pa_s4u_x509_user(&s4u);
}
+ /****************************************************************/
+ /* encode_krb5_ad_kdcissued */
+ {
+ krb5_ad_kdcissued kdci, *tmp;
+ setup(kdci, "ad_kdcissued",
+ ktest_make_sample_ad_kdcissued);
+ leak_test(kdci, encode_krb5_ad_kdcissued,
+ decode_krb5_ad_kdcissued,
+ krb5_free_ad_kdcissued);
+ ktest_empty_ad_kdcissued(&kdci);
+ }
krb5_free_context(test_context);
return 0;
}
ktest_empty_sam_response(&ref);
}
+ /****************************************************************/
+ /* decode_pa_s4u_x509_user */
{
setup(krb5_pa_s4u_x509_user,"krb5_pa_s4u_x509_user",ktest_make_sample_pa_s4u_x509_user);
decode_run("pa_s4u_x509_user","","30 68 A0 55 30 53 A0 06 02 04 00 CA 14 9A A1 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A2 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A3 12 04 10 70 61 5F 73 34 75 5F 78 35 30 39 5F 75 73 65 72 A4 07 03 05 00 80 00 00 00 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34",decode_krb5_pa_s4u_x509_user,ktest_equal_pa_s4u_x509_user,krb5_free_pa_s4u_x509_user);
ktest_empty_pa_s4u_x509_user(&ref);
}
+ /****************************************************************/
+ /* decode_ad_kdcissued */
+ {
+ setup(krb5_ad_kdcissued,"krb5_ad_kdcissued",ktest_make_sample_ad_kdcissued);
+ decode_run("ad_kdcissued","","30 65 A0 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 A1 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A2 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A3 24 30 22 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72",decode_krb5_ad_kdcissued,ktest_equal_ad_kdcissued,krb5_free_ad_kdcissued);
+ ktest_empty_ad_kdcissued(&ref);
+ }
+
#ifdef ENABLE_LDAP
/* ldap sequence_of_keys */
{
encode_krb5_pa_s4u_x509_user);
ktest_empty_pa_s4u_x509_user(&s4u);
}
-
+ /****************************************************************/
+ /* encode_krb5_ad_kdcissued */
+ {
+ krb5_ad_kdcissued kdci;
+ setup(kdci,krb5_ad_kdcissued,"ad_kdcissued",
+ ktest_make_sample_ad_kdcissued);
+ encode_run(kdci,krb5_ad_kdcissued,
+ "ad_kdcissued","",
+ encode_krb5_ad_kdcissued);
+ ktest_empty_ad_kdcissued(&kdci);
+ }
#ifdef ENABLE_LDAP
{
ldap_seqof_key_data skd;
return 0;
}
+krb5_error_code ktest_make_sample_ad_kdcissued(p)
+ krb5_ad_kdcissued *p;
+{
+ krb5_error_code retval;
+ retval = ktest_make_sample_checksum(&p->ad_checksum);
+ if (retval) return retval;
+ retval = ktest_make_sample_principal(&p->i_principal);
+ if (retval) return retval;
+ retval = ktest_make_sample_authorization_data(&p->elements);
+ if (retval) return retval;
+ return retval;
+}
+
#ifdef ENABLE_LDAP
static krb5_error_code ktest_make_sample_key_data(krb5_key_data *p, int i)
{
if (p->cksum.contents) free(p->cksum.contents);
}
+void ktest_empty_ad_kdcissued(p)
+ krb5_ad_kdcissued *p;
+{
+ if (p->ad_checksum.contents) free(p->ad_checksum.contents);
+ ktest_destroy_principal(&p->i_principal);
+ ktest_destroy_authorization_data(&p->elements);
+}
+
#ifdef ENABLE_LDAP
void ktest_empty_ldap_seqof_key_data(ctx, p)
krb5_context ctx;
krb5_error_code ktest_make_sample_predicted_sam_response(krb5_predicted_sam_response *p);
krb5_error_code ktest_make_sample_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p);
