[23] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
Diffs to krb5 alpha1.

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Wed Oct 17 03:42:42 1990

Date: Tue, 16 Oct 90 23:38:46 EDT
From: Bill Sommerfeld <sommerfeld@apollo.com>
To: krb5-testers@ATHENA.MIT.EDU

The bulk of the changes include run-time library support for handling
tickets with authorization data included; there are a couple of other
minor portability fixes as well.

Changed files:

	appl/sample/sclient/sclient.c		{auth_data}
	appl/sample/sserver/sserver.c		{auth_data}
	
	asn.1/encode.h				{auth_data}

	clients/kinit/kinit.c			{portability}

	comerr/com_err.c			{portability mess}
	comerr/com_err.h			{portability mess}
	comerr/internal.h			{portability mess}

	include/krb5/asn.1.h			{portability mess}
	include/krb5/ccache.h			{auth_data}
	include/krb5/error_def.h		{portability mess}
	include/krb5/krb5.h			{auth_data, port. mess}
	include/krb5/wordsize.h			{allow include of krb5.h w/o special defs}

	kdc/kdc_util.c				{auth_data}

	lib/ccache/file/fcc_nseq.c		{auth_data}
	lib/ccache/file/fcc_read.c		{auth_data}
	lib/ccache/file/fcc_retrv.c		{auth_data}
	lib/ccache/file/fcc_store.c		{auth_data}
	lib/ccache/file/fcc_write.c		{auth_data}

	lib/krb/gc_via_tgt.c			{auth_data}
	lib/krb/get_creds.c			{auth_data}
	lib/krb/send_tgs.c			{auth_data}

	lib/os/sendto_kdc.c			{allow multihomed kdcs}

	lib/rcache/rc_dfl.h			{portability}

-------------------------
Support acceess to authorization data (for testing purposes).

*** appl/sample/sclient/sclient.c/[krb5_alpha1]	Fri Sep 21 10:17:28 1990
--- appl/sample/sclient/sclient.c	Tue Oct  9 16:54:55 1990
***************
*** 34,39 ****
--- 34,41 ----
  
  #include "sample.h"
  
+ extern krb5_flags krb5_kdc_default_options;
+ 
  void
  main(argc, argv)
  int argc;
***************
*** 50,61 ****
      krb5_error_code retval;
      krb5_ccache ccdef;
      krb5_principal server;
      char **hrealms;
      short xmitlen;
      char sbuf[512];
  
!     if (argc != 2) {
! 	fprintf(stderr, "usage: %s <hostname>\n",argv[0]);
  	exit(1);
      }
      
--- 52,66 ----
      krb5_error_code retval;
      krb5_ccache ccdef;
      krb5_principal server;
+     krb5_creds creds;
+     krb5_authdata **authdata;
+     
      char **hrealms;
      short xmitlen;
      char sbuf[512];
  
!     if (argc < 2) {
! 	fprintf(stderr, "usage: %s <hostname> <auth1> ...\n",argv[0]);
  	exit(1);
      }
      
***************
*** 167,181 ****
  	exit(1);
      }
  
      if (retval = krb5_cc_default(&ccdef)) {
  	com_err(argv[0], retval, "while getting default ccache");
  	exit(1);
      }
  
!     if (retval = krb5_mk_req(server, 0, &send_cksum, ccdef, &send_data)) {
! 	com_err(argv[0], retval, "while preparing AP_REQ");
! 	exit(1);
      }
      xmitlen = htons(send_data.length);
  
      if ((retval = krb5_net_write(sock, (char *)&xmitlen,
--- 172,226 ----
  	exit(1);
      }
  
+     
+     
+     
+     
      if (retval = krb5_cc_default(&ccdef)) {
  	com_err(argv[0], retval, "while getting default ccache");
  	exit(1);
      }
  
!     bzero((char *)&creds, sizeof(creds));
!     creds.server = server;
! 
!     if (retval = krb5_cc_get_principal (ccdef, &creds.client)) {
!         com_err(argv[0], retval, "while getting default principal.");
!         exit(1);
      }
+ 
+     if (argc > 2) {
+ 	int i;
+ 	authdata = (krb5_authdata **) malloc (sizeof(krb5_authdata *)
+ 					  * (argc - 1));
+ 	for (i=0; i < argc-2; i++) {
+ 	    authdata[i] = (krb5_authdata *)malloc (sizeof(krb5_authdata));
+ 	    authdata[i]->ad_type = 0; /* XXX */
+ 	    authdata[i]->length = strlen(argv[i+2]);
+ 	    authdata[i]->contents = (krb5_octet *)argv[i+2];
+ 	}
+ 	authdata[i] = 0;
+ 	
+ 	creds.authdata = authdata;
+     }
+             
+     if (retval = krb5_get_credentials(krb5_kdc_default_options,
+                                       ccdef,
+                                       &creds)) {
+         com_err(argv[0], retval, "while getting ticket.");
+         exit(1);
+     }
+     if (retval = krb5_mk_req_extended(0,
+                                   &send_cksum,
+                                   &creds.times,
+                                   krb5_kdc_default_options,
+                                   ccdef,
+                                   &creds,
+                                   &send_data)) {
+         com_err(argv[0], retval, "while constructing authenticator.");
+         exit(1);
+     }
+ 
      xmitlen = htons(send_data.length);
  
      if ((retval = krb5_net_write(sock, (char *)&xmitlen,

Similarly, mods to this file support auth data for testing purposes.

