From 6d1748f029e5cb36047b7b26476722fd2f5caedf Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 18 Dec 2009 19:46:07 +0000 Subject: [PATCH] [packages] add krb5, the MIT Kerberos 5 implementation (#6101) SVN-Revision: 18842 --- net/krb5/Makefile | 157 ++++ net/krb5/files/krb5kdc | 17 + .../001-uclibc-symbol-collision-fix.patch | 670 ++++++++++++++++++ 3 files changed, 844 insertions(+) create mode 100644 net/krb5/Makefile create mode 100644 net/krb5/files/krb5kdc create mode 100644 net/krb5/patches/001-uclibc-symbol-collision-fix.patch diff --git a/net/krb5/Makefile b/net/krb5/Makefile new file mode 100644 index 0000000000..abdae6150e --- /dev/null +++ b/net/krb5/Makefile @@ -0,0 +1,157 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=krb5 +PKG_VERSION:=1.7 +PKG_RELEASE:=1 + +PKG_SOURCE:=krb5-$(PKG_VERSION)-signed.tar +PKG_SOURCE_URL:=http://web.mit.edu/kerberos/dist/krb5/1.7/ +PKG_MD5SUM:=9f7b3402b4731a7fa543db193bf1b564 + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk + +define Package/krb5/Default + SECTION:=net + CATAGORY:=Network + TITLE:=Kerberos + URL:=http://web.mit.edu/kerberos/ +endef + +define Package/krb5-libs + SECTION:=net + CATAGORY:=Network + TITLE:=Kerberos + DEPENDS:=+libncurses + TITLE:=Kerberos 5 Shared Libraries + URL:=http://web.mit.edu/kerberos/ +endef + +define Package/krb5-server + $(call Package/krb5/Default) + DEPENDS:=+krb5-libs + TITLE:=Kerberos 5 Server +endef + +define Package/krb5-client + $(call Package/krb5/Default) + TITLE:=Kerberos 5 Client +endef + +define Package/krb5-apps + $(call Package/krb5/Default) + TITLE:=Kerberized Network Applications +endef + +define Package/krb5-daemons + $(call Package/krb5/Default) + TITLE:=Kerberized Network Daemons +endef + +define Package/krb5/decription + Kerberos +endef + +define Build/Prepare + # Krb5 tarball contains signature and a second tarball + # containing source code. + tar xf "$(DL_DIR)/$(PKG_SOURCE)" -C "$(BUILD_DIR)" + tar xzf "$(BUILD_DIR)/krb5-$(PKG_VERSION).tar.gz" -C "$(BUILD_DIR)" + patch -p1 -d "$(PKG_BUILD_DIR)" < "$(PATCH_DIR)/001-uclibc-symbol-collision-fix.patch" +endef + +CONFIGURE_PATH = ./src + +CONFIGURE_VARS += \ + cross_compiling=yes \ + krb5_cv_attr_constructor_destructor=yes,yes \ + ac_cv_func_regcomp=yes \ + ac_cv_printf_positional=yes \ + ac_cv_file__etc_environment=no \ + ac_cv_file__etc_TIMEZONE=no + +CONFIGURE_ARGS += \ + --enable-thread-support \ + --without-krb4 \ + --without-tcl \ + --disable-ipv6 + +define Build/Configure + $(call Build/Configure/Default) +endef + +define Build/Compile + rm -rf "$(PKG_INSTALL_DIR)" + mkdir -p "$(PKG_INSTALL_DIR)" + $(MAKE) -C $(PKG_BUILD_DIR)/src \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + CFLAGS="$(TARGET_CFLAGS)" \ + CC="$(TARGET_CC)" \ + all install +endef + +define Package/krb5-libs/install + $(INSTALL_DIR) $(1)/usr/lib + $(INSTALL_DIR) $(1)/usr/lib/krb5 + $(INSTALL_DIR) $(1)/usr/lib/krb5/plugins + $(INSTALL_DIR) $(1)/usr/lib/krb5/plugins/kdb + $(INSTALL_DIR) $(1)/usr/lib/krb5/plugins/libkrb5 + $(CP) $(PKG_INSTALL_DIR)/usr/lib/krb5/plugins/kdb/db2.so $(1)/usr/lib/krb5/plugins/kdb + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib +endef + +define