1b528cefcSMark Murray /* 2*ae771770SStanislav Sedov * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan 3b528cefcSMark Murray * (Royal Institute of Technology, Stockholm, Sweden). 4b528cefcSMark Murray * All rights reserved. 5b528cefcSMark Murray * 6b528cefcSMark Murray * Redistribution and use in source and binary forms, with or without 7b528cefcSMark Murray * modification, are permitted provided that the following conditions 8b528cefcSMark Murray * are met: 9b528cefcSMark Murray * 10b528cefcSMark Murray * 1. Redistributions of source code must retain the above copyright 11b528cefcSMark Murray * notice, this list of conditions and the following disclaimer. 12b528cefcSMark Murray * 13b528cefcSMark Murray * 2. Redistributions in binary form must reproduce the above copyright 14b528cefcSMark Murray * notice, this list of conditions and the following disclaimer in the 15b528cefcSMark Murray * documentation and/or other materials provided with the distribution. 16b528cefcSMark Murray * 17b528cefcSMark Murray * 3. Neither the name of the Institute nor the names of its contributors 18b528cefcSMark Murray * may be used to endorse or promote products derived from this software 19b528cefcSMark Murray * without specific prior written permission. 20b528cefcSMark Murray * 21b528cefcSMark Murray * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22b528cefcSMark Murray * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23b528cefcSMark Murray * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24b528cefcSMark Murray * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25b528cefcSMark Murray * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26b528cefcSMark Murray * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27b528cefcSMark Murray * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28b528cefcSMark Murray * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29b528cefcSMark Murray * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30b528cefcSMark Murray * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31b528cefcSMark Murray * SUCH DAMAGE. 32b528cefcSMark Murray */ 33b528cefcSMark Murray 34*ae771770SStanislav Sedov /* $Id$ */ 35b528cefcSMark Murray 36b528cefcSMark Murray #ifdef HAVE_CONFIG_H 37b528cefcSMark Murray #include <config.h> 38b528cefcSMark Murray #endif 39b528cefcSMark Murray 40b528cefcSMark Murray #include <stdio.h> 41b528cefcSMark Murray #include <assert.h> 42b528cefcSMark Murray #include <stdarg.h> 43b528cefcSMark Murray #include <ctype.h> 44b528cefcSMark Murray #ifdef HAVE_SYS_TYPES_H 45b528cefcSMark Murray #include <sys/types.h> 46b528cefcSMark Murray #endif 47b528cefcSMark Murray #ifdef HAVE_UNISTD_H 48b528cefcSMark Murray #include <unistd.h> 49b528cefcSMark Murray #endif 50b528cefcSMark Murray #ifdef HAVE_SYS_WAIT_H 51b528cefcSMark Murray #include <sys/wait.h> 52b528cefcSMark Murray #endif 53b528cefcSMark Murray #ifdef HAVE_SYS_SELECT_H 54b528cefcSMark Murray #include <sys/select.h> 55b528cefcSMark Murray #endif 56b528cefcSMark Murray #ifdef HAVE_SYS_SOCKET_H 57b528cefcSMark Murray #include <sys/socket.h> 58b528cefcSMark Murray #endif 59b528cefcSMark Murray #ifdef HAVE_NETINET_IN_H 60b528cefcSMark Murray #include <netinet/in.h> 61b528cefcSMark Murray #endif 62b528cefcSMark Murray #ifdef HAVE_NETINET_IN6_H 63b528cefcSMark Murray #include <netinet/in6.h> 64b528cefcSMark Murray #endif 65b528cefcSMark Murray #ifdef HAVE_NETINET6_IN6_H 66b528cefcSMark Murray #include <netinet6/in6.h> 67b528cefcSMark Murray #endif 68b528cefcSMark Murray #ifdef HAVE_ARPA_INET_H 69b528cefcSMark Murray #include <arpa/inet.h> 70b528cefcSMark Murray #endif 71b528cefcSMark Murray 72b528cefcSMark Murray #ifdef HAVE_PWD_H 73b528cefcSMark Murray #include <pwd.h> 74b528cefcSMark Murray #endif 75b528cefcSMark Murray #ifdef HAVE_SHADOW_H 76b528cefcSMark Murray #include <shadow.h> 77b528cefcSMark Murray #endif 78b528cefcSMark Murray #ifdef HAVE_NETDB_H 79b528cefcSMark