summaryrefslogtreecommitdiff
path: root/h
diff options
context:
space:
mode:
authorGravatar Karl Ramm <kcr@mit.edu>2007-12-25 00:56:08 +0000
committerGravatar Karl Ramm <kcr@mit.edu>2007-12-25 00:56:08 +0000
commit1a0e03eb19998ab496a6ea845ff2c42d9a02df0b (patch)
tree29b47c8532e1f1678063fbb1b851ee4208134626 /h
parent3f120f880be9ae9aa1612ddc2412e9acb9a8e85e (diff)
applied athena-update-branch patch
Diffstat (limited to 'h')
-rw-r--r--h/config.h.in263
-rw-r--r--h/internal.h56
-rw-r--r--h/zephyr/zephyr.h10
3 files changed, 249 insertions, 80 deletions
diff --git a/h/config.h.in b/h/config.h.in
index 1a3dd61..c962a5d 100644
--- a/h/config.h.in
+++ b/h/config.h.in
@@ -1,40 +1,42 @@
-/* h/config.h.in. Generated automatically from configure.in by autoheader. */
+/* h/config.h.in. Generated from configure.in by autoheader. */
+/* Define to compile with Hesiod support. */
+#undef HAVE_HESIOD
-/* Define if the `getpgrp' function takes no argument. */
-#undef GETPGRP_VOID
+/* Define to compile with Kerberos support. */
+#undef HAVE_KRB4
-/* Define to `int' if <sys/types.h> doesn't define. */
-#undef gid_t
+/* Define to compile with Kerberos v5 support. */
+#undef HAVE_KRB5
-/* Define if you don't have vprintf but do have _doprnt. */
-#undef HAVE_DOPRNT
+/* Define to 1 if `enc_part2' is member of `krb5_ticket'. */
+#undef HAVE_KRB5_TICKET_ENC_PART2
-/* Define if you have <sys/wait.h> that is POSIX.1 compatible. */
-#undef HAVE_SYS_WAIT_H
+/* Define to 1 if `keyblock.enctype' is member of `krb5_creds'. */
+#undef HAVE_KRB5_CREDS_KEYBLOCK_ENCTYPE
-/* Define if you have the vprintf function. */
-#undef HAVE_VPRINTF
+/* Define to 1 if you have the `krb5_c_make_checksum' function. */
+#undef HAVE_KRB5_C_MAKE_CHECKSUM
-/* Define as the return type of signal handlers (int or void). */
-#undef RETSIGTYPE
+/* Define to 1 if you have the `krb5_cc_set_default_name' function. */
+#undef HAVE_KRB5_CC_SET_DEFAULT_NAME
-/* Define if the `setpgrp' function takes no argument. */
-#undef SETPGRP_VOID
+/* Define to 1 if `krb5_auth_con_getauthenticator' takes a double pointer third arg. */
+#undef KRB5_AUTH_CON_GETAUTHENTICATOR_TAKES_DOUBLE_POINTER
-/* Define if you have the ANSI C header files. */
-#undef STDC_HEADERS
+/* Define to 1 if you have the <krb5_err.h> header file. */
+#undef HAVE_KRB5_ERR_H
-/* Define to `int' if <sys/types.h> doesn't define. */
-#undef uid_t
+/* Define to 1 if you have the `krb5_free_data' function. */
+#undef HAVE_KRB5_FREE_DATA
-/* Define if the X Window System is missing or not being used. */
-#undef X_DISPLAY_MISSING
+/* Define to 1 if you have the <krb5/ss.h> header file. */
+#undef HAVE_KRB5_SS_H
-/* Define to compile with Hesiod support. */
-#undef HAVE_HESIOD
+/* Define to 1 if you have the `krb_get_err_text' function. */
+#undef HAVE_KRB_GET_ERR_TEXT
-/* Define to compile with Kerberos support. */
-#undef HAVE_KRB4
+/* Define to 1 if you have the `krb_log' function. */
+#undef HAVE_KRB_LOG
/* Define to compile with ares support. */
#undef HAVE_ARES
@@ -45,122 +47,223 @@
/* Define if you have the System Resource Controller library. */
#undef HAVE_SRC
+/* Define to "unsigned long" if your system headers don't. */
+#undef ulong
+
/* Define to a temporary directory on your system. */
#define FOUND_TMP "/var/tmp"
