websms/freeipa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Debian patch 4.7.2-3

Browse Source
This commit is contained in:
Timo Aaltonen
2019-05-06 08:43:34 +03:00
committed by Mario Fetka
parent 27edeba051
commit 8bc559c5a1
917 changed files with 1068993 additions and 1184676 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
util/Makefile.am
View File

@@ -1,6 +1,6 @@
AUTOMAKE_OPTIONS = 1.7 subdir-objects
AM_CPPFLAGS = $(CRYPTO_CFLAGS) $(KRB5_CFLAGS) $(LDAP_CFLAGS)
AM_CPPFLAGS = $(CRYPTO_CFLAGS) $(KRB5_CFLAGS) $(LDAP_CFLAGS) $(NSS_CFLAGS)
noinst_LTLIBRARIES = libutil.la
@@ -13,8 +13,4 @@ libutil_la_SOURCES = ipa_krb5.c \
ipa_pwd.h \
ipa_pwd_ntlm.c
libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS)
check_PROGRAMS = t_pwd
TESTS = $(check_PROGRAMS)
t_pwd_LDADD = libutil.la
libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS) $(NSS_LIBS)

457
util/Makefile.in
View File

@@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.2 from Makefile.am.
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2020 Free Software Foundation, Inc.
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -88,7 +88,6 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
check_PROGRAMS = t_pwd$(EXEEXT)
subdir = util
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
@@ -110,7 +109,7 @@ CONFIG_CLEAN_VPATH_FILES =
LTLIBRARIES = $(noinst_LTLIBRARIES)
am__DEPENDENCIES_1 =
libutil_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1)
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
am_libutil_la_OBJECTS = ipa_krb5.lo ipa_ldap.lo ipa_pwd.lo \
ipa_pwd_ntlm.lo
libutil_la_OBJECTS = $(am_libutil_la_OBJECTS)
@@ -118,9 +117,6 @@ AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
am__v_lt_1 =
t_pwd_SOURCES = t_pwd.c
t_pwd_OBJECTS = t_pwd.$(OBJEXT)
t_pwd_DEPENDENCIES = libutil.la
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
@@ -138,7 +134,7 @@ depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/ipa_krb5.Plo \
./$(DEPDIR)/ipa_ldap.Plo ./$(DEPDIR)/ipa_pwd.Plo \
./$(DEPDIR)/ipa_pwd_ntlm.Plo ./$(DEPDIR)/t_pwd.Po
./$(DEPDIR)/ipa_pwd_ntlm.Plo
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -158,8 +154,8 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_CCLD_1 =
SOURCES = $(libutil_la_SOURCES) t_pwd.c
DIST_SOURCES = $(libutil_la_SOURCES) t_pwd.c
SOURCES = $(libutil_la_SOURCES)
DIST_SOURCES = $(libutil_la_SOURCES)
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
@@ -184,212 +180,7 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
am__tty_colors = { \
$(am__tty_colors_dummy); \
if test "X$(AM_COLOR_TESTS)" = Xno; then \
am__color_tests=no; \
elif test "X$(AM_COLOR_TESTS)" = Xalways; then \
am__color_tests=yes; \
elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \
am__color_tests=yes; \
fi; \
if test $$am__color_tests = yes; then \
red=''; \
grn=''; \
lgn=''; \
blu=''; \
mgn=''; \
brg=''; \
std=''; \
fi; \
}
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
*) f=$$p;; \
esac;
am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
am__install_max = 40
am__nobase_strip_setup = \
srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
am__nobase_strip = \
for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
am__nobase_list = $(am__nobase_strip_setup); \
for p in $$list; do echo "$$p $$p"; done | \
sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
$(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
if (++n[$$2] == $(am__install_max)) \
{ print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
END { for (dir in files) print dir, files[dir] }'
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__uninstall_files_from_dir = { \
test -z "$$files" \
|| { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
|| { echo " ( cd '$$dir' && rm -f" $$files ")"; \
$(am__cd) "$$dir" && rm -f $$files; }; \
}
am__recheck_rx = ^[ ]*:recheck:[ ]*
am__global_test_result_rx = ^[ ]*:global-test-result:[ ]*
am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]*
# A command that, given a newline-separated list of test names on the
# standard input, print the name of the tests that are to be re-run
# upon "make recheck".
am__list_recheck_tests = $(AWK) '{ \
recheck = 1; \
while ((rc = (getline line < ($$0 ".trs"))) != 0) \
{ \
if (rc < 0) \
{ \
if ((getline line2 < ($$0 ".log")) < 0) \
recheck = 0; \
break; \
} \
else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \
{ \
recheck = 0; \
break; \
} \
else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \
{ \
break; \
} \
}; \
if (recheck) \
print $$0; \
close ($$0 ".trs"); \
close ($$0 ".log"); \
}'
# A command that, given a newline-separated list of test names on the
# standard input, create the global log from their .trs and .log files.
am__create_global_log = $(AWK) ' \