*** appl/sample/sserver/sserver.c/[krb5_alpha1]	Fri Sep 21 10:17:32 1990
--- appl/sample/sserver/sserver.c	Tue Oct  9 15:41:14 1990
***************
*** 56,61 ****
--- 56,62 ----
      krb5_tkt_authent authd;
      krb5_principal server;
      char repbuf[BUFSIZ];
+     char repbuf1[BUFSIZ];
      char *cname;
  
      krb5_init_ets();
***************
*** 153,159 ****
  	syslog(LOG_ERR, "unparse failed: %s", error_message(retval));
  	cname = "<unparse error>";
      }
!     sprintf(repbuf, "You are %s\n", cname);
      if (!retval)
  	free(cname);
   sendreply:
--- 154,172 ----
  	syslog(LOG_ERR, "unparse failed: %s", error_message(retval));
  	cname = "<unparse error>";
      }
!     sprintf(repbuf, "You are %s", cname);
!     if (authd.ticket->enc_part2->authorization_data) {
! 	krb5_authdata **adp = authd.ticket->enc_part2->authorization_data;
! 	int i;
! 	for (i=0; adp[i] != NULL; i++) {
! 	    sprintf(repbuf1, ": auth %x:%.*s", adp[i]->ad_type,
! 		    adp[i]->length,
! 		    adp[i]->contents);
! 	    strcat(repbuf, repbuf1);
! 	}
!     }
!     strcat(repbuf, "\n");
! 
      if (!retval)
  	free(cname);
   sendreply:

This squelches some warnings that the apollo compiler was giving for
coercing const data to non-const ..; note also the change to
encode_krb5_tgs_req_enc_part() (which formerly didn't work..)

*** asn.1/encode.h/[krb5_alpha1]	Tue Sep 11 14:37:52 1990
--- asn.1/encode.h	Tue Oct  9 14:45:35 1990
***************
*** 16,21 ****
--- 16,28 ----
  #ifndef KRB5_ENCODE_DEFS__
  #define KRB5_ENCODE_DEFS__
  
+ /* the following belongs in base-defs.h */
+ #ifdef __STDC__
+ typedef void const * krb5_const_pointer;
+ #else
+ typedef char *krb5_const_pointer;
+ #endif
+ 
  typedef	int (*encoder_func) PROTOTYPE((PE *, int, int, char *, krb5_pointer));
  typedef void (*free_func) PROTOTYPE((krb5_pointer ));
  typedef krb5_pointer (*translator_func) PROTOTYPE((krb5_pointer, int * ));
***************
*** 23,29 ****
  
  /* encode.c */
  krb5_error_code krb5_encode_generic
!     PROTOTYPE((const krb5_pointer,
  	       krb5_data **,
  	       int (* )PROTOTYPE ((PE *,int,int,char *,krb5_pointer )),
  	       krb5_pointer (* )PROTOTYPE ((krb5_pointer,int *)),
--- 30,36 ----
  
  /* encode.c */
  krb5_error_code krb5_encode_generic
!     PROTOTYPE((krb5_const_pointer,
  	       krb5_data **,
  	       int (* )PROTOTYPE ((PE *,int,int,char *,krb5_pointer )),
  	       krb5_pointer (* )PROTOTYPE ((krb5_pointer,int *)),
***************
*** 36,42 ****
  		   void (* )PROTOTYPE ((krb5_pointer ))));
  
  #define encode_krb5_authenticator(pauth, output) \
!     krb5_encode_generic((krb5_pointer)pauth,  output, \
  		   (encoder_func) encode_KRB5_Authenticator, \
  		   (translator_func) krb5_authenticator2KRB5_Authenticator, \
  		   (free_func) free_KRB5_Authenticator)
--- 43,49 ----
  		   void (* )PROTOTYPE ((krb5_pointer ))));
  
  #define encode_krb5_authenticator(pauth, output) \
!     krb5_encode_generic((krb5_const_pointer)pauth,  output, \
  		   (encoder_func) encode_KRB5_Authenticator, \
  		   (translator_func) krb5_authenticator2KRB5_Authenticator, \
  		   (free_func) free_KRB5_Authenticator)
***************
*** 47,53 ****
  		   (free_func) free_KRB5_Authenticator)
  						
  #define encode_krb5_ticket(ptick, output) \
!     krb5_encode_generic((krb5_pointer)ptick,  output, \
  		   (encoder_func) encode_KRB5_Ticket, \
  		   (translator_func) krb5_ticket2KRB5_Ticket, \
  		   (free_func) free_KRB5_Ticket)
--- 54,60 ----
  		   (free_func) free_KRB5_Authenticator)
  						
  #define encode_krb5_ticket(ptick, output) \
!     krb5_encode_generic((krb5_const_pointer)ptick,  output, \
  		   (encoder_func) encode_KRB5_Ticket, \
  		   (translator_func) krb5_ticket2KRB5_Ticket, \
  		   (free_func) free_KRB5_Ticket)
***************
*** 58,64 ****
  		   (free_func) free_KRB5_Ticket)
  
  #define encode_krb5_enc_tkt_part(ptick, output) \
!     krb5_encode_generic((krb5_pointer)ptick,  output, \
  		   (encoder_func) encode_KRB5_EncTicketPart, \
  		   (translator_func) krb5_enc_tkt_part2KRB5_EncTicketPart, \
  		   (free_func) free_KRB5_EncTicketPart)
--- 65,71 ----
  		   (free_func) free_KRB5_Ticket)
  
  #define encode_krb5_enc_tkt_part(ptick, output) \
!     krb5_encode_generic((krb5_const_pointer)ptick,  output, \
  		   (encoder_func) encode_KRB5_EncTicketPart, \
  		   (translator_func) krb5_enc_tkt_part2KRB5_EncTicketPart, \
  		   (free_func) free_KRB5_EncTicketPart)
***************
*** 69,75 ****
  		   (free_func) free_KRB5_EncTicketPart)
  
  #define encode_krb5_as_req(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_AS__REQ, \
  		   (translator_func) krb5_as_req2KRB5_AS__REQ, \
  		   (free_func) free_KRB5_AS__REQ)
--- 76,82 ----
  		   (free_func) free_KRB5_EncTicketPart)
  
  #define encode_krb5_as_req(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_AS__REQ, \
  		   (translator_func) krb5_as_req2KRB5_AS__REQ, \
  		   (free_func) free_KRB5_AS__REQ)
***************
*** 80,86 ****
  		   (free_func) free_KRB5_AS__REQ)
  
  #define encode_krb5_as_rep(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KDC__REP, \
  		   (translator_func) krb5_as_rep2KRB5_KDC__REP, \
  		   (free_func) free_KRB5_KDC__REP)
--- 87,93 ----
  		   (free_func) free_KRB5_AS__REQ)
  