/* Define to the type of the host system. */
#define MACHINE_TYPE "unknown"
-/* The number of bytes in a int. */
-#undef SIZEOF_INT
+/* Define if `regcomp' exists and works. */
+#undef HAVE_REGCOMP
-/* The number of bytes in a long. */
-#undef SIZEOF_LONG
-/* The number of bytes in a short. */
-#undef SIZEOF_SHORT
+/* Define to 1 if the `getpgrp' function requires zero arguments. */
+#undef GETPGRP_VOID
-/* Define if you have the gethostid function. */
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#undef HAVE_DLFCN_H
+
+/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
+#undef HAVE_DOPRNT
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#undef HAVE_FCNTL_H
+
+/* Define to 1 if you have the `gethostid' function. */
#undef HAVE_GETHOSTID
-/* Define if you have the getlogin function. */
+/* Define to 1 if you have the `getlogin' function. */
#undef HAVE_GETLOGIN
-/* Define if you have the getpgid function. */
+/* Define to 1 if you have the `getpgid' function. */
#undef HAVE_GETPGID
-/* Define if you have the getsid function. */
+/* Define to 1 if you have the `getsid' function. */
#undef HAVE_GETSID
-/* Define if you have the krb_get_err_text function. */
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `krb5_cc_set_default_name' function. */
+#undef HAVE_KRB5_CC_SET_DEFAULT_NAME
+
+/* Define to 1 if you have the `krb5_c_make_checksum' function. */
+#undef HAVE_KRB5_C_MAKE_CHECKSUM
+
+/* Define to 1 if you have the <krb5_err.h> header file. */
+#undef HAVE_KRB5_ERR_H
+
+/* Define to 1 if you have the `krb5_free_data' function. */
+#undef HAVE_KRB5_FREE_DATA
+
+/* Define to 1 if you have the `krb_get_err_text' function. */
#undef HAVE_KRB_GET_ERR_TEXT
-/* Define if you have the krb_log function. */
+/* Define to 1 if you have the `krb_log' function. */
#undef HAVE_KRB_LOG
-/* Define if you have the lrand48 function. */
+/* Define to 1 if you have the `44bsd' library (-l44bsd). */
+#undef HAVE_LIB44BSD
+
+/* Define to 1 if you have the `curses' library (-lcurses). */
+#undef HAVE_LIBCURSES
+
+/* Define to 1 if you have the `dl' library (-ldl). */
+#undef HAVE_LIBDL
+
+/* Define to 1 if you have the `gen' library (-lgen). */
+#undef HAVE_LIBGEN
+
+/* Define to 1 if you have the `nsl' library (-lnsl). */
+#undef HAVE_LIBNSL
+
+/* Define to 1 if you have the `readline' library (-lreadline). */
+#undef HAVE_LIBREADLINE
+
+/* Define to 1 if you have the `resolv' library (-lresolv). */
+#undef HAVE_LIBRESOLV
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+#undef HAVE_LIBSOCKET
+
+/* Define to 1 if you have the `w' library (-lw). */
+#undef HAVE_LIBW
+
+/* Define to 1 if you have the `lrand48' function. */
#undef HAVE_LRAND48
-/* Define if you have the memcpy function. */
+/* Define to 1 if you have the <malloc.h> header file. */
+#undef HAVE_MALLOC_H
+
+/* Define to 1 if you have the `memcpy' function. */
#undef HAVE_MEMCPY
-/* Define if you have the memmove function. */
+/* Define to 1 if you have the `memmove' function. */
#undef HAVE_MEMMOVE
-/* Define if you have the putenv function. */
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the <paths.h> header file. */
+#undef HAVE_PATHS_H
+
+/* Define to 1 if you have the `putenv' function. */
#undef HAVE_PUTENV
-/* Define if you have the random function. */