function fatal(msg) \
{ \
print "fatal: making $@: " msg | "cat >&2"; \
exit 1; \
} \
function rst_section(header) \
{ \
print header; \
len = length(header); \
for (i = 1; i <= len; i = i + 1) \
printf "="; \
printf "\n\n"; \
} \
{ \
copy_in_global_log = 1; \
global_test_result = "RUN"; \
while ((rc = (getline line < ($$0 ".trs"))) != 0) \
{ \
if (rc < 0) \
fatal("failed to read from " $$0 ".trs"); \
if (line ~ /$(am__global_test_result_rx)/) \
{ \
sub("$(am__global_test_result_rx)", "", line); \
sub("[ ]*$$", "", line); \
global_test_result = line; \
} \
else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \
copy_in_global_log = 0; \
}; \
if (copy_in_global_log) \
{ \
rst_section(global_test_result ": " $$0); \
while ((rc = (getline line < ($$0 ".log"))) != 0) \
{ \
if (rc < 0) \
fatal("failed to read from " $$0 ".log"); \
print line; \
}; \
printf "\n"; \
}; \
close ($$0 ".trs"); \
close ($$0 ".log"); \
}'
# Restructured Text title.
am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; }
# Solaris 10 'make', and several other traditional 'make' implementations,
# pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it
# by disabling -e (using the XSI extension "set +e") if it's set.
am__sh_e_setup = case $$- in *e*) set +e;; esac
# Default flags passed to test drivers.
am__common_driver_flags = \
--color-tests "$$am__color_tests" \
--enable-hard-errors "$$am__enable_hard_errors" \
--expect-failure "$$am__expect_failure"
# To be inserted before the command running the test. Creates the
# directory for the log if needed. Stores in $dir the directory
# containing $f, in $tst the test, in $log the log. Executes the
# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and
# passes TESTS_ENVIRONMENT. Set up options for the wrapper that
# will run the test scripts (or their associated LOG_COMPILER, if
# thy have one).
am__check_pre = \
$(am__sh_e_setup); \
$(am__vpath_adj_setup) $(am__vpath_adj) \
$(am__tty_colors); \
srcdir=$(srcdir); export srcdir; \
case "$@" in \
*/*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \
*) am__odir=.;; \
esac; \
test "x$$am__odir" = x"." || test -d "$$am__odir" \
|| $(MKDIR_P) "$$am__odir" || exit $$?; \
if test -f "./$$f"; then dir=./; \
elif test -f "$$f"; then dir=; \
else dir="$(srcdir)/"; fi; \
tst=$$dir$$f; log='$@'; \
if test -n '$(DISABLE_HARD_ERRORS)'; then \
am__enable_hard_errors=no; \
else \
am__enable_hard_errors=yes; \
fi; \
case " $(XFAIL_TESTS) " in \
*[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \
am__expect_failure=yes;; \
*) \
am__expect_failure=no;; \
esac; \
$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT)
# A shell command to get the names of the tests scripts with any registered
# extension removed (i.e., equivalently, the names of the test logs, with
# the '.log' extension removed). The result is saved in the shell variable
# '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly,
# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)",
# since that might cause problem with VPATH rewrites for suffix-less tests.
# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'.
am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
TEST_EXTENSIONS = @EXEEXT@ .test
LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS)
am__set_b = \
case '$@' in \
*/*) \
case '$*' in \
*/*) b='$*';; \
*) b=`echo '$@' | sed 's/\.log$$//'`; \
esac;; \
*) \
b='$*';; \
esac
am__test_logs1 = $(TESTS:=.log)
am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log)
TEST_LOGS = $(am__test_logs2:.test.log=.log)
TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
$(TEST_LOG_FLAGS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
$(top_srcdir)/test-driver
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -448,8 +239,6 @@ JSLINT = @JSLINT@
KRAD_LIBS = @KRAD_LIBS@
KRB5KDC_SERVICE = @KRB5KDC_SERVICE@
KRB5_CFLAGS = @KRB5_CFLAGS@
KRB5_GSSAPI_CFLAGS = @KRB5_GSSAPI_CFLAGS@
KRB5_GSSAPI_LIBS = @KRB5_GSSAPI_LIBS@
KRB5_LIBS = @KRB5_LIBS@
LD = @LD@
LDAP_CFLAGS = @LDAP_CFLAGS@
@@ -492,10 +281,11 @@ NM = @NM@
NMEDIT = @NMEDIT@
NSPR_CFLAGS = @NSPR_CFLAGS@
NSPR_LIBS = @NSPR_LIBS@
NSS_CFLAGS = @NSS_CFLAGS@
NSS_LIBS = @NSS_LIBS@
NUM_VERSION = @NUM_VERSION@
OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
ODS_GROUP = @ODS_GROUP@
ODS_USER = @ODS_USER@
OTOOL = @OTOOL@
OTOOL64 = @OTOOL64@
@@ -516,6 +306,8 @@ POPT_LIBS = @POPT_LIBS@
POSUB = @POSUB@
PYLINT = @PYLINT@
PYTHON = @PYTHON@
PYTHON2 = @PYTHON2@
PYTHON3 = @PYTHON3@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
PYTHON_INSTALL_EXTRA_OPTIONS = @PYTHON_INSTALL_EXTRA_OPTIONS@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
@@ -603,9 +395,7 @@ program_transform_name = @program_transform_name@
psdir = @psdir@
pyexecdir = @pyexecdir@
pythondir = @pythondir@
