kerberos.c (84305) | kerberos.c (87139) |
---|---|
1/*- 2 * Copyright (c) 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 15 unchanged lines hidden (view full) --- 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. | 1/*- 2 * Copyright (c) 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 15 unchanged lines hidden (view full) --- 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. |
32 * 33 * $FreeBSD: head/contrib/telnet/libtelnet/kerberos.c 84305 2001-10-01 16:04:55Z markm $ | |
34 */ 35 36#include <sys/cdefs.h> | 32 */ 33 34#include <sys/cdefs.h> |
37__FBSDID("$FreeBSD: head/contrib/telnet/libtelnet/kerberos.c 84305 2001-10-01 16:04:55Z markm $"); | |
38 | 35 |
36__FBSDID("$FreeBSD: head/contrib/telnet/libtelnet/kerberos.c 87139 2001-11-30 21:06:38Z markm $"); 37 |
|
39#ifndef lint 40static const char sccsid[] = "@(#)kerberos.c 8.3 (Berkeley) 5/30/95"; 41#endif /* not lint */ 42 43/* 44 * Copyright (C) 1990 by the Massachusetts Institute of Technology 45 * 46 * Export of this software from the United States of America is assumed --- 11 unchanged lines hidden (view full) --- 58 * permission. M.I.T. makes no representations about the suitability of 59 * this software for any purpose. It is provided "as is" without express 60 * or implied warranty. 61 */ 62 63#ifdef KRB4 64#include <sys/types.h> 65#include <arpa/telnet.h> | 38#ifndef lint 39static const char sccsid[] = "@(#)kerberos.c 8.3 (Berkeley) 5/30/95"; 40#endif /* not lint */ 41 42/* 43 * Copyright (C) 1990 by the Massachusetts Institute of Technology 44 * 45 * Export of this software from the United States of America is assumed --- 11 unchanged lines hidden (view full) --- 57 * permission. M.I.T. makes no representations about the suitability of 58 * this software for any purpose. It is provided "as is" without express 59 * or implied warranty. 60 */ 61 62#ifdef KRB4 63#include <sys/types.h> 64#include <arpa/telnet.h> |
66#include <stdio.h> | |
67#include <openssl/des.h> /* BSD wont include this in krb.h, so we do it here */ 68#include <krb.h> | 65#include <openssl/des.h> /* BSD wont include this in krb.h, so we do it here */ 66#include <krb.h> |
69#ifdef __STDC__ | 67#include <stdio.h> |
70#include <stdlib.h> | 68#include <stdlib.h> |
71#endif 72#ifdef NO_STRING_H 73#include <strings.h> 74#else | |
75#include <string.h> | 69#include <string.h> |
76#endif | |
77 78#include "encrypt.h" 79#include "auth.h" 80#include "misc.h" 81 82int kerberos4_cksum P((unsigned char *, int)); 83int kuserok P((AUTH_DAT *, char *)); 84 | 70 71#include "encrypt.h" 72#include "auth.h" 73#include "misc.h" 74 75int kerberos4_cksum P((unsigned char *, int)); 76int kuserok P((AUTH_DAT *, char *)); 77 |
85extern auth_debug_mode; | 78extern int auth_debug_mode; |
86 87static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, 88 AUTHTYPE_KERBEROS_V4, }; 89 90#define KRB_AUTH 0 /* Authentication data follows */ 91#define KRB_REJECT 1 /* Rejected (reason might follow) */ 92#define KRB_ACCEPT 2 /* Accepted */ 93#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ 94#define KRB_RESPONSE 4 /* Response for mutual auth. */ 95 | 79 80static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, 81 AUTHTYPE_KERBEROS_V4, }; 82 83#define KRB_AUTH 0 /* Authentication data follows */ 84#define KRB_REJECT 1 /* Rejected (reason might follow) */ 85#define KRB_ACCEPT 2 /* Accepted */ 86#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ 87#define KRB_RESPONSE 4 /* Response for mutual auth. */ 88 |
