added afs use flag ... compile with afs support

smbklog.exe allows you to get multiple tokens added patch for smbklog
author: Holger Brueckner <darks@gentoo.org> 2001-08-03 17:31:46 +0000
committer: Holger Brueckner <darks@gentoo.org> 2001-08-03 17:31:46 +0000
commit: 679cee3ac8b8b13591f88acf24ecf6498443508c (patch)
tree: aa1594ec8e00d828a15693b5ef2b51b4b407a929 /net-fs
parent: Added "# $Header$" to the top of the pychecker ebuild file. (diff)
download: historical-679cee3ac8b8b13591f88acf24ecf6498443508c.tar.gz
historical-679cee3ac8b8b13591f88acf24ecf6498443508c.tar.bz2
historical-679cee3ac8b8b13591f88acf24ecf6498443508c.zip
3 files changed, 885 insertions, 3 deletions
diff --git a/net-fs/samba/files/patch.221a.08 b/net-fs/samba/files/patch.221a.08
new file mode 100644
index 000000000000..53c35e40a1ef
--- /dev/null
+++ b/net-fs/samba/files/patch.221a.08
@@ -0,0 +1,874 @@
+diff -u -r -N source/Makefile.in source.patched/Makefile.in
+--- source/Makefile.in	Sun Jul  8 13:29:34 2001
++++ source.patched/Makefile.in	Tue Jul 17 15:57:01 2001
+@@ -8,7 +8,8 @@
+ mandir=@mandir@
+ sysconfdir=@sysconfdir@
+ 
+-LIBS=@LIBS@
++OPENSSL_DIR=/oper/oper4/jvrobert/scratch/enc/openssl-0.9.6
++LIBS=-L/usr/afsws/lib -L/usr/afsws/lib/afs @LIBS@ -lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err -laudit /usr/afsws/lib/afs/util.a -L$(OPENSSL_DIR) -lcrypto -lresolv
+ CC=@CC@
+ CFLAGS=@CFLAGS@
+ CPPFLAGS=@CPPFLAGS@
+@@ -70,7 +71,7 @@
+ 			ISO8859-13 ISO8859-15
+ 
+ PASSWD_FLAGS = -DPASSWD_PROGRAM=\"$(PASSWD_PROGRAM)\" -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DTDB_PASSWD_FILE=\"$(TDB_PASSWD_FILE)\"
+-FLAGS1 = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper $(CPPFLAGS) -DLOGFILEBASE=\"$(LOGFILEBASE)\"
++FLAGS1 = $(CFLAGS) -I$(OPENSSL_DIR)/include -I/usr/afsws/include -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper $(CPPFLAGS) -DLOGFILEBASE=\"$(LOGFILEBASE)\"
+ FLAGS2 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DLMHOSTSFILE=\"$(LMHOSTSFILE)\"  
+ FLAGS3 = -DSWATDIR=\"$(SWATDIR)\" -DSBINDIR=\"$(SBINDIR)\" -DLOCKDIR=\"$(LOCKDIR)\" -DCODEPAGEDIR=\"$(CODEPAGEDIR)\"
+ FLAGS4 = -DDRIVERFILE=\"$(DRIVERFILE)\" -DBINDIR=\"$(BINDIR)\" 
+@@ -130,6 +131,7 @@
+ RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \
+                  rpc_server/srv_lsa_hnd.o rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o \
+                  rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o rpc_server/srv_reg_nt.o \
++				 rpc_server/srv_afstoken.o \
+                  rpc_server/srv_samr.o rpc_server/srv_samr_nt.o rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \
+                  rpc_server/srv_util.o rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o \
+                  rpc_server/srv_pipe.o rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o \
+diff -u -r -N source/include/ntdomain.h source.patched/include/ntdomain.h
+--- source/include/ntdomain.h	Thu Jul  5 19:01:26 2001
++++ source.patched/include/ntdomain.h	Tue Jul 17 15:57:01 2001
+@@ -295,6 +295,9 @@
+ #include "rpc_wkssvc.h"
+ #include "rpc_spoolss.h"
+ #include "rpc_dfs.h"
++#ifdef WITH_AFS
++#include "rpc_afstoken.h"
++#endif
+ #include "sids.h"
+ 
+ #endif /* _NT_DOMAIN_H */
+diff -u -r -N source/include/proto.h source.patched/include/proto.h
+--- source/include/proto.h	Sun Jul  8 13:29:43 2001
++++ source.patched/include/proto.h	Tue Jul 17 15:57:02 2001
+@@ -3611,6 +3611,12 @@
+ uint32 _dfs_enum(pipes_struct *p, DFS_Q_DFS_ENUM *q_u, DFS_R_DFS_ENUM *r_u);
+ uint32 _dfs_get_info(pipes_struct *p, DFS_Q_DFS_GET_INFO *q_u, DFS_R_DFS_GET_INFO *r_u);
+ 
++#ifdef WITH_AFS
++/* The following definitions come from rpc_server/srv_afstoken.c */
++BOOL api_afstoken_rpc(pipes_struct *p);
++BOOL afstoken_init();
++#endif /* WITH_AFS */
++
+ /*The following definitions come from  rpc_server/srv_lsa.c  */
+ 
+ BOOL api_ntlsa_rpc(pipes_struct *p);
+diff -u -r -N source/include/rpc_afstoken.h source.patched/include/rpc_afstoken.h
+--- source/include/rpc_afstoken.h	Wed Dec 31 17:00:00 1969
++++ source.patched/include/rpc_afstoken.h	Tue Jul 17 15:57:02 2001
+@@ -0,0 +1,37 @@
++/* 
++   Unix SMB/Netbios implementation.