runstatedir = @runstatedir@
sbindir = @sbindir@
selinux_makefile = @selinux_makefile@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
@@ -617,7 +407,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = 1.7 subdir-objects
AM_CPPFLAGS = $(CRYPTO_CFLAGS) $(KRB5_CFLAGS) $(LDAP_CFLAGS)
AM_CPPFLAGS = $(CRYPTO_CFLAGS) $(KRB5_CFLAGS) $(LDAP_CFLAGS) $(NSS_CFLAGS)
noinst_LTLIBRARIES = libutil.la
libutil_la_SOURCES = ipa_krb5.c \
ipa_krb5.h \
@@ -628,13 +418,11 @@ libutil_la_SOURCES = ipa_krb5.c \
ipa_pwd.h \
ipa_pwd_ntlm.c
libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS)
TESTS = $(check_PROGRAMS)
t_pwd_LDADD = libutil.la
libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS) $(NSS_LIBS)
all: all-am
.SUFFIXES:
.SUFFIXES: .c .lo .log .o .obj .test .test$(EXEEXT) .trs
.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
@@ -665,15 +453,6 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
clean-checkPROGRAMS:
@list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \
echo " rm -f" $$list; \
rm -f $$list || exit $$?; \
test -n "$(EXEEXT)" || exit 0; \
list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
echo " rm -f" $$list; \
rm -f $$list
clean-noinstLTLIBRARIES:
-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
@list='$(noinst_LTLIBRARIES)'; \
@@ -688,10 +467,6 @@ clean-noinstLTLIBRARIES:
libutil.la: $(libutil_la_OBJECTS) $(libutil_la_DEPENDENCIES) $(EXTRA_libutil_la_DEPENDENCIES)
$(AM_V_CCLD)$(LINK) $(libutil_la_OBJECTS) $(libutil_la_LIBADD) $(LIBS)
t_pwd$(EXEEXT): $(t_pwd_OBJECTS) $(t_pwd_DEPENDENCIES) $(EXTRA_t_pwd_DEPENDENCIES)
@rm -f t_pwd$(EXEEXT)
$(AM_V_CCLD)$(LINK) $(t_pwd_OBJECTS) $(t_pwd_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -702,7 +477,6 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipa_ldap.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipa_pwd.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipa_pwd_ntlm.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/t_pwd.Po@am__quote@ # am--include-marker
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@@ -792,169 +566,6 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
# Recover from deleted '.trs' file; this should ensure that
# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create
# both 'foo.log' and 'foo.trs'. Break the recipe in two subshells
# to avoid problems with "make -n".
.log.trs:
rm -f $< $@
$(MAKE) $(AM_MAKEFLAGS) $<
# Leading 'am--fnord' is there to ensure the list of targets does not
# expand to empty, as could happen e.g. with make check TESTS=''.
am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck)
am--force-recheck:
@:
$(TEST_SUITE_LOG): $(TEST_LOGS)
@$(am__set_TESTS_bases); \
am__f_ok () { test -f "$$1" && test -r "$$1"; }; \
redo_bases=`for i in $$bases; do \
am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \
done`; \
if test -n "$$redo_bases"; then \
redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \
redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \
if $(am__make_dryrun); then :; else \
rm -f $$redo_logs && rm -f $$redo_results || exit 1; \
fi; \
fi; \
if test -n "$$am__remaking_logs"; then \
echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \
"recursion detected" >&2; \
elif test -n "$$redo_logs"; then \
am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \
fi; \
if $(am__make_dryrun); then :; else \
st=0; \
errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \
for i in $$redo_bases; do \
test -f $$i.trs && test -r $$i.trs \
|| { echo "$$errmsg $$i.trs" >&2; st=1; }; \
test -f $$i.log && test -r $$i.log \
|| { echo "$$errmsg $$i.log" >&2; st=1; }; \
done; \
test $$st -eq 0 || exit 1; \
fi
@$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \
ws='[ ]'; \
results=`for b in $$bases; do echo $$b.trs; done`; \
test -n "$$results" || results=/dev/null; \
all=` grep "^$$ws*:test-result:" $$results | wc -l`; \
pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \
fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \
skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \
xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \
xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \
error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \
if test `expr $$fail + $$xpass + $$error` -eq 0; then \
success=true; \
else \
success=false; \
fi; \
br='==================='; br=$$br$$br$$br$$br; \
result_count () \
{ \
if test x"$$1" = x"--maybe-color"; then \
maybe_colorize=yes; \
elif test x"$$1" = x"--no-color"; then \
maybe_colorize=no; \
else \
echo "$@: invalid 'result_count' usage" >&2; exit 4; \
fi; \
shift; \
desc=$$1 count=$$2; \
if test $$maybe_colorize = yes && test $$count -gt 0; then \
color_start=$$3 color_end=$$std; \
else \
color_start= color_end=; \
fi; \
