PR/45805: Borodin Oleg: telnet/telnetd with -DAUTHENTICATION -DENCRYPTION

(rfc2941) - minimal fixes to compile with WARNS=4 - separate kerberos (USE_KERBEROS) from encryption (MKCRYPTO)
2012-01-09 15:25:33 +00:00 · 2012-01-09 15:25:33 +00:00 · 6a6c8f616b
commit 6a6c8f616b
parent 4fa381bcb2
10 changed files with 43 additions and 47 deletions
--- a/lib/libtelnet/Makefile
+++ b/lib/libtelnet/Makefile
@ -1,5 +1,5 @@
 #	from: @(#)Makefile	8.2 (Berkeley) 12/15/93
-#	$NetBSD: Makefile,v 1.33 2011/06/20 07:43:58 mrg Exp $
+#	$NetBSD: Makefile,v 1.34 2012/01/09 15:25:33 christos Exp $

 USE_FORT?= yes	# network protocol library

@ -7,7 +7,7 @@ LIBISPRIVATE=	yes

 .include <bsd.own.mk>

-WARNS?=	1
+WARNS?=	4

 LIB=	telnet
 SRCS=	auth.c encrypt.c genget.c getent.c misc.c
@ -15,11 +15,13 @@ SRCS=	auth.c encrypt.c genget.c getent.c misc.c
 CPPFLAGS+= -DHAS_CGETENT
 CPPFLAGS+= -I${.CURDIR}

-.if (${USE_KERBEROS} != "no")
+.if ${MKCRYPTO} != "no"
 SRCS+=	enc_des.c
 CPPFLAGS+= -DENCRYPTION -DAUTHENTICATION
 CPPFLAGS+= -DDES_ENCRYPTION
+.endif

+.if ${USE_KERBEROS} != "no"
 SRCS+=	kerberos5.c
 CPPFLAGS+= -DKRB5
 .endif
--- a/lib/libtelnet/auth.c
+++ b/lib/libtelnet/auth.c
@ -1,4 +1,4 @@
-/*	$NetBSD: auth.c,v 1.19 2006/03/20 04:03:22 christos Exp $	*/
+/*	$NetBSD: auth.c,v 1.20 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "@(#)auth.c	8.3 (Berkeley) 5/30/95"
 #else
-__RCSID("$NetBSD: auth.c,v 1.19 2006/03/20 04:03:22 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.20 2012/01/09 15:25:33 christos Exp $");
 #endif
 #endif /* not lint */

@ -162,7 +162,7 @@ Authenticator authenticators[] = {
 	{ 0, 0, 0, 0, 0, 0, 0, 0 },
 };

-static Authenticator NoAuth = { 0 };
+static Authenticator NoAuth = { .type = 0 };

 static int	i_support = 0;
 static int	i_wont_support = 0;
@ -395,10 +395,10 @@ auth_send(data, cnt)
 	 */
 	if (data < _auth_send_data ||
 	    data > _auth_send_data + sizeof(_auth_send_data)) {
-		auth_send_cnt = cnt > sizeof(_auth_send_data)
+		auth_send_cnt = (size_t)cnt > sizeof(_auth_send_data)
 					? sizeof(_auth_send_data)
-					: cnt;
-		memmove((void *)_auth_send_data, (void *)data, auth_send_cnt);
+					: (size_t)cnt;
+		memmove(_auth_send_data, data, auth_send_cnt);
 		auth_send_data = _auth_send_data;
 	} else {
 		/*
@ -517,7 +517,7 @@ auth_name(data, cnt)
 			printf(">>>%s: Empty name in NAME\r\n", Name);
 		return;
 	}
-	if (cnt > sizeof(savename) - 1) {
+	if ((size_t)cnt > sizeof(savename) - 1) {
 		if (auth_debug_mode)
 			printf(">>>%s: Name in NAME (%d) exceeds %ld length\r\n",
 					Name, cnt, (long)sizeof(savename)-1);
--- a/lib/libtelnet/enc-proto.h
+++ b/lib/libtelnet/enc-proto.h
@ -1,4 +1,4 @@
-/*	$NetBSD: enc-proto.h,v 1.8 2005/02/06 18:00:30 agc Exp $	*/
+/*	$NetBSD: enc-proto.h,v 1.9 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -85,7 +85,7 @@ void encrypt_enc_keyid(unsigned char *, int);
 void encrypt_dec_keyid(unsigned char *, int);
 struct key_info;
 void encrypt_keyid(struct key_info *, unsigned char *, int);
-void encrypt_send_keyid(int, unsigned char *, int, int);
+void encrypt_send_keyid(int, const unsigned char *, int, int);
 void encrypt_auto(int);
 void decrypt_auto(int);
 void encrypt_start_output(int);
@ -134,7 +134,7 @@ void ofb64_session(Session_Key *, int);
 int ofb64_keyid(int, unsigned char *, int *);
 void ofb64_printsub(unsigned char *, int, unsigned char *, int);