96#define KRB_SERVICE_NAME "rcmd" 97 | |
98static KTEXT_ST auth; 99static char name[ANAME_SZ]; | 89static KTEXT_ST auth; 90static char name[ANAME_SZ]; |
100static AUTH_DAT adat = { 0 }; | 91static AUTH_DAT adat = { 0, "", "", "", 0, {}, 0, 0, 0, { 0, "", 0 } }; |
101#ifdef ENCRYPTION 102static Block session_key = { 0 }; 103static des_key_schedule sched; 104static Block challenge = { 0 }; 105#endif /* ENCRYPTION */ 106 | 92#ifdef ENCRYPTION 93static Block session_key = { 0 }; 94static des_key_schedule sched; 95static Block challenge = { 0 }; 96#endif /* ENCRYPTION */ 97 |
107 static int 108Data(ap, type, d, c) 109 Authenticator *ap; 110 int type; 111 void *d; 112 int c; | 98static char krb_service_name[] = "rcmd"; 99static char empty[] = ""; 100 101static int 102Data(Authenticator *ap, int type, const unsigned char *d, int c) |
113{ 114 unsigned char *p = str_data + 4; | 103{ 104 unsigned char *p = str_data + 4; |
115 unsigned char *cd = (unsigned char *)d; | 105 const unsigned char *cd = d; |
116 117 if (c == -1) | 106 107 if (c == -1) |
118 c = strlen((char *)cd); | 108 c = strlen(cd); |
119 120 if (auth_debug_mode) { 121 printf("%s:%d: [%d] (%d)", 122 str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", 123 str_data[3], 124 type, c); 125 printd(d, c); 126 printf("\r\n"); --- 7 unchanged lines hidden (view full) --- 134 } 135 *p++ = IAC; 136 *p++ = SE; 137 if (str_data[3] == TELQUAL_IS) 138 printsub('>', &str_data[2], p - (&str_data[2])); 139 return(net_write(str_data, p - str_data)); 140} 141 | 109 110 if (auth_debug_mode) { 111 printf("%s:%d: [%d] (%d)", 112 str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", 113 str_data[3], 114 type, c); 115 printd(d, c); 116 printf("\r\n"); --- 7 unchanged lines hidden (view full) --- 124 } 125 *p++ = IAC; 126 *p++ = SE; 127 if (str_data[3] == TELQUAL_IS) 128 printsub('>', &str_data[2], p - (&str_data[2])); 129 return(net_write(str_data, p - str_data)); 130} 131 |
142 int 143kerberos4_init(ap, server) 144 Authenticator *ap; 145 int server; | 132int 133kerberos4_init(Authenticator *ap __unused, int server) |
146{ 147 FILE *fp; 148 149 if (server) { 150 str_data[3] = TELQUAL_REPLY; 151 if ((fp = fopen(KEYFILE, "r")) == NULL) 152 return(0); 153 fclose(fp); 154 } else { 155 str_data[3] = TELQUAL_IS; 156 } 157 return(1); 158} 159 160char dst_realm_buf[REALM_SZ], *dest_realm = NULL; 161int dst_realm_sz = REALM_SZ; 162 | 134{ 135 FILE *fp; 136 137 if (server) { 138 str_data[3] = TELQUAL_REPLY; 139 if ((fp = fopen(KEYFILE, "r")) == NULL) 140 return(0); 141 fclose(fp); 142 } else { 143 str_data[3] = TELQUAL_IS; 144 } 145 return(1); 146} 147 148char dst_realm_buf[REALM_SZ], *dest_realm = NULL; 149int dst_realm_sz = REALM_SZ; 150 |
163 int 164kerberos4_send(ap) 165 Authenticator *ap; | 151int 152kerberos4_send(Authenticator *ap) |
166{ | 153{ |
167 KTEXT_ST auth; | 154 KTEXT_ST lauth; |
168 char instance[INST_SZ]; 169 char *realm; | 155 char instance[INST_SZ]; 156 char *realm; |
170 char *krb_realmofhost(); 171 char *krb_get_phost(); | |