echo "$${color_start}# $$desc $$count$${color_end}"; \
}; \
create_testsuite_report () \
{ \
result_count $$1 "TOTAL:" $$all "$$brg"; \
result_count $$1 "PASS: " $$pass "$$grn"; \
result_count $$1 "SKIP: " $$skip "$$blu"; \
result_count $$1 "XFAIL:" $$xfail "$$lgn"; \
result_count $$1 "FAIL: " $$fail "$$red"; \
result_count $$1 "XPASS:" $$xpass "$$red"; \
result_count $$1 "ERROR:" $$error "$$mgn"; \
}; \
{ \
echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \
$(am__rst_title); \
create_testsuite_report --no-color; \
echo; \
echo ".. contents:: :depth: 2"; \
echo; \
for b in $$bases; do echo $$b; done \
| $(am__create_global_log); \
} >$(TEST_SUITE_LOG).tmp || exit 1; \
mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \
if $$success; then \
col="$$grn"; \
else \
col="$$red"; \
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
if $$success; then :; else \
echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \
if test -n "$(PACKAGE_BUGREPORT)"; then \
echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \
fi; \
echo "$$col$$br$$std"; \
fi; \
$$success || exit 1
check-TESTS: $(check_PROGRAMS)
@list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list
@list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@set +e; $(am__set_TESTS_bases); \
log_list=`for i in $$bases; do echo $$i.log; done`; \
trs_list=`for i in $$bases; do echo $$i.trs; done`; \
log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \
$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \
exit $$?;
recheck: all $(check_PROGRAMS)
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@set +e; $(am__set_TESTS_bases); \
bases=`for i in $$bases; do echo $$i; done \
| $(am__list_recheck_tests)` || exit 1; \
log_list=`for i in $$bases; do echo $$i.log; done`; \
log_list=`echo $$log_list`; \
$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \
am__force_recheck=am--force-recheck \
TEST_LOGS="$$log_list"; \
exit $$?
t_pwd.log: t_pwd$(EXEEXT)
@p='t_pwd$(EXEEXT)'; \
b='t_pwd'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
.test.log:
@p='$<'; \
$(am__set_b); \
$(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
@am__EXEEXT_TRUE@.test$(EXEEXT).log:
@am__EXEEXT_TRUE@ @p='$<'; \
@am__EXEEXT_TRUE@ $(am__set_b); \
@am__EXEEXT_TRUE@ $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
@@ -989,8 +600,6 @@ distdir-am: $(DISTFILES)
fi; \
done
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
all-am: Makefile $(LTLIBRARIES)
installdirs:
@@ -1014,9 +623,6 @@ install-strip:
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic:
-test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS)
-test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs)
-test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
clean-generic:
@@ -1029,15 +635,14 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
clean-am: clean-checkPROGRAMS clean-generic clean-libtool \
clean-noinstLTLIBRARIES mostlyclean-am
clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
mostlyclean-am
distclean: distclean-am
-rm -f ./$(DEPDIR)/ipa_krb5.Plo
-rm -f ./$(DEPDIR)/ipa_ldap.Plo
-rm -f ./$(DEPDIR)/ipa_pwd.Plo
-rm -f ./$(DEPDIR)/ipa_pwd_ntlm.Plo
-rm -f ./$(DEPDIR)/t_pwd.Po
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -1087,7 +692,6 @@ maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/ipa_ldap.Plo
-rm -f ./$(DEPDIR)/ipa_pwd.Plo
-rm -f ./$(DEPDIR)/ipa_pwd_ntlm.Plo
-rm -f ./$(DEPDIR)/t_pwd.Po
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -1106,22 +710,21 @@ ps-am:
uninstall-am:
.MAKE: check-am install-am install-strip
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-TESTS \
check-am clean clean-checkPROGRAMS clean-generic clean-libtool \
clean-noinstLTLIBRARIES cscopelist-am ctags ctags-am distclean \
distclean-compile distclean-generic distclean-libtool \
distclean-tags distdir dvi dvi-am html html-am info info-am \
install install-am install-data install-data-am install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am install-man \
install-pdf install-pdf-am install-ps install-ps-am \
install-strip installcheck installcheck-am installdirs \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
pdf pdf-am ps ps-am recheck tags tags-am uninstall \
uninstall-am
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
clean-generic clean-libtool clean-noinstLTLIBRARIES \
cscopelist-am ctags ctags-am distclean distclean-compile \
distclean-generic distclean-libtool distclean-tags distdir dvi \
dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \
install-exec install-exec-am install-html install-html-am \
install-info install-info-am install-man install-pdf \
install-pdf-am install-ps install-ps-am install-strip \
installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
.PRECIOUS: Makefile

