Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 108349 Details for
Bug 83323
app-misc/screen: add support for Kerberos
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
4.0.3-kerberos.patch for use with screen-4.0.3-r1
4.0.3-kerberos.patch (text/plain), 9.23 KB, created by
Alex Unigovsky
on 2007-01-28 07:12:27 UTC
(
hide
)
Description:
4.0.3-kerberos.patch for use with screen-4.0.3-r1
Filename:
MIME Type:
Creator:
Alex Unigovsky
Created:
2007-01-28 07:12:27 UTC
Size:
9.23 KB
patch
obsolete
>diff -Nur screen-4.0.2/config.h.in screen-4.0.2-krb5/config.h.in >--- screen-4.0.2/config.h.in 2003-12-05 14:59:39.000000000 +0100 >+++ screen-4.0.2-krb5/config.h.in 2005-02-25 16:45:36.688158560 +0100 >@@ -651,6 +651,12 @@ > */ > #undef HAVE_OPENPTY > >+/* >+ * define HAVE_KRB5 if your system supports MIT Kerberos 5 or >+ * equivalent. >+ */ >+#undef HAVE_KRB5 >+ > /* > * define PTYRANGE0 and or PTYRANGE1 if you want to adapt screen > * to unusual environments. E.g. For SunOs the defaults are "qpr" and >diff -Nur screen-4.0.2/configure.in screen-4.0.2-krb5/configure.in >--- screen-4.0.2/configure.in 2003-06-03 13:58:24.000000000 +0200 >+++ screen-4.0.2-krb5/configure.in 2005-02-25 16:45:36.704156128 +0100 >@@ -719,6 +719,17 @@ > AC_DEFINE_UNQUOTED(PTYRANGE1,"$p1") > fi > >+dnl **** Kerberos **** >+AC_ARG_WITH(krb5, [ --with-krb5[=dir] Use Kerberos 5 (optionally installed in dir)]) >+if test "$with_krb5" != no -a -n "$with_krb5"; then >+ if test "$with_krb5" != yes; then >+ CFLAGS="$CFLAGS -I${with_krb5}/include" >+ LDFLAGS="$LDFLAGS -L${with_krb5}/lib" >+ fi >+ LIBS="$LIBS -lkrb5" >+ AC_DEFINE(HAVE_KRB5) >+fi >+ > dnl **** pty mode/group handling **** > dnl > dnl support provided by Luke Mewburn <lm@rmit.edu.au>, 931222 >diff -Nur screen-4.0.2/kerberos.c screen-4.0.2-krb5/kerberos.c >--- screen-4.0.2/kerberos.c 1970-01-01 01:00:00.000000000 +0100 >+++ screen-4.0.2-krb5/kerberos.c 2005-02-25 16:45:36.716154304 +0100 >@@ -0,0 +1,218 @@ >+/* Copyright (c) 2005 >+ * Fredrik Tolf (fredrik@dolda2000.com) >+ * >+ * This program is free software; you can redistribute it and/or modify >+ * it under the terms of the GNU General Public License as published by >+ * the Free Software Foundation; either version 2, or (at your option) >+ * any later version. >+ * >+ * This program is distributed in the hope that it will be useful, >+ * but WITHOUT ANY WARRANTY; without even the implied warranty of >+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+ * GNU General Public License for more details. >+ * >+ * You should have received a copy of the GNU General Public License >+ * along with this program (see the file COPYING); if not, write to the >+ * Free Software Foundation, Inc., >+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA >+ * >+ **************************************************************** >+ */ >+ >+#include "config.h" >+#ifdef HAVE_KRB5 >+ >+#include <stdlib.h> >+#include <stdio.h> >+#include <unistd.h> >+#include <krb5.h> >+#include <com_err.h> >+ >+#include "screen.h" >+ >+/* >+ * I do not like the coding style of screen... =( >+ */ >+ >+static krb5_context context; >+static krb5_ccache ccache; >+static int usingkrb = 0; >+static struct event renewev; >+ >+#include "extern.h" >+ >+static void >+krb_renew(ev, data) >+struct event *ev; >+char *data; >+{ >+ int ret; >+ krb5_principal myprinc; >+ krb5_creds creds; >+ krb5_cc_cursor cur; >+ time_t now; >+ int renew; >+ >+ SetTimeout(&renewev, 60000); >+ evenq(&renewev); >+ >+ if((ret = krb5_cc_get_principal(context, ccache, &myprinc)) != 0) >+ { >+ Msg(0, "Could not get principal to renew: %s", error_message(ret)); >+ return; >+ } >+ >+ if((ret = krb5_cc_start_seq_get(context, ccache, &cur)) != 0) >+ { >+ Msg(0, "Could not open current credentials cache: %s", error_message(ret)); >+ krb5_free_principal(context, myprinc); >+ return; >+ } >+ time(&now); >+ renew = 0; >+ while(!krb5_cc_next_cred(context, ccache, &cur, &creds)) >+ { >+ if(!strcmp(krb5_princ_component(context, creds.server, 0)->data, KRB5_TGS_NAME) && >+ !strcmp(krb5_princ_component(context, creds.server, 1)->data, myprinc->realm.data)) >+ { >+ if(!creds.times.starttime) >+ creds.times.starttime = creds.times.authtime; >+ if(now > (creds.times.starttime + (((creds.times.endtime - creds.times.starttime) * 9) / 10))) >+ renew = 1; >+ break; >+ } >+ krb5_free_cred_contents(context, &creds); >+ } >+ krb5_cc_end_seq_get(context, ccache, &cur); >+ if(!renew) >+ { >+ krb5_free_principal(context, myprinc); >+ return; >+ } >+ >+ memset(&creds, 0, sizeof(creds)); >+ if((ret = krb5_get_renewed_creds(context, &creds, myprinc, ccache, NULL)) != 0) >+ { >+ Msg(0, "Could not get renewed credentials: %s", error_message(ret)); >+ krb5_free_principal(context, myprinc); >+ return; >+ } >+ if((ret = krb5_cc_initialize(context, ccache, myprinc)) != 0) >+ { >+ Msg(0, "Could not re-initialize credentials cache: %s", error_message(ret)); >+ krb5_free_principal(context, myprinc); >+ krb5_free_cred_contents(context, &creds); >+ return; >+ } >+ if((ret = krb5_cc_store_cred(context, ccache, &creds)) != 0) >+ { >+ Msg(0, "Could not store renewed TGT: %s", error_message(ret)); >+ krb5_free_principal(context, myprinc); >+ krb5_free_cred_contents(context, &creds); >+ return; >+ } >+ >+ krb5_free_principal(context, myprinc); >+ krb5_free_cred_contents(context, &creds); >+ Msg(0, "Renewed Kerberos credentials successfully."); >+} >+ >+int >+krb_copycc() >+{ >+ int ret, fd; >+ krb5_ccache prevcache; >+ krb5_principal myprinc; >+ krb5_creds creds; >+ krb5_cc_cursor cur; >+ char buf[100]; >+ char *ccfile; >+ >+ if((ret = krb5_init_context(&context)) != 0) >+ { >+ Msg(0, "Could not initialize Kerberos library: %s", error_message(ret)); >+ return(-1); >+ } >+ if((ret = krb5_cc_default(context, &prevcache)) != 0) >+ { >+ Msg(0, "Could not get Kerberos credential cache: %s", error_message(ret)); >+ krb5_free_context(context); >+ return(-1); >+ } >+ if((ret = krb5_cc_get_principal(context, prevcache, &myprinc)) != 0) >+ { >+ Msg(0, "Could not get principal of current ccache: %s", error_message(ret)); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ >+ sprintf(buf, "FILE:/tmp/krb5cc_scr_%i_XXXXXX", getuid()); >+ ccfile = buf + 5; >+ if((fd = mkstemp(ccfile)) < 0) >+ { >+ Msg(errno, "Could not create temporary file."); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ close(fd); >+ if((ret = krb5_cc_resolve(context, buf, &ccache)) != 0) >+ { >+ Msg(0, "Could not resolve new credential cache: %s", error_message(ret)); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ if((ret = krb5_cc_initialize(context, ccache, myprinc)) != 0) >+ { >+ Msg(0, "Could not initialize new credential cache: %s", error_message(ret)); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ >+ if((ret = krb5_cc_start_seq_get(context, prevcache, &cur)) != 0) >+ { >+ Msg(0, "Could not get ccache cursor: %s", error_message(ret)); >+ krb5_cc_destroy(context, ccache); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ while(!krb5_cc_next_cred(context, prevcache, &cur, &creds)) >+ { >+ if((ret = krb5_cc_store_cred(context, ccache, &creds)) != 0) >+ { >+ Msg(0, "Could not store credential: %s", error_message(ret)); >+ krb5_cc_destroy(context, ccache); >+ krb5_cc_close(context, prevcache); >+ krb5_free_context(context); >+ return(-1); >+ } >+ } >+ krb5_cc_end_seq_get(context, prevcache, &cur); >+ >+ krb5_free_principal(context, myprinc); >+ krb5_cc_close(context, prevcache); >+ xsetenv("KRB5CCNAME", buf); >+ MakeNewEnv(); >+ memset(&renewev, 0, sizeof(renewev)); >+ renewev.type = EV_TIMEOUT; >+ renewev.handler = krb_renew; >+ SetTimeout(&renewev, 60000); >+ evenq(&renewev); >+ usingkrb = 1; >+ return(0); >+} >+ >+void >+krb_cleanup() >+{ >+ if(!usingkrb) >+ return; >+ krb5_cc_destroy(context, ccache); >+ krb5_free_context(context); >+} >+ >+#endif >diff -Nur screen-4.0.2/Makefile.in screen-4.0.2-krb5/Makefile.in >--- screen-4.0.2/Makefile.in 2003-12-05 14:59:39.000000000 +0100 >+++ screen-4.0.2-krb5/Makefile.in 2005-02-25 17:15:51.953096472 +0100 >@@ -55,12 +55,12 @@ > search.c tty.c term.c window.c utmp.c loadav.c putenv.c help.c \ > termcap.c input.c attacher.c pty.c process.c display.c comm.c \ > kmapdef.c acls.c braille.c braille_tsi.c logfile.c layer.c \ >- sched.c teln.c nethack.c encoding.c >+ sched.c teln.c nethack.c encoding.c kerberos.c > OFILES= screen.o ansi.o fileio.o mark.o misc.o resize.o socket.o \ > search.o tty.o term.o window.o utmp.o loadav.o putenv.o help.o \ > termcap.o input.o attacher.o pty.o process.o display.o comm.o \ > kmapdef.o acls.o braille.o braille_tsi.o logfile.o layer.o \ >- sched.o teln.o nethack.o encoding.o >+ sched.o teln.o nethack.o encoding.o kerberos.o > > all: screen > >@@ -329,3 +329,4 @@ > comm.h layer.h term.h image.h display.h window.h extern.h > encoding.o: encoding.c config.h screen.h os.h osdef.h ansi.h acls.h \ > comm.h layer.h term.h image.h display.h window.h extern.h >+kerberos.o: kerberos.c config.h screen.h osdef.h >diff -Nur screen-4.0.2/screen.c screen-4.0.2-krb5/screen.c >--- screen-4.0.2/screen.c 2003-09-08 16:26:41.000000000 +0200 >+++ screen-4.0.2-krb5/screen.c 2005-02-25 16:45:36.749149288 +0100 >@@ -1320,6 +1320,10 @@ > #endif > FinishRc(RcFileName); > >+#ifdef HAVE_KRB5 >+ krb_copycc(); >+#endif >+ > debug2("UID %d EUID %d\n", (int)getuid(), (int)geteuid()); > if (windows == NULL) > { >@@ -1643,6 +1647,9 @@ > xsetegid(eff_gid); > #endif > } >+#ifdef HAVE_KRB5 >+ krb_cleanup(); >+#endif > for (display = displays; display; display = display->d_next) > { > if (D_status)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 83323
:
52137
|
52138
|
97723
|
97724
|
108348
| 108349