-void fb64_printsub(unsigned char *, int, unsigned char *, int,
-    unsigned char *);
+void fb64_printsub(const unsigned char *, int, unsigned char *, int,
+    const unsigned char *);

 #endif	/* ENCRYPTION */
--- a/lib/libtelnet/enc_des.c
+++ b/lib/libtelnet/enc_des.c
@ -1,4 +1,4 @@
-/*	$NetBSD: enc_des.c,v 1.14 2011/07/24 07:18:17 mbalmer Exp $	*/
+/*	$NetBSD: enc_des.c,v 1.15 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "@(#)enc_des.c	8.3 (Berkeley) 5/30/95"; */
 #else
-__RCSID("$NetBSD: enc_des.c,v 1.14 2011/07/24 07:18:17 mbalmer Exp $");
+__RCSID("$NetBSD: enc_des.c,v 1.15 2012/01/09 15:25:33 christos Exp $");
 #endif
 #endif /* not lint */

@ -85,7 +85,7 @@ struct fb {
 static struct fb fb[2];

 struct keyidlist {
-	char	*keyid;
+	const char	*keyid;
 	int	keyidlen;
 	char	*key;
 	int	keylen;
@ -181,7 +181,7 @@ fb64_start(fbp, dir, server)
 	int dir;
 	int server;
 {
-	int x;
+	size_t x;
 	unsigned char *p;
 	register int state;

@ -365,7 +365,7 @@ fb64_reply(data, cnt, fbp)
 		if (state == FAILED)
 			state = IN_PROGRESS;
 		state &= ~NO_RECV_IV;
-		encrypt_send_keyid(DIR_ENCRYPT, (unsigned char *)"\0", 1, 1);
+		encrypt_send_keyid(DIR_ENCRYPT, (const unsigned char *)"\0", 1, 1);
 		break;

 	case FB64_IV_BAD:
@ -479,9 +479,8 @@ fb64_keyid(dir, kp, lenp, fbp)
 }

 	void
-fb64_printsub(data, cnt, buf, buflen, type)
-	unsigned char *data, *buf, *type;
-	int cnt, buflen;
+fb64_printsub(const unsigned char *data, int cnt, unsigned char *buf,
+    int buflen, const unsigned char *type)
 {
 	char lbuf[32];
 	register int i;
--- a/lib/libtelnet/encrypt.c
+++ b/lib/libtelnet/encrypt.c
@ -1,4 +1,4 @@
-/*	$NetBSD: encrypt.c,v 1.15 2011/12/23 16:48:16 christos Exp $	*/
+/*	$NetBSD: encrypt.c,v 1.16 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -33,7 +33,7 @@
 #if 0
 static char sccsid[] = "@(#)encrypt.c	8.2 (Berkeley) 5/30/95";
 #else
-__RCSID("$NetBSD: encrypt.c,v 1.15 2011/12/23 16:48:16 christos Exp $");
+__RCSID("$NetBSD: encrypt.c,v 1.16 2012/01/09 15:25:33 christos Exp $");
 #endif /* not lint */

 /*
@ -126,7 +126,7 @@ static Encryptions encryptions[] = {
 			ofb64_keyid,
 			ofb64_printsub },
 #endif	/* DES_ENCRYPTION */
-    { 0, },
+    { .name = 0 },
 };

 static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT,
@ -765,7 +765,7 @@ encrypt_keyid(kp, keyid, len)
 		if (ep->keyid)
 			(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);

-	} else if (len > sizeof(kp->keyid)) {
+	} else if ((size_t)len > sizeof(kp->keyid)) {
 		return;
 	} else if ((len != kp->keylen) ||
 		   (memcmp(keyid, kp->keyid, len) != 0)) {
@ -788,11 +788,7 @@ encrypt_keyid(kp, keyid, len)
 }

 	void
-encrypt_send_keyid(dir, keyid, keylen, saveit)
-	int dir;
-	unsigned char *keyid;
-	int keylen;
-	int saveit;
+encrypt_send_keyid(int dir, const unsigned char *keyid, int keylen, int saveit)
 {
 	unsigned char *strp;