20
util/ipa_krb5.c
View File

@@ -31,13 +31,6 @@
#include "ipa_krb5.h"
#define TOSTR(x) STR(x)
#define STR(x) #x
const char *ipapwd_password_max_len_errmsg = \
"clear-text password is too long (max " \
TOSTR(IPAPWD_PASSWORD_MAX_LEN) \
" chars)!";
/* Salt types */
#define KRB5P_SALT_SIZE 16
@@ -132,13 +125,6 @@ krb5_error_code ipa_krb5_generate_key_data(krb5_context krbctx,
int num_keys;
int i;
if ((pwd.data != NULL) && (pwd.length > IPAPWD_PASSWORD_MAX_LEN)) {
kerr = E2BIG;
krb5_set_error_message(krbctx, kerr, "%s",
ipapwd_password_max_len_errmsg);
return kerr;
}
num_keys = num_encsalts;
keys = calloc(num_keys, sizeof(krb5_key_data));
if (!keys) {
@@ -568,7 +554,7 @@ int ber_decode_krb5_key_data(struct berval *encoded, int *m_kvno,
retag = ber_peek_tag(be, &setlen);
if (retag == (LBER_CONSTRUCTED | LBER_CLASS_CONTEXT | 2)) {
/* not supported yet, skip */
retag = ber_scanf(be, "t[x]}", &tag);
retag = ber_scanf(be, "t[x]}");
} else {
retag = ber_scanf(be, "}");
}
@@ -984,10 +970,6 @@ int create_keys(krb5_context krbctx,
if (password) {
key_password.data = password;
key_password.length = strlen(password);
if (key_password.length > IPAPWD_PASSWORD_MAX_LEN) {
*err_msg = _("Password is too long!\n");
return 0;
}
realm = krb5_princ_realm(krbctx, princ);
}

5
util/ipa_krb5.h
View File

@@ -1,10 +1,8 @@
#pragma once
#include <time.h>
#include <lber.h>
#include <krb5/krb5.h>
#include <kdb.h>
#include <syslog.h>
struct krb_key_salt {
krb5_enctype enctype;
@@ -31,9 +29,6 @@ struct keys_container {
#define KEYTAB_RET_OID "2.16.840.1.113730.3.8.10.2"
#define KEYTAB_GET_OID "2.16.840.1.113730.3.8.10.5"
#define IPAPWD_PASSWORD_MAX_LEN 1000
extern const char *ipapwd_password_max_len_errmsg;
int krb5_klog_syslog(int, const char *, ...);
void

