diff --git a/.gitignore b/.gitignore
index 495142b..1a1ce9f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/krb5-1.19.1.tar.gz
+SOURCES/krb5-1.20.1.tar.gz
diff --git a/.krb5.metadata b/.krb5.metadata
index c80487f..6c32258 100644
--- a/.krb5.metadata
+++ b/.krb5.metadata
@@ -1 +1 @@
-65fcedf85595457652cc0d37df65c9258e783d6b SOURCES/krb5-1.19.1.tar.gz
+06278439a6cd5a2aa861d8e877451b794487534b SOURCES/krb5-1.20.1.tar.gz
diff --git a/SOURCES/0001-downstream-ksu-pam-integration.patch b/SOURCES/0001-downstream-ksu-pam-integration.patch
new file mode 100644
index 0000000..2b737c0
--- /dev/null
+++ b/SOURCES/0001-downstream-ksu-pam-integration.patch
@@ -0,0 +1,777 @@
+From 37d69135d0be7f46732c401cdbb3abc075bf4117 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 23 Aug 2016 16:29:58 -0400
+Subject: [PATCH] [downstream] ksu pam integration
+
+Modify ksu so that it performs account and session management on behalf of
+the target user account, mimicking the action of regular su. The default
+service name is "ksu", because on Fedora at least the configuration used
+is determined by whether or not a login shell is being opened, and so
+this may need to vary, too. At run-time, ksu's behavior can be reset to
+the earlier, non-PAM behavior by setting "use_pam" to false in the [ksu]
+section of /etc/krb5.conf.
+
+When enabled, ksu gains a dependency on libpam.
+
+Originally RT#5939, though it's changed since then to perform the account
+and session management before dropping privileges, and to apply on top of
+changes we're proposing for how it handles cache collections.
+
+Last-updated: krb5-1.18-beta1
+---
+ src/aclocal.m4 | 69 +++++++
+ src/clients/ksu/Makefile.in | 8 +-
+ src/clients/ksu/main.c | 88 +++++++-
+ src/clients/ksu/pam.c | 389 ++++++++++++++++++++++++++++++++++++
+ src/clients/ksu/pam.h | 57 ++++++
+ src/configure.ac | 2 +
+ 6 files changed, 610 insertions(+), 3 deletions(-)
+ create mode 100644 src/clients/ksu/pam.c
+ create mode 100644 src/clients/ksu/pam.h
+
+diff --git a/src/aclocal.m4 b/src/aclocal.m4
+index 9920476f91..bf9da35bbc 100644
+--- a/src/aclocal.m4
++++ b/src/aclocal.m4
+@@ -1458,3 +1458,72 @@ if test "$with_ldap" = yes; then
+ OPENLDAP_PLUGIN=yes
+ fi
+ ])dnl
++dnl
++dnl
++dnl Use PAM instead of local crypt() compare for checking local passwords,
++dnl and perform PAM account, session management, and password-changing where
++dnl appropriate.
++dnl
++AC_DEFUN(KRB5_WITH_PAM,[
++AC_ARG_WITH(pam,[AC_HELP_STRING(--with-pam,[compile with PAM support])],
++ withpam="$withval",withpam=auto)
++AC_ARG_WITH(pam-ksu-service,[AC_HELP_STRING(--with-ksu-service,[PAM service name for ksu ["ksu"]])],
++ withksupamservice="$withval",withksupamservice=ksu)
++old_LIBS="$LIBS"
++if test "$withpam" != no ; then
++ AC_MSG_RESULT([checking for PAM...])
++ PAM_LIBS=
++
++ AC_CHECK_HEADERS(security/pam_appl.h)
++ if test "x$ac_cv_header_security_pam_appl_h" != xyes ; then
++ if test "$withpam" = auto ; then
++ AC_MSG_RESULT([Unable to locate security/pam_appl.h.])
++ withpam=no
++ else
++ AC_MSG_ERROR([Unable to locate security/pam_appl.h.])