krb5_error_code ktest_make_sample_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p);
+krb5_error_code ktest_make_sample_ad_kdcissued(krb5_ad_kdcissued *p);
#ifdef ENABLE_LDAP
krb5_error_code ktest_make_sample_ldap_seqof_key_data(ldap_seqof_key_data * p);
void ktest_empty_sam_response_2(krb5_sam_response_2 *p);
void ktest_empty_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p);
void ktest_empty_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p);
+void ktest_empty_ad_kdcissued(krb5_ad_kdcissued *p);
#ifdef ENABLE_LDAP
void ktest_empty_ldap_seqof_key_data(krb5_context, ldap_seqof_key_data *p);
p=p&&struct_equal(cksum,ktest_equal_checksum);
return p;
}
+
+int ktest_equal_ad_kdcissued(ref, var)
+ krb5_ad_kdcissued *ref;
+ krb5_ad_kdcissued *var;
+{
+ int p = TRUE;
+ if (ref == var) return TRUE;
+ else if (ref == NULL || var == NULL) return FALSE;
+ p=p&&struct_equal(ad_checksum,ktest_equal_checksum);
+ p=p&&ptr_equal(i_principal,ktest_equal_principal_data);
+ p=p&&ptr_equal(elements,ktest_equal_authorization_data);
+ return p;
+}
+
#ifdef ENABLE_LDAP
static int equal_key_data(ref, var)
krb5_key_data *ref;
(krb5_pa_s4u_x509_user *ref,
krb5_pa_s4u_x509_user *var);
+int ktest_equal_ad_kdcissued
+ (krb5_ad_kdcissued *ref,
+ krb5_ad_kdcissued *var);
+
int ktest_equal_ldap_sequence_of_keys(ldap_seqof_key_data *ref,
ldap_seqof_key_data *var);
#endif
encode_krb5_sam_response_2: 30 42 A0 03 02 01 2B A1 07 03 05 00 80 00 00 00 A2 0C 04 0A 74 72 61 63 6B 20 64 61 74 61 A3 1D 30 1B A0 03 02 01 01 A1 04 02 02 0D 36 A2 0E 04 0C 6E 6F 6E 63 65 20 6F 72 20 73 61 64 A4 05 02 03 54 32 10
encode_krb5_enc_sam_response_enc_2: 30 1F A0 03 02 01 58 A1 18 04 16 65 6E 63 5F 73 61 6D 5F 72 65 73 70 6F 6E 73 65 5F 65 6E 63 5F 32
encode_krb5_pa_s4u_x509_user: 30 68 A0 55 30 53 A0 06 02 04 00 CA 14 9A A1 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A2 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A3 12 04 10 70 61 5F 73 34 75 5F 78 35 30 39 5F 75 73 65 72 A4 07 03 05 00 80 00 00 00 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34
+encode_krb5_ad_kdcissued: 30 65 A0 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 A1 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A2 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A3 24 30 22 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72
. . [0] [Integer] 1
. . [1] [Octet String] "1234"
+encode_krb5_ad_kdcissued:
+
+[Sequence/Sequence Of]
+. [0] [Sequence/Sequence Of]
+. . [0] [Integer] 1
+. . [1] [Octet String] "1234"
+. [1] [General string] "ATHENA.MIT.EDU"
+. [2] [Sequence/Sequence Of]
+. . [0] [Integer] 1
+. . [1] [Sequence/Sequence Of]
+. . . [General string] "hftsai"
+. . . [General string] "extra"
+. [3] [Sequence/Sequence Of]
+. . [Sequence/Sequence Of]
+. . . [0] [Integer] 1
+. . . [1] [Octet String] "foobar"
+. . [Sequence/Sequence Of]
+. . . [0] [Integer] 1
+. . . [1] [Octet String] "foobar"
+
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SS_DEPS) kdb5_mkdums.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SS_DEPS) kdb5_mkdums.c
PROG_LIBPATH=-L$(TOPLIBD)
PROG_RPATH=$(KRB5_LIBDIR)
-SRCS= $(srcdir)/t_imp_name.c $(srcdir)/t_s4u.c
+SRCS= $(srcdir)/t_imp_name.c $(srcdir)/t_s4u.c $(srcdir)/t_namingexts.c
-OBJS= t_imp_name.o t_s4u.o