--- a/lib/libtelnet/encrypt.h
+++ b/lib/libtelnet/encrypt.h
@ -1,4 +1,4 @@
-/*	$NetBSD: encrypt.h,v 1.8 2005/02/06 05:53:07 perry Exp $	*/
+/*	$NetBSD: encrypt.h,v 1.9 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -77,7 +77,7 @@ typedef	struct {


 typedef struct {
-	char	*name;
+	const char	*name;
 	int	type;
 	void	(*output)(unsigned char *, int);
 	int	(*input)(int);
--- a/lib/libtelnet/genget.c
+++ b/lib/libtelnet/genget.c
@ -1,4 +1,4 @@
-/*	$NetBSD: genget.c,v 1.11 2004/10/28 21:14:52 dsl Exp $	*/
+/*	$NetBSD: genget.c,v 1.12 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "@(#)genget.c	8.2 (Berkeley) 5/30/95";
 #else
-__RCSID("$NetBSD: genget.c,v 1.11 2004/10/28 21:14:52 dsl Exp $");
+__RCSID("$NetBSD: genget.c,v 1.12 2012/01/09 15:25:33 christos Exp $");
 #endif
 #endif /* not lint */

@ -50,11 +50,10 @@ __RCSID("$NetBSD: genget.c,v 1.11 2004/10/28 21:14:52 dsl Exp $");
 * the length of *s1 is returned.
 */
 	int
-isprefix(s1, s2)
-	register char *s1, *s2;
+isprefix(char *s1, const char *s2)
 {
 	char *os1;
-	register char c1, c2;
+	char c1, c2;

 	if (*s1 == '\0')
 		return(-1);
--- a/lib/libtelnet/kerberos5.c
+++ b/lib/libtelnet/kerberos5.c
@ -1,4 +1,4 @@
-/*	$NetBSD: kerberos5.c,v 1.18 2011/04/24 19:00:31 elric Exp $	*/
+/*	$NetBSD: kerberos5.c,v 1.19 2012/01/09 15:25:33 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -96,10 +96,10 @@ krb5_context telnet_context;
 static krb5_auth_context auth_context;

 static int
-Data(Authenticator *ap, int type, void *d, int c)
+Data(Authenticator *ap, int type, const void *d, int c)
 {
 	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *) d;
+	const unsigned char *cd = (const unsigned char *) d;

 	if (c == -1)
 		c = strlen(cd);
--- a/lib/libtelnet/misc.h
+++ b/lib/libtelnet/misc.h
@ -1,4 +1,4 @@
-/*	$NetBSD: misc.h,v 1.8 2005/02/06 05:53:07 perry Exp $	*/
+/*	$NetBSD: misc.h,v 1.9 2012/01/09 15:25:34 christos Exp $	*/

 /*-
 * Copyright (c) 1991, 1993
@ -38,7 +38,7 @@ extern const char *RemoteHostName;
 extern int ConnectedCount;
 extern int ReservedPort;

-int isprefix(char *, char *);
+int isprefix(char *, const char *);
 char **genget(char *, char **, int);
 int Ambiguous(void *);
 __END_DECLS
--- a/lib/libtelnet/sra.c
+++ b/lib/libtelnet/sra.c
@ -32,7 +32,7 @@
 #ifdef notdef
 __FBSDID("$FreeBSD: src/contrib/telnet/libtelnet/sra.c,v 1.16 2002/05/06 09:48:02 markm Exp $");
 #else
-__RCSID("$NetBSD: sra.c,v 1.10 2011/07/01 15:09:28 christos Exp $");
+__RCSID("$NetBSD: sra.c,v 1.11 2012/01/09 15:25:34 christos Exp $");
 #endif

 #ifdef	SRA
@ -82,7 +82,7 @@ static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
 #define SRA_ACCEPT 4
 #define SRA_REJECT 5

-static int check_user(char *, char *);
+static int check_user(char *, const char *);

 /* support routine to send out authentication message */
 static int
@ -466,7 +466,7 @@ rootterm(const char *ttyname)
 }

 static int
-check_user(char *name, char *cred)
+check_user(char *name, const char *cred)
 {
 	struct passwd pws, *pw;
 	char pwbuf[1024];
@ -554,7 +554,7 @@ auth_conv(int num_msg, const struct pam_message **msg,
 * The PAM version as a side effect may put a new username in *name.
 */
 static int
-check_user(char *name, char *cred)
+check_user(char *name, const char *cred)
 {
 	pam_handle_t *pamh = NULL;
 	const void *item;