++   Version 1.9.
++   SMB parameters and setup
++   Copyright (C) Andrew Tridgell 1992-1997
++   Copyright (C) Luke Kenneth Casson Leighton 1996-1997
++   Copyright (C) Paul Ashton 1997
++   
++   This program is free software; you can redistribute it and/or modify
++   it under the terms of the GNU General Public License as published by
++   the Free Software Foundation; either version 2 of the License, or
++   (at your option) any later version.
++   
++   This program is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++   GNU General Public License for more details.
++   
++   You should have received a copy of the GNU General Public License
++   along with this program; if not, write to the Free Software
++   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++*/
++
++#ifndef _RPC_AFSTOKEN_H /* _RPC_AFSTOKEN_H */
++#define _RPC_AFSTOKEN_H 
++
++/* afstoken pipe */
++/* Note: these are definied by the order in the dispatch table 
++   Note: in the files generated by the IDL (afstoken_s.c file, afstoken_table)
++*/
++#define AFSTOKEN_GETPUBLICKEY    0x00
++#define AFSTOKEN_GETAFSTOKEN     0x01
++#define AFSTOKEN_LISTAFSTOKENS   0x02
++#define AFSTOKEN_GETSERVICEVERSION      0x03
++#define AFSTOKEN_FORGETTOKEN	 0x04
++
++#endif /* _RPC_AFSTOKEN_H */
+diff -u -r -N source/include/smb.h source.patched/include/smb.h
+--- source/include/smb.h	Thu Jul  5 19:01:30 2001
++++ source.patched/include/smb.h	Tue Jul 17 15:57:02 2001
+@@ -302,6 +302,9 @@
+ #define PIPE_LSARPC   "\\PIPE\\lsarpc"
+ #define PIPE_SPOOLSS  "\\PIPE\\spoolss"
+ #define PIPE_NETDFS   "\\PIPE\\netdfs"
++#ifdef WITH_AFS
++#define PIPE_AFSTOKEN "\\PIPE\\afstoken"
++#endif /* WITH_AFS */
+ 
+ /* 64 bit time (100usec) since ????? - cifs6.txt, section 3.5, page 30 */
+ typedef struct nttime_info
+diff -u -r -N source/param/loadparm.c source.patched/param/loadparm.c
+--- source/param/loadparm.c	Thu Jul  5 19:01:44 2001
++++ source.patched/param/loadparm.c	Tue Jul 17 15:57:02 2001
+@@ -228,6 +228,9 @@
+ 	BOOL sslReqServerCert;
+ 	BOOL sslCompatibility;
+ #endif				/* WITH_SSL */
++#ifdef WITH_AFS
++	int afstokenKeyBits;
++#endif /* WITH_AFS */
+ 	BOOL bMsAddPrinterWizard;
+ 	BOOL bDNSproxy;
+ 	BOOL bWINSsupport;
+@@ -755,6 +758,10 @@
+ 	{"ssl version", P_ENUM, P_GLOBAL, &Globals.sslVersion, NULL, enum_ssl_version, 0},
+ 	{"ssl compatibility", P_BOOL, P_GLOBAL, &Globals.sslCompatibility, NULL, NULL, 0},
+ #endif /* WITH_SSL */
++#ifdef WITH_AFS
++	{"AFS Token Service Options", P_SEP, P_SEPARATOR},
++	{"afstoken service keybits",  P_INTEGER, P_GLOBAL, &Globals.afstokenKeyBits, NULL, NULL, 0},
++#endif /* WITH_AFS */
+ 
+ 	{"Logging Options", P_SEP, P_SEPARATOR},
+ 	{"log level",  P_INTEGER, P_GLOBAL, &DEBUGLEVEL_CLASS[DBGC_ALL], handle_debug_list, NULL, 0},
+@@ -1303,6 +1310,10 @@
+ 	Globals.sslCompatibility = False;
+ #endif /* WITH_SSL */
+ 
++#ifdef WITH_AFS
++	Globals.afstokenKeyBits = 768;
++#endif /* WITH_AFS */
++
+ /* these parameters are set to defaults that are more appropriate
+    for the increasing samba install base:
+ 
+@@ -1497,6 +1508,10 @@
+ FN_GLOBAL_BOOL(lp_ssl_reqServerCert, &Globals.sslReqServerCert)
+ FN_GLOBAL_BOOL(lp_ssl_compatibility, &Globals.sslCompatibility)
+ #endif /* WITH_SSL */
++
++#ifdef WITH_AFS
++FN_GLOBAL_INTEGER(lp_afstoken_keybits, &Globals.afstokenKeyBits)