+OBJS= t_imp_name.o t_s4u.o t_namingexts.o
-all:: t_imp_name t_s4u
+all:: t_imp_name t_s4u t_namingexts
t_imp_name: t_imp_name.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o t_imp_name t_imp_name.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-
+t_namingexts: t_namingexts.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o t_namingexts t_namingexts.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
t_s4u: t_s4u.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o t_s4u t_s4u.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
clean::
- $(RM) t_imp_name t_s4u
+ $(RM) t_imp_name t_s4u t_namingexts
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \
t_s4u.c
+$(OUTPRE)t_namingexts.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
+ $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \
+ $(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/krb5/krb5.h \
+ $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h t_namingexts.c
--- /dev/null
+/* -*- mode: c; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <gssapi/gssapi_krb5.h>
+#include <gssapi/gssapi_generic.h>
+
+static gss_OID_desc spnego_mech = { 6, "\053\006\001\005\005\002" };
+
+static int use_spnego = 0;
+
+static void displayStatus_1(m, code, type)
+ char *m;
+ OM_uint32 code;
+ int type;
+{
+ OM_uint32 maj_stat, min_stat;
+ gss_buffer_desc msg;
+ OM_uint32 msg_ctx;
+
+ msg_ctx = 0;
+ while (1) {
+ maj_stat = gss_display_status(&min_stat, code,
+ type, GSS_C_NULL_OID,
+ &msg_ctx, &msg);
+ fprintf(stderr, "%s: %s\n", m, (char *)msg.value);
+ (void) gss_release_buffer(&min_stat, &msg);
+
+ if (!msg_ctx)
+ break;
+ }
+}
+
+static void displayStatus(msg, maj_stat, min_stat)
+ char *msg;
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+{
+ displayStatus_1(msg, maj_stat, GSS_C_GSS_CODE);
+ displayStatus_1(msg, min_stat, GSS_C_MECH_CODE);
+}
+
+static OM_uint32
+displayCanonName(OM_uint32 *minor, gss_name_t name, char *tag)
+{
+ gss_name_t canon;
+ OM_uint32 major, tmp;
+ gss_buffer_desc buf;
+
+ major = gss_canonicalize_name(minor, name, (gss_OID)gss_mech_krb5, &canon);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_canonicalize_name", major, *minor);
+ return major;
+ }
+
+ major = gss_display_name(minor, canon, &buf, NULL);
+ if (GSS_ERROR(major)) {
+ gss_release_name(&tmp, &canon);
+ displayStatus("gss_display_name", major, *minor);
+ return major;
+ }
+
+ printf("%s:\t%s\n", tag, (char *)buf.value);
+
+ gss_release_name(&tmp, &canon);
+ gss_release_buffer(&tmp, &buf);
+
+ return GSS_S_COMPLETE;
+}
+
+static void
+dumpAttribute(OM_uint32 *minor,
+ gss_name_t name,
+ gss_buffer_t attribute,
+ int noisy)
+{
+ OM_uint32 major, tmp;
+ gss_buffer_desc value;
+ gss_buffer_desc display_value;
+ int authenticated = 0;
+ int complete = 0;
+ int more = -1;
+ unsigned int i;
+
+ while (more != 0) {
+ value.value = NULL;
+ display_value.value = NULL;
+
+ major = gss_get_name_attribute(minor,
+ name,
+ attribute,
+ &authenticated,
+ &complete,
+ &value,
+ &display_value,
+ &more);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_get_name_attribute", major, *minor);
+ break;
+ }
+
+ printf("Attribute %.*s %s %s\n\n%.*s\n",
+ (int)attribute->length, (char *)attribute->value,
+ authenticated ? "Authenticated" : "",