172 CREDENTIALS cred; 173 int r; 174 175 printf("[ Trying KERBEROS4 ... ]\n"); 176 if (!UserNameRequested) { 177 if (auth_debug_mode) { 178 printf("Kerberos V4: no user name supplied\r\n"); 179 } --- 8 unchanged lines hidden (view full) --- 188 instance[sizeof(instance)-1] = '\0'; 189 190 realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); 191 192 if (!realm) { 193 printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); 194 return(0); 195 } | 157 CREDENTIALS cred; 158 int r; 159 160 printf("[ Trying KERBEROS4 ... ]\n"); 161 if (!UserNameRequested) { 162 if (auth_debug_mode) { 163 printf("Kerberos V4: no user name supplied\r\n"); 164 } --- 8 unchanged lines hidden (view full) --- 173 instance[sizeof(instance)-1] = '\0'; 174 175 realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); 176 177 if (!realm) { 178 printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); 179 return(0); 180 } |
196 if ((r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L))) { | 181 if ((r = krb_mk_req(&lauth, krb_service_name, instance, realm, 0L))) { |
197 printf("mk_req failed: %s\r\n", krb_err_txt[r]); 198 return(0); 199 } | 182 printf("mk_req failed: %s\r\n", krb_err_txt[r]); 183 return(0); 184 } |
200 if ((r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred))) { | 185 if ((r = krb_get_cred(krb_service_name, instance, realm, &cred))) { |
201 printf("get_cred failed: %s\r\n", krb_err_txt[r]); 202 return(0); 203 } 204 if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { 205 if (auth_debug_mode) 206 printf("Not enough room for user name\r\n"); 207 return(0); 208 } 209 if (auth_debug_mode) | 186 printf("get_cred failed: %s\r\n", krb_err_txt[r]); 187 return(0); 188 } 189 if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { 190 if (auth_debug_mode) 191 printf("Not enough room for user name\r\n"); 192 return(0); 193 } 194 if (auth_debug_mode) |
210 printf("Sent %d bytes of authentication data\r\n", auth.length); 211 if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) { | 195 printf("Sent %d bytes of authentication data\r\n", lauth.length); 196 if (!Data(ap, KRB_AUTH, (void *)lauth.dat, lauth.length)) { |
212 if (auth_debug_mode) 213 printf("Not enough room for authentication data\r\n"); 214 return(0); 215 } 216#ifdef ENCRYPTION 217 /* 218 * If we are doing mutual authentication, get set up to send 219 * the challenge, and verify it when the response comes back. --- 17 unchanged lines hidden (view full) --- 237 if (x < 256) /* if no overflow, all done */ 238 break; 239 } 240 des_ecb_encrypt(&challenge, &challenge, sched, 1); 241 } 242#endif /* ENCRYPTION */ 243 244 if (auth_debug_mode) { | 197 if (auth_debug_mode) 198 printf("Not enough room for authentication data\r\n"); 199 return(0); 200 } 201#ifdef ENCRYPTION 202 /* 203 * If we are doing mutual authentication, get set up to send 204 * the challenge, and verify it when the response comes back. --- 17 unchanged lines hidden (view full) --- 222 if (x < 256) /* if no overflow, all done */ 223 break; 224 } 225 des_ecb_encrypt(&challenge, &challenge, sched, 1); 226 } 227#endif /* ENCRYPTION */ 228 229 if (auth_debug_mode) { |
245 printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); 246 printd(auth.dat, auth.length); | 230 printf("CK: %d:", kerberos4_cksum(lauth.dat, lauth.length)); 231 printd(lauth.dat, lauth.length); |
247 printf("\r\n"); 248 printf("Sent Kerberos V4 credentials to server\r\n"); 249 } 250 return(1); 251} 252 | 232 printf("\r\n"); 233 printf("Sent Kerberos V4 credentials to server\r\n"); 234 } 235 return(1); 236} 237 |