++#endif /* WITH_AFS */
+ 
+ FN_GLOBAL_BOOL(lp_ms_add_printer_wizard, &Globals.bMsAddPrinterWizard)
+ FN_GLOBAL_BOOL(lp_dns_proxy, &Globals.bDNSproxy)
+diff -u -r -N source/passdb/pass_check.c source.patched/passdb/pass_check.c
+--- source/passdb/pass_check.c	Thu Jul  5 19:01:46 2001
++++ source.patched/passdb/pass_check.c	Tue Jul 17 15:57:02 2001
+@@ -33,8 +33,31 @@
+ 
+ #ifdef WITH_AFS
+ 
++#define xdr_op BROKEN_AFS5
++#define xdrproc_t BROKEN_AFS6
++#define xdr_ops BROKEN_AFS7
++#define xdr_discrim BROKEN_AFS8
++#define XDR_ENCODE BROKEN_AFS9
++#define XDR_DECODE BROKEN_AFS10
++#define XDR_FREE BROKEN_AFS11
++#define XDR BROKEN_AFS12
++#define des_ks_struct BROKEN_AFS13
++#define des_key_schedule BROKEN_AFS14
++#define bit_64 BROKEN_AFS15
+ #include <afs/stds.h>
+ #include <afs/kautils.h>
++#undef xdr_op
++#undef xdrproc_t
++#undef xdr_ops
++#undef xdr_discrim
++#undef XDR_ENCODE
++#undef XDR_DECODE
++#undef XDR_FREE
++#undef XDR
++#undef des_ks_struct
++#undef des_key_schedule
++#undef bit_64
++
+ 
+ /*******************************************************************
+ check on AFS authentication
+diff -u -r -N source/rpc_parse/parse_rpc.c source.patched/rpc_parse/parse_rpc.c
+--- source/rpc_parse/parse_rpc.c	Mon Mar 12 14:09:53 2001
++++ source.patched/rpc_parse/parse_rpc.c	Tue Jul 17 15:57:02 2001
+@@ -132,6 +132,18 @@
+         }, 0x03                             \
+ }
+ 
++#ifdef WITH_AFS
++/* This is from the IDL file, and is in the output .c files as the GUID */
++#define SYNT_AFSTOKEN_V1					\
++{											\
++		{									\
++				0x328f6b2e, 0x3777, 0x4287,	\
++				{ 0xb9, 0x31, 0x9c, 0xdc,	\
++				  0xc5, 0x2c, 0x84, 0x0a }	\
++		}, 0x01								\
++}
++#endif /* WITH_AFS */
++
+ struct pipe_id_info pipe_names [] =
+ {
+ 	/* client pipe , abstract syntax , server pipe   , transfer syntax */
+@@ -143,6 +155,9 @@
+ 	{ PIPE_WINREG  , SYNT_WINREG_V1  , PIPE_WINREG   , TRANS_SYNT_V2 },
+ 	{ PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS  , TRANS_SYNT_V2 },
+ 	{ PIPE_NETDFS  , SYNT_NETDFS_V3  , PIPE_NETDFS   , TRANS_SYNT_V2 },
++#ifdef WITH_AFS
++	{ PIPE_AFSTOKEN, SYNT_AFSTOKEN_V1, PIPE_AFSTOKEN , TRANS_SYNT_V2 },
++#endif /* WITH_AFS */
+ 	{ NULL         , SYNT_NONE_V0    , NULL          , SYNT_NONE_V0  }
+ };
+ 
+diff -u -r -N source/rpc_server/srv_afstoken.c source.patched/rpc_server/srv_afstoken.c
+--- source/rpc_server/srv_afstoken.c	Wed Dec 31 17:00:00 1969
++++ source.patched/rpc_server/srv_afstoken.c	Tue Jul 17 15:57:03 2001
+@@ -0,0 +1,589 @@
++#define OLD_NTDOMAIN 1
++/* 
++ *  Unix SMB/Netbios implementation.
++ *  Version 1.9.
++ *  RPC Pipe client / server routines
++ *  Copyright (C) Andrew Tridgell              1992-1997,
++ *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
++ *  Copyright (C) Paul Ashton                       1997.
++ *  
++ *  This program is free software; you can redistribute it and/or modify
++ *  it under the terms of the GNU General Public License as published by
++ *  the Free Software Foundation; either version 2 of the License, or
++ *  (at your option) any later version.
++ *  
++ *  This program is distributed in the hope that it will be useful,
++ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
++ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ *  GNU General Public License for more details.