Package/krb5-client/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/kdestroy $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/kinit $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/klist $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/kpasswd $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ksu $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/kvno $(1)/usr/bin + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/krb5-send-pr $(1)/usr/sbin +endef + +define Package/krb5-server/install + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/krb5kdc $(1)/etc/init.d/krb5kdc + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sclient $(1)/usr/bin + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kadmin.local $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kadmind $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kdb5_util $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kdb5_util $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kprop $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kpropd $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/krb5kdc $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sim_server $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sserver $(1)/usr/sbin +endef + +define Package/krb5-apps/install + $(INSTALL_DIR) $(1)/usr/kerberos + $(INSTALL_DIR) $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ftp $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rcp $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rlogin $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rsh $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/telnet $(1)/usr/kerberos/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/uuclient $(1)/usr/kerberos/bin +endef + +define Package/krb5-daemons/install + $(INSTALL_DIR) $(1)/usr/kerberos/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ftpd $(1)/usr/kerberos/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/klogind $(1)/usr/kerberos/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/login.krb5 $(1)/usr/kerberos/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/telnetd $(1)/usr/kerberos/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/uuserver $(1)/usr/kerberos/sbin +endef + +$(eval $(call BuildPackage,krb5-libs)) +$(eval $(call BuildPackage,krb5-server)) +$(eval $(call BuildPackage,krb5-client)) +$(eval $(call BuildPackage,krb5-apps)) +$(eval $(call BuildPackage,krb5-daemons)) diff --git a/net/krb5/files/krb5kdc b/net/krb5/files/krb5kdc new file mode 100644 index 0000000000..2143363b11 --- /dev/null +++ b/net/krb5/files/krb5kdc @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2009 OpenWrt.org + +START=60 + +start() { + mkdir -p /var/tmp + mkdir -p /var/krb5kdc + + [ -f /var/krb5kdc/principal ] || ( echo; echo ) | kdb5_util create -s + + /usr/sbin/krb5kdc +} + +stop() { + killall krb5kdc 2> /dev/null +} diff --git a/net/krb5/patches/001-uclibc-symbol-collision-fix.patch b/net/krb5/patches/001-uclibc-symbol-collision-fix.patch new file mode 100644 index 0000000000..7a98835d44 --- /dev/null +++ b/net/krb5/patches/001-uclibc-symbol-collision-fix.patch @@ -0,0 +1,670 @@ +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/Makefile.in krb5-1.7/src/appl/gssftp/ftp/Makefile.in +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/Makefile.in 2009-09-30 22:58:22.000000000 -0400 ++++ krb5-1.7/src/appl/gssftp/ftp/Makefile.in 2009-10-01 15:35:02.000000000 -0400 +@@ -12,14 +12,14 @@ + SRCS = $(srcdir)/cmds.c $(srcdir)/cmdtab.c $(srcdir)/domacro.c \ + $(srcdir)/ftp.c $(srcdir)/getpass.c $(srcdir)/glob.c \ + $(srcdir)/main.c $(srcdir)/radix.c \ +- $(srcdir)/ruserpass.c $(srcdir)/secure.c ++ $(srcdir)/ruserpw.c $(srcdir)/secure.c + + + OBJS = $(OUTPRE)cmds.$(OBJEXT) $(OUTPRE)cmdtab.$(OBJEXT) \ + $(OUTPRE)domacro.$(OBJEXT) $(OUTPRE)ftp.$(OBJEXT) \ + $(OUTPRE)getpass.$(OBJEXT) $(OUTPRE)glob.$(OBJEXT) \ + $(OUTPRE)main.$(OBJEXT) $(OUTPRE)radix.$(OBJEXT) \ +- $(OUTPRE)ruserpass.$(OBJEXT) $(OUTPRE)secure.$(OBJEXT) ++ $(OUTPRE)ruserpw.$(OBJEXT) $(OUTPRE)secure.$(OBJEXT) + + LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir) + +@@ -47,7 +47,7 @@ + done + + ftp.o cmds.o main.o: $(srcdir)/../arpa/ftp.h +-ftp.o cmds.o cmdtab.o domacro.o main.o ruserpass.o: $(srcdir)/ftp_var.h ++ftp.o cmds.o cmdtab.o domacro.o main.o ruserpw.o: $(srcdir)/ftp_var.h + secure.o: secure.h + + cmds.o: $(srcdir)/cmds.c +@@ -57,7 +57,7 @@ + glob.o: $(srcdir)/glob.c + main.o: $(srcdir)/main.c + pclose.o: $(srcdir)/pclose.c +-ruserpass.o: $(srcdir)/ruserpass.c ++ruserpw.o: $(srcdir)/ruserpw.c + domacro.o: $(srcdir)/domacro.c + radix.o: $(srcdir)/radix.c + secure.o: $(srcdir)/secure.c +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/deps krb5-1.7/src/appl/gssftp/ftp/deps +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/deps 2009-09-30 22:58:24.000000000 -0400 ++++ krb5-1.7/src/appl/gssftp/ftp/deps 2009-10-01 15:35:02.000000000 -0400 +@@ -22,7 +22,7 @@ + $(SRCTOP)/include/port-sockets.h $(srcdir)/../arpa/ftp.h \ + ftp_var.h main.c + $(OUTPRE)radix.$(OBJEXT): ftp_var.h radix.c +-$(OUTPRE)ruserpass.$(OBJEXT): ftp_var.h ruserpass.c ++$(OUTPRE)ruserpw.$(OBJEXT): ftp_var.h ruserpw.c + $(OUTPRE)secure.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \ + $(srcdir)/../arpa/ftp.h secure.c secure.h +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/ftp.c krb5-1.7/src/appl/gssftp/ftp/ftp.c +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/ftp.c 2009-09-30 22:58:22.000000000 -0400 ++++ krb5-1.7/src/appl/gssftp/ftp/ftp.c 2009-10-01 15:35:03.000000000 -0400 +@@ -318,7 +318,7 @@ + int n, aflag = 0; + + l_user = pass = l_acct = 0; +- if (ruserpass(host, &l_user, &pass, &l_acct) < 0) { ++ if (ruserpw(host, &l_user, &pass, &l_acct) < 0) { + code = -1; + return(0); + } +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/ftp_var.h krb5-1.7/src/appl/gssftp/ftp/ftp_var.h +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/ftp_var.h 2009-09-30 22:58:23.000000000 -0400 ++++ krb5-1.7/src/appl/gssftp/ftp/ftp_var.h 2009-10-01 15:35:03.000000000 -0400 +@@ -274,8 +274,8 @@ + struct cmd *getcmd (char *); + + +-/* ruserpass.c */ +-int ruserpass (char *, char **, char **, char **); ++/* ruserpw.c */ ++int ruserpw (char *, char **, char **, char **); + + /* radix.h */ + int radix_encode (unsigned char *, unsigned char *, int *, int); +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/ruserpass.c krb5-1.7/src/appl/gssftp/ftp/ruserpass.c +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/ruserpass.c 2009-09-30 22:58:24.000000000 -0400 ++++ krb5-1.7/src/appl/gssftp/ftp/ruserpass.c 1969-12-31 19:00:00.000000000 -0500 +@@ -1,293 +0,0 @@ +-/* +- * Copyright (c) 1985 Regents of the University of California. +- * All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * 3. All advertising materials mentioning features or use of this software +- * must display the following acknowledgement: +- * This product includes software developed by the University of +- * California, Berkeley and its contributors. +- * 4. Neither the name of the University nor the names of its contributors +- * may be used to endorse or promote products derived from this software +- * without specific prior written permission. +- * +- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +- * SUCH DAMAGE. +- */ +- +-#ifndef lint +-static char sccsid[] = "@(#)ruserpass.c 5.3 (Berkeley) 3/1/91"; +-#endif /* not lint */ +- +-#include +-#include +-#include +-#ifdef HAVE_STDLIB_H +-#include +-#endif +-#ifdef HAVE_UNISTD_H +-#include +-#endif +-#include +-#include +-#include +-#include "ftp_var.h" +- +-#ifdef _WIN32 +-#include +-#endif +- +-#ifndef MAXHOSTNAMELEN +-#define MAXHOSTNAMELEN 64 +-#endif +- +-static int token (void); +-static FILE *cfile; +- +-#define DEFAULT 1 +-#define LOGIN 2 +-#define PASSWD 3 +-#define ACCOUNT 4 +-#define MACDEF 5 +-#define ID 10 +-#define MACH 11 +- +-static char tokval[100]; +- +-static struct toktab { +- char *tokstr; +- int tval; +-} toktab[]= { +- { "default", DEFAULT }, +- { "login", LOGIN }, +- { "password", PASSWD }, +- { "passwd", PASSWD }, +- { "account", ACCOUNT }, +- { "machine", MACH }, +- { "macdef", MACDEF }, +- { NULL, 0 } +-}; +- +- +-static int +-token() +-{ +- char *cp; +- int c; +- struct toktab *t; +- +- if (feof(cfile)) +- return (0); +- while ((c = getc(cfile)) != EOF && +- (c == '\n' || c == '\t' || c == ' ' || c == ',')) +- continue; +- if (c == EOF) +- return (0); +- cp = tokval; +- if (c == '"') { +- while ((c = getc(cfile)) != EOF && c != '"') { +- if (c == '\\') +- c = getc(cfile); +- *cp++ = c; +- } +- } else { +- *cp++ = c; +- while ((c = getc(cfile)) != EOF +- && c != '\n' && c != '\t' && c != ' ' && c != ',') { +- if (c == '\\') +- c = getc(cfile); +- *cp++ = c; +- } +- } +- *cp = 0; +- if (tokval[0] == 0) +- return (0); +- for (t = toktab; t->tokstr; t++) +- if (!strcmp(t->tokstr, tokval)) +- return (t->tval); +- return (ID); +-} +- +-int +-ruserpass(host, aname, apass, aacct) +- char *host, **aname, **apass, **aacct; +-{ +- char *hdir, buf[FTP_BUFSIZ], *tmp; +- char myname[MAXHOSTNAMELEN + 1], *mydomain; +- int t, i, c, usedefault = 0; +- struct stat stb; +- +- hdir = getenv("HOME"); +- if (hdir == NULL) +- hdir = "."; +- (void) snprintf(buf, sizeof(buf), "%s/.netrc", hdir); +- cfile = fopen(buf, "r"); +- if (cfile == NULL) { +- if (errno != ENOENT) +- perror(buf); +- return(0); +- } +- if (gethostname(myname, sizeof(myname)) < 0) +- myname[0] = '\0'; +- if ((mydomain = strchr(myname, '.')) == NULL) +- mydomain = ""; +-next: +- while ((t = token())) switch(t) { +- +- case DEFAULT: +- usedefault = 1; +- /* FALL THROUGH */ +- +- case MACH: +- if (!usedefault) { +- if (token() != ID) +- continue; +- /* +- * Allow match either for user's input host name +- * or official hostname. Also allow match of +- * incompletely-specified host in local domain. +- */ +- if (strcasecmp(host, tokval) == 0) +- goto match; +- if (strcasecmp(hostname, tokval) == 0) +- goto match; +- if ((tmp = strchr(hostname, '.')) != NULL && +- strcasecmp(tmp, mydomain) == 0 && +- strncasecmp(hostname, tokval, +- (unsigned) (tmp-hostname)) == 0 && +- tokval[tmp - hostname] == '\0') +- goto match; +- if ((tmp = strchr(host, '.')) != NULL && +- strcasecmp(tmp, mydomain) == 0 && +- strncasecmp(host, tokval, +- (unsigned ) (tmp - host)) == 0 && +- tokval[tmp - host] == '\0') +- goto match; +- continue; +- } +- match: +- while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { +- +- case LOGIN: +- if (token()) { +- if (*aname == 0) { +- *aname = strdup(tokval); +- } else { +- if (strcmp(*aname, tokval)) +- goto next; +- } +- } +- break; +- case PASSWD: +- if (strcmp(*aname, "anonymous") && +- fstat(fileno(cfile), &stb) >= 0 && +- (stb.st_mode & 077) != 0) { +- fprintf(stderr, "Error - .netrc file not correct mode.\n"); +- fprintf(stderr, "Remove password or correct mode.\n"); +- goto bad; +- } +- if (token() && *apass == 0) { +- *apass = strdup(tokval); +- } +- break; +- case ACCOUNT: +- if (fstat(fileno(cfile), &stb) >= 0 +- && (stb.st_mode & 077) != 0) { +- fprintf(stderr, "Error - .netrc file not correct mode.\n"); +- fprintf(stderr, "Remove account or correct mode.\n"); +- goto bad; +- } +- if (token() && *aacct == 0) { +- *aacct = strdup(tokval); +- } +- break; +- case MACDEF: +- if (proxy) { +- (void) fclose(cfile); +- return(0); +- } +- while ((c = getc(cfile)) != EOF) +- if (c != ' ' && c != '\t') +- break; +- if (c == EOF || c == '\n') { +- printf("Missing macdef name argument.\n"); +- goto bad; +- } +- if (macnum == 16) { +- printf("Limit of 16 macros have already been defined\n"); +- goto bad; +- } +- tmp = macros[macnum].mac_name; +- *tmp++ = c; +- for (i=0; i < 8 && (c=getc(cfile)) != EOF && +- !isspace(c); ++i) { +- *tmp++ = c; +- } +- if (c == EOF) { +- printf("Macro definition missing null line terminator.\n"); +- goto bad; +- } +- *tmp = '\0'; +- if (c != '\n') { +- while ((c=getc(cfile)) != EOF && c != '\n'); +- } +- if (c == EOF) { +- printf("Macro definition missing null line terminator.\n"); +- goto bad; +- } +- if (macnum == 0) { +- macros[macnum].mac_start = macbuf; +- } +- else { +- macros[macnum].mac_start = macros[macnum-1].mac_end + 1; +- } +- tmp = macros[macnum].mac_start; +- while (tmp != macbuf + 4096) { +- if ((c=getc(cfile)) == EOF) { +- printf("Macro definition missing null line terminator.