  #define encode_krb5_as_rep(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KDC__REP, \
  		   (translator_func) krb5_as_rep2KRB5_KDC__REP, \
  		   (free_func) free_KRB5_KDC__REP)
***************
*** 91,97 ****
  		   (free_func) free_KRB5_KDC__REP)
  
  #define encode_krb5_enc_kdc_rep_part(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_EncKDCRepPart, \
  		   (translator_func) krb5_enc_kdc_rep_part2KRB5_EncKDCRepPart, \
  		   (free_func) free_KRB5_EncKDCRepPart)
--- 98,104 ----
  		   (free_func) free_KRB5_KDC__REP)
  
  #define encode_krb5_enc_kdc_rep_part(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_EncKDCRepPart, \
  		   (translator_func) krb5_enc_kdc_rep_part2KRB5_EncKDCRepPart, \
  		   (free_func) free_KRB5_EncKDCRepPart)
***************
*** 102,108 ****
  		   (free_func) free_KRB5_EncKDCRepPart)
  
  #define encode_krb5_tgs_rep(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KDC__REP, \
  		   (translator_func) krb5_tgs_rep2KRB5_KDC__REP, \
  		   (free_func) free_KRB5_KDC__REP)
--- 109,115 ----
  		   (free_func) free_KRB5_EncKDCRepPart)
  
  #define encode_krb5_tgs_rep(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KDC__REP, \
  		   (translator_func) krb5_tgs_rep2KRB5_KDC__REP, \
  		   (free_func) free_KRB5_KDC__REP)
***************
*** 113,120 ****
  		   (free_func) free_KRB5_KDC__REP)
  
  #define encode_krb5_tgs_req_enc_part(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
! 		   (encoder_func) encode_KRB5_KDC__REP, \
  		   (translator_func) krb5_tgs_req_enc_part2KRB5_EncTgsReqPart, \
  		   (free_func) free_KRB5_EncTgsReqPart)
  #define decode_krb5_tgs_req_enc_part(req, output) \
--- 120,127 ----
  		   (free_func) free_KRB5_KDC__REP)
  
  #define encode_krb5_tgs_req_enc_part(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
! 		   (encoder_func) encode_KRB5_EncTgsReqPart, \
  		   (translator_func) krb5_tgs_req_enc_part2KRB5_EncTgsReqPart, \
  		   (free_func) free_KRB5_EncTgsReqPart)
  #define decode_krb5_tgs_req_enc_part(req, output) \
***************
*** 124,130 ****
  		   (free_func) free_KRB5_EncTgsReqPart)
  
  #define encode_krb5_ap_req(req, output) \
!     krb5_encode_generic((krb5_pointer)req,  output, \
  		   (encoder_func) encode_KRB5_AP__REQ, \
  		   (translator_func) krb5_ap_req2KRB5_AP__REQ, \
  		   (free_func) free_KRB5_AP__REQ)
--- 131,137 ----
  		   (free_func) free_KRB5_EncTgsReqPart)
  
  #define encode_krb5_ap_req(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req,  output, \
  		   (encoder_func) encode_KRB5_AP__REQ, \
  		   (translator_func) krb5_ap_req2KRB5_AP__REQ, \
  		   (free_func) free_KRB5_AP__REQ)
***************
*** 135,141 ****
  		   (free_func) free_KRB5_AP__REQ)
  
  #define encode_krb5_ap_rep(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_AP__REP, \
  		   (translator_func) krb5_ap_rep2KRB5_AP__REP, \
  		   (free_func) free_KRB5_AP__REP)
--- 142,148 ----
  		   (free_func) free_KRB5_AP__REQ)
  
  #define encode_krb5_ap_rep(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_AP__REP, \
  		   (translator_func) krb5_ap_rep2KRB5_AP__REP, \
  		   (free_func) free_KRB5_AP__REP)
***************
*** 146,152 ****
  		   (free_func) free_KRB5_AP__REP)
  
  #define encode_krb5_tgs_req(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_TGS__REQ, \
  		   (translator_func) krb5_tgs_req2KRB5_TGS__REQ, \
  		   (free_func) free_KRB5_TGS__REQ)
--- 153,159 ----
  		   (free_func) free_KRB5_AP__REP)
  
  #define encode_krb5_tgs_req(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_TGS__REQ, \
  		   (translator_func) krb5_tgs_req2KRB5_TGS__REQ, \
  		   (free_func) free_KRB5_TGS__REQ)
***************
*** 157,163 ****
  		   (free_func) free_KRB5_TGS__REQ)
  
  #define encode_krb5_real_tgs_req(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_RealTGS__REQ, \
  		   (translator_func) krb5_real_tgs_req2KRB5_RealTGS__REQ, \
  		   (free_func) free_KRB5_RealTGS__REQ)
--- 164,170 ----
  		   (free_func) free_KRB5_TGS__REQ)
  
  #define encode_krb5_real_tgs_req(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_RealTGS__REQ, \
  		   (translator_func) krb5_real_tgs_req2KRB5_RealTGS__REQ, \
  		   (free_func) free_KRB5_RealTGS__REQ)
***************
*** 168,174 ****
  		   (free_func) free_KRB5_RealTGS__REQ)
  
  #define encode_krb5_safe(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__SAFE, \
  		   (translator_func) krb5_safe2KRB5_KRB__SAFE, \
  		   (free_func) free_KRB5_KRB__SAFE)
--- 175,181 ----
  		   (free_func) free_KRB5_RealTGS__REQ)
  
  #define encode_krb5_safe(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__SAFE, \
  		   (translator_func) krb5_safe2KRB5_KRB__SAFE, \
  		   (free_func) free_KRB5_KRB__SAFE)
***************
*** 179,185 ****
  		   (free_func) free_KRB5_KRB__SAFE)
  
  #define encode_krb5_priv(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__PRIV, \
  		   (translator_func) krb5_priv2KRB5_KRB__PRIV, \
  		   (free_func) free_KRB5_KRB__PRIV)
--- 186,192 ----
  		   (free_func) free_KRB5_KRB__SAFE)
  