59
util/ipa_ldap.c
View File

@@ -24,43 +24,6 @@
#include "ipa_ldap.h"
/** Print LDAP error message to stderr
*
* The help function prints custom error message, LDAP error string,
* diagnostic message (if available) to stderr.
*
* @param ld LDAP connection
* @param errnum error code from LDAP operation
* @param msg Additional custom error message (must include trailing
* new line)
*/
void ipa_ldap_error(LDAP *ld, int errnum, char *msg)
{
const char *errstring;
char *diagnostic = NULL;
int ret = 0;
int has_diagnostic = 0;
/* print custom message msg first. All msg strings have trailing newline
*/
fprintf(stderr, "%s", msg);
/* Get human readable error string and diagnostic message */
errstring = ldap_err2string(errnum);
ret = ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&diagnostic);
has_diagnostic = ((ret == LDAP_SUCCESS) && diagnostic && *diagnostic);
if (errstring && has_diagnostic) {
fprintf(stderr, " %s: %s\n", errstring, diagnostic);
} else if (errstring) {
fprintf(stderr, " %s\n", errstring);
} else if (has_diagnostic) {
fprintf(stderr, " %i: %s\n", errnum, diagnostic);
}
/* else no additional error message */
}
/** Initialize LDAP context
*
* Initializes an LDAP context for a given LDAP URI. LDAP protocol version
@@ -86,15 +49,15 @@ int ipa_ldap_init(LDAP **ld, const char *ldap_uri)
/* StartTLS and other features need LDAP protocol version 3 */
ret = ldap_set_option(*ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (ret != LDAP_SUCCESS) {
ipa_ldap_error(*ld, ret, _("Unable to set LDAP_OPT_PROTOCOL_VERSION\n")
);
fprintf(stderr, _("Unable to set LDAP_OPT_PROTOCOL_VERSION\n"));
return ret;
}
#ifdef LDAP_OPT_X_SASL_NOCANON
/* Don't do DNS canonization */
ret = ldap_set_option(*ld, LDAP_OPT_X_SASL_NOCANON, LDAP_OPT_ON);
if (ret != LDAP_SUCCESS) {
ipa_ldap_error(*ld, ret, _("Unable to set LDAP_OPT_X_SASL_NOCANON\n"));
fprintf(stderr, _("Unable to set LDAP_OPT_X_SASL_NOCANON\n"));
return ret;
}
#endif
@@ -122,38 +85,32 @@ int ipa_tls_ssl_init(LDAP *ld, const char *ldap_uri,
ret = ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTFILE, ca_cert_file);
if (ret != LDAP_OPT_SUCCESS) {
ipa_ldap_error(ld, ret,
_("Unable to set LDAP_OPT_X_TLS_CACERTFILE\n"));
fprintf(stderr, _("Unable to set LDAP_OPT_X_TLS_CACERTFILE\n"));
return ret;
}
/* Require a valid certificate */
ret = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &tls_demand);
if (ret != LDAP_OPT_SUCCESS) {
ipa_ldap_error(ld, ret,
_("Unable to set LDAP_OPT_X_TLS_REQUIRE_CERT\n"));
fprintf(stderr, _("Unable to set LDAP_OPT_X_TLS_REQUIRE_CERT\n"));
return ret;
}
/* Disable SSLv2 and SSLv3 */
ret = ldap_set_option(ld, LDAP_OPT_X_TLS_PROTOCOL_MIN, &tlsv1_0);
if (ret != LDAP_OPT_SUCCESS) {
ipa_ldap_error(ld, ret,
_("Unable to set LDAP_OPT_X_TLS_PROTOCOL_MIN\n"));
fprintf(stderr, _("Unable to set LDAP_OPT_X_TLS_PROTOCOL_MIN\n"));
return ret;
}
/* Apply TLS settings and create new client context */
ret = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &newctx);
if (ret != LDAP_OPT_SUCCESS) {
ipa_ldap_error(ld, ret,
_("Unable to create new TLS context (OpenSSL failed "
"to initialize or to load certificates)\n"));
fprintf(stderr, _("Unable to set LDAP_OPT_X_TLS_NEWCTX\n"));
return ret;
}
if (strncmp(ldap_uri, SCHEMA_LDAP, sizeof(SCHEMA_LDAP) - 1) == 0) {
ret = ldap_start_tls_s(ld, NULL, NULL);
if (ret != LDAP_SUCCESS) {
ipa_ldap_error(ld, ret,
_("Unable to initialize STARTTLS session\n"));
fprintf(stderr, _("Unable to initialize STARTTLS session\n"));
return ret;
}
}

1
util/ipa_ldap.h
View File

@@ -37,4 +37,3 @@
int ipa_ldap_init(LDAP **ld, const char *ldap_uri);
int ipa_tls_ssl_init(LDAP *ld, const char *ldap_uri,
const char *ca_cert_file);
void ipa_ldap_error(LDAP *ld, int errnum, char *msg);