++ fi
++ fi
++
++ LIBS=
++ unset ac_cv_func_pam_start
++ AC_CHECK_FUNCS(putenv pam_start)
++ if test "x$ac_cv_func_pam_start" = xno ; then
++ unset ac_cv_func_pam_start
++ AC_CHECK_LIB(dl,dlopen)
++ AC_CHECK_FUNCS(pam_start)
++ if test "x$ac_cv_func_pam_start" = xno ; then
++ AC_CHECK_LIB(pam,pam_start)
++ unset ac_cv_func_pam_start
++ unset ac_cv_func_pam_getenvlist
++ AC_CHECK_FUNCS(pam_start pam_getenvlist)
++ if test "x$ac_cv_func_pam_start" = xyes ; then
++ PAM_LIBS="$LIBS"
++ else
++ if test "$withpam" = auto ; then
++ AC_MSG_RESULT([Unable to locate libpam.])
++ withpam=no
++ else
++ AC_MSG_ERROR([Unable to locate libpam.])
++ fi
++ fi
++ fi
++ fi
++ if test "$withpam" != no ; then
++ AC_MSG_NOTICE([building with PAM support])
++ AC_DEFINE(USE_PAM,1,[Define if Kerberos-aware tools should support PAM])
++ AC_DEFINE_UNQUOTED(KSU_PAM_SERVICE,"$withksupamservice",
++ [Define to the name of the PAM service name to be used by ksu.])
++ PAM_LIBS="$LIBS"
++ NON_PAM_MAN=".\\\" "
++ PAM_MAN=
++ else
++ PAM_MAN=".\\\" "
++ NON_PAM_MAN=
++ fi
++fi
++LIBS="$old_LIBS"
++AC_SUBST(PAM_LIBS)
++AC_SUBST(PAM_MAN)
++AC_SUBST(NON_PAM_MAN)
++])dnl
++
+diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in
+index 8b4edce4d8..9d58f29b5d 100644
+--- a/src/clients/ksu/Makefile.in
++++ b/src/clients/ksu/Makefile.in
+@@ -3,12 +3,14 @@ BUILDTOP=$(REL)..$(S)..
+ DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/local/sbin /usr/local/bin /sbin /bin /usr/sbin /usr/bin"'
+
+ KSU_LIBS=@KSU_LIBS@
++PAM_LIBS=@PAM_LIBS@
+
+ SRCS = \
+ $(srcdir)/krb_auth_su.c \
+ $(srcdir)/ccache.c \
+ $(srcdir)/authorization.c \
+ $(srcdir)/main.c \
++ $(srcdir)/pam.c \
+ $(srcdir)/heuristic.c \
+ $(srcdir)/xmalloc.c \
+ $(srcdir)/setenv.c
+@@ -17,13 +19,17 @@ OBJS = \
+ ccache.o \
+ authorization.o \
+ main.o \
++ pam.o \
+ heuristic.o \
+ xmalloc.o @SETENVOBJ@
+
+ all: ksu
+
+ ksu: $(OBJS) $(KRB5_BASE_DEPLIBS)
+- $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS)
++ $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS) $(PAM_LIBS)
++
++pam.o: pam.c
++ $(CC) $(ALL_CFLAGS) -c $<
+
+ clean:
+ $(RM) ksu
+diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
+index af12861729..931f054041 100644
+--- a/src/clients/ksu/main.c
++++ b/src/clients/ksu/main.c
+@@ -26,6 +26,7 @@
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
+ */
+
++#include "autoconf.h"
+ #include "ksu.h"
+ #include "adm_proto.h"
+ #include <sys/types.h>
+@@ -33,6 +34,10 @@
+ #include <signal.h>
+ #include <grp.h>
+
++#ifdef USE_PAM
++#include "pam.h"
++#endif
++
+ /* globals */
+ char * prog_name;
+ int auth_debug =0;
+@@ -40,6 +45,7 @@ char k5login_path[MAXPATHLEN];
+ char k5users_path[MAXPATHLEN];
+ char * gb_err = NULL;
+ int quiet = 0;
++int force_fork = 0;
+ /***********/
+
+ #define KS_TEMPORARY_CACHE "MEMORY:_ksu"
+@@ -536,6 +542,23 @@ main (argc, argv)
+ prog_name,target_user,client_name,
+ source_user,ontty());
+
++#ifdef USE_PAM
++ if (appl_pam_enabled(ksu_context, "ksu")) {
++ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
++ NULL, source_user,
++ ttyname(STDERR_FILENO)) != 0) {
++ fprintf(stderr, "Access denied for %s.\n", target_user);
++ exit(1);
++ }
++ if (appl_pam_requires_chauthtok()) {
++ fprintf(stderr, "Password change required for %s.\n",
++ target_user);
++ exit(1);
++ }
++ force_fork++;
++ }
++#endif
++
+ /* Run authorization as target.*/