  #define encode_krb5_priv(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__PRIV, \
  		   (translator_func) krb5_priv2KRB5_KRB__PRIV, \
  		   (free_func) free_KRB5_KRB__PRIV)
***************
*** 190,196 ****
  		   (free_func) free_KRB5_KRB__PRIV)
  
  #define encode_krb5_enc_priv_part(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_EncKrbPrivPart, \
  		   (translator_func) krb5_priv_enc_part2KRB5_EncKrbPrivPart, \
  		   (free_func) free_KRB5_EncKrbPrivPart)
--- 197,203 ----
  		   (free_func) free_KRB5_KRB__PRIV)
  
  #define encode_krb5_enc_priv_part(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_EncKrbPrivPart, \
  		   (translator_func) krb5_priv_enc_part2KRB5_EncKrbPrivPart, \
  		   (free_func) free_KRB5_EncKrbPrivPart)
***************
*** 201,207 ****
  		   (free_func) free_KRB5_EncKrbPrivPart)
  
  #define encode_krb5_error(req, output) \
!     krb5_encode_generic((krb5_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__ERROR, \
  		   (translator_func) krb5_error2KRB5_KRB__ERROR, \
  		   (free_func) free_KRB5_KRB__ERROR)
--- 208,214 ----
  		   (free_func) free_KRB5_EncKrbPrivPart)
  
  #define encode_krb5_error(req, output) \
!     krb5_encode_generic((krb5_const_pointer)req, output, \
  		   (encoder_func) encode_KRB5_KRB__ERROR, \
  		   (translator_func) krb5_error2KRB5_KRB__ERROR, \
  		   (free_func) free_KRB5_KRB__ERROR)

Without this, my_creds can contain stack garbage at start time.

*** clients/kinit/kinit.c/[krb5_alpha1]	Tue Jul  3 19:19:15 1990
--- clients/kinit/kinit.c	Tue Oct  9 14:27:36 1990
***************
*** 129,134 ****
--- 129,136 ----
  	exit(1);
      }
  
+     bzero(&my_creds, sizeof(my_creds));
+     
      my_creds.client = me;
      my_creds.server = server;
  
The #ifdefs here assume a not-really-STDC environment; I was building
in a non-GCC, "real" STDC environment, so I had to undo some of this
stuff.  This could probably be handled better..

*** comerr/com_err.c/[krb5_alpha1]	Fri Mar 23 13:22:33 1990
--- comerr/com_err.c	Fri Sep 21 12:58:16 1990
***************
*** 7,12 ****
--- 7,13 ----
  #include <stdio.h>
  #include "mit-sipb-copyright.h"
  
+ #if 0
  /*
   * Our environment only provides for ANSI's <stdarg.h> when using GNU
   * C.  Grump grump...
***************
*** 17,23 ****
  
  /* We don't have the v*printf routines... */
  #define vfprintf(stream,fmt,args) _doprnt(fmt,args,stream)
! 
  #if __STDC__ && !VARARGS
  #	include <stdarg.h>
  #else /* varargs: not STDC or no <stdarg> */
--- 18,24 ----
  
  /* We don't have the v*printf routines... */
  #define vfprintf(stream,fmt,args) _doprnt(fmt,args,stream)
! #endif
  #if __STDC__ && !VARARGS
  #	include <stdarg.h>
  #else /* varargs: not STDC or no <stdarg> */
***************
*** 40,48 ****
--- 41,51 ----
  #include "com_err.h"
  #undef com_err
  
+ #if 0
  /* BSD. sigh. */
  #undef vfprintf
  #define vfprintf(stream,fmt,args) _doprnt(fmt,args,stream)
+ #endif
  
  #if ! lint
  static const char rcsid[] =

The change to add "externs" is important here; otherwise you wind up
with multiple defines if you have a picky linker.

*** comerr/com_err.h/[krb5_alpha1]	Sun Jan  1 06:05:36 1989
--- comerr/com_err.h	Wed Sep 19 14:04:55 1990
***************
*** 17,35 ****
  #include <varargs.h>
  #endif
  /* ANSI C -- use prototypes etc */
! void com_err (const char *, long, const char *, ...);
! char const *error_message (long);
! void (*com_err_hook) (const char *, long, const char *, va_list);
! void (*set_com_err_hook (void (*) (const char *, long, const char *, va_list)))
      (const char *, long, const char *, va_list);
! void (*reset_com_err_hook ()) (const char *, long, const char *, va_list);
  #else
  /* no prototypes */
! void com_err ();
! char *error_message ();
! void (*com_err_hook) ();
! void (*set_com_err_hook ()) ();
! void (*reset_com_err_hook ()) ();
  #endif
  
  #define __COM_ERR_H
--- 17,35 ----
  #include <varargs.h>
  #endif
  /* ANSI C -- use prototypes etc */
! extern void com_err (const char *, long, const char *, ...);
! extern char const *error_message (long);
! extern void (*com_err_hook) (const char *, long, const char *, va_list);
! extern void (*set_com_err_hook (void (*) (const char *, long, const char *, va_list)))
      (const char *, long, const char *, va_list);
! extern void (*reset_com_err_hook ()) (const char *, long, const char *, va_list);
  #else
  /* no prototypes */
! extern void com_err ();
! extern char *error_message ();
! extern void (*com_err_hook) ();
! extern void (*set_com_err_hook ()) ();
! extern void (*reset_com_err_hook ()) ();
  #endif
  
  #define __COM_ERR_H

The "normal" perror return type is void..

*** comerr/internal.h/[krb5_alpha1]	Mon Jul  2 18:00:58 1990
--- comerr/internal.h	Wed Sep 19 14:00:27 1990
***************
*** 14,18 ****
  #ifdef __STDC__
  void perror (const char *);
  #else
! int perror ();
  #endif
--- 14,18 ----
  #ifdef __STDC__
  void perror (const char *);
  #else
! void perror ();
  #endif

Our build environment has trouble with ".." in include file names;
this was done with the addition of a link from "include/asn.1" to
"asn.1".

