[2149] in Kerberos-V5-bugs
MH patch for Kerberos 5 POP
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Wed Aug 14 15:24:21 1996
To: krb5-bugs@MIT.EDU
Date: Wed, 14 Aug 1996 15:24:08 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <21413.840050606.1@nexus.cmf.nrl.navy.mil>
There was some interest in my patch for MH to get Kerberos POP working. I
just got this working a few days ago, and I've been using it for all my
mail over the past couple of days and it seems pretty solid. I've attached
the patch to this message. It would be really cool if this could be included
in the next beta of Kerberos :-)
Comments about this patch are welcome.
--Ken
------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <21413.840050606.2@nexus.cmf.nrl.navy.mil>
Content-Description: Patch to mh-6.8 sources
--- zotnet/mts/client.c.orig Mon Aug 12 00:26:34 1996
+++ zotnet/mts/client.c Mon Aug 12 01:36:12 1996
@@ -26,6 +26,22 @@
#include <hesiod.h>
#endif
+#if defined(KPOP) && defined(K5POP)
+#error "You cannot define both KPOP and K5POP"
+#endif
+#ifdef K5POP
+#include "krb5.h"
+/* #include <krb5/ext-proto.h> */
+/* #include <krb5/los-proto.h> */
+#include "com_err.h"
+#include <ctype.h>
+
+static krb5_error_code retval;
+static krb5_ccache ccdef;
+static krb5_principal kclient = NULL, kserver = NULL;
+static krb5_context context;
+#endif
+
#ifdef KPOP
#include <krb.h>
#include <ctype.h>
@@ -76,6 +92,9 @@
static struct addrent *he, *hz;
static struct addrent hosts[MAXHOSTS];
+#ifdef K5POP
+static char *kservice; /* "pop" if using kpop */
+#endif
#ifdef KPOP
char krb_realm[REALM_SZ];
char *PrincipalHostname();
@@ -122,7 +141,7 @@
register struct netent *np;
#endif
register struct servent *sp;
-#ifdef KPOP
+#if defined(KPOP) || defined(K5POP)
char *cp;
if (cp = index (kservice = service, '/')) { /* "pop/kpop" */
@@ -131,12 +150,12 @@
}
else
kservice = NULL; /* not using KERBEROS */
-#endif /* KPOP */
+#endif /* KPOP || K5POP */
if ((sp = getservbyname (service, protocol)) == NULL) {
#ifdef HESIOD
- if ((sp = hes_getservbyname (service, protocol)) == NULL) {
+ if ((sp = (struct servent *) hes_getservbyname (service, protocol)) == NULL) {
(void) sprintf (response, "%s/%s: unknown service",
protocol, service);
return NOTOK;
@@ -219,9 +238,9 @@
register struct addrent *ap;
struct sockaddr_in in_socket;
register struct sockaddr_in *isock = &in_socket;
-#ifdef KPOP
+#if defined(KPOP) || defined(K5POP)
int rem;
-#endif /* KPOP */
+#endif /* KPOP || K5POP */
for (ap = nets; ap < ne; ap++)
if (ap -> a_addrtype == hp -> h_addrtype && inet (hp, ap -> a_net))
@@ -265,6 +284,65 @@
return NOTOK;
}
+#ifdef K5POP
+ if (kservice) { /* "pop" */
+ krb5_error *err_ret = NULL;
+ krb5_auth_context auth_context = NULL;
+
+ krb5_init_context(&context);
+ krb5_init_ets(context);
+
+ if (retval = krb5_cc_default(context, &ccdef)) {