253 void 254kerberos4_is(ap, data, cnt) 255 Authenticator *ap; 256 unsigned char *data; 257 int cnt; | 238void 239kerberos4_is(Authenticator *ap, unsigned char *data, int cnt) |
258{ 259#ifdef ENCRYPTION 260 Session_Key skey; 261 Block datablock; 262#endif /* ENCRYPTION */ 263 char realm[REALM_SZ]; 264 char instance[INST_SZ]; 265 int r; 266 267 if (cnt-- < 1) 268 return; 269 switch (*data++) { 270 case KRB_AUTH: 271 if (krb_get_lrealm(realm, 1) != KSUCCESS) { | 240{ 241#ifdef ENCRYPTION 242 Session_Key skey; 243 Block datablock; 244#endif /* ENCRYPTION */ 245 char realm[REALM_SZ]; 246 char instance[INST_SZ]; 247 int r; 248 249 if (cnt-- < 1) 250 return; 251 switch (*data++) { 252 case KRB_AUTH: 253 if (krb_get_lrealm(realm, 1) != KSUCCESS) { |
272 Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1); | 254 Data(ap, KRB_REJECT, "No local V4 Realm.", -1); |
273 auth_finished(ap, AUTH_REJECT); 274 if (auth_debug_mode) 275 printf("No local realm\r\n"); 276 return; 277 } 278 memmove((void *)auth.dat, (void *)data, auth.length = cnt); 279 if (auth_debug_mode) { 280 printf("Got %d bytes of authentication data\r\n", cnt); 281 printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); 282 printd(auth.dat, auth.length); 283 printf("\r\n"); 284 } 285 instance[0] = '*'; instance[1] = 0; | 255 auth_finished(ap, AUTH_REJECT); 256 if (auth_debug_mode) 257 printf("No local realm\r\n"); 258 return; 259 } 260 memmove((void *)auth.dat, (void *)data, auth.length = cnt); 261 if (auth_debug_mode) { 262 printf("Got %d bytes of authentication data\r\n", cnt); 263 printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); 264 printd(auth.dat, auth.length); 265 printf("\r\n"); 266 } 267 instance[0] = '*'; instance[1] = 0; |
286 if ((r = krb_rd_req(&auth, KRB_SERVICE_NAME, 287 instance, 0, &adat, ""))) { | 268 if ((r = krb_rd_req(&auth, krb_service_name, 269 instance, 0, &adat, empty))) { |
288 if (auth_debug_mode) 289 printf("Kerberos failed him as %s\r\n", name); | 270 if (auth_debug_mode) 271 printf("Kerberos failed him as %s\r\n", name); |
290 Data(ap, KRB_REJECT, (void *)krb_err_txt[r], -1); | 272 Data(ap, KRB_REJECT, krb_err_txt[r], -1); |
291 auth_finished(ap, AUTH_REJECT); 292 return; 293 } 294#ifdef ENCRYPTION 295 memmove((void *)session_key, (void *)adat.session, sizeof(Block)); 296#endif /* ENCRYPTION */ 297 krb_kntoln(&adat, name); 298 299 if (UserNameRequested && !kuserok(&adat, UserNameRequested)) | 273 auth_finished(ap, AUTH_REJECT); 274 return; 275 } 276#ifdef ENCRYPTION 277 memmove((void *)session_key, (void *)adat.session, sizeof(Block)); 278#endif /* ENCRYPTION */ 279 krb_kntoln(&adat, name); 280 281 if (UserNameRequested && !kuserok(&adat, UserNameRequested)) |
300 Data(ap, KRB_ACCEPT, (void *)0, 0); | 282 Data(ap, KRB_ACCEPT, NULL, 0); |
301 else | 283 else |
302 Data(ap, KRB_REJECT, 303 (void *)"user is not authorized", -1); | 284 Data(ap, KRB_REJECT, "user is not authorized", -1); |
304 auth_finished(ap, AUTH_USER); 305 break; 306 307 case KRB_CHALLENGE: 308#ifndef ENCRYPTION | 285 auth_finished(ap, AUTH_USER); 286 break; 287 288 case KRB_CHALLENGE: 289#ifndef ENCRYPTION |
309 Data(ap, KRB_RESPONSE, (void *)0, 0); | 290 Data(ap, KRB_RESPONSE, NULL, 0); |