*** include/krb5/asn1.h/[krb5_alpha1]	Fri May 25 09:31:18 1990
--- include/krb5/asn1.h	Thu Sep 20 18:39:52 1990
***************
*** 16,24 ****
  #ifndef KRB5_ASN1__
  #define KRB5_ASN1__
  
! #include "../../asn.1/KRB5-types.h"
! #include "../../asn.1/asn1defs.h"
! #include "../../asn.1/KRB5-types-aux.h"
! #include "../../asn.1/encode.h"
  
  #endif /* KRB5_ASN1__ */
--- 16,24 ----
  #ifndef KRB5_ASN1__
  #define KRB5_ASN1__
  
! #include <asn.1/KRB5-types.h>
! #include <asn.1/asn1defs.h>
! #include <asn.1/KRB5-types-aux.h>
! #include <asn.1/encode.h>
  
  #endif /* KRB5_ASN1__ */

Here's another filter to match on..

*** include/krb5/ccache.h/[krb5_alpha1]	Tue Jul  3 11:27:18 1990
--- include/krb5/ccache.h	Thu Oct  4 14:39:59 1990
***************
*** 52,57 ****
--- 52,58 ----
  #define	KRB5_TC_MATCH_FLAGS		0x00000004
  #define	KRB5_TC_MATCH_TIMES_EXACT	0x00000008
  #define	KRB5_TC_MATCH_FLAGS_EXACT	0x00000010
+ #define KRB5_TC_MATCH_AUTHDATA		0x00000020
  
  /* for set_flags and other functions */
  #define KRB5_TC_OPENCLOSE		0x00000001

More elimination of '..'s

*** include/krb5/error_def.h/[krb5_alpha1]	Wed May 23 13:55:30 1990
--- include/krb5/error_def.h	Thu Oct  4 15:03:53 1990
***************
*** 16,24 ****
  #ifndef KRB5_ERROR_DEF__
  #define KRB5_ERROR_DEF__
  
! #include "../../error_tables/krb5_err.h"
! #include "../../error_tables/kdb5_err.h"
! #include "../../error_tables/isode_err.h"
  #include <errno.h>
  
  #endif /* KRB5_ERROR_DEF__ */
--- 16,24 ----
  #ifndef KRB5_ERROR_DEF__
  #define KRB5_ERROR_DEF__
  
! #include <krb5/error_tables/krb5_err.h>
! #include <krb5/error_tables/kdb5_err.h>
! #include <krb5/error_tables/isode_err.h>
  #include <errno.h>
  
  #endif /* KRB5_ERROR_DEF__ */

The "pad1" fields were put in to squelch compiler warnings about
possible alignment problems.

They can be ignored.  

*** include/krb5/krb5.h/[krb5_alpha1]	Mon Sep 10 16:53:34 1990
--- include/krb5/krb5.h	Thu Oct  4 14:37:19 1990
***************
*** 73,78 ****
--- 73,79 ----
      krb5_principal client;		/* client name/realm */
      krb5_checksum *checksum;		/* checksum, includes type */
      krb5_ui_2 cmsec;			/* client msec portion */
+     krb5_ui_2 pad1;			/* pad */
      krb5_timestamp ctime;		/* client sec portion */
  } krb5_authenticator;
  
***************
*** 96,101 ****
--- 97,103 ----
      krb5_data second_ticket;		/* second ticket, if related to
  					   ticket (via DUPLICATE-SKEY or
  					   ENC-TKT-IN-SKEY) */
+     krb5_authdata **authdata;		/* authorization data */
  } krb5_creds;
  
  /* Last request fields */
***************
*** 102,107 ****
--- 104,110 ----
  typedef struct _krb5_last_req_entry {
      krb5_ui_4 value;
      krb5_octet lr_type;
+     krb5_octet pad1[3];		/* pad */
  } krb5_last_req_entry;
  
  typedef struct _krb5_as_req {
***************
*** 111,116 ****
--- 114,120 ----
      krb5_timestamp till;		/* requested endtime */
      krb5_timestamp rtime;		/* (optional) requested renew_till */
      krb5_enctype etype;			/* requested encryption type */
+     krb5_ui_2	pad1;			/* pad. */
      krb5_principal client;		/* includes realm */
      krb5_address **addresses;		/* requested addresses */
      krb5_principal server;		/* includes realm (but not used) */
***************
*** 165,170 ****
--- 169,175 ----
  typedef struct _krb5_ap_rep_enc_part {
      krb5_timestamp ctime;		/* client time, seconds portion */
      krb5_ui_2 cmsec;			/* client time, milliseconds portion */
+     krb5_ui_2 pad1;		/* pad. */
  } krb5_ap_rep_enc_part;
  
  typedef struct _krb5_response {
***************
*** 184,189 ****
--- 189,195 ----
      krb5_timestamp rtime;		/* (optional) requested renew_till */
      krb5_timestamp ctime;		/* client's time */
      krb5_enctype etype;			/* encryption type */
+     krb5_ui_2 pad1;
      krb5_principal server;		/* server's principal identifier */
      krb5_address **addresses;		/* array of ptrs to addresses */
      krb5_data enc_part;			/* (optional) encrypted part */
***************
*** 202,207 ****
--- 208,214 ----
      krb5_data user_data;		/* user data */
      krb5_timestamp timestamp;		/* client time */
      krb5_ui_2 msec;			/* millisecond portion of time */
+     krb5_ui_2 pad1;
      krb5_address *s_address;		/* sender address */
      krb5_address *r_address;		/* recipient address */
      krb5_checksum *checksum;		/* data integrity checksum */
***************
*** 216,221 ****
--- 223,229 ----
      krb5_data user_data;		/* user data */
      krb5_timestamp timestamp;		/* client time */
      krb5_ui_2 msec;			/* millisecond portion of time */
+     krb5_ui_2 pad1;
      krb5_address *s_address;		/* sender address */
      krb5_address *r_address;		/* recipient address */
  } krb5_priv_enc_part;

Default to BITS32 given no other information (it's a bitch to have to
keep defining this in all your user makefiles as well as the system
makefiles..)

*** include/krb5/wordsize.h/[krb5_alpha1]	Tue Sep 11 14:42:32 1990
--- include/krb5/wordsize.h	Thu Oct  4 14:33:08 1990
***************
*** 16,21 ****
--- 16,25 ----
  #ifndef KRB5_WORDSIZE__
  #define KRB5_WORDSIZE__
  
+ #if !defined(BITS16) && !defined(BITS32)
+ #define BITS32
+ #endif
+ 
  #ifdef BITS16
  #define __OK
  typedef	int	krb5_int16;

concat_authorization_data was just plain busted.