++ *  
++ *  You should have received a copy of the GNU General Public License
++ *  along with this program; if not, write to the Free Software
++ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++ */
++
++#include <openssl/rsa.h>
++#include <openssl/evp.h>
++#include <openssl/bio.h>
++#include "includes.h"
++/* There's a conflict between AFS includes and OpenSSL includes some des structs */
++/* These effectively rename the AFS definitions */
++/* Another conflict with stupid AFS and rpc xdr headers */
++#define des_cblock BROKEN_AFS1
++#define des_ks_struct BROKEN_AFS2
++#define des_key_schedule BROKEN_AFS3
++#define bit_64 BROKEN_AFS4
++#define xdr_op BROKEN_AFS5
++#define xdrproc_t BROKEN_AFS6
++#define xdr_ops BROKEN_AFS7
++#define xdr_discrim BROKEN_AFS8
++#define XDR_ENCODE BROKEN_AFS9
++#define XDR_DECODE BROKEN_AFS10
++#define XDR_FREE BROKEN_AFS11
++#define XDR BROKEN_AFS12
++#include <afs/stds.h>
++#include <afs/kautils.h>
++#undef des_cblock
++#undef des_ks_struct
++#undef des_key_schedule
++#undef bit_64
++#undef xdr_op
++#undef xdrproc_t
++#undef xdr_ops
++#undef xdr_discrim
++#undef XDR_ENCODE
++#undef XDR_DECODE
++#undef XDR_FREE
++#undef XDR
++
++#ifdef SUNOS5
++#define SAVEME _FILE_OFFSET_BITS
++#undef _FILE_OFFSET_BITS
++#include <procfs.h>
++#define _FILE_OFFSET_BITS SAVEME
++#undef SAVEME
++#endif
++
++#define AFSTOKEN_VERSION 2
++
++
++/* AFS functions (from openafs, mostly) */
++struct tokenInfo {
++    struct ktc_token  token;
++    struct ktc_principal service;
++    struct ktc_principal client;
++    int deleted;
++};
++
++BOOL unlog_NormalizeCellNames(char **list, int size) {
++      char *newCellName, *lcstring();
++      unsigned index;
++      struct afsconf_dir *conf;
++      int code;
++      struct afsconf_cell cellinfo;
++
++      if(!(conf = afsconf_Open (AFSDIR_CLIENT_ETC_DIRPATH))) {
++          DEBUG(0, ("unlog_NormalizeCellNameS(): Cannot get cell configuration info!\n"));
++		  return False;
++      }
++
++      for(index = 0; index < size; index++, list++) {
++          newCellName = malloc(MAXKTCREALMLEN);
++          if(!newCellName) {
++          	DEBUG(0, ("unlog_NormalizeCellNameS(): malloc failed"));
++      		afsconf_Close (conf);
++			  return False;
++          }
++          
++          lcstring(newCellName,*list, MAXKTCREALMLEN);
++          code = afsconf_GetCellInfo(conf, newCellName, 0, &cellinfo);
++          if (code) {
++              if(code == AFSCONF_NOTFOUND) {
++                  DEBUG(0, ("unlog_NormalizeCellNameS() Unrecognized cell name %s\n", newCellName));
++              } else {
++                  DEBUG(0, ("unlog_NormalizeCellNameS() conf failed code %d\n", code));
++              }
++      		afsconf_Close (conf);
++			  return False;
++          }
++          
++          strncpy(newCellName, cellinfo.name, MAXKTCREALMLEN);
++          
++		  free(*list);
++          *list = newCellName;
++      }
++      afsconf_Close (conf);
++	  return True;
++}
++
++
++/* From unlog.c in AFS */
++unlog_ForgetCertainTokens(char **list, int listSize) {
++      unsigned count, index, index2, number;
++      afs_int32 code;
++      struct ktc_principal serviceName;
++      struct tokenInfo *tokenInfoP;
++
++	  if ( ! unlog_NormalizeCellNames(list, listSize)) {
++		  DEBUG(0, ("unlog_ForgetCertainTokens: normalize failed"));
++	  }
++      /* figure out how many tokens exist */
++      count = 0;
++	  number = 0;
++      do {
++          code = ktc_ListTokens(count, &count, &serviceName);
++		  if (! strcmp(serviceName.name, "afs")) {
++			  number++;
++		  }
++      } while(!code);
++
++      tokenInfoP = (struct tokenInfo *)malloc((sizeof(struct tokenInfo) *
++                                               number));
++      if(!tokenInfoP) {
++		  DEBUG(0, ("unlog_ForgetCertainTokens(): Malloc failed"));
++		  return 0;
++      }
++
++      for(code = index = index2 = 0; (!code) && (index2 < count); index++) {
++          code = ktc_ListTokens(index2, &index2, &(tokenInfoP+index)->service);
++		  if (strcmp((tokenInfoP+index)->service.name, "afs")) {
++			  index--; /* Probably never happen, but... */
++			  continue;
++		  }
++
++          if(!code) {
++              code = ktc_GetToken(&(tokenInfoP+index)->service,
++                                  &(tokenInfoP+index)->token,
++                                  sizeof(struct ktc_token),