+/* Define to 1 if you have the `random' function. */
#undef HAVE_RANDOM
-/* Define if you have the strchr function. */
-#undef HAVE_STRCHR
+/* Define to 1 if you have the <sgtty.h> header file. */
+#undef HAVE_SGTTY_H
-/* Define if you have the strerror function. */
-#undef HAVE_STRERROR
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
-/* Define if you have the waitpid function. */
-#undef HAVE_WAITPID
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
-/* Define if you have the <fcntl.h> header file. */
-#undef HAVE_FCNTL_H
+/* Define to 1 if you have the `strchr' function. */
+#undef HAVE_STRCHR
-/* Define if you have the <malloc.h> header file. */
-#undef HAVE_MALLOC_H
+/* Define to 1 if you have the `strerror' function. */
+#undef HAVE_STRERROR
-/* Define if you have the <paths.h> header file. */
-#undef HAVE_PATHS_H
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
-/* Define if you have the <sgtty.h> header file. */
-#undef HAVE_SGTTY_H
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
-/* Define if you have the <sys/cdefs.h> header file. */
+/* Define to 1 if you have the <sys/cdefs.h> header file. */
#undef HAVE_SYS_CDEFS_H
-/* Define if you have the <sys/file.h> header file. */
+/* Define to 1 if you have the <sys/file.h> header file. */
#undef HAVE_SYS_FILE_H
-/* Define if you have the <sys/filio.h> header file. */
+/* Define to 1 if you have the <sys/filio.h> header file. */
#undef HAVE_SYS_FILIO_H
-/* Define if you have the <sys/ioctl.h> header file. */
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
-/* Define if you have the <sys/msgbuf.h> header file. */
+/* Define to 1 if you have the <sys/msgbuf.h> header file. */
#undef HAVE_SYS_MSGBUF_H
-/* Define if you have the <sys/select.h> header file. */
+/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
-/* Define if you have the <sys/time.h> header file. */
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/time.h> header file. */
#undef HAVE_SYS_TIME_H
-/* Define if you have the <sys/utsname.h> header file. */
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <sys/utsname.h> header file. */
#undef HAVE_SYS_UTSNAME_H
-/* Define if you have the <termios.h> header file. */
+/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
+#undef HAVE_SYS_WAIT_H
+
+/* Define to 1 if you have the <termios.h> header file. */
#undef HAVE_TERMIOS_H
-/* Define if you have the <unistd.h> header file. */
+/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
-/* Define if you have the 44bsd library (-l44bsd). */
-#undef HAVE_LIB44BSD
+/* Define to 1 if you have the `vprintf' function. */
+#undef HAVE_VPRINTF
-/* Define if you have the dl library (-ldl). */
-#undef HAVE_LIBDL
+/* Define to 1 if you have the `waitpid' function. */
+#undef HAVE_WAITPID
-/* Define if you have the gen library (-lgen). */
-#undef HAVE_LIBGEN
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
-/* Define if you have the nsl library (-lnsl). */
-#undef HAVE_LIBNSL
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
-/* Define if you have the resolv library (-lresolv). */
-#undef HAVE_LIBRESOLV
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
-/* Define if you have the socket library (-lsocket). */
-#undef HAVE_LIBSOCKET