+ if (krb5_seteuid(target_uid)) {
+ com_err(prog_name, errno, _("while switching to target for "
+@@ -596,6 +619,24 @@ main (argc, argv)
+
+ exit(1);
+ }
++#ifdef USE_PAM
++ } else {
++ /* we always do PAM account management, even for root */
++ if (appl_pam_enabled(ksu_context, "ksu")) {
++ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
++ NULL, source_user,
++ ttyname(STDERR_FILENO)) != 0) {
++ fprintf(stderr, "Access denied for %s.\n", target_user);
++ exit(1);
++ }
++ if (appl_pam_requires_chauthtok()) {
++ fprintf(stderr, "Password change required for %s.\n",
++ target_user);
++ exit(1);
++ }
++ force_fork++;
++ }
++#endif
+ }
+
+ if( some_rest_copy){
+@@ -653,6 +694,30 @@ main (argc, argv)
+ exit(1);
+ }
+
++#ifdef USE_PAM
++ if (appl_pam_enabled(ksu_context, "ksu")) {
++ if (appl_pam_session_open() != 0) {
++ fprintf(stderr, "Error opening session for %s.\n", target_user);
++ exit(1);
++ }
++#ifdef DEBUG
++ if (auth_debug){
++ printf(" Opened PAM session.\n");
++ }
++#endif
++ if (appl_pam_cred_init()) {
++ fprintf(stderr, "Error initializing credentials for %s.\n",
++ target_user);
++ exit(1);
++ }
++#ifdef DEBUG
++ if (auth_debug){
++ printf(" Initialized PAM credentials.\n");
++ }
++#endif
++ }
++#endif
++
+ /* set permissions */
+ if (setgid(target_pwd->pw_gid) < 0) {
+ perror("ksu: setgid");
+@@ -750,7 +815,7 @@ main (argc, argv)
+ fprintf(stderr, "program to be execed %s\n",params[0]);
+ }
+
+- if( keep_target_cache ) {
++ if( keep_target_cache && !force_fork ) {
+ execv(params[0], params);
+ com_err(prog_name, errno, _("while trying to execv %s"), params[0]);
+ sweep_up(ksu_context, cc_target);
+@@ -780,16 +845,35 @@ main (argc, argv)
+ if (ret_pid == -1) {
+ com_err(prog_name, errno, _("while calling waitpid"));
+ }
+- sweep_up(ksu_context, cc_target);
++ if( !keep_target_cache ) {
++ sweep_up(ksu_context, cc_target);
++ }
+ exit (statusp);
+ case -1:
+ com_err(prog_name, errno, _("while trying to fork."));
+ sweep_up(ksu_context, cc_target);
+ exit (1);
+ case 0:
++#ifdef USE_PAM
++ if (appl_pam_enabled(ksu_context, "ksu")) {
++ if (appl_pam_setenv() != 0) {
++ fprintf(stderr, "Error setting up environment for %s.\n",
++ target_user);
++ exit (1);
++ }
++#ifdef DEBUG
++ if (auth_debug){
++ printf(" Set up PAM environment.\n");
++ }
++#endif
++ }
++#endif
+ execv(params[0], params);
+ com_err(prog_name, errno, _("while trying to execv %s"),
+ params[0]);
++ if( keep_target_cache ) {
++ sweep_up(ksu_context, cc_target);
++ }
+ exit (1);
+ }
+ }
+diff --git a/src/clients/ksu/pam.c b/src/clients/ksu/pam.c
+new file mode 100644
+index 0000000000..cbfe487047
+--- /dev/null
++++ b/src/clients/ksu/pam.c
+@@ -0,0 +1,389 @@
++/*
++ * src/clients/ksu/pam.c
++ *
++ * Copyright 2007,2009,2010 Red Hat, Inc.
++ *
++ * All Rights Reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions are met:
++ *
++ * Redistributions of source code must retain the above copyright notice, this
++ * list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above copyright notice,
++ * this list of conditions and the following disclaimer in the documentation
++ * and/or other materials provided with the distribution.
++ *
++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
++ * used to endorse or promote products derived from this software without
++ * specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Convenience wrappers for using PAM.