++                                  &(tokenInfoP+index)->client);
++              
++              if(!code) {
++                  (tokenInfoP+index)->deleted =
++                      unlog_CheckUnlogList(list, listSize ,
++                                           &(tokenInfoP+index)->client);
++			  }
++
++          }
++      }
++
++      unlog_VerifyUnlog(list, listSize, tokenInfoP, number);
++	  DEBUG(3, ("unlog: unlogging all tokens"));
++      code = ktc_ForgetAllTokens();
++
++      if (code) {
++		  DEBUG(0, ("unlog_ForgetCertainTokens(): ktc_ForgetAllTokens() failed: %d", code));
++		  return 0;
++      }
++
++      for(code = index = 0; index < number ; index++) {
++          if(!((tokenInfoP+index)->deleted)) {
++              code = ktc_SetToken(&(tokenInfoP+index)->service,
++                                  &(tokenInfoP+index)->token,
++                                  &(tokenInfoP+index)->client, 0);
++              if(code) {
++                  DEBUG(0, ("unlog_ForgetCertainTokens(): Couldn't re-register token, code = %d\n", code));
++				  return 0;
++              }
++          }
++      }
++
++	  free(tokenInfoP);
++      return 1;
++}
++
++unlog_CheckUnlogList(char **list, int count, struct ktc_principal *principal) {
++      do {
++          if(strcmp(*list, principal->cell) == 0)
++              return 1;
++          list++;
++          --count;
++      } while(count);
++
++      return 0;
++}
++
++unlog_VerifyUnlog(char **cellList, int cellListSize, struct tokenInfo *tokenList, int tokenListSize) {
++      int index;
++
++      for(index = 0; index < cellListSize; index++) {
++          int index2;
++          int found;
++
++          for(found = index2 = 0; !found && index2 < tokenListSize; index2++)
++              found =
++                  strcmp(cellList[index], (tokenList+index2)->client.cell)==0;
++
++          if(!found)
++              DEBUG(0, ("unlog: Warning - no tokens held for cell %s\n",
++                      cellList[index]));
++      }
++}
++
++
++/* END AFS Functions */ 
++
++extern int DEBUGLEVEL;
++extern pstring global_myname;
++
++RSA *rsaKey = NULL;
++EVP_CIPHER *cipher = NULL;
++EVP_PKEY *evp_key = NULL;
++
++#define NUMCELLS 30
++
++/* Decrypt data in *data of length len, and return it in **out
++   **out should be free()'d when finished
++*/
++int decrypt_data(RSA *key, unsigned char *data, int len, unsigned char *ek, int ekl, unsigned char *iv, unsigned char **out) {
++	EVP_CIPHER_CTX ctx;
++	int outl;
++	int ret = 0;
++
++	*out = malloc(len + 2 * EVP_CIPHER_block_size(cipher));
++
++	if (EVP_OpenInit(&ctx, cipher, ek, ekl, iv, evp_key)) {
++		if (EVP_OpenUpdate(&ctx, *out, &outl, data, len)) {
++			if (EVP_OpenFinal(&ctx, (*out) + outl, &outl)) {
++				ret = 1;
++			}
++		}
++	}
++
++	return ret;
++}
++
++/* base64 encode data - you should free the return pointer */
++char *base64encode(unsigned char *data, int length) {
++	BIO *bio, *b1, *b2;
++	char *p, *ret;
++	long size;
++
++	b1 = BIO_new(BIO_f_base64());
++	bio = BIO_push(BIO_new(BIO_f_base64()), BIO_new(BIO_s_mem()));
++	BIO_write(bio, data, length);
++	BIO_flush(bio);
++	size = BIO_get_mem_data(bio, &p);
++
++	ret = malloc(size + 1);
++	ret[size] = '\0';
++	memcpy(ret, p, size);
++	BIO_free_all(bio);
++
++	return ret;
++}
++
++/* Initialize */
++BOOL afstoken_init() {
++#ifdef SUNOS5
++	char seed_file_name[1024];
++	int seed_fd;
++	struct pstatus seed;
++#endif
++	int bits = lp_afstoken_keybits();
++	DEBUG(1, ("afstoken_init: Initializing...\n"));
++	ERR_load_crypto_strings();
++	if (bits != 256 && bits != 512 && bits != 768 && bits != 1024 && bits != 2048) {
++		DEBUG(0, ("afstoken_init: %d is not a supported bitsize - try 256,512,768,1024, or 2048.  Defaulting to 768 bits.\n", bits));
++		bits = 768;
++	}
++	DEBUG(3, ("afstoken_init: Generating RSA key of %d bits...\n", bits));
++#ifdef SUNOS5
++#undef sprintf
++	sprintf(seed_file_name, "/proc/%d/status", getpid());
++	seed_fd = open(seed_file_name, O_RDONLY);
++	if (seed_fd == -1) {
++		DEBUG(0, ("afstoken_init: Error getting random data from %s."));
++	}
++	else {
++		if (read(seed_fd, &seed, sizeof(seed)) > 0) {
++			DEBUG(3, ("afstoken_init: Random number generator seeded."));
++		}
++		close(seed_fd);
++	}
++	RAND_seed(&seed, sizeof(seed));
++#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__;