*** kdc/kdc_util.c/[krb5_alpha1]	Tue Sep 25 10:44:29 1990
--- kdc/kdc_util.c	Tue Oct  9 16:36:06 1990
***************
*** 40,47 ****
      register krb5_authdata **ptr, **retdata;
  
      /* count up the entries */
!     for (i = 0, ptr = first; *ptr; ptr++,i++);
!     for (ptr = second; *ptr; ptr++,i++);
      
      retdata = (krb5_authdata **)malloc((i+1)*sizeof(*retdata));
      if (!retdata)
--- 40,50 ----
      register krb5_authdata **ptr, **retdata;
  
      /* count up the entries */
!     i = 0;
!     if (first)
! 	for (ptr = first; *ptr; ptr++,i++);
!     if (second)
! 	for (ptr = second; *ptr; ptr++,i++);
      
      retdata = (krb5_authdata **)malloc((i+1)*sizeof(*retdata));
      if (!retdata)
***************
*** 48,54 ****
  	return ENOMEM;
      retdata[i] = 0;			/* null-terminated array */
      for (i = 0, j = 0, ptr = first; j < 2 ; ptr = second, j++)
! 	while (*ptr) {
  	    /* now walk & copy */
  	    retdata[i] = (krb5_authdata *)malloc(sizeof(*retdata[i]));
  	    if (!retdata[i]) {
--- 51,57 ----
  	return ENOMEM;
      retdata[i] = 0;			/* null-terminated array */
      for (i = 0, j = 0, ptr = first; j < 2 ; ptr = second, j++)
! 	while (ptr && *ptr) {
  	    /* now walk & copy */
  	    retdata[i] = (krb5_authdata *)malloc(sizeof(*retdata[i]));
  	    if (!retdata[i]) {

Store auth. data in the cred. cache.

*** lib/ccache/file/fcc_nseq.c/[krb5_alpha1]	Wed Sep 12 11:04:02 1990
--- lib/ccache/file/fcc_nseq.c	Tue Oct  9 14:31:15 1990
***************
*** 86,91 ****
--- 86,93 ----
       TCHECK(kret);
       kret = krb5_fcc_read_addrs(id, &creds->addresses);
       TCHECK(kret);
+      kret = krb5_fcc_read_authdata(id, &creds->authdata);
+      TCHECK(kret);
       kret = krb5_fcc_read_data(id, &creds->ticket);
       TCHECK(kret);
       kret = krb5_fcc_read_data(id, &creds->second_ticket);
***************
*** 112,117 ****
--- 114,121 ----
  	     xfree(creds->second_ticket.data);
  	 if (creds->addresses)
  	     krb5_free_address(creds->addresses);
+ 	 if (creds->authdata)
+ 	     krb5_free_authdata(creds->authdata);
       }
       return kret;
  }

Routines to read auth. data from the cred. cache. 

*** lib/ccache/file/fcc_read.c/[krb5_alpha1]	Wed Sep 12 11:04:25 1990
--- lib/ccache/file/fcc_read.c	Tue Oct 16 21:18:11 1990
***************
*** 311,313 ****
--- 311,391 ----
  {
       return krb5_fcc_read(id, (krb5_pointer) f, sizeof(krb5_flags));
  }
+ 
+ krb5_error_code
+ krb5_fcc_read_authdata(id, a)
+     krb5_ccache id;
+     krb5_authdata ***a;
+ {
+      krb5_error_code kret;
+      krb5_int32 length;
+      int i;
+ 
+      *a = 0;
+ 
+      /* Read the number of components */
+      kret = krb5_fcc_read_int32(id, &length);
+      CHECK(kret);
+ 
+      if (length == 0)
+ 	 return KRB5_OK;
+ 
+      /* Make *a able to hold length pointers to krb5_authdata structs
+       * Add one extra for a null-terminated list
+       */
+      *a = (krb5_authdata **) calloc(length+1, sizeof(krb5_authdata *));
+      if (*a == NULL)
+ 	  return KRB5_CC_NOMEM;
+ 
+      for (i=0; i < length; i++) {
+ 	  (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata));
+ 	  if ((*a)[i] == NULL) {
+ 	      krb5_free_authdata(*a);
+ 	      return KRB5_CC_NOMEM;
+ 	  }	  
+ 	  kret = krb5_fcc_read_authdatum(id, (*a)[i]);
+ 	  CHECK(kret);
+      }
+ 
+      return KRB5_OK;
+  errout:
+      if (*a)
+ 	 krb5_free_authdata(*a);
+      return kret;
+ }
+ 
+ krb5_error_code
+ krb5_fcc_read_authdatum(id, a)
+     krb5_ccache id;
+     krb5_authdata *a;
+ {
+     krb5_error_code kret;
+     int ret;
+     
+     a->contents = NULL;
+ 
+     kret = krb5_fcc_read_ui_2(id, &a->ad_type);
+     CHECK(kret);
+     kret = krb5_fcc_read_int(id, &a->length);
+     CHECK(kret);
+     
+     a->contents = (krb5_octet *) malloc(a->length);
+     if (a->contents == NULL)
+ 	return KRB5_CC_NOMEM;
+     ret = read(((krb5_fcc_data *) id->data)->fd, (char *)a->contents,
+ 		(a->length)*sizeof(krb5_octet));
+      if (ret == -1) {
+ 	  xfree(a->contents);
+ 	  return krb5_fcc_interpret(errno);
+      }
+      if (ret != (a->length)*sizeof(krb5_octet)) {
+ 	  xfree(a->contents);
+ 	  return KRB5_CC_END;
+      }
+      return KRB5_OK;
+  errout:
+      if (a->contents)
+ 	 xfree(a->contents);
+      return kret;
+     
+ }

Allow you to match on authdata as well as other fields.