+ complete ? "Complete" : "",
+ (int)display_value.length, (char *)display_value.value);
+
+ if (noisy) {
+ for (i = 0; i < value.length; i++) {
+ if ((i % 32) == 0)
+ printf("\n");
+ printf("%02x", ((char *)value.value)[i] & 0xFF);
+ }
+ printf("\n\n");
+ }
+
+ gss_release_buffer(&tmp, &value);
+ gss_release_buffer(&tmp, &display_value);
+ }
+}
+
+static OM_uint32
+enumerateAttributes(OM_uint32 *minor,
+ gss_name_t name,
+ int noisy)
+{
+ OM_uint32 major, tmp;
+ int name_is_MN;
+ gss_OID mech = GSS_C_NO_OID;
+ gss_buffer_set_t attrs = GSS_C_NO_BUFFER_SET;
+ unsigned int i;
+
+ major = gss_inquire_name(minor,
+ name,
+ &name_is_MN,
+ &mech,
+ &attrs);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_inquire_name", major, *minor);
+ return major;
+ }
+
+ if (attrs != GSS_C_NO_BUFFER_SET) {
+ for (i = 0; i < attrs->count; i++)
+ dumpAttribute(minor, name, &attrs->elements[i], noisy);
+ }
+
+ gss_release_oid(&tmp, &mech);
+ gss_release_buffer_set(&tmp, &attrs);
+
+ return major;
+}
+
+static OM_uint32
+testExportImportName(OM_uint32 *minor,
+ gss_name_t name)
+{
+ OM_uint32 major, tmp;
+ gss_buffer_desc exported_name;
+ gss_name_t imported_name = GSS_C_NO_NAME;
+ unsigned int i;
+
+ exported_name.value = NULL;
+
+ major = gss_export_name_composite(minor,
+ name,
+ &exported_name);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_export_name_composite", major, *minor);
+ return major;
+ }
+
+ printf("Exported name:\n");
+
+ for (i = 0; i < exported_name.length; i++) {
+ if ((i % 32) == 0)
+ printf("\n");
+ printf("%02x", ((char *)exported_name.value)[i] & 0xFF);
+ }
+
+ printf("\n");
+
+ major = gss_import_name(minor, &exported_name, gss_nt_exported_name,
+ &imported_name);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_import_name", major, *minor);
+ gss_release_buffer(&tmp, &exported_name);
+ return major;
+ }
+
+ gss_release_buffer(&tmp, &exported_name);
+
+ printf("\n");
+ displayCanonName(minor, imported_name, "Re-imported name");
+ printf("Re-imported attributes:\n\n");
+ major = enumerateAttributes(minor, imported_name, 0);
+
+ gss_release_name(&tmp, &imported_name);
+
+ return major;
+}
+
+static OM_uint32
+testGreetAuthzData(OM_uint32 *minor,
+ gss_name_t name)
+{
+ OM_uint32 major;
+ gss_buffer_desc attr;
+ gss_buffer_desc value;
+
+ attr.value = "greet:greeting";
+ attr.length = strlen((char *)attr.value);
+
+ major = gss_delete_name_attribute(minor,
+ name,
+ &attr);
+ if (major == GSS_S_UNAVAILABLE) {
+ fprintf(stderr, "Warning: greet_client plugin not installed\n");
+ return GSS_S_COMPLETE;
+ } else if (GSS_ERROR(major)) {
+ displayStatus("gss_delete_name_attribute", major, *minor);
+ return major;
+ }
+
+ value.value = "Hello, acceptor world!";
+ value.length = strlen((char *)value.value);
+
+ major = gss_set_name_attribute(minor,
+ name,
+ 1,
+ &attr,
+ &value);
+ if (major == GSS_S_UNAVAILABLE)
+ return GSS_S_COMPLETE;
+ else if (GSS_ERROR(major))
+ displayStatus("gss_set_name_attribute", major, *minor);
+
+ return major;
+}
+
+static OM_uint32
+testMapNameToAny(OM_uint32 *minor,
+ gss_name_t name)
+{
+ OM_uint32 major;
+ OM_uint32 tmp_minor;
+ gss_buffer_desc type_id;
+ krb5_pac pac;
+ krb5_context context;
+ krb5_error_code code;
+ size_t len;