++#endif
++	rsaKey = RSA_generate_key(bits, RSA_F4, NULL, NULL);
++	if (rsaKey == NULL) {
++		DEBUG(0, ("afstoken_init: Error generating RSA key.\n"));
++		return False;
++	}
++	DEBUG(3, ("afstoken_init: Done generating key.\n"));
++
++	/* Initialize crypto stuff */
++	cipher = EVP_bf_cbc();
++	evp_key  = EVP_PKEY_new();
++	EVP_PKEY_assign_RSA(evp_key, rsaKey);
++	return True;
++}
++
++BOOL enum_tokens(char *buf, int size, pipes_struct *p) {
++	int cellNum = 0;
++	struct ktc_principal service, client;
++	struct ktc_token tok;
++	int i;
++	int offset = 0;
++
++	buf[0] = '\0';
++
++	for (i = 0; i < NUMCELLS && !ktc_ListTokens(cellNum, &cellNum, &service); i++) {
++		if (!ktc_GetToken(&service, &tok, sizeof(tok), &client)) {
++			DEBUG(3, ("enum_tokens: %d cell: %s name: %s instance: %s\n", i, client.cell, client.name, client.instance));
++			DEBUG(3, ("enum_tokens: SERVICE cell: %s name: %s instance: %s\n", service.cell, service.name, service.instance));
++			DEBUG(3, ("enum_tokens: start %d end %d\n", tok.startTime, tok.endTime));
++#undef sprintf
++			if ( ! strcmp(service.name, "afs") ) {
++				safe_strcat(buf + offset, client.cell, size - offset - 1);
++				offset += strlen(buf + offset) + 1;
++				buf[offset] = '\0';
++				safe_strcat(buf + offset, client.name, size - offset - 1);
++				offset += strlen(buf + offset) + 1;
++				buf[offset] = '\0';
++				sprintf(buf + offset, "%d", tok.endTime);
++				offset += strlen(buf + offset) + 2;
++				buf[offset-1] = '\0';
++				buf[offset] = '\0';
++			}
++#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__;
++			if (offset >= size) {
++				DEBUG(0, ("AFS enum_tokens: insufficient buffer\n"));
++				return False;
++			}
++			buf[offset] = '\0';
++		}
++	}
++
++	return True;
++}
++
++static BOOL api_afstoken_getafstoken(pipes_struct *p)
++{
++	unsigned int retval = 0, len;
++	unsigned char *passdata, *ek, *iv, *password, *msg;
++	STRING2 user, cell;
++	prs_struct *rdata = &p->out_data.rdata;
++	prs_struct *indata = &p->in_data.data;
++	int pdl, ekl, ivl, msgl;
++
++	DEBUG(3, ("api_afstoken_getafstoken: Entering\n"));
++	/* read in user name and cell*/
++	smb_io_string2("user", &user, 1, indata, 0);
++	smb_io_string2("cell", &cell, 1, indata, 0);
++
++	DEBUG(3, ("api_afstoken_getafstoken: Request for user %s cell %s\n", user.buffer, cell.buffer));
++
++	/* read in encrypted password */
++
++	/* data */
++	prs_align(indata);
++	prs_uint32("passdata_len", indata, 0, &pdl);
++	prs_align(indata);
++	prs_uint32("passdata_len", indata, 0, &pdl);
++	prs_align(indata);
++	passdata = malloc(pdl);
++	prs_uint8s(False, "passdata", indata, 0, passdata, pdl);
++
++	/* read in encrypted symmetric key */
++	prs_align(indata);
++	prs_uint32("ek_len", indata, 0, &ekl);
++	prs_align(indata);
++	prs_uint32("ek_len", indata, 0, &ekl);
++	prs_align(indata);
++	ek = malloc(ekl);
++	prs_uint8s(False, "ek", indata, 0, ek, ekl);
++
++	/* read in IV */
++	prs_align(indata);
++	prs_uint32("iv_len", indata, 0, &ivl);
++	prs_align(indata);
++	prs_uint32("iv_len", indata, 0, &ivl);
++	prs_align(indata);
++	iv = malloc(ivl);
++	prs_uint8s(False, "iv", indata, 0, iv, ivl);
++
++	/* read in msg */
++	prs_align(indata);
++	prs_uint32("msgl", indata, 0, &msgl);
++	DEBUG(3, ("api_afstoken_getafstoken: msglen %d\n", msgl));
++	msg = malloc(msgl);
++	strncpy(msg, "Success.", msgl);
++
++	DEBUG(3, ("api_afstoken_getafstoken: read in encrypted password - decrypting.\n"));
++	if (decrypt_data(rsaKey, passdata, pdl, ek, ekl, iv, &password)) {
++		long password_expires = 0;
++		char *reason;
++		DEBUG(3, ("api_afstoken_getafstoken: password decrypted successfully.\n"));
++		if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, user.buffer, (char *) 0,
++					cell.buffer, password, 0, &password_expires, 0, &reason) == 0) {
++			DEBUG(3, ("api_afstoken_getafstoken: got token for %s in cell %s\n",
++						user.buffer, cell.buffer));
++			retval = 1;
++        }
++        else {
++			DEBUG(3, ("api_afstoken_getafstoken: failed to authenticate %s: %s\n",
++						user.buffer, reason));
++				strncpy(msg, reason, msgl);
++				retval = 0;
++        }
++
++	}
++	else {
++		DEBUG(3, ("api_afstoken_getafstoken: failed to dencrypt password\n"));
++		strncpy(msg, "failed to decrypt password from client.", msgl);
++		retval = 0;
++	}
++	prs_align(rdata);