\n"); +- goto bad; +- } +- *tmp = c; +- if (*tmp == '\n') { +- if (*(tmp-1) == '\0') { +- macros[macnum++].mac_end = tmp - 1; +- break; +- } +- *tmp = '\0'; +- } +- tmp++; +- } +- if (tmp == macbuf + 4096) { +- printf("4K macro buffer exceeded\n"); +- goto bad; +- } +- break; +- default: +- fprintf(stderr, "Unknown .netrc keyword %s\n", tokval); +- break; +- } +- goto done; +- } +-done: +- (void) fclose(cfile); +- return(0); +-bad: +- (void) fclose(cfile); +- return(-1); +-} +diff -u --recursive --new-file krb5-1.7-vanilla/src/appl/gssftp/ftp/ruserpw.c krb5-1.7/src/appl/gssftp/ftp/ruserpw.c +--- krb5-1.7-vanilla/src/appl/gssftp/ftp/ruserpw.c 1969-12-31 19:00:00.000000000 -0500 ++++ krb5-1.7/src/appl/gssftp/ftp/ruserpw.c 2009-10-01 15:35:57.000000000 -0400 +@@ -0,0 +1,293 @@ ++/* ++ * Copyright (c) 1985 Regents of the University of California. ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. All advertising materials mentioning features or use of this software ++ * must display the following acknowledgement: ++ * This product includes software developed by the University of ++ * California, Berkeley and its contributors. ++ * 4. Neither the name of the University nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ */ ++ ++#ifndef lint ++static char sccsid[] = "@(#)ruserpw.c 5.3 (Berkeley) 3/1/91"; ++#endif /* not lint */ ++ ++#include ++#include ++#include ++#ifdef HAVE_STDLIB_H ++#include ++#endif ++#ifdef HAVE_UNISTD_H ++#include ++#endif ++#include ++#include ++#include ++#include "ftp_var.h" ++ ++#ifdef _WIN32 ++#include ++#endif ++ ++#ifndef MAXHOSTNAMELEN ++#define MAXHOSTNAMELEN 64 ++#endif ++ ++static int token (void); ++static FILE *cfile; ++ ++#define DEFAULT 1 ++#define LOGIN 2 ++#define PASSWD 3 ++#define ACCOUNT 4 ++#define MACDEF 5 ++#define ID 10 ++#define MACH 11 ++ ++static char tokval[100]; ++ ++static struct toktab { ++ char *tokstr; ++ int tval; ++} toktab[]= { ++ { "default", DEFAULT }, ++ { "login", LOGIN }, ++ { "password", PASSWD }, ++ { "passwd", PASSWD }, ++ { "account", ACCOUNT }, ++ { "machine", MACH }, ++ { "macdef", MACDEF }, ++ { NULL, 0 } ++}; ++ ++ ++static int ++token() ++{ ++ char *cp; ++ int c; ++ struct toktab *t; ++ ++ if (feof(cfile)) ++ return (0); ++ while ((c = getc(cfile)) != EOF && ++ (c == '\n' || c == '\t' || c == ' ' || c == ',')) ++ continue; ++ if (c == EOF) ++ return (0); ++ cp = tokval; ++ if (c == '"') { ++ while ((c = getc(cfile)) != EOF && c != '"') { ++ if (c == '\\') ++ c = getc(cfile); ++ *cp++ = c; ++ } ++ } else { ++ *cp++ = c; ++ while ((c = getc(cfile)) != EOF ++ && c != '\n' && c != '\t' && c != ' ' && c != ',') { ++ if (c == '\\') ++ c = getc(cfile); ++ *cp++ = c; ++ } ++ } ++ *cp = 0; ++ if (tokval[0] == 0) ++ return (0); ++ for (t = toktab; t->tokstr; t++) ++ if (!strcmp(t->tokstr, tokval)) ++ return (t->tval); ++ return (ID); ++} ++ ++int ++ruserpw(host, aname, apass, aacct) ++ char *host, **aname, **apass, **aacct; ++{ ++ char *hdir, buf[FTP_BUFSIZ], *tmp; ++ char myname[MAXHOSTNAMELEN + 1], *mydomain; ++ int t, i, c, usedefault = 0; ++ struct stat stb; ++ ++ hdir = getenv("HOME"); ++ if (hdir == NULL) ++ hdir = "."; ++ (void) snprintf(buf, sizeof(buf), "%s/.netrc", hdir); ++ cfile = fopen(buf, "r"); ++ if (cfile == NULL) { ++ if (errno != ENOENT) ++ perror(buf); ++ return(0); ++ } ++ if (gethostname(myname, sizeof(myname)) < 0) ++ myname[0] = '\0'; ++ if ((mydomain = strchr(myname, '.')) == NULL) ++ mydomain = ""; ++next: ++ while ((t = token())) switch(t) { ++ ++ case DEFAULT: ++ usedefault = 1; ++ /* FALL THROUGH */ ++ ++ case MACH: ++ if (!usedefault) { ++ if (token() != ID) ++ continue; ++ /* ++ * Allow match either for user's input host name ++ * or official hostname. Also allow match of ++ * incompletely-specified host in local domain. ++ */ ++ if (strcasecmp(host, tokval) == 0) ++ goto match; ++ if (strcasecmp(hostname, tokval) == 0) ++ goto match; ++ if ((tmp = strchr(hostname, '.')) != NULL && ++ strcasecmp(tmp, mydomain) == 0 && ++ strncasecmp(hostname, tokval, ++ (unsigned) (tmp-hostname)) == 0 && ++ tokval[tmp - hostname] == '\0') ++ goto match; ++ if ((tmp = strchr(host, '.')) != NULL && ++ strcasecmp(tmp, mydomain) == 0 && ++ strncasecmp(host, tokval, ++ (unsigned ) (tmp - host)) == 0 && ++ tokval[tmp - host] == '\0') ++ goto match; ++ continue; ++ } ++ match: ++ while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { ++ ++ case LOGIN: ++ if (token()) { ++ if (*aname == 0) { ++ *aname = strdup(tokval); ++ } else { ++ if (strcmp(*aname, tokval)) ++ goto next; ++ } ++ } ++ break; ++ case PASSWD: ++ if (strcmp(*aname, "anonymous") && ++ fstat(fileno(cfile), &stb) >= 0 && ++ (stb.st_mode & 077) != 0) { ++ fprintf(stderr, "Error - .netrc file not correct mode.\n"); ++ fprintf(stderr, "Remove password or correct mode.\n"); ++ goto bad; ++ } ++ if (token() && *apass == 0) { ++ *apass = strdup(tokval); ++ } ++ break; ++ case ACCOUNT: ++ if (fstat(fileno(cfile), &stb) >= 0 ++ && (stb.st_mode & 077) != 0) { ++ fprintf(stderr, "Error - .netrc file not correct mode.\n"); ++ fprintf(stderr, "Remove account or correct mode.\n"); ++ goto bad; ++ } ++ if (token() && *aacct == 0) { ++ *aacct = strdup(tokval); ++ } ++ break; ++ case MACDEF: ++ if (proxy) { ++ (void) fclose(cfile); ++ return(0); ++ } ++ while ((c = getc(cfile)) != EOF) ++ if (c != ' ' && c != '\t') ++ break; ++ if (c == EOF || c == '\n') { ++ printf("Missing macdef name argument.\n"); ++ goto bad; ++ } ++ if (macnum == 16) { ++ printf("Limit of 16 macros have already been defined\n"); ++ goto bad; ++ } ++ tmp = macros[macnum].mac_name; ++ *tmp++ = c; ++ for (i=0; i < 8 && (c=getc(cfile)) != EOF && ++ !isspace(c); ++i) { ++ *tmp++ = c; ++ } ++ if (c == EOF) { ++ printf("Macro definition missing null line terminator.\n"); ++ goto bad; ++ } ++ *tmp = '\0'; ++ if (c != '\n') { ++ while ((c=getc(cfile)) != EOF && c != '\n'); ++ } ++ if (c == EOF) { ++ printf("Macro definition missing null line terminator.\n"); ++ goto bad; ++ } ++ if (macnum == 0) { ++ macros[macnum].mac_start = macbuf; ++ } ++ else { ++ macros[macnum].mac_start = macros[macnum-1].mac_end + 1; ++ } ++ tmp = macros[macnum].mac_start; ++ while (tmp != macbuf + 4096) { ++ if ((c=getc(cfile)) == EOF) { ++ printf("Macro definition missing null line terminator.\n"); ++ goto bad; ++ } ++ *tmp = c; ++ if (*tmp == '\n') { ++ if (*(tmp-1) == '\0') { ++ macros[macnum++].mac_end = tmp - 1; ++ break; ++ } ++ *tmp = '\0'; ++ } ++ tmp++; ++ } ++ if (tmp == macbuf + 4096) { ++ printf("4K macro buffer exceeded\n"); ++ goto bad; ++ } ++ break; ++ default: ++ fprintf(stderr, "Unknown .netrc keyword %s\n", tokval); ++ break; ++ } ++ goto done; ++ } ++done: ++ (void) fclose(cfile); ++ return(0); ++bad: ++ (void) fclose(cfile); ++ return(-1); ++} -- 2.30.2