*** lib/ccache/file/fcc_retrv.c/[krb5_alpha1]	Wed Sep 12 11:04:38 1990
--- lib/ccache/file/fcc_retrv.c	Thu Oct 11 14:01:24 1990
***************
*** 27,32 ****
--- 27,36 ----
  static krb5_boolean standard_fields_match
      PROTOTYPE((const krb5_creds *,
  	       const krb5_creds *));
+ 
+ static krb5_boolean authdata_match
+     PROTOTYPE ((const krb5_authdata **, const krb5_authdata **));
+ 
  /*
   * Effects:
   * Searches the file cred cache is for a credential matching mcreds,
***************
*** 81,87 ****
  	       times_match_exact(&mcreds->times, &fetchcreds.times))
  	      &&
  	      (! set(KRB5_TC_MATCH_TIMES) ||
! 	       times_match(&mcreds->times, &fetchcreds.times)))
  	  {
  	       krb5_fcc_end_seq_get(id, &cursor);
  	       *creds = fetchcreds;
--- 85,94 ----
  	       times_match_exact(&mcreds->times, &fetchcreds.times))
  	      &&
  	      (! set(KRB5_TC_MATCH_TIMES) ||
! 	       times_match(&mcreds->times, &fetchcreds.times))
! 	      &&
! 	      ( ! set(KRB5_TC_MATCH_AUTHDATA) ||
! 	       authdata_match(mcreds->authdata, fetchcreds.authdata)))
  	  {
  	       krb5_fcc_end_seq_get(id, &cursor);
  	       *creds = fetchcreds;
***************
*** 120,123 ****
--- 127,156 ----
  {
      return (krb5_principal_compare(mcreds->client,creds->client) &&
  	    krb5_principal_compare(mcreds->server,creds->server));
+ }
+ 
+ static krb5_boolean
+ authdata_match(mdata, data)
+     register const krb5_authdata **mdata, **data;
+ {
+     register const krb5_authdata *mdatap, *datap;
+ 
+     if (mdata == data)
+       return TRUE;
+ 
+     if (mdata == NULL)
+ 	return *data == NULL;
+ 	
+     if (data == NULL)
+ 	return *mdata == NULL;
+     
+     while ((mdatap = *mdata) && (datap = *data)) {
+       if ((mdatap->ad_type != datap->ad_type) ||
+           (mdatap->length != datap->length) ||
+           (bcmp (mdatap->contents, datap->contents, mdatap->length) != 0))
+           return FALSE;
+       mdata++;
+       data++;
+     }
+     return (*mdata == NULL) && (*data == NULL);
  }

Store authdata, too.

*** lib/ccache/file/fcc_store.c/[krb5_alpha1]	Wed Sep 12 11:04:54 1990
--- lib/ccache/file/fcc_store.c	Tue Oct  9 14:38:05 1990
***************
*** 66,71 ****
--- 66,73 ----
       TCHECK(ret);
       ret = krb5_fcc_store_addrs(id, creds->addresses);
       TCHECK(ret);
+      ret = krb5_fcc_store_authdata(id, creds->authdata);
+      TCHECK(ret);
       ret = krb5_fcc_store_data(id, &creds->ticket);
       TCHECK(ret);
       ret = krb5_fcc_store_data(id, &creds->second_ticket);

Add routine to write authdata.

*** lib/ccache/file/fcc_write.c/[krb5_alpha1]	Wed Sep 12 11:05:02 1990
--- lib/ccache/file/fcc_write.c	Tue Oct  9 15:08:56 1990
***************
*** 219,221 ****
--- 219,257 ----
  {
       return krb5_fcc_write(id, (char *) f, sizeof(krb5_flags));
  }
+ 
+ krb5_error_code
+ krb5_fcc_store_authdata(id, a)
+     krb5_ccache id;
+     krb5_authdata **a;
+ {
+     krb5_error_code ret;
+     krb5_authdata **temp;
+     krb5_int32 i, length=0;
+ 
+     if (a != NULL) {
+ 	for (temp=a; *temp; temp++)
+ 	    length++;
+     }
+ 
+     ret = krb5_fcc_store_int32(id, &length);
+     CHECK(ret);
+     for (i=0; i<length; i++) {
+ 	ret = krb5_fcc_store_authdatum (id, a[i]);
+ 	CHECK(ret);
+     }
+     return KRB5_OK;
+ }
+ 
+ krb5_error_code
+ krb5_fcc_store_authdatum (id, a)
+     krb5_ccache id;
+     krb5_authdata *a;
+ {
+     krb5_error_code ret;
+     ret = krb5_fcc_store_ui_2(id, &a->ad_type);
+     CHECK(ret);
+     ret = krb5_fcc_store_int32(id, &a->length);
+     CHECK(ret);
+     return krb5_fcc_write(id, a->contents, a->length);
+ }

Yes, we have some auth. data ...

*** lib/krb/gc_via_tgt.c/[krb5_alpha1]	Fri May 25 09:34:55 1990
--- lib/krb/gc_via_tgt.c	Tue Oct  9 14:26:20 1990
***************
*** 65,71 ****
      if (retval = krb5_send_tgs(kdcoptions, &cred->times, etype, sumtype,
  			       cred->server,
  			       tgt->addresses,
! 			       0,	/* no authorization data */
  			       0,		/* no second ticket */
  			       tgt, &tgsrep))
  	return retval;
--- 65,71 ----
      if (retval = krb5_send_tgs(kdcoptions, &cred->times, etype, sumtype,
  			       cred->server,
  			       tgt->addresses,
! 			       cred->authdata,
  			       0,		/* no second ticket */
  			       tgt, &tgsrep))
  	return retval;

Match on auth. data as well as other fields on retrieve ..