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
-/* Define if you have the w library (-lw). */
-#undef HAVE_LIBW
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* Define as the return type of signal handlers (`int' or `void'). */
+#undef RETSIGTYPE
+
+/* Define to 1 if the `setpgrp' function takes no argument. */
+#undef SETPGRP_VOID
+
+/* The size of `int', as computed by sizeof. */
+#undef SIZEOF_INT
+
+/* The size of `long', as computed by sizeof. */
+#undef SIZEOF_LONG
+
+/* The size of `short', as computed by sizeof. */
+#undef SIZEOF_SHORT
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Define to 1 if the X Window System is missing or not being used. */
+#undef X_DISPLAY_MISSING
+
+/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
+ `char[]'. */
+#undef YYTEXT_POINTER
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+#undef gid_t
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+#undef uid_t
diff --git a/h/internal.h b/h/internal.h
index f0b482c..403e85c 100644
--- a/h/internal.h
+++ b/h/internal.h
@@ -11,6 +11,10 @@
#include <krb_err.h>
#endif
+#ifdef HAVE_KRB5
+#include <krb5.h>
+#endif
+
#ifdef HAVE_HESIOD
#include <hesiod.h>
#endif
@@ -34,6 +38,13 @@
#define Z_NOTICETIMELIMIT 30 /* Time to wait for fragments */
#define Z_INITFILTERSIZE 30 /* Starting size of uid filter */
+#define Z_AUTHMODE_NONE 0 /* no authentication */
+#define Z_AUTHMODE_KRB4 1 /* authenticate using Kerberos V4 */
+#define Z_AUTHMODE_KRB5 2 /* authenticate using Kerberos V5 */
+
+#define Z_KEYUSAGE_CLT_CKSUM 1027 /* client->server notice checksum */
+#define Z_KEYUSAGE_SRV_CKSUM 1029 /* server->client notice checksum */
+
struct _Z_Hole {
struct _Z_Hole *next;
int first;
@@ -64,6 +75,11 @@ extern int __Zephyr_open; /* 0 if FD opened, 1 otherwise */
extern int __HM_set; /* 0 if dest addr set, 1 otherwise */
extern int __Zephyr_server; /* 0 if normal client, 1 if server or zhm */
+#ifdef HAVE_KRB5
+extern krb5_context Z_krb5_ctx;
+Code_t Z_krb5_lookup_cksumtype(krb5_enctype, krb5_cksumtype *);
+#endif
+
extern ZLocations_t *__locate_list;
extern int __locate_num;
extern int __locate_next;
@@ -97,6 +113,46 @@ Code_t Z_WaitForNotice __P((ZNotice_t *notice,
int (*pred) __P((ZNotice_t *, void *)), void *arg,
int timeout));
+
+Code_t Z_NewFormatHeader __P((ZNotice_t *, char *, int, int *, Z_AuthProc));
+Code_t Z_NewFormatAuthHeader __P((ZNotice_t *, char *, int, int *, Z_AuthProc));
+Code_t Z_NewFormatRawHeader __P((ZNotice_t *, char *, int, int *, char **,
+ int *, char **, char **));
+Code_t Z_AsciiFormatRawHeader __P((ZNotice_t *, char *, int, int *, char **,
+ int *, char **, char **));
+
void Z_gettimeofday(struct _ZTimeval *ztv, struct timezone *tz);
+
+#ifdef HAVE_KRB5
+int ZGetCreds(krb5_creds **creds_out);
+int ZGetCredsRealm(krb5_creds **creds_out, char *realm);
+Code_t Z_Checksum(krb5_data *cksumbuf, krb5_keyblock *keyblock, krb5_cksumtype cksumtype, char **asn1_data, int *asn1_len);
+Code_t Z_ExtractEncCksum(krb5_keyblock *keyblock, krb5_enctype *enctype, krb5_cksumtype *cksumtype);
+int Z_krb5_verify_cksum(krb5_keyblock *keyblock, krb5_data *cksumbuf, krb5_cksumtype cksumtype, char *asn1_data, int asn1_len);
+Code_t Z_InsertZcodeChecksum(krb5_keyblock *keyblock, ZNotice_t *notice,
+ char *buffer,