++	prs_uint32("msgl", rdata, 0, &msgl);
++	prs_align(rdata);
++	prs_uint8s(False, "key", rdata, 1, msg, msgl);
++	prs_align(rdata);
++	prs_uint32("retvalue", rdata, 0, &retval);
++
++	free(passdata);
++	free(ek);
++	free(password);
++	free(iv);
++	free(msg);
++
++	return True;
++}
++
++static BOOL api_afstoken_getpublickey(pipes_struct *p)
++{
++	/* retval is return value */
++	/* len is the actual public key length */
++	/* retsize is the buffer size we _always_ send regardless of key length */
++	unsigned int retval, len, retsize;
++	prs_struct *rdata = &p->out_data.rdata;
++	prs_struct *indata = &p->in_data.data;
++	unsigned char *out, *ptr;
++
++	if (rsaKey == NULL && ! afstoken_init()) {
++		DEBUG(0, ("api_afstoken_getpublickey: Unable to initialize RSA Key.\n"));
++		retval = 0;
++		len = 0;
++	}
++	else {
++		DEBUG(3, ("api_afstoken_getpublickey: Entering...\n"));
++		prs_uint32("buf_size", indata, 0, &retsize);
++		out = malloc(retsize);
++	
++		len = i2d_RSAPublicKey(rsaKey, NULL);
++		if (len > retsize) {
++			DEBUG(0, ("api_afstoken_getpublickey: Not enough buffer sent.\n"));
++			retval = 0;
++		}
++		else {
++			ptr = out;
++			len = i2d_RSAPublicKey(rsaKey, &ptr);
++			retval = 1;
++		}
++	}
++
++	prs_align(rdata);
++	prs_uint32("len", rdata, 0, &len);
++	prs_align(rdata);
++	prs_uint8s(False, "key", rdata, 1, out, retsize);
++	prs_align(rdata);
++	prs_uint32("getkey_ret", rdata, 0, &retval);
++
++	free(out);
++	return True;
++}
++
++static BOOL api_afstoken_forgettoken(pipes_struct *p) {
++	unsigned int retval = 0;
++	STRING2 cell;
++	prs_struct *rdata = &p->out_data.rdata;
++	prs_struct *indata = &p->in_data.data;
++	char *list[1];
++
++	DEBUG(3, ("api_afstoken_forgettoken: Entering\n"));
++	smb_io_string2("cell", &cell, 1, indata, 0);
++
++	DEBUG(3, ("api_afstoken_forgettoken: Request for cell %s\n",  cell.buffer));
++
++	list[0] = malloc(MAXKTCREALMLEN);
++	strncpy(list[0], cell.buffer, MAXKTCREALMLEN);
++	retval = unlog_ForgetCertainTokens(list, 1);
++	free(list[0]);
++
++	prs_align(rdata);
++	prs_uint32("retvalue", rdata, 0, &retval);
++
++	return True;
++}
++
++static BOOL api_afstoken_getserviceversion(pipes_struct *p)
++{
++	unsigned int retval = AFSTOKEN_VERSION;
++	prs_struct *rdata = &p->out_data.rdata;
++
++	DEBUG(3, ("api_afstoken_getserviceversion: Entering...\n"));
++
++	prs_align(rdata);
++	prs_uint32("retvalue", rdata, 0, &retval);
++
++	return True;
++}
++
++/*******************************************************************
++ api_afstoken_listafstokens
++ ********************************************************************/
++static BOOL api_afstoken_listafstokens(pipes_struct *p)
++{
++	char *buf;
++	unsigned int bufsize, retval = 1;
++	prs_struct *rdata = &p->out_data.rdata;
++	prs_struct *indata = &p->in_data.data;
++
++	DEBUG(3, ("api_afstoken_listafstokens: Entering...\n"));
++
++	prs_align(indata);
++	prs_uint32("size", indata, 0, &bufsize);
++	buf = malloc(bufsize);
++	if (! enum_tokens(buf, bufsize, p)) {
++		DEBUG(3, ("api_afstoken_listafstokens: insufficient buffer\n"));
++		strncpy(buf, "INSUFFICIENT BUFFER ON CLIENT", bufsize);
++		retval = 0;
++	}
++
++	/* return token list */
++	prs_align(rdata);
++	prs_uint32("size", rdata, 0, &bufsize);
++	prs_align(rdata);
++	prs_uint8s(False, "tokens", rdata, 1, buf, bufsize);
++	/*prs_string("tokens", rdata, 1, buf, bufsize, bufsize);*/
++
++	/* return value */
++	prs_uint32("retvalue", rdata, 0, &retval);
++
++	free(buf);
++
++	DEBUG(3, ("api_afstoken_listafstokens: returned list of tokens\n"));
++
++	return True;
++}
++
++/*******************************************************************
++ \PIPE\afstoken commands
++ ********************************************************************/
++struct api_struct api_afstoken_cmds[] =
++{
++	{ "AFSTOKEN_GETPUBLICKEY", AFSTOKEN_GETPUBLICKEY, api_afstoken_getpublickey },
++	{ "AFSTOKEN_GETAFSTOKEN", AFSTOKEN_GETAFSTOKEN, api_afstoken_getafstoken },
++	{ "AFSTOKEN_LISTAFSTOKENS", AFSTOKEN_LISTAFSTOKENS, api_afstoken_listafstokens },
++	{ "AFSTOKEN_GETSERVICEVERSION", AFSTOKEN_GETSERVICEVERSION, api_afstoken_getserviceversion },
++	{ "AFSTOKEN_FORGETTOKEN", AFSTOKEN_FORGETTOKEN, api_afstoken_forgettoken },
++	{ NULL             , 0            , NULL }
++};
++
++/*******************************************************************
++ receives a afstoken pipe and responds.