+ krb5_ui_4 *types;
+
+ type_id.value = "mspac";
+ type_id.length = strlen((char *)type_id.value);
+
+ major = gss_map_name_to_any(minor,
+ name,
+ 1, /* authenticated */
+ &type_id,
+ (gss_any_t *)&pac);
+ if (major == GSS_S_UNAVAILABLE)
+ return GSS_S_COMPLETE;
+ else if (GSS_ERROR(major))
+ displayStatus("gss_map_name_to_any", major, &minor);
+
+ code = krb5_init_context(&context);
+ if (code != 0) {
+ gss_release_any_name_mapping(&tmp_minor, name,
+ &type_id, (gss_any_t *)&pac);
+ *minor = code;
+ return GSS_S_FAILURE;
+ }
+
+ code = krb5_pac_get_types(context, pac, &len, &types);
+ if (code == 0) {
+ size_t i;
+
+ printf("PAC buffer types:");
+ for (i = 0; i < len; i++)
+ printf(" %d", types[i]);
+ printf("\n");
+ free(types);
+ }
+
+ gss_release_any_name_mapping(&tmp_minor, name,
+ &type_id, (gss_any_t *)&pac);
+
+ return GSS_S_COMPLETE;
+}
+
+static OM_uint32
+initAcceptSecContext(OM_uint32 *minor,
+ gss_cred_id_t verifier_cred_handle)
+{
+ OM_uint32 major;
+ gss_buffer_desc token, tmp;
+ gss_ctx_id_t initiator_context = GSS_C_NO_CONTEXT;
+ gss_ctx_id_t acceptor_context = GSS_C_NO_CONTEXT;
+ gss_name_t source_name = GSS_C_NO_NAME;
+ gss_name_t target_name = GSS_C_NO_NAME;
+ OM_uint32 time_rec;
+
+ token.value = NULL;
+ token.length = 0;
+
+ tmp.value = NULL;
+ tmp.length = 0;
+
+ major = gss_inquire_cred(minor, verifier_cred_handle,
+ &target_name, NULL, NULL, NULL);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_inquire_cred", major, *minor);
+ return major;
+ }
+
+ displayCanonName(minor, target_name, "Target name");
+
+ major = gss_init_sec_context(minor,
+ verifier_cred_handle,
+ &initiator_context,
+ target_name,
+ use_spnego ?
+ (gss_OID)&spnego_mech :
+ (gss_OID)gss_mech_krb5,
+ GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG,
+ GSS_C_INDEFINITE,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ GSS_C_NO_BUFFER,
+ NULL,
+ &token,
+ NULL,
+ &time_rec);
+
+ if (target_name != GSS_C_NO_NAME)
+ (void) gss_release_name(minor, &target_name);
+
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_init_sec_context", major, *minor);
+ return major;
+ }
+
+ (void) gss_delete_sec_context(minor, &initiator_context, NULL);
+
+ major = gss_accept_sec_context(minor,
+ &acceptor_context,
+ verifier_cred_handle,
+ &token,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ &source_name,
+ NULL,
+ &tmp,
+ NULL,
+ &time_rec,
+ NULL);
+
+ if (GSS_ERROR(major))
+ displayStatus("gss_accept_sec_context", major, *minor);
+ else {
+ displayCanonName(minor, source_name, "Source name");
+ enumerateAttributes(minor, source_name, 1);
+ testExportImportName(minor, source_name);
+ testMapNameToAny(minor, source_name);
+ }
+
+ (void) gss_release_name(minor, &source_name);
+ (void) gss_delete_sec_context(minor, &acceptor_context, NULL);
+ (void) gss_release_buffer(minor, &token);
+ (void) gss_release_buffer(minor, &tmp);
+
+ return major;
+}
+
+int main(int argc, char *argv[])
+{
+ OM_uint32 minor, major, tmp;
+ gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
+ gss_OID_set_desc mechs;
+ gss_OID_set actual_mechs = GSS_C_NO_OID_SET;
+ gss_name_t name = GSS_C_NO_NAME;
+
+ if (argc > 1 && strcmp(argv[1], "--spnego") == 0) {
+ use_spnego++;
+ argc--;
+ argv++;
+ }
+
+ if (argc > 1) {
