218 lines
6.1 KiB
Diff
218 lines
6.1 KiB
Diff
diff -Naur openssl-0.9.8i/include/openssl/kssl.h openssl-0.9.8i-heimdal/include/openssl/kssl.h
|
|
--- include/openssl/kssl.h 2005-04-09 23:55:55.000000000 +0000
|
|
+++ include/openssl/kssl.h 2008-11-22 16:27:24.000000000 +0000
|
|
@@ -81,6 +81,7 @@
|
|
*/
|
|
#ifdef KRB5_HEIMDAL
|
|
typedef unsigned char krb5_octet;
|
|
+typedef krb5_times krb5_ticket_times;
|
|
#define FAR
|
|
#else
|
|
|
|
diff -Naur openssl-0.9.8i/ssl/kssl.c openssl-0.9.8i-heimdal/ssl/kssl.c
|
|
--- ssl/kssl.c 2008-04-02 11:15:05.000000000 +0000
|
|
+++ ssl/kssl.c 2008-11-24 16:05:07.000000000 +0000
|
|
@@ -821,16 +821,27 @@
|
|
{
|
|
switch (enctype)
|
|
{
|
|
- case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
|
|
- case ENCTYPE_DES_CBC_CRC:
|
|
+ case ENCTYPE_DES_CBC_CRC: /* EVP_des_cbc(); */
|
|
case ENCTYPE_DES_CBC_MD4:
|
|
case ENCTYPE_DES_CBC_MD5:
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ case ENCTYPE_DES_CBC_NONE:
|
|
+ case ENCTYPE_DES_CFB64_NONE:
|
|
+ case ENCTYPE_DES_PCBC_NONE:
|
|
+#else
|
|
+ case ENCTYPE_DES_HMAC_SHA1:
|
|
case ENCTYPE_DES_CBC_RAW:
|
|
+#endif
|
|
return EVP_des_cbc();
|
|
break;
|
|
case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ case ENCTYPE_DES3_CBC_MD5:
|
|
+ case ENCTYPE_DES3_CBC_NONE:
|
|
+#else
|
|
case ENCTYPE_DES3_CBC_SHA:
|
|
case ENCTYPE_DES3_CBC_RAW:
|
|
+#endif
|
|
return EVP_des_ede3_cbc();
|
|
break;
|
|
default: return NULL;
|
|
@@ -883,6 +894,7 @@
|
|
{
|
|
int i, j, n;
|
|
static size_t *cklens = NULL;
|
|
+ size_t cksumsize;
|
|
|
|
#ifdef KRB5_MIT_OLD11
|
|
n = krb5_max_cksum;
|
|
@@ -894,13 +906,14 @@
|
|
if (!cklens && !(cklens = (size_t *) calloc(sizeof(int),n+1))) return NULL;
|
|
|
|
for (i=0; i < n; i++) {
|
|
- if (!valid_cksumtype(i)) continue; /* array has holes */
|
|
+ if (!krb5_c_valid_cksumtype(i)) continue; /* array has holes */
|
|
+ if (krb5_c_checksum_length(NULL, i, &cksumsize)) continue; /* there's something wrong */
|
|
for (j=0; j < n; j++) {
|
|
if (cklens[j] == 0) {
|
|
- cklens[j] = krb5_checksum_size(NULL,i);
|
|
+ cklens[j] = cksumsize;
|
|
break; /* krb5 elem was new: add */
|
|
}
|
|
- if (cklens[j] == krb5_checksum_size(NULL,i)) {
|
|
+ if (cklens[j] == cksumsize) {
|
|
break; /* ignore duplicate elements */
|
|
}
|
|
}
|
|
@@ -957,14 +970,21 @@
|
|
print_krb5_data(char *label, krb5_data *kdata)
|
|
{
|
|
int i;
|
|
+ unsigned char *datastring;
|
|
+
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ memcpy(datastring, kdata->data, kdata->length);
|
|
+#else
|
|
+ datastring = kdata->data;
|
|
+#endif
|
|
|
|
printf("%s[%d] ", label, kdata->length);
|
|
for (i=0; i < (int)kdata->length; i++)
|
|
{
|
|
- if (0 && isprint((int) kdata->data[i]))
|
|
- printf( "%c ", kdata->data[i]);
|
|
+ if (0 && isprint((int) datastring[i]))
|
|
+ printf( "%c ", datastring[i]);
|
|
else
|
|
- printf( "%02x ", (unsigned char) kdata->data[i]);
|
|
+ printf( "%02x ", datastring[i]);
|
|
}
|
|
printf("\n");
|
|
}
|
|
@@ -1002,28 +1022,28 @@
|
|
print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
|
|
{
|
|
int i;
|
|
+ unsigned char *keyblkcontents;
|
|
|
|
if (keyblk == NULL)
|
|
{
|
|
printf("%s, keyblk==0\n", label);
|
|
return;
|
|
}
|
|
+
|
|
#ifdef KRB5_HEIMDAL
|
|
printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