+ char *cksum_start, int cksum_len,
+ char *cstart, char *cend, int buffer_len,
+ int *length_ajdust);
+#endif
+
+#ifdef HAVE_KRB5_CREDS_KEYBLOCK_ENCTYPE
+#define Z_keydata(keyblock) ((keyblock)->contents)
+#define Z_keylen(keyblock) ((keyblock)->length)
+#define Z_credskey(creds) (&(creds)->keyblock)
+#else
+#define Z_keydata(keyblock) ((keyblock)->keyvalue.data)
+#define Z_keylen(keyblock) ((keyblock)->keyvalue.length)
+#define Z_credskey(creds) (&(creds)->session)
+#endif
+
+#ifdef HAVE_KRB5_TICKET_ENC_PART2
+#define Z_tktprincp(tkt) ((tkt)->enc_part2 != 0)
+#define Z_tktprinc(tkt) ((tkt)->enc_part2->client)
+#else
+#define Z_tktprincp(tkt) ((tkt)->client != 0)
+#define Z_tktprinc(tkt) ((tkt)->client)
+#endif
+
#endif /* __INTERNAL_H__ */
diff --git a/h/zephyr/zephyr.h b/h/zephyr/zephyr.h
index 713e261..429663e 100644
--- a/h/zephyr/zephyr.h
+++ b/h/zephyr/zephyr.h
@@ -39,6 +39,7 @@
#define SERVER_SVCNAME "zephyr-clt"
#define SERVER_SERVICE "zephyr"
#define SERVER_INSTANCE "zephyr"
+#define SERVER_KRB5_SERVICE "zephyr"
#define ZVERSIONHDR "ZEPH"
#define ZVERSIONMAJOR 0
@@ -98,6 +99,7 @@ typedef struct _ZNotice_t {
char *z_multinotice;
ZUnique_Id_t z_multiuid;
ZChecksum_t z_checksum;
+ char *z_ascii_checksum;
int z_num_other_fields;
char *z_other_fields[Z_MAXOTHERFIELDS];
caddr_t z_message;
@@ -139,6 +141,8 @@ int ZCompareMultiUIDPred ZP((ZNotice_t *, void *));
/* Defines for ZFormatNotice, et al. */
typedef Code_t (*Z_AuthProc) ZP((ZNotice_t*, char *, int, int *));
Code_t ZMakeAuthentication ZP((ZNotice_t*, char *,int, int*));
+Code_t ZMakeZcodeAuthentication ZP((ZNotice_t*, char *,int, int*));
+Code_t ZMakeZcodeRealmAuthentication ZP((ZNotice_t*, char *,int, int*, char*));
char *ZGetSender ZP((void));
char *ZGetVariable ZP((char *));
@@ -152,6 +156,7 @@ Code_t ZParseNotice ZP((char*, int, ZNotice_t *));
Code_t ZReadAscii ZP((char*, int, unsigned char*, int));
Code_t ZReadAscii32 ZP((char *, int, unsigned long *));
Code_t ZReadAscii16 ZP((char *, int, unsigned short *));
+Code_t ZReadZcode ZP((unsigned char*, unsigned char*, int, int *));
Code_t ZSendPacket ZP((char*, int, int));
Code_t ZSendList ZP((ZNotice_t*, char *[], int, Z_AuthProc));
Code_t ZSrvSendList ZP((ZNotice_t*, char*[], int, Z_AuthProc, Code_t (*)()));
@@ -175,8 +180,12 @@ Code_t ZSrvSendRawList ZP((ZNotice_t*, char*[], int,
Code_t ZMakeAscii ZP((char*, int, unsigned char*, int));
Code_t ZMakeAscii32 ZP((char *, int, unsigned long));
Code_t ZMakeAscii16 ZP((char *, int, unsigned int));
+Code_t ZMakeZcode ZP((char*, int, unsigned char*, int));
+Code_t ZMakeZcode32 ZP((char *, int, unsigned long));
Code_t ZReceivePacket ZP((ZPacket_t, int*, struct sockaddr_in*));
Code_t ZCheckAuthentication ZP((ZNotice_t*, struct sockaddr_in*));
+Code_t ZCheckZcodeAuthentication ZP((ZNotice_t*, struct sockaddr_in*));
+Code_t ZCheckZcodeRealmAuthentication ZP((ZNotice_t*, struct sockaddr_in*, char *realm));
Code_t ZInitLocationInfo ZP((char *hostname, char *tty));
Code_t ZSetLocation ZP((char *exposure));
Code_t ZUnsetLocation ZP((void));
@@ -253,6 +262,7 @@ void ZSetDebug ZP((void (*)(ZCONST char *, va_list, void *), void *));
#define SRV_TIMEOUT 30
#define ZAUTH (ZMakeAuthentication)
+#define ZCAUTH (ZMakeZcodeAuthentication)
#define ZNOAUTH ((Z_AuthProc)0)
/* Packet strings */