++ */
++
++#include "autoconf.h"
++#ifdef USE_PAM
++#include <sys/types.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include "k5-int.h"
++#include "pam.h"
++
++#ifndef MAXPWSIZE
++#define MAXPWSIZE 128
++#endif
++
++static int appl_pam_started;
++static pid_t appl_pam_starter = -1;
++static int appl_pam_session_opened;
++static int appl_pam_creds_initialized;
++static int appl_pam_pwchange_required;
++static pam_handle_t *appl_pamh;
++static struct pam_conv appl_pam_conv;
++static char *appl_pam_user;
++struct appl_pam_non_interactive_args {
++ const char *user;
++ const char *password;
++};
++
++int
++appl_pam_enabled(krb5_context context, const char *section)
++{
++ int enabled = 1;
++ if ((context != NULL) && (context->profile != NULL)) {
++ if (profile_get_boolean(context->profile,
++ section,
++ USE_PAM_CONFIGURATION_KEYWORD,
++ NULL,
++ enabled, &enabled) != 0) {
++ enabled = 1;
++ }
++ }
++ return enabled;
++}
++
++void
++appl_pam_cleanup(void)
++{
++ if (getpid() != appl_pam_starter) {
++ return;
++ }
++#ifdef DEBUG
++ printf("Called to clean up PAM.\n");
++#endif
++ if (appl_pam_creds_initialized) {
++#ifdef DEBUG
++ printf("Deleting PAM credentials.\n");
++#endif
++ pam_setcred(appl_pamh, PAM_DELETE_CRED);
++ appl_pam_creds_initialized = 0;
++ }
++ if (appl_pam_session_opened) {
++#ifdef DEBUG
++ printf("Closing PAM session.\n");
++#endif
++ pam_close_session(appl_pamh, 0);
++ appl_pam_session_opened = 0;
++ }
++ appl_pam_pwchange_required = 0;
++ if (appl_pam_started) {
++#ifdef DEBUG
++ printf("Shutting down PAM.\n");
++#endif
++ pam_end(appl_pamh, 0);
++ appl_pam_started = 0;
++ appl_pam_starter = -1;
++ free(appl_pam_user);
++ appl_pam_user = NULL;
++ }
++}
++static int
++appl_pam_interactive_converse(int num_msg, const struct pam_message **msg,
++ struct pam_response **presp, void *appdata_ptr)
++{
++ const struct pam_message *message;
++ struct pam_response *resp;
++ int i, code;
++ char *pwstring, pwbuf[MAXPWSIZE];
++ unsigned int pwsize;
++ resp = malloc(sizeof(struct pam_response) * num_msg);
++ if (resp == NULL) {
++ return PAM_BUF_ERR;
++ }
++ memset(resp, 0, sizeof(struct pam_response) * num_msg);
++ code = PAM_SUCCESS;
++ for (i = 0; i < num_msg; i++) {
++ message = &(msg[0][i]); /* XXX */
++ message = msg[i]; /* XXX */
++ pwstring = NULL;
++ switch (message->msg_style) {
++ case PAM_TEXT_INFO:
++ case PAM_ERROR_MSG:
++ printf("[%s]\n", message->msg ? message->msg : "");
++ fflush(stdout);
++ resp[i].resp = NULL;
++ resp[i].resp_retcode = PAM_SUCCESS;
++ break;
++ case PAM_PROMPT_ECHO_ON:
++ case PAM_PROMPT_ECHO_OFF:
++ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
++ if (fgets(pwbuf, sizeof(pwbuf),
++ stdin) != NULL) {
++ pwbuf[strcspn(pwbuf, "\r\n")] = '\0';
++ pwstring = pwbuf;
++ }
++ } else {
++ pwstring = getpass(message->msg ?