+ gss_buffer_desc name_buf;
+ gss_name_t tmp_name;
+
+ name_buf.value = argv[1];
+ name_buf.length = strlen(argv[1]);
+
+ major = gss_import_name(&minor, &name_buf,
+ (gss_OID)GSS_KRB5_NT_PRINCIPAL_NAME, &tmp_name);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_import_name", major, minor);
+ goto out;
+ }
+
+ major = gss_canonicalize_name(&minor, tmp_name,
+ (gss_OID)gss_mech_krb5, &name);
+ if (GSS_ERROR(major)) {
+ gss_release_name(&tmp, &tmp_name);
+ displayStatus("gss_canonicalze_name", major, minor);
+ goto out;
+ }
+
+ gss_release_name(&tmp, &tmp_name);
+
+ major = testGreetAuthzData(&minor, name);
+ if (GSS_ERROR(major))
+ goto out;
+ } else {
+ fprintf(stderr, "Usage: %s [--spnego] [principal] [keytab]\n", argv[0]);
+ exit(1);
+ }
+
+ if (argc > 2) {
+ major = krb5_gss_register_acceptor_identity(argv[2]);
+ if (GSS_ERROR(major)) {
+ displayStatus("krb5_gss_register_acceptor_identity", major, minor);
+ goto out;
+ }
+ }
+
+
+ mechs.elements = use_spnego ? (gss_OID)&spnego_mech :
+ (gss_OID)gss_mech_krb5;
+ mechs.count = 1;
+
+ /* get default cred */
+ major = gss_acquire_cred(&minor,
+ name,
+ GSS_C_INDEFINITE,
+ &mechs,
+ GSS_C_BOTH,
+ &cred_handle,
+ &actual_mechs,
+ NULL);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_acquire_cred", major, minor);
+ goto out;
+ }
+
+ (void) gss_release_oid_set(&minor, &actual_mechs);
+
+ major = initAcceptSecContext(&minor, cred_handle);
+ if (GSS_ERROR(major))
+ goto out;
+
+ printf("\n");
+
+out:
+ (void) gss_release_cred(&tmp, &cred_handle);
+ (void) gss_release_oid_set(&tmp, &actual_mechs);
+ (void) gss_release_name(&tmp, &name);
+
+ return GSS_ERROR(major) ? 1 : 0;
+}
+
static gss_OID_desc spnego_mech = { 6, "\053\006\001\005\005\002" };
-int use_spnego = 0;
+static int use_spnego = 0;
static void displayStatus_1(m, code, type)
char *m;
return GSS_S_COMPLETE;
}
+static void
+dumpAttribute(OM_uint32 *minor,
+ gss_name_t name,
+ gss_buffer_t attribute,
+ int noisy)
+{
+ OM_uint32 major, tmp_minor;
+ gss_buffer_desc value;
+ gss_buffer_desc display_value;
+ int authenticated = 0;
+ int complete = 0;
+ int more = -1;
+ unsigned int i;
+
+ while (more != 0) {
+ value.value = NULL;
+ display_value.value = NULL;
+
+ major = gss_get_name_attribute(minor,
+ name,
+ attribute,
+ &authenticated,
+ &complete,
+ &value,
+ &display_value,
+ &more);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_get_name_attribute", major, *minor);
+ break;
+ }
+
+ printf("Attribute %.*s %s %s\n\n%.*s\n",
+ (int)attribute->length, (char *)attribute->value,
+ authenticated ? "Authenticated" : "",
+ complete ? "Complete" : "",
+ (int)display_value.length, (char *)display_value.value);
+
+ if (noisy) {
+ for (i = 0; i < value.length; i++) {
+ if ((i % 32) == 0)
+ printf("\n");
+ printf("%02x", ((char *)value.value)[i] & 0xFF);
+ }
+ printf("\n\n");
+ }
+
+ gss_release_buffer(&tmp_minor, &value);
+ gss_release_buffer(&tmp_minor, &display_value);
+ }
+}
+
+static OM_uint32
+enumerateAttributes(OM_uint32 *minor,
+ gss_name_t name,
+ int noisy)
+{
+ OM_uint32 major, tmp_minor;
+ int name_is_MN;
+ gss_OID mech = GSS_C_NO_OID;
+ gss_buffer_set_t attrs = GSS_C_NO_BUFFER_SET;
+ unsigned int i;
+
+ major = gss_inquire_name(minor,
+ name,
+ &name_is_MN,
+ &mech,