135
util/ipa_pwd.c
View File

@@ -23,16 +23,17 @@
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
#endif
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <ctype.h>
#include <fcntl.h>
#include <unistd.h>
#include <nss.h>
#include <nssb64.h>
#include <hasht.h>
#include <pk11pub.h>
#include <errno.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
#include "ipa_pwd.h"
#define GENERALIZED_TIME_LENGTH 15
@@ -160,23 +161,31 @@ static int ipapwd_gentime_cmp(const void *p1, const void *p2)
#define SHA_SALT_LENGTH 8
static int ipapwd_hash_type_to_alg(const char *hash_type,
char **hash_alg_sn)
/* SHA*_LENGTH leghts come from nss3/hasht.h */
#define SHA_HASH_MAX_LENGTH SHA512_LENGTH
static int ipapwd_hash_type_to_alg(char *hash_type,
SECOidTag *hash_alg,
unsigned int *hash_alg_len)
{
if (strncmp("{SSHA}", hash_type, 6) == 0) {
*hash_alg_sn = SN_sha1;
*hash_alg = SEC_OID_SHA1;
*hash_alg_len = SHA1_LENGTH;
return 0;
}
if (strncmp("{SHA256}", hash_type, 8) == 0) {
*hash_alg_sn = SN_sha256;
*hash_alg = SEC_OID_SHA256;
*hash_alg_len = SHA256_LENGTH;
return 0;
}
if (strncmp("{SHA384}", hash_type, 8) == 0) {
*hash_alg_sn = SN_sha384;
*hash_alg = SEC_OID_SHA384;
*hash_alg_len = SHA384_LENGTH;
return 0;
}
if (strncmp("{SHA512}", hash_type, 8) == 0) {
*hash_alg_sn = SN_sha512;
*hash_alg = SEC_OID_SHA512;
*hash_alg_len = SHA512_LENGTH;
return 0;
}
@@ -193,8 +202,8 @@ static int ipapwd_hash_type_to_alg(const char *hash_type,
*
* @return 0 on success, -1 on error.
*/
int ipapwd_hash_password(char *password,
const char *hash_type,
static int ipapwd_hash_password(char *password,
char *hash_type,
unsigned char *salt,
unsigned char **full_hash,
unsigned int *full_hash_len)
@@ -204,53 +213,47 @@ int ipapwd_hash_password(char *password,
unsigned char *pwd = (unsigned char *)password;
unsigned int pwdlen = strlen(password);
unsigned char saltbuf[SHA_SALT_LENGTH];
unsigned char hash[EVP_MAX_MD_SIZE] = { 0 };
unsigned char hash[SHA_HASH_MAX_LENGTH];
unsigned int hash_len;
SECOidTag hash_alg;
unsigned int hash_alg_len;
PK11Context *ctx = NULL;
int ret;
EVP_MD_CTX *ctx = NULL;
char *hash_alg_sn = NULL;
const EVP_MD* hash_alg = NULL;
NSS_NoDB_Init(".");
if (!salt) {
RAND_bytes(saltbuf, SHA_SALT_LENGTH);
PK11_GenerateRandom(saltbuf, SHA_SALT_LENGTH);
salt = saltbuf;
}
ret = ipapwd_hash_type_to_alg(hash_type, &hash_alg_sn);
ret = ipapwd_hash_type_to_alg(hash_type, &hash_alg, &hash_alg_len);
if (ret) {
return -1;
}
hash_alg = EVP_get_digestbyname(hash_alg_sn);
if (!hash_alg) {
return -1;
}
ctx = EVP_MD_CTX_new();
ctx = PK11_CreateDigestContext(hash_alg);
if (ctx == NULL) {
return -1;
}
ret = EVP_DigestInit_ex(ctx, hash_alg, NULL);
if (ret) {
ret = EVP_DigestUpdate(ctx, pwd, pwdlen);
memset(hash, 0, sizeof(hash));
ret = PK11_DigestBegin(ctx);
if (ret == SECSuccess) {
ret = PK11_DigestOp(ctx, pwd, pwdlen);
}
if (ret) {
ret = EVP_DigestUpdate(ctx, salt, SHA_SALT_LENGTH);
if (ret == SECSuccess) {
ret = PK11_DigestOp(ctx, salt, SHA_SALT_LENGTH);
}
if (ret) {
ret = EVP_DigestFinal_ex(ctx, hash, &hash_len);
if (ret == SECSuccess) {
ret = PK11_DigestFinal(ctx, hash, &hash_len, hash_alg_len);
}
if (!ret) {
if (ret != SECSuccess) {
ret = -1;
goto done;
}
else
ret = 0;
if (hash_len != (unsigned int) EVP_MD_CTX_size(ctx)) {
if (hash_len != hash_alg_len) {
ret = -1;
goto done;
}
@@ -266,7 +269,7 @@ int ipapwd_hash_password(char *password,
memset(fh + fhl, '\0', 1);
done:
EVP_MD_CTX_free(ctx);
PK11_DestroyContext(ctx, 1);
*full_hash = fh;
*full_hash_len = fhl;
return ret;
@@ -288,11 +291,14 @@ static int ipapwd_cmp_password(char *password, char *historyString)
char *hash_type;
char *b64part;
size_t b64_len;
SECItem *item;
unsigned char *salt;
unsigned char *hash = NULL;
unsigned int hash_len;
int ret;
NSS_NoDB_Init(".");
hash_type = historyString;
b64part = strchr(historyString, '}');
if (!b64part) {
@@ -301,32 +307,27 @@ static int ipapwd_cmp_password(char *password, char *historyString)
b64part++;
b64_len = strlen(b64part);
unsigned char *item_data = (unsigned char *) OPENSSL_malloc(sizeof(char) * b64_len);
if (!item_data) {
item = NSSBase64_DecodeBuffer(NULL, NULL, b64part, b64_len);
if (!item) {
return -1;
}
size_t item_len = EVP_DecodeBlock(item_data, (unsigned char *) b64part, b64_len);
if (!item_data) {
return -1;
}
if (item_len <= SHA_SALT_LENGTH) {
if (item->len <= SHA_SALT_LENGTH) {
ret = -1;
goto done;
}
salt = item_data + (item_len - SHA_SALT_LENGTH);
salt = item->data + (item->len - SHA_SALT_LENGTH);
ret = ipapwd_hash_password(password, hash_type, salt, &hash, &hash_len);
if (ret != 0) {
goto done;
}
if (hash_len != item_len) {
if (hash_len != item->len) {
ret = 1;
goto done;
}
if (CRYPTO_memcmp(item_data, hash, hash_len)) {
if (memcmp(item->data, hash, hash_len)) {
ret = 1;
goto done;
}
@@ -334,9 +335,7 @@ static int ipapwd_cmp_password(char *password, char *historyString)
ret = 0;
done:
if (item_data)
OPENSSL_clear_free(item_data, sizeof(char) * b64_len);
SECITEM_FreeItem(item, 1);
free(hash);
return ret;
}
@@ -361,33 +360,33 @@ static char *ipapwd_hash_to_history(time_t hash_time,
{
struct tm utctime;
char timestr[GENERALIZED_TIME_LENGTH+1];
unsigned char *encoded = NULL;
char *history = NULL;
SECItem item;
char *encoded;
char *history;
int ret;
if (!gmtime_r(&hash_time, &utctime))
goto cleanup;
if (!gmtime_r(&hash_time, &utctime)) {
return NULL;
}
strftime(timestr, GENERALIZED_TIME_LENGTH+1, "%Y%m%d%H%M%SZ", &utctime);
encoded = (unsigned char *) malloc(4 * (hash_len * sizeof(*encoded) / 3) + 1);
if (!encoded)
goto cleanup;
NSS_NoDB_Init(".");
ret = EVP_EncodeBlock(encoded, hash, hash_len);
if (ret < 1)
goto cleanup;
item.type = siBuffer;
item.data = hash;
item.len = hash_len;
encoded = NSSBase64_EncodeItem(NULL, NULL, 0, &item);
if (!encoded) {
return NULL;
}
ret = asprintf(&history, "%s%s%s", timestr, hash_type, encoded);
if (ret == -1) {
history = NULL;
goto cleanup;
}
cleanup:
if (encoded)
free(encoded);
free(encoded);
return history;
}