++ message->msg :
++ "");
++ }
++ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
++ pwsize = strlen(pwstring);
++ resp[i].resp = malloc(pwsize + 1);
++ if (resp[i].resp == NULL) {
++ resp[i].resp_retcode = PAM_BUF_ERR;
++ } else {
++ memcpy(resp[i].resp, pwstring, pwsize);
++ resp[i].resp[pwsize] = '\0';
++ resp[i].resp_retcode = PAM_SUCCESS;
++ }
++ } else {
++ resp[i].resp_retcode = PAM_CONV_ERR;
++ code = PAM_CONV_ERR;
++ }
++ break;
++ default:
++ break;
++ }
++ }
++ *presp = resp;
++ return code;
++}
++static int
++appl_pam_non_interactive_converse(int num_msg,
++ const struct pam_message **msg,
++ struct pam_response **presp,
++ void *appdata_ptr)
++{
++ const struct pam_message *message;
++ struct pam_response *resp;
++ int i, code;
++ unsigned int pwsize;
++ struct appl_pam_non_interactive_args *args;
++ const char *pwstring;
++ resp = malloc(sizeof(struct pam_response) * num_msg);
++ if (resp == NULL) {
++ return PAM_BUF_ERR;
++ }
++ args = appdata_ptr;
++ memset(resp, 0, sizeof(struct pam_response) * num_msg);
++ code = PAM_SUCCESS;
++ for (i = 0; i < num_msg; i++) {
++ message = &((*msg)[i]);
++ message = msg[i];
++ pwstring = NULL;
++ switch (message->msg_style) {
++ case PAM_TEXT_INFO:
++ case PAM_ERROR_MSG:
++ break;
++ case PAM_PROMPT_ECHO_ON:
++ case PAM_PROMPT_ECHO_OFF:
++ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
++ /* assume "user" */
++ pwstring = args->user;
++ } else {
++ /* assume "password" */
++ pwstring = args->password;
++ }
++ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
++ pwsize = strlen(pwstring);
++ resp[i].resp = malloc(pwsize + 1);
++ if (resp[i].resp == NULL) {
++ resp[i].resp_retcode = PAM_BUF_ERR;
++ } else {
++ memcpy(resp[i].resp, pwstring, pwsize);
++ resp[i].resp[pwsize] = '\0';
++ resp[i].resp_retcode = PAM_SUCCESS;
++ }
++ } else {
++ resp[i].resp_retcode = PAM_CONV_ERR;
++ code = PAM_CONV_ERR;
++ }
++ break;
++ default:
++ break;
++ }
++ }
++ *presp = resp;
++ return code;
++}
++static int
++appl_pam_start(const char *service, int interactive,
++ const char *login_username,
++ const char *non_interactive_password,
++ const char *hostname,
++ const char *ruser,
++ const char *tty)
++{
++ static int exit_handler_registered;
++ static struct appl_pam_non_interactive_args args;
++ int ret = 0;
++ if (appl_pam_started &&
++ (strcmp(login_username, appl_pam_user) != 0)) {
++ appl_pam_cleanup();
++ appl_pam_user = NULL;
++ }
++ if (!appl_pam_started) {
++#ifdef DEBUG
++ printf("Starting PAM up (service=\"%s\",user=\"%s\").\n",
++ service, login_username);
++#endif
++ memset(&appl_pam_conv, 0, sizeof(appl_pam_conv));
++ appl_pam_conv.conv = interactive ?
++ &appl_pam_interactive_converse :
++ &appl_pam_non_interactive_converse;
++ memset(&args, 0, sizeof(args));
++ args.user = strdup(login_username);
++ args.password = non_interactive_password ?
++ strdup(non_interactive_password) :
++ NULL;
++ appl_pam_conv.appdata_ptr = &args;
++ ret = pam_start(service, login_username,
++ &appl_pam_conv, &appl_pamh);
++ if (ret == 0) {
++ if (hostname != NULL) {
++#ifdef DEBUG
++ printf("Setting PAM_RHOST to \"%s\".\n", hostname);
++#endif
++ pam_set_item(appl_pamh, PAM_RHOST, hostname);
++ }
++ if (ruser != NULL) {
++#ifdef DEBUG
++ printf("Setting PAM_RUSER to \"%s\".\n", ruser);
++#endif
++ pam_set_item(appl_pamh, PAM_RUSER, ruser);
++ }
++ if (tty != NULL) {
++#ifdef DEBUG
++ printf("Setting PAM_TTY to \"%s\".\n", tty);
++#endif
++ pam_set_item(appl_pamh, PAM_TTY, tty);
++ }
++ if (!exit_handler_registered &&
++ (atexit(appl_pam_cleanup) != 0)) {
++ pam_end(appl_pamh, 0);
++ appl_pamh = NULL;
++ ret = -1;
++ } else {
++ appl_pam_started = 1;