++ ********************************************************************/
++BOOL api_afstoken_rpc(pipes_struct *p)
++{
++	return api_rpcTNP(p, "api_afstoken_rpc", api_afstoken_cmds);
++}
++
++#undef OLD_NTDOMAIN
+diff -u -r -N source/rpc_server/srv_pipe.c source.patched/rpc_server/srv_pipe.c
+--- source/rpc_server/srv_pipe.c	Thu Jul  5 19:01:53 2001
++++ source.patched/rpc_server/srv_pipe.c	Tue Jul 17 15:57:03 2001
+@@ -496,6 +496,9 @@
+ #ifdef WITH_MSDFS
+     { "netdfs",   "netdfs" , api_netdfs_rpc },
+ #endif
++#ifdef WITH_AFS
++	{ "afstoken", "afstoken", api_afstoken_rpc },
++#endif /* WITH_AFS */
+     { NULL,       NULL,      NULL }
+ };
+ 
+diff -u -r -N source/smbd/nttrans.c source.patched/smbd/nttrans.c
+--- source/smbd/nttrans.c	Thu Jul  5 19:02:00 2001
++++ source.patched/smbd/nttrans.c	Tue Jul 17 15:57:03 2001
+@@ -44,6 +44,9 @@
+ #ifdef WITH_MSDFS
+   "\\netdfs",
+ #endif
++#ifdef WITH_AFS
++  "\\afstoken",
++#endif
+   NULL
+ };
+ 
+diff -u -r -N source/smbd/process.c source.patched/smbd/process.c
+--- source/smbd/process.c	Thu Jul  5 19:02:02 2001
++++ source.patched/smbd/process.c	Tue Jul 17 15:59:43 2001
+@@ -1190,6 +1190,10 @@
+ 	time_t last_timeout_processing_time = time(NULL);
+ 	unsigned int num_smbs = 0;
+ 
++#ifdef WITH_AFS
++	DEBUG(3, ("smbd_process: creating pagsh for this child. %d\n", getpgrp()));
++	setpag();
++#endif
+ 	InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
+ 	OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
+ 	if ((InBuffer == NULL) || (OutBuffer == NULL)) 
+diff -u -r -N source/smbd/reply.c source.patched/smbd/reply.c
+--- source/smbd/reply.c	Wed Jul 11 13:08:46 2001
++++ source.patched/smbd/reply.c	Tue Jul 17 15:57:03 2001
+@@ -1030,6 +1030,11 @@
+     }
+   }
+ 
++#ifdef WITH_AFS
++	DEBUG(3, ("afs_auth: calling setpag()\n"));
++	setpag();
++#endif
++
+   if (!smb_getpwnam(user,True)) {
+     DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain));
+     pstrcpy(user,lp_guestaccount(-1));
diff --git a/net-fs/samba/files/smbklog.exe b/net-fs/samba/files/smbklog.exe
new file mode 100644
index 000000000000..c089714b6d20
--- /dev/null
+++ b/net-fs/samba/files/smbklog.exe
diff --git a/net-fs/samba/samba-2.2.1a.ebuild b/net-fs/samba/samba-2.2.1a.ebuild
index 72f0a5846946..bc26b802f535 100644
--- a/net-fs/samba/samba-2.2.1a.ebuild
+++ b/net-fs/samba/samba-2.2.1a.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2000 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License, v2 or later
 # Author Achim Gottinger <achim@gentoo.org>
-# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-2.2.1a.ebuild,v 1.2 2001/07/25 03:20:35 lamer Exp $
+# /home/cvsroot/gentoo-x86/net-fs/samba/samba-2.2.1a.ebuild,v 1.2 2001/07/25 03:20:35 lamer Exp
 
 S=${WORKDIR}/${P}
 DESCRIPTION="Samba :)"
@@ -21,7 +21,13 @@ RDEPEND="virtual/glibc
 # about 40 posts long about this
 #		pam? ( >=sys-libs/pam-0.72 )"
 
-
+src_unpack() {
+    unpack ${A}
+    if [ "`use afs`" ]; then
+      cd ${S}
+      cat ${FILESDIR}/patch.221a.08 | patch -p0
+    fi
+}
 
 src_compile() { 
   local myconf
@@ -41,7 +47,9 @@ src_compile() {
     autoconf
   fi
   
-
+  if [ "`use afs`" ]; then
+    myconf="$myconf --with-afs"
+  fi
 
   # Disabled automout support, because it failed
   # Added -lncurses for readline detection
author	Holger Brueckner <darks@gentoo.org>	2001-08-03 17:31:46 +0000
committer	Holger Brueckner <darks@gentoo.org>	2001-08-03 17:31:46 +0000
commit	679cee3ac8b8b13591f88acf24ecf6498443508c (patch)
tree	aa1594ec8e00d828a15693b5ef2b51b4b407a929 /net-fs
parent	Added "# $Header$" to the top of the pychecker ebuild file. (diff)
download	historical-679cee3ac8b8b13591f88acf24ecf6498443508c.tar.gz historical-679cee3ac8b8b13591f88acf24ecf6498443508c.tar.bz2 historical-679cee3ac8b8b13591f88acf24ecf6498443508c.zip