*** lib/krb/get_creds.c/[krb5_alpha1]	Wed May 23 11:52:43 1990
--- lib/krb/get_creds.c	Tue Oct 16 21:20:16 1990
***************
*** 50,57 ****
      mcreds.client = creds->client;
      mcreds.times.endtime = creds->times.endtime;
      mcreds.keyblock = creds->keyblock;
! 
!     fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */ ;
  
      switch(retval = krb5_cc_retrieve_cred(ccache, fields, &mcreds, creds)) {
      case KRB5_CC_NOTFOUND:
--- 50,59 ----
      mcreds.client = creds->client;
      mcreds.times.endtime = creds->times.endtime;
      mcreds.keyblock = creds->keyblock;
!     mcreds.authdata = creds->authdata;
!     
!     fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */
! 	| KRB5_TC_MATCH_AUTHDATA;
  
      switch(retval = krb5_cc_retrieve_cred(ccache, fields, &mcreds, creds)) {
      case KRB5_CC_NOTFOUND:

Encrypt the auth. data before sending it to the KDC; "encrypt_data"
looks like it could be a useful "common subroutine" that could be
pulled out and used elsewhere.

*** lib/krb/send_tgs.c/[krb5_alpha1]	Fri May 25 09:34:42 1990
--- lib/krb/send_tgs.c	Tue Oct 16 19:24:27 1990
***************
*** 20,25 ****
--- 20,63 ----
  #include <krb5/asn1.h>
  #include <krb5/libos-proto.h>
  #include <krb5/ext-proto.h>
+ 
+ static krb5_error_code encrypt_data PROTOTYPE((krb5_keyblock *, krb5_data *, krb5_data *));
+ 
+ static krb5_error_code encrypt_data (keyblock, plain, cipher)
+     krb5_keyblock *keyblock;
+     krb5_data *plain;
+     krb5_data *cipher;
+ {
+     krb5_error_code retval; 
+     krb5_encrypt_block eblock;
+     
+     /* assemble an eblock */
+     eblock.crypto_entry = krb5_csarray[keyblock->keytype]->system;
+ 
+     /* do any necessary key pre-processing */
+     if (retval = (*eblock.crypto_entry->process_key)(&eblock, keyblock)) 
+         return retval;
+ 
+     cipher->length = krb5_encrypt_size(plain->length, eblock.crypto_entry);
+     /* Add room for padding at end of data.. */
+     if (!(plain->data = realloc (plain->data, cipher->length))) {
+ 	retval = ENOMEM;
+ 	goto out;
+     }
+     if (!(cipher->data = malloc(cipher->length))) {
+         retval = ENOMEM;
+         goto out;
+     }
+ 
+     /* call the encryption routine */
+     retval = (*eblock.crypto_entry->encrypt_func)((krb5_pointer) plain->data,
+                                                   (krb5_pointer) cipher->data,
+                                                   plain->length, &eblock, 0);
+     out:
+     (*eblock.crypto_entry->finish_key)(&eblock);
+     return retval;
+ }
+     
  /*
   Sends a request to the TGS and waits for a response.
   options is used for the options in the KRB_TGS_REQ.
***************
*** 66,72 ****
      krb5_real_tgs_req realreq;
      krb5_tgs_req_enc_part encpart;
      krb5_checksum ap_checksum;
!     krb5_data *scratch;
      krb5_ticket *sec_ticket = 0;
  
      bzero((char *)&realreq, sizeof(realreq));
--- 104,110 ----
      krb5_real_tgs_req realreq;
      krb5_tgs_req_enc_part encpart;
      krb5_checksum ap_checksum;
!     krb5_data *scratch = 0;
      krb5_ticket *sec_ticket = 0;
  
      bzero((char *)&realreq, sizeof(realreq));
***************
*** 91,96 ****
--- 129,145 ----
          encpart.second_ticket = 0;
  
      realreq.enc_part2 = &encpart;
+ 
+     retval = encode_krb5_tgs_req_enc_part(&encpart, &scratch);
+     if (retval)
+ 	return retval;
+ 
+     retval = encrypt_data (&usecred->keyblock, scratch, &realreq.enc_part);
+     if (scratch)
+ 	krb5_free_data(scratch);
+     
+     if (retval)
+         return retval;
  
      retval = encode_krb5_real_tgs_req(&realreq, &scratch);
      if (sec_ticket)

If the KDC is on a multi-homed host, the address check on the from
address will do nothing; this code *must* be diked out...

*** lib/os/sendto_kdc.c/[krb5_alpha1]	Fri May 25 09:37:58 1990
--- lib/os/sendto_kdc.c	Fri Oct  5 15:34:47 1990
***************
*** 136,141 ****
--- 136,147 ----
  				   &fromaddr,
  				   &fromlen)) == -1)
  		    continue;		/* XXX */
+ #if 0
+ 		/*
+ 		 * this code has been cut out because response can
+ 		 * come from address other than one in the list in
+ 		 * the case of multi-homed hosts.
+ 		 */
  		if (bcmp((char *)&fromaddr, (char *)&addr[host],
  			 fromlen)) {
  		    /* not from this one, perhaps from an earlier
***************
*** 148,153 ****
--- 154,160 ----
  		    if (i < 0)		/* not from someone we asked */
  			continue;	/* XXX */
  		}
+ #endif
  		/* reply came from where we sent a request,
  		   so clean up and return. */
  		reply->length = cc;

You already know about this patch...

*** lib/rcache/rc_dfl.h/[krb5_alpha1]	Tue Jul 10 10:05:09 1990
--- lib/rcache/rc_dfl.h	Fri Oct  5 14:24:26 1990
***************
*** 18,24 ****
  #ifndef KRB5_RC_DFL_H
  #define KRB5_RC_DFL_H
  
! krb5_rc_ops krb5_rc_dfl_ops; /* initialized to the following */
  
  krb5_error_code krb5_rc_dfl_init PROTOTYPE((krb5_rcache,krb5_deltat));
  krb5_error_code krb5_rc_dfl_recover PROTOTYPE((krb5_rcache)); 
--- 18,24 ----
  #ifndef KRB5_RC_DFL_H
  #define KRB5_RC_DFL_H
  
! extern krb5_rc_ops krb5_rc_dfl_ops; /* initialized to the following */
  
  krb5_error_code krb5_rc_dfl_init PROTOTYPE((krb5_rcache,krb5_deltat));
  krb5_error_code krb5_rc_dfl_recover PROTOTYPE((krb5_rcache));

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[23] in Kerberos-V5-bugs

Diffs to krb5 alpha1.

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)Wed Oct 17 03:42:42 1990

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Wed Oct 17 03:42:42 1990