++ appl_pam_starter = getpid();
++ appl_pam_user = strdup(login_username);
++ exit_handler_registered = 1;
++ }
++ }
++ }
++ return ret;
++}
++int
++appl_pam_acct_mgmt(const char *service, int interactive,
++ const char *login_username,
++ const char *non_interactive_password,
++ const char *hostname,
++ const char *ruser,
++ const char *tty)
++{
++ int ret;
++ appl_pam_pwchange_required = 0;
++ ret = appl_pam_start(service, interactive, login_username,
++ non_interactive_password, hostname, ruser, tty);
++ if (ret == 0) {
++#ifdef DEBUG
++ printf("Calling pam_acct_mgmt().\n");
++#endif
++ ret = pam_acct_mgmt(appl_pamh, 0);
++ switch (ret) {
++ case PAM_IGNORE:
++ ret = 0;
++ break;
++ case PAM_NEW_AUTHTOK_REQD:
++ appl_pam_pwchange_required = 1;
++ ret = 0;
++ break;
++ default:
++ break;
++ }
++ }
++ return ret;
++}
++int
++appl_pam_requires_chauthtok(void)
++{
++ return appl_pam_pwchange_required;
++}
++int
++appl_pam_session_open(void)
++{
++ int ret = 0;
++ if (appl_pam_started) {
++#ifdef DEBUG
++ printf("Opening PAM session.\n");
++#endif
++ ret = pam_open_session(appl_pamh, 0);
++ if (ret == 0) {
++ appl_pam_session_opened = 1;
++ }
++ }
++ return ret;
++}
++int
++appl_pam_setenv(void)
++{
++ int ret = 0;
++#ifdef HAVE_PAM_GETENVLIST
++#ifdef HAVE_PUTENV
++ int i;
++ char **list;
++ if (appl_pam_started) {
++ list = pam_getenvlist(appl_pamh);
++ for (i = 0; ((list != NULL) && (list[i] != NULL)); i++) {
++#ifdef DEBUG
++ printf("Setting \"%s\" in environment.\n", list[i]);
++#endif
++ putenv(list[i]);
++ }
++ }
++#endif
++#endif
++ return ret;
++}
++int
++appl_pam_cred_init(void)
++{
++ int ret = 0;
++ if (appl_pam_started) {
++#ifdef DEBUG
++ printf("Initializing PAM credentials.\n");
++#endif
++ ret = pam_setcred(appl_pamh, PAM_ESTABLISH_CRED);
++ if (ret == 0) {
++ appl_pam_creds_initialized = 1;
++ }
++ }
++ return ret;
++}
++#endif
+diff --git a/src/clients/ksu/pam.h b/src/clients/ksu/pam.h
+new file mode 100644
+index 0000000000..0ab76569cb
+--- /dev/null
++++ b/src/clients/ksu/pam.h
+@@ -0,0 +1,57 @@
++/*
++ * src/clients/ksu/pam.h
++ *
++ * Copyright 2007,2009,2010 Red Hat, Inc.
++ *
++ * All Rights Reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions are met:
++ *
++ * Redistributions of source code must retain the above copyright notice, this
++ * list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above copyright notice,
++ * this list of conditions and the following disclaimer in the documentation
++ * and/or other materials provided with the distribution.
++ *
++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
++ * used to endorse or promote products derived from this software without
++ * specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Convenience wrappers for using PAM.
++ */
++
++#include <krb5.h>
++#ifdef HAVE_SECURITY_PAM_APPL_H
++#include <security/pam_appl.h>
++#endif
++
++#define USE_PAM_CONFIGURATION_KEYWORD "use_pam"
++
++#ifdef USE_PAM
++int appl_pam_enabled(krb5_context context, const char *section);
++int appl_pam_acct_mgmt(const char *service, int interactive,
++ const char *local_username,
++ const char *non_interactive_password,
++ const char *hostname,
++ const char *ruser,
++ const char *tty);
++int appl_pam_requires_chauthtok(void);
++int appl_pam_session_open(void);
++int appl_pam_setenv(void);
++int appl_pam_cred_init(void);
++void appl_pam_cleanup(void);
++#endif
+diff --git a/src/configure.ac b/src/configure.ac
+index f03028b5fd..aa970b0447 100644
+--- a/src/configure.ac
++++ b/src/configure.ac
+@@ -1400,6 +1400,8 @@ AC_SUBST([VERTO_VERSION])
+
+ AC_PATH_PROG(GROFF, groff)
+
++KRB5_WITH_PAM
++
+ # Make localedir work in autoconf 2.5x.