310#else /* ENCRYPTION */ 311 if (!VALIDKEY(session_key)) { 312 /* 313 * We don't have a valid session key, so just 314 * send back a response with an empty session 315 * key. 316 */ | 291#else /* ENCRYPTION */ 292 if (!VALIDKEY(session_key)) { 293 /* 294 * We don't have a valid session key, so just 295 * send back a response with an empty session 296 * key. 297 */ |
317 Data(ap, KRB_RESPONSE, (void *)0, 0); | 298 Data(ap, KRB_RESPONSE, NULL, 0); |
318 break; 319 } 320 321 /* 322 * Initialize the random number generator since it's 323 * used later on by the encryption routine. 324 */ 325 des_init_random_number_generator(&session_key); --- 17 unchanged lines hidden (view full) --- 343 for (r = 7; r >= 0; r--) { 344 register int t; 345 t = (unsigned int)challenge[r] + 1; 346 challenge[r] = t; /* ignore overflow */ 347 if (t < 256) /* if no overflow, all done */ 348 break; 349 } 350 des_ecb_encrypt(&challenge, &challenge, sched, 1); | 299 break; 300 } 301 302 /* 303 * Initialize the random number generator since it's 304 * used later on by the encryption routine. 305 */ 306 des_init_random_number_generator(&session_key); --- 17 unchanged lines hidden (view full) --- 324 for (r = 7; r >= 0; r--) { 325 register int t; 326 t = (unsigned int)challenge[r] + 1; 327 challenge[r] = t; /* ignore overflow */ 328 if (t < 256) /* if no overflow, all done */ 329 break; 330 } 331 des_ecb_encrypt(&challenge, &challenge, sched, 1); |
351 Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge)); | 332 Data(ap, KRB_RESPONSE, challenge, sizeof(challenge)); |
352#endif /* ENCRYPTION */ 353 break; 354 355 default: 356 if (auth_debug_mode) 357 printf("Unknown Kerberos option %d\r\n", data[-1]); | 333#endif /* ENCRYPTION */ 334 break; 335 336 default: 337 if (auth_debug_mode) 338 printf("Unknown Kerberos option %d\r\n", data[-1]); |
358 Data(ap, KRB_REJECT, 0, 0); | 339 Data(ap, KRB_REJECT, NULL, 0); |
359 break; 360 } 361} 362 | 340 break; 341 } 342} 343 |
363 void 364kerberos4_reply(ap, data, cnt) 365 Authenticator *ap; 366 unsigned char *data; 367 int cnt; | 344void 345kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt) |
368{ 369#ifdef ENCRYPTION 370 Session_Key skey; 371#endif /* ENCRYPTION */ 372 373 if (cnt-- < 1) 374 return; 375 switch (*data++) { --- 7 unchanged lines hidden (view full) --- 383 return; 384 case KRB_ACCEPT: 385 printf("[ Kerberos V4 accepts you ]\n"); 386 if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { 387 /* 388 * Send over the encrypted challenge. 389 */ 390#ifndef ENCRYPTION | 346{ 347#ifdef ENCRYPTION 348 Session_Key skey; 349#endif /* ENCRYPTION */ 350 351 if (cnt-- < 1) 352 return; 353 switch (*data++) { --- 7 unchanged lines hidden (view full) --- 361 return; 362 case KRB_ACCEPT: 363 printf("[ Kerberos V4 accepts you ]\n"); 364 if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { 365 /* 366 * Send over the encrypted challenge. 367 */ 368#ifndef ENCRYPTION |
391 Data(ap, KRB_CHALLENGE, (void *)0, 0); | 369 Data(ap, KRB_CHALLENGE, NULL, 0); |
392#else /* ENCRYPTION */ | 370#else /* ENCRYPTION */ |
393 Data(ap, KRB_CHALLENGE, (void *)session_key, | 371 Data(ap, KRB_CHALLENGE, session_key, |
