aboutsummaryrefslogtreecommitdiff
path: root/openssl/ssl/kssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/ssl/kssl.c')
-rw-r--r--openssl/ssl/kssl.c28
1 files changed, 15 insertions, 13 deletions
diff --git a/openssl/ssl/kssl.c b/openssl/ssl/kssl.c
index 019030ae3..b820e3746 100644
--- a/openssl/ssl/kssl.c
+++ b/openssl/ssl/kssl.c
@@ -68,11 +68,6 @@
#include <openssl/opensslconf.h>
-#define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */
-#include <time.h>
-#if 0 /* experimental */
-#undef _XOPEN_SOURCE /* To avoid clashes with anything else... */
-#endif
#include <string.h>
#define KRB5_PRIVATE 1
@@ -81,6 +76,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/krb5_asn.h>
+#include "kssl_lcl.h"
#ifndef OPENSSL_NO_KRB5
@@ -136,7 +132,7 @@
#define krb5_principal_compare kssl_krb5_principal_compare
#define krb5_decrypt_tkt_part kssl_krb5_decrypt_tkt_part
#define krb5_timeofday kssl_krb5_timeofday
-#define krb5_rc_default kssl_krb5_rc_default
+#define krb5_rc_default kssl_krb5_rc_default
#ifdef krb5_rc_initialize
#undef krb5_rc_initialize
@@ -844,7 +840,7 @@ kssl_map_enc(krb5_enctype enctype)
** "62 xx 30 yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and
** xx and yy are possibly multi-byte length fields.
*/
-int kssl_test_confound(unsigned char *p)
+static int kssl_test_confound(unsigned char *p)
{
int len = 2;
int xx = 0, yy = 0;
@@ -879,7 +875,7 @@ int kssl_test_confound(unsigned char *p)
** what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
** it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
*/
-size_t *populate_cksumlens(void)
+static size_t *populate_cksumlens(void)
{
int i, j, n;
static size_t *cklens = NULL;
@@ -1030,7 +1026,7 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
/* Display contents of krb5_principal_data struct, for debugging
** (krb5_principal is typedef'd == krb5_principal_data *)
*/
-void
+static void
print_krb5_princ(char *label, krb5_principal_data *princ)
{
int i, ui, uj;
@@ -1229,7 +1225,7 @@ kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
** code here. This tkt should alloc/free just
** like the real thing.
*/
-krb5_error_code
+static krb5_error_code
kssl_TKT2tkt( /* IN */ krb5_context krb5context,
/* IN */ KRB5_TKTBODY *asn1ticket,
/* OUT */ krb5_ticket **krb5ticket,
@@ -1807,6 +1803,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx)
kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
KRB5_NT_SRV_HST, &princ);
+ if (krb5rc)
+ goto exit;
+
krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
princ,
0 /* IGNORE_VNO */,
@@ -1904,7 +1903,7 @@ void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
** Return pointer to the (partially) filled in struct tm on success,
** return NULL on failure.
*/
-struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
{
char c, *p;
@@ -1930,7 +1929,7 @@ struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
** So we try to sneek the clockskew out through the replay cache.
** If that fails just return a likely default (300 seconds).
*/
-krb5_deltat get_rc_clockskew(krb5_context context)
+static krb5_deltat get_rc_clockskew(krb5_context context)
{
krb5_rcache rc;
krb5_deltat clockskew;
@@ -2094,9 +2093,12 @@ krb5_error_code kssl_check_authent(
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
#ifdef KSSL_DEBUG
+ {
+ int padl;
printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
printf("\n");
+ }
#endif /* KSSL_DEBUG */
if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL)
@@ -2126,7 +2128,7 @@ krb5_error_code kssl_check_authent(
tm_g = gmtime(&now); tg = mktime(tm_g);
tz_offset = tg - tl;
- *atimep = tr - tz_offset;
+ *atimep = (krb5_timestamp)(tr - tz_offset);
}
#ifdef KSSL_DEBUG