+ if test "${localedir+set}" != set; then
+ localedir='$(datadir)/locale'
+--
+2.38.1
+
diff --git a/SOURCES/0002-downstream-SELinux-integration.patch b/SOURCES/0002-downstream-SELinux-integration.patch
new file mode 100644
index 0000000..4271d66
--- /dev/null
+++ b/SOURCES/0002-downstream-SELinux-integration.patch
@@ -0,0 +1,1038 @@
+From c6b58ed180ed91b579d322ff5004f68750f1eb4f Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 23 Aug 2016 16:30:53 -0400
+Subject: [PATCH] [downstream] SELinux integration
+
+SELinux bases access to files on the domain of the requesting process,
+the operation being performed, and the context applied to the file.
+
+In many cases, applications needn't be SELinux aware to work properly,
+because SELinux can apply a default label to a file based on the label
+of the directory in which it's created.
+
+In the case of files such as /etc/krb5.keytab, however, this isn't
+sufficient, as /etc/krb5.keytab will almost always need to be given a
+label which differs from that of /etc/issue or /etc/resolv.conf. The
+the kdb stash file needs a different label than the database for which
+it's holding a master key, even though both typically live in the same
+directory.
+
+To give the file the correct label, we can either force a "restorecon"
+call to fix a file's label after it's created, or create the file with
+the right label, as we attempt to do here. We lean on THREEPARAMOPEN
+and define a similar macro named WRITABLEFOPEN with which we replace
+several uses of fopen().
+
+The file creation context that we're manipulating here is a process-wide
+attribute. While for the most part, applications which need to label
+files when they're created have tended to be single-threaded, there's
+not much we can do to avoid interfering with an application that
+manipulates the creation context directly. Right now we're mediating
+access using a library-local mutex, but that can only work for consumers
+that are part of this package -- an unsuspecting application will still
+stomp all over us.
+
+The selabel APIs for looking up the context should be thread-safe (per
+Red Hat #273081), so switching to using them instead of matchpathcon(),
+which we used earlier, is some improvement.
+
+Last-updated: krb5-1.20.1
+[jrische@redhat.com: Replace deprecated security_context_t by char *:
+ - src/util/support/selinux.c]
+---
+ src/aclocal.m4 | 48 +++
+ src/build-tools/krb5-config.in | 3 +-
+ src/config/pre.in | 3 +-
+ src/configure.ac | 2 +
+ src/include/k5-int.h | 1 +
+ src/include/k5-label.h | 32 ++
+ src/include/krb5/krb5.hin | 6 +
+ src/kadmin/dbutil/dump.c | 11 +-
+ src/kdc/main.c | 2 +-
+ src/kprop/kpropd.c | 9 +
+ src/lib/kadm5/logger.c | 4 +-
+ src/lib/kdb/kdb_log.c | 2 +-
+ src/lib/krb5/ccache/cc_dir.c | 26 +-
+ src/lib/krb5/keytab/kt_file.c | 4 +-
+ src/lib/krb5/os/trace.c | 2 +-
+ src/plugins/kdb/db2/adb_openclose.c | 2 +-
+ src/plugins/kdb/db2/kdb_db2.c | 4 +-
+ src/plugins/kdb/db2/libdb2/btree/bt_open.c | 3 +-
+ src/plugins/kdb/db2/libdb2/hash/hash.c | 3 +-
+ src/plugins/kdb/db2/libdb2/recno/rec_open.c | 4 +-
+ .../kdb/ldap/ldap_util/kdb5_ldap_services.c | 11 +-
+ src/util/profile/prof_file.c | 3 +-
+ src/util/support/Makefile.in | 3 +-
+ src/util/support/selinux.c | 405 ++++++++++++++++++
+ 24 files changed, 572 insertions(+), 21 deletions(-)
+ create mode 100644 src/include/k5-label.h
+ create mode 100644 src/util/support/selinux.c
+
+diff --git a/src/aclocal.m4 b/src/aclocal.m4
+index bf9da35bbc..01283f482e 100644
+--- a/src/aclocal.m4
++++ b/src/aclocal.m4
+@@ -85,6 +85,7 @@ AC_SUBST_FILE(libnodeps_frag)
+ dnl
+ KRB5_AC_PRAGMA_WEAK_REF
+ WITH_LDAP
++KRB5_WITH_SELINUX
+ KRB5_LIB_PARAMS
+ KRB5_AC_INITFINI
+ KRB5_AC_ENABLE_THREADS
+@@ -1526,4 +1527,51 @@ AC_SUBST(PAM_LIBS)
+ AC_SUBST(PAM_MAN)
+ AC_SUBST(NON_PAM_MAN)
+ ])dnl
++dnl
++dnl Use libselinux to set file contexts on newly-created files.