Murray #include <netdb.h> 80b528cefcSMark Murray #endif 81bbd80c28SJacques Vidrine #ifdef HAVE_LIMITS_H 82bbd80c28SJacques Vidrine #include <limits.h> 83bbd80c28SJacques Vidrine #endif 84b528cefcSMark Murray #include <errno.h> 85b528cefcSMark Murray 86b528cefcSMark Murray #ifdef HAVE_SYS_PARAM_H 87b528cefcSMark Murray #include <sys/param.h> 88b528cefcSMark Murray #endif 89b528cefcSMark Murray 90b528cefcSMark Murray #ifdef HAVE_SYSLOG_H 91b528cefcSMark Murray #include <syslog.h> 92b528cefcSMark Murray #endif 93b528cefcSMark Murray #ifdef HAVE_PATHS_H 94b528cefcSMark Murray #include <paths.h> 95b528cefcSMark Murray #endif 96b528cefcSMark Murray #include <err.h> 97b528cefcSMark Murray #include <roken.h> 98b528cefcSMark Murray #include <getarg.h> 998373020dSJacques Vidrine #ifdef KRB5 100b528cefcSMark Murray #include <krb5.h> 101c19800e8SDoug Rabson /* XXX */ 102*ae771770SStanislav Sedov struct hx509_certs_data; 103c19800e8SDoug Rabson struct krb5_pk_identity; 104c19800e8SDoug Rabson struct krb5_pk_cert; 105c19800e8SDoug Rabson struct ContentInfo; 106*ae771770SStanislav Sedov struct AlgorithmIdentifier; 107c19800e8SDoug Rabson struct _krb5_krb_auth_data; 108c19800e8SDoug Rabson struct krb5_dh_moduli; 109*ae771770SStanislav Sedov struct _krb5_key_data; 110*ae771770SStanislav Sedov struct _krb5_encryption_type; 111*ae771770SStanislav Sedov struct _krb5_key_type; 112c19800e8SDoug Rabson #include "crypto-headers.h" 1130cadf2f4SJacques Vidrine #include <krb5-private.h> /* for _krb5_{get,put}_int */ 1148373020dSJacques Vidrine #endif 115*ae771770SStanislav Sedov #if defined(KRB5) 116b528cefcSMark Murray #include <kafs.h> 117b528cefcSMark Murray #endif 118b528cefcSMark Murray 119b528cefcSMark Murray #ifndef _PATH_BSHELL 120b528cefcSMark Murray #define _PATH_BSHELL "/bin/sh" 121b528cefcSMark Murray #endif 122b528cefcSMark Murray 123b528cefcSMark Murray #ifndef _PATH_DEFPATH 124b528cefcSMark Murray #define _PATH_DEFPATH "/usr/bin:/bin" 125b528cefcSMark Murray #endif 126b528cefcSMark Murray 127c19800e8SDoug Rabson #include "loginpaths.h" 1285e9cd1aeSAssar Westerlund 129b528cefcSMark Murray /* 130b528cefcSMark Murray * 131b528cefcSMark Murray */ 132b528cefcSMark Murray 133*ae771770SStanislav Sedov enum auth_method { AUTH_KRB5, AUTH_BROKEN }; 134b528cefcSMark Murray 135b528cefcSMark Murray extern enum auth_method auth_method; 136b528cefcSMark Murray extern int do_encrypt; 1378373020dSJacques Vidrine #ifdef KRB5 138b528cefcSMark Murray extern krb5_context context; 139b528cefcSMark Murray extern krb5_keyblock *keyblock; 140b528cefcSMark Murray extern krb5_crypto crypto; 1410cadf2f4SJacques Vidrine extern int key_usage; 1420cadf2f4SJacques Vidrine extern void *ivec_in[2]; 1430cadf2f4SJacques Vidrine extern void *ivec_out[2]; 144c19800e8SDoug Rabson void init_ivecs(int, int); 1458373020dSJacques Vidrine #endif 146b528cefcSMark Murray 1470cadf2f4SJacques Vidrine #define KCMD_OLD_VERSION "KCMDV0.1" 1480cadf2f4SJacques Vidrine #define KCMD_NEW_VERSION "KCMDV0.2" 149b528cefcSMark Murray 150b528cefcSMark Murray #define USERNAME_SZ 16 151bbd80c28SJacques Vidrine #ifndef ARG_MAX 152bbd80c28SJacques Vidrine #define ARG_MAX 8192 153bbd80c28SJacques Vidrine #endif 154b528cefcSMark Murray 1550cadf2f4SJacques Vidrine #define RSH_BUFSIZ (5 * 1024) /* MIT kcmd can't handle larger buffers */ 156c19800e8SDoug Rabson #define RSHD_BUFSIZ (16 * 1024) /* Old maxize for Heimdal 0.4 rsh */ 157b528cefcSMark Murray 158b528cefcSMark Murray #define PATH_RSH BINDIR "/rsh" 159b528cefcSMark Murray 160*ae771770SStanislav Sedov #if defined(KRB5) 1610cadf2f4SJacques Vidrine ssize_t do_read (int, void*, size_t, void*); 1620cadf2f4SJacques Vidrine ssize_t do_write (int, void*, size_t, void*); 1638373020dSJacques Vidrine #else 1640cadf2f4SJacques Vidrine #define do_write(F, B, L, I) write((F), (B), (L)) 1650cadf2f4SJacques Vidrine #define do_read(F, B, L, I) read((F), (B), (L)) 1668373020dSJacques Vidrine #endif 167