394 sizeof(session_key)); 395 des_ecb_encrypt(&session_key, &session_key, sched, 1); 396 skey.type = SK_DES; 397 skey.length = 8; 398 skey.data = session_key; 399 encrypt_session_key(&skey, 0); 400#endif /* ENCRYPTION */ 401 return; --- 21 unchanged lines hidden (view full) --- 423 break; 424 default: 425 if (auth_debug_mode) 426 printf("Unknown Kerberos option %d\r\n", data[-1]); 427 return; 428 } 429} 430 | 372 sizeof(session_key)); 373 des_ecb_encrypt(&session_key, &session_key, sched, 1); 374 skey.type = SK_DES; 375 skey.length = 8; 376 skey.data = session_key; 377 encrypt_session_key(&skey, 0); 378#endif /* ENCRYPTION */ 379 return; --- 21 unchanged lines hidden (view full) --- 401 break; 402 default: 403 if (auth_debug_mode) 404 printf("Unknown Kerberos option %d\r\n", data[-1]); 405 return; 406 } 407} 408 |
431 int 432kerberos4_status(ap, name, level) 433 Authenticator *ap; 434 char *name; 435 int level; | 409int 410kerberos4_status(Authenticator *ap __unused, char *nam, int level) |
436{ 437 if (level < AUTH_USER) 438 return(level); 439 440 if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { | 411{ 412 if (level < AUTH_USER) 413 return(level); 414 415 if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { |
441 strcpy(name, UserNameRequested); | 416 strcpy(nam, UserNameRequested); |
442 return(AUTH_VALID); 443 } else 444 return(AUTH_USER); 445} 446 447#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} 448#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} 449 | 417 return(AUTH_VALID); 418 } else 419 return(AUTH_USER); 420} 421 422#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} 423#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} 424 |
450 void 451kerberos4_printsub(data, cnt, buf, buflen) 452 unsigned char *data, *buf; 453 int cnt, buflen; | 425void 426kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) |
454{ 455 char lbuf[32]; 456 register int i; 457 458 buf[buflen-1] = '\0'; /* make sure its NULL terminated */ 459 buflen -= 1; 460 461 switch(data[3]) { --- 35 unchanged lines hidden (view full) --- 497 sprintf(lbuf, " %d", data[i]); 498 strncpy((char *)buf, lbuf, buflen); 499 BUMP(buf, buflen); 500 } 501 break; 502 } 503} 504 | 427{ 428 char lbuf[32]; 429 register int i; 430 431 buf[buflen-1] = '\0'; /* make sure its NULL terminated */ 432 buflen -= 1; 433 434 switch(data[3]) { --- 35 unchanged lines hidden (view full) --- 470 sprintf(lbuf, " %d", data[i]); 471 strncpy((char *)buf, lbuf, buflen); 472 BUMP(buf, buflen); 473 } 474 break; 475 } 476} 477 |
505 int 506kerberos4_cksum(d, n) 507 unsigned char *d; 508 int n; | 478int 479kerberos4_cksum(unsigned char *d, int n) |
509{ 510 int ck = 0; 511 512 /* 513 * A comment is probably needed here for those not 514 * well versed in the "C" language. Yes, this is 515 * supposed to be a "switch" with the body of the 516 * "switch" being a "while" statement. The whole --- 17 unchanged lines hidden (view full) --- 534 --n; 535 case 1: 536 ck ^= (int)*d++; 537 --n; 538 } 539 return(ck); 540} 541#endif | 480{ 481 int ck = 0; 482 483 /* 484 * A comment is probably needed here for those not 485 * well versed in the "C" language. Yes, this is 486 * supposed to be a "switch" with the body of the 487 * "switch" being a "while" statement. The whole --- 17 unchanged lines hidden (view full) --- 505 --n; 506 case 1: 507 ck ^= (int)*d++; 508 --n; 509 } 510 return(ck); 511} 512#endif |
542 543#ifdef notdef 544 545prkey(msg, key) 546 char *msg; 547 unsigned char *key; 548{ 549 register int i; 550 printf("%s:", msg); 551 for (i = 0; i < 8; i++) 552 printf(" %3d", key[i]); 553 printf("\r\n"); 554} 555#endif | |