|
|
- keyblk->keyvalue->length);
|
|
- for (i=0; i < (int)keyblk->keyvalue->length; i++)
|
|
- {
|
|
- printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
|
|
- }
|
|
- printf("\n");
|
|
+ keyblk->keyvalue.length);
|
|
+ memcpy(keyblkcontents, keyblk->keyvalue.data, keyblk->keyvalue.length);
|
|
+ for (i=0; i < (int)keyblk->keyvalue.length; i++)
|
|
#else
|
|
printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
|
|
+ keyblkcontents = keyblk->contents;
|
|
for (i=0; i < (int)keyblk->length; i++)
|
|
+#endif
|
|
{
|
|
- printf("%02x",keyblk->contents[i]);
|
|
+ printf("%02x",keyblkcontents[i]);
|
|
}
|
|
printf("\n");
|
|
-#endif
|
|
}
|
|
|
|
|
|
@@ -1034,10 +1054,37 @@
|
|
print_krb5_princ(char *label, krb5_principal_data *princ)
|
|
{
|
|
int i, ui, uj;
|
|
+ unsigned int realmlength;
|
|
+ char *realmdata;
|
|
|
|
printf("%s principal Realm: ", label);
|
|
if (princ == NULL) return;
|
|
- for (ui=0; ui < (int)princ->realm.length; ui++) putchar(princ->realm.data[ui]);
|
|
+
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ realmlength = krb5_realm_length(princ->realm);
|
|
+ realmdata = krb5_realm_data(princ->realm);
|
|
+#else
|
|
+ realmlength = princ->realm.length;
|
|
+ realmdata = princ->realm.data;
|
|
+#endif
|
|
+
|
|
+ for (ui=0; ui < (int)realmlength; ui++) putchar(realmdata[ui]);
|
|
+
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ printf(" (nametype %d) has %d strings:\n",
|
|
+ princ->name.name_type,
|
|
+ princ->name.name_string.len);
|
|
+ for (i=0; i < (int)princ->name.name_string.len; i++)
|
|
+ {
|
|
+ realmlength = krb5_realm_length(princ->name.name_string.val[i]);
|
|
+ realmdata = krb5_realm_data(princ->name.name_string.val[i]);
|
|
+ printf("\t%d [%d]: ", i, realmlength);
|
|
+ for (uj=0; uj < (int)realmlength; uj++) {
|
|
+ putchar(realmdata[uj]);
|
|
+ }
|
|
+ printf("\n");
|
|
+ }
|
|
+#else
|
|
printf(" (nametype %d) has %d strings:\n", princ->type,princ->length);
|
|
for (i=0; i < (int)princ->length; i++)
|
|
{
|
|
@@ -1047,6 +1094,8 @@
|
|
}
|
|
printf("\n");
|
|
}
|
|
+#endif
|
|
+
|
|
return;
|
|
}
|
|
|
|
@@ -1275,6 +1324,17 @@
|
|
return krb5rc; /* or KRB5KRB_ERR_GENERIC; */
|
|
}
|
|
|
|
+#ifdef KRB5_HEIMDAL
|
|
+ krb5_principal_set_type(krb5context, new5ticket->server,
|
|
+ asn1ticket->sname->nametype->data[0]);
|
|
+/*
|
|
+** To do.
|
|
+** MIT krb5_ticket looks more like the Ticket type of Heimdal,
|
|
+** there seems to be no simple translation.
|
|
+** May be the whole kssl_TKT2tkt function will have to be left out,
|
|
+** and kssl_sget_tkt deeply rewriten for Heimdal.
|
|
+*/
|
|
+#else
|
|
krb5_princ_type(krb5context, new5ticket->server) =
|
|
asn1ticket->sname->nametype->data[0];
|
|
new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
|
|
@@ -1296,6 +1356,7 @@
|
|
asn1ticket->encdata->cipher->data,
|
|
asn1ticket->encdata->cipher->length);
|
|
}
|
|
+#endif
|
|
|
|
*krb5ticket = new5ticket;
|
|
return 0;
|
|
diff -Naur openssl-0.9.8i/ssl/kssl.h openssl-0.9.8i-heimdal/ssl/kssl.h
|
|
--- ssl/kssl.h 2005-04-09 23:55:55.000000000 +0000
|
|
+++ ssl/kssl.h 2008-11-22 16:27:24.000000000 +0000
|
|
@@ -81,6 +81,7 @@
|
|
*/
|
|
#ifdef KRB5_HEIMDAL
|
|
typedef unsigned char krb5_octet;
|
|
+typedef krb5_times krb5_ticket_times;
|
|
#define FAR
|
|
#else
|
|
|