+ sprintf(response, "Post office refused connection: krb5_cc_default: %s",
+ error_message(retval));
+ close(sd);
+ return OOPS2;
+ }
+ if (retval = krb5_cc_get_principal(context, ccdef, &kclient)) {
+ sprintf(response, "Post office refused connection: krb5_cc_get_principal: %s",
+ error_message(retval));
+ close(sd);
+ return OOPS2;
+ }
+
+ if (retval = krb5_sname_to_principal(context, hp->h_name, kservice,
+ KRB5_NT_SRV_HST,
+ &kserver)) {
+ sprintf(response, "Post office refused connection: krb5_sname_to_principal: %s",
+ error_message(retval));
+ close(sd);
+ return OOPS2;
+ }
+
+ retval = krb5_sendauth(context, &auth_context, (krb5_pointer) &sd,
+ "KPOPV1.0", kclient, kserver,
+ AP_OPTS_MUTUAL_REQUIRED,
+ 0, /* no checksum */
+ 0, /* no creds, use ccache instead */
+ ccdef,
+ &err_ret,
+ 0,
+ 0); /* don't need reply */
+ krb5_free_principal(context, kserver);
+ if (auth_context)
+ krb5_auth_con_free(context, auth_context);
+ if (retval) {
+ if (err_ret && err_ret->text.length) {
+ sprintf(response, "Post office refused connection: %s [server says '%*s'] ",
+ error_message(retval),
+ err_ret->text.length,
+ err_ret->text.data);
+ krb5_free_error(context, err_ret);
+ } else
+ sprintf(response, "Post office refused connection: %s",
+ error_message(retval));
+ close(sd);
+ krb5_free_context(context);
+ return OOPS2;
+ }
+ krb5_free_context(context);
+ }
+#endif /* K5POP */
#ifdef KPOP
if (kservice) { /* "pop" */
ticket = (KTEXT)malloc( sizeof(KTEXT_ST) );
@@ -311,10 +389,10 @@
: "unknown error");
return NOTOK;
}
-#ifdef KPOP
+#if defined(KPOP) || defined(K5POP)
if (kservice) /* "pop" */
return(sd);
-#endif /* KPOP */
+#endif /* KPOP || K5POP */
if (!rproto)
return sd;
--- uip/popsbr.c.orig Mon Aug 12 00:27:00 1996
+++ uip/popsbr.c Mon Aug 12 01:20:50 1996
@@ -15,6 +15,7 @@
#endif /* NNTP */
#include <stdio.h>
#include <signal.h>
+#include <errno.h>
#ifndef POPSERVICE
#define POPSERVICE "pop"
@@ -144,10 +145,15 @@
#endif /* APOP */
#ifndef NNTP
-#ifndef KPOP
+#if !defined(KPOP) && !defined(K5POP)
if ((fd1 = client (host, "tcp", POPSERVICE, rpop, response)) == NOTOK)
#else /* KPOP */
+#ifdef K5POP
(void) sprintf (buffer, "%s/%s", POPSERVICE, "kpop");
+#endif
+#ifdef KPOP
+ (void) sprintf (buffer, "%s/%s", POPSERVICE, "kpop");
+#endif
if ((fd1 = client (host, "tcp", buffer, rpop, response)) == NOTOK)
#endif
#else /* NNTP */
@@ -177,7 +183,7 @@
fprintf (stderr, "<--- %s\n", response);
#ifndef NNTP
if (*response == '+') {
-#ifndef KPOP
+#if !defined(KPOP) && !defined(K5POP)
#ifdef APOP
if (apop < 0) {
char *cp = pop_auth (user, pass);
@@ -191,7 +197,7 @@
&& command ("%s %s", rpop ? "RPOP" : (pophack++, "PASS"),
pass) != NOTOK)
return OK;
-#else /* KPOP */
+#else /* KPOP || K5POP */
if (command ("USER %s", user) != NOTOK
&& command ("PASS %s", pass) != NOTOK)
return OK;
--- uip/inc.c.orig Mon Aug 12 00:27:08 1996