+ &attrs);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_inquire_name", major, *minor);
+ return major;
+ }
+
+ if (attrs != GSS_C_NO_BUFFER_SET) {
+ for (i = 0; i < attrs->count; i++)
+ dumpAttribute(minor, name, &attrs->elements[i], noisy);
+ }
+
+ gss_release_oid(&tmp_minor, &mech);
+ gss_release_buffer_set(&tmp_minor, &attrs);
+
+ return major;
+}
+
+static OM_uint32
+testGreetAuthzData(OM_uint32 *minor,
+ gss_name_t *name)
+{
+ OM_uint32 major, tmp_minor;
+ gss_buffer_desc attr;
+ gss_buffer_desc value;
+ gss_name_t canon;
+
+ major = gss_canonicalize_name(minor,
+ *name,
+ (gss_OID)gss_mech_krb5,
+ &canon);
+ if (GSS_ERROR(major)) {
+ displayStatus("gss_canonicalize_name", major, *minor);
+ return major;
+ }
+
+ attr.value = "greet:greeting";
+ attr.length = strlen((char *)attr.value);
+
+ value.value = "Hello, acceptor world!";
+ value.length = strlen((char *)value.value);
+
+ major = gss_set_name_attribute(minor,
+ canon,
+ 1,
+ &attr,
+ &value);
+ if (major == GSS_S_UNAVAILABLE)
+ major = GSS_S_COMPLETE;
+ else if (GSS_ERROR(major))
+ displayStatus("gss_set_name_attribute", major, *minor);
+ else {
+ gss_release_name(&tmp_minor, name);
+ *name = canon;
+ canon = GSS_C_NO_NAME;
+ }
+
+ if (canon != GSS_C_NO_NAME)
+ gss_release_name(&tmp_minor, &canon);
+
+ return GSS_S_COMPLETE;
+}
+
static OM_uint32
initAcceptSecContext(OM_uint32 *minor,
gss_cred_id_t claimant_cred_handle,
else {
displayCanonName(minor, source_name, "Source name");
displayOID(minor, mech, "Source mech");
+ enumerateAttributes(minor, source_name, 1);
}
(void) gss_release_name(&tmp_minor, &source_name);
printf("Protocol transition tests follow\n");
printf("-----------------------------------\n\n");
+ major = testGreetAuthzData(&minor, &user);
+ if (GSS_ERROR(major))
+ goto out;
+
/* get S4U2Self cred */
major = gss_acquire_cred_impersonate_name(&minor,
impersonator_cred_handle,
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- kdc5_hammer.c
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h kdc5_hammer.c
$(SRCTOP)/include/k5-ipc_stream.h $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-utf8.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- test_cxx_k5int.cpp
+ $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
+ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
+ $(SRCTOP)/include/socket-utils.h test_cxx_k5int.cpp
$(OUTPRE)test_cxx_gss.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
test_cxx_gss.cpp
$(OUTPRE)test_cxx_rpc.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
$(RM) $(TEST_DB)* stash_file
clean::
- $(RM) kdc.conf
+ $(RM) kdc.conf krb5.conf bigendian.$(OBJEXT) bigendian
$(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(SS_DEPS) kdb5_verify.c
+ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
+ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SS_DEPS) kdb5_verify.c
utils.c
options.so options.po $(OUTPRE)options.$(OBJEXT): $(BUILDTOP)/include/ss/ss_err.h \
$(COM_ERR_DEPS) copyright.h options.c ss.h
-cmd_tbl.lex.o: cmd_tbl.lex.c
+cmd_tbl.lex.o: cmd_tbl.lex.c ct.tab.h
ct.tab.o: $(BUILDTOP)/include/ss/ss_err.h $(COM_ERR_DEPS) \
ct.tab.c ss.h
ss_err.so ss_err.po $(OUTPRE)ss_err.$(OBJEXT): $(COM_ERR_DEPS) \
projects / thirdparty / krb5.git / commitdiff