7
util/ipa_pwd.h
View File

@@ -22,7 +22,6 @@
#pragma once
#include <stdbool.h>
#include <stdint.h>
#include <time.h> /* for time_t */
@@ -60,12 +59,6 @@ struct ipapwd_policy {
time_t ipapwd_gentime_to_time_t(char *timestr);
int ipapwd_hash_password(char *password,
const char *hash_type,
unsigned char *salt,
unsigned char **full_hash,
unsigned int *full_hash_len);
int ipapwd_check_policy(struct ipapwd_policy *policy,
char *password,
time_t cur_time,

1
util/ipa_pwd_ntlm.c
View File

@@ -103,7 +103,6 @@ int encode_nt_key(char *newPasswd, uint8_t *nt_key)
}
ret = 0;
free(ucs2Passwd);
done:
return ret;

61
util/t_pwd.c
View File

@@ -1,61 +0,0 @@
/*
* Copyright (C) 2020 FreeIPA Contributors see COPYING for license
*/
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
#endif
#include <assert.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "ipa_pwd.h"
#define RES(algo, ...) { algo, (uint8_t[]){__VA_ARGS__}, sizeof((uint8_t[]){__VA_ARGS__}) }
static const struct {
char *algo;
uint8_t *res;
size_t res_size;
} hash_tests[] = {
/* {SSHA} */
RES("{SSHA}", 30, 226, 112, 72, 241, 233, 125, 4, 27, 158, 228, 238, 180, 21, 179, 121, 48, 59, 100, 3, 0, 1, 2,
3, 4, 5, 6, 7),
/* {SHA256} */
RES("{SHA256}", 162, 175, 215, 45, 209, 245, 101, 173, 242, 116, 208, 128, 28, 159, 206, 241, 255, 65, 245, 82,
218, 244, 27, 99, 57, 215, 96, 93, 7, 176, 195, 175, 0, 1, 2, 3, 4, 5, 6, 7),
/* {SHA384} */
RES("{SHA384}", 214, 104, 216, 118, 234, 225, 221, 104, 228, 82, 156, 86, 230, 47, 185, 170, 119, 35, 153, 160,
142, 153, 141, 101, 74, 17, 150, 219, 9, 243, 170, 242, 225, 128, 173, 102, 198, 231, 121, 124, 86, 210, 19,
11, 237, 150, 157, 176, 0, 1, 2, 3, 4, 5, 6, 7),
/* {SHA512} */
RES("{SHA512}", 157, 177, 112, 19, 84, 152, 211, 233, 139, 237, 240, 235, 207, 79, 232, 252, 123, 150, 114, 169,
206, 95, 196, 141, 31, 58, 195, 220, 212, 168, 98, 67, 1, 255, 211, 129, 67, 181, 114, 214, 243, 236, 41,
247, 118, 167, 139, 70, 192, 172, 128, 94, 9, 225, 208, 98, 23, 148, 182, 202, 28, 130, 22, 30, 0, 1, 2, 3,
4, 5, 6, 7)
};
int main(int argc, const char *argv[]) {
(void) argc;
(void) argv;
char pw[] = "test";
uint8_t salt[8] = {0, 1, 2, 3, 4, 5, 6, 7};
unsigned char *hash;
unsigned int hash_length;
for (long unsigned int i = 0; i < sizeof(hash_tests) / sizeof(*hash_tests); i++) {
if (ipapwd_hash_password(pw, hash_tests[i].algo, salt, &hash, &hash_length) == 0) {
assert(memcmp(hash, hash_tests[i].res, hash_tests[i].res_size) == 0);
} else {
assert(false);
}
fprintf(stderr, "Algo: %s OK, length: %i\n", hash_tests[i].algo, hash_length);
free(hash);
}
return 0;
}