+++ uip/inc.c Mon Aug 12 00:28:27 1996
@@ -19,9 +19,6 @@
#ifdef POP
#include "../h/dropsbr.h"
#endif
-#ifdef KPOP
-#include <krb.h>
-#endif
#ifdef HESIOD
#include <hesiod.h>
#endif
--- conf/mhconfig.c.orig Sat Aug 10 00:13:00 1996
+++ conf/mhconfig.c Mon Aug 12 00:28:29 1996
@@ -134,6 +134,7 @@
"BSD43", 0, /* sgid ttys */
"BSD44", 0, /* manual headings */
"KPOP", 0, /* KERBEROS pop */
+ "K5POP", 0, /* KERBEROS5 pop */
"HESIOD", 0,
"MIME", 0, /* multi-media extensions */
"MPOP", 0, /* mobile pop */
--- conf/makefiles/uip.orig Tue Nov 30 23:00:23 1993
+++ conf/makefiles/uip Tue Aug 13 14:44:56 1996
@@ -84,6 +84,8 @@
@BEGIN: KPOP
KRBLIB = -lkrb -ldes
@END: KPOP
+@BEGIN: K5POP
+KRBLIB = -lkrb5 -lcrypto -lcom_err
@END: POP
@BEGIN: BPOP
PSHLIB = popsbr.o
@@ -328,7 +330,7 @@
bbc: xbbc
xbbc: bbc.o $(PSHLIB) $(LIBES)
- $(LD) $(LDFLAGS) -o $@ bbc.o $(PSHLIB) $(LDLIBS)
+ $(LD) $(LDFLAGS) -o $@ bbc.o $(KRBLIB) $(PSHLIB) $(LDLIBS)
l-bbc:; $(LINT) $(LFLAGS) bbc.c $(PSHLLIBS) $(LLIBS)
@@ -640,7 +642,7 @@
xmhl: mhl.o \
mhlsbr.o trmsbr.o $(LIBES)
$(LD) $(LDFLAGS) -o $@ mhl.o \
- mhlsbr.o trmsbr.o $(LDLIBS) $(LDCURSES)
+ mhlsbr.o trmsbr.o $(KRBLIB) $(LDLIBS) $(LDCURSES)
l-mhl:; $(LINT) $(LFLAGS) mhl.c \
mhlsbr.c trmsbr.c $(LLIBS)
@@ -676,7 +678,7 @@
xmhn: mhn.o ftpsbr.o trmsbr.o $(LIBES)
$(LD) $(LDFLAGS) -o $@ mhn.o ftpsbr.o trmsbr.o \
- $(LDLIBS) $(LDCURSES)
+ $(KRBLIB) $(LDLIBS) $(LDCURSES)
l-mhn:; $(LINT) $(LFLAGS) mhn.c ftpsbr.c trmsbr.c $(LLIBS)
@@ -756,7 +758,7 @@
$(PSHLIB) $(LIBES)
$(LD) $(LDFLAGS) -o $@ msh.o mshcmds.o vmhsbr.o \
picksbr.o scansbr.o dropsbr.o mhlsbr.o trmsbr.o \
- $(PSHLIB) $(LDLIBS) $(LDCURSES)
+ $(PSHLIB) $(KRBLIB) $(LDLIBS) $(LDCURSES)
l-msh:; $(LINT) $(LFLAGS) msh.c mshcmds.c vmhsbr.c \
picksbr.c scansbr.c dropsbr.c mhlsbr.c trmsbr.c \
@@ -809,8 +811,8 @@
popi: xpopi
xpopi: popi.o $(POPLIB) trmsbr.o $(LIBES)
- $(LD) $(LDFLAGS) -o $@ popi.o $(POPLIB) trmsbr.o $(LDLIBS) \
- $(LDCURSES)
+ $(LD) $(LDFLAGS) -o $@ popi.o $(POPLIB) trmsbr.o $(KRBLIB) \
+ $(LDLIBS) $(LDCURSES)
l-popi:; $(LINT) $(LFLAGS) popi.c $(POPLLIBS) trmsbr.c $(LLIBS)
@@ -835,7 +837,7 @@
xpost: post.o \
aliasbr.o $(MTSBRS) $(TMALIB) $(LIBES)
- $(LD) $(LDFLAGS) -o $@ post.o \
+ $(LD) $(KRBLIB) $(LDFLAGS) -o $@ post.o \
aliasbr.o $(MTSBRS) $(TMALIB) $(LDLIBS)
l-post:; $(LINT) $(LFLAGS) post.c \
@@ -1096,7 +1098,7 @@
xshow: show.o \
mhlsbr.o trmsbr.o $(LIBES)
$(LD) $(LDFLAGS) -o $@ show.o \
- mhlsbr.o trmsbr.o $(LDLIBS) $(LDCURSES)
+ mhlsbr.o trmsbr.o $(KRBLIB) $(LDLIBS) $(LDCURSES)
l-show:; $(LINT) $(LFLAGS) show.c \
mhlsbr.c trmsbr.c $(LLIBS)
@@ -1121,7 +1123,7 @@
sbboards: xsbboards
xsbboards: sbboards.o dropsbr.o $(LIBES)
- $(LD) $(LDFLAGS) -o $@ sbboards.o dropsbr.o $(LDLIBS)
+ $(LD) $(LDFLAGS) -o $@ sbboards.o dropsbr.o $(KRBLIB) $(LDLIBS)
l-sbboards:; $(LINT) $(LFLAGS) sbboards.c dropsbr.c $(LLIBS)
------- =_aaaaaaaaaa0--