++dnl
++AC_DEFUN(KRB5_WITH_SELINUX,[
++AC_ARG_WITH(selinux,[AC_HELP_STRING(--with-selinux,[compile with SELinux labeling support])],
++ withselinux="$withval",withselinux=auto)
++old_LIBS="$LIBS"
++if test "$withselinux" != no ; then
++ AC_MSG_RESULT([checking for libselinux...])
++ SELINUX_LIBS=
++ AC_CHECK_HEADERS(selinux/selinux.h selinux/label.h)
++ if test "x$ac_cv_header_selinux_selinux_h" != xyes ; then
++ if test "$withselinux" = auto ; then
++ AC_MSG_RESULT([Unable to locate selinux/selinux.h.])
++ withselinux=no
++ else
++ AC_MSG_ERROR([Unable to locate selinux/selinux.h.])
++ fi
++ fi
+
++ LIBS=
++ unset ac_cv_func_setfscreatecon
++ AC_CHECK_FUNCS(setfscreatecon selabel_open)
++ if test "x$ac_cv_func_setfscreatecon" = xno ; then
++ AC_CHECK_LIB(selinux,setfscreatecon)
++ unset ac_cv_func_setfscreatecon
++ AC_CHECK_FUNCS(setfscreatecon selabel_open)
++ if test "x$ac_cv_func_setfscreatecon" = xyes ; then
++ SELINUX_LIBS="$LIBS"
++ else
++ if test "$withselinux" = auto ; then
++ AC_MSG_RESULT([Unable to locate libselinux.])
++ withselinux=no
++ else
++ AC_MSG_ERROR([Unable to locate libselinux.])
++ fi
++ fi
++ fi
++ if test "$withselinux" != no ; then
++ AC_MSG_NOTICE([building with SELinux labeling support])
++ AC_DEFINE(USE_SELINUX,1,[Define if Kerberos-aware tools should set SELinux file contexts when creating files.])
++ SELINUX_LIBS="$LIBS"
++ EXTRA_SUPPORT_SYMS="$EXTRA_SUPPORT_SYMS krb5int_labeled_open krb5int_labeled_fopen krb5int_push_fscreatecon_for krb5int_pop_fscreatecon"
++ fi
++fi
++LIBS="$old_LIBS"
++AC_SUBST(SELINUX_LIBS)
++])dnl
+diff --git a/src/build-tools/krb5-config.in b/src/build-tools/krb5-config.in
+index dead0dddce..fef3e054fc 100755
+--- a/src/build-tools/krb5-config.in
++++ b/src/build-tools/krb5-config.in
+@@ -41,6 +41,7 @@ DL_LIB='@DL_LIB@'
+ DEFCCNAME='@DEFCCNAME@'
+ DEFKTNAME='@DEFKTNAME@'
+ DEFCKTNAME='@DEFCKTNAME@'
++SELINUX_LIBS='@SELINUX_LIBS@'
+
+ LIBS='@LIBS@'
+ GEN_LIB=@GEN_LIB@
+@@ -254,7 +255,7 @@ if test -n "$do_libs"; then
+ fi
+
+ # If we ever support a flag to generate output suitable for static
+- # linking, we would output "-lkrb5support $GEN_LIB $LIBS $DL_LIB"
++ # linking, we would output "-lkrb5support $GEN_LIB $LIBS $SELINUX_LIBS $DL_LIB"
+ # here.
+
+ echo $lib_flags
+diff --git a/src/config/pre.in b/src/config/pre.in
+index a0c60c70b3..7eaa2f351c 100644
+--- a/src/config/pre.in
++++ b/src/config/pre.in
+@@ -177,6 +177,7 @@ LD = $(PURE) @LD@
+ KRB_INCLUDES = -I$(BUILDTOP)/include -I$(top_srcdir)/include
+ LDFLAGS = @LDFLAGS@
+ LIBS = @LIBS@
++SELINUX_LIBS=@SELINUX_LIBS@
+
+ INSTALL=@INSTALL@
+ INSTALL_STRIP=
+@@ -379,7 +380,7 @@ SUPPORT_LIB = -l$(SUPPORT_LIBNAME)
+ # HESIOD_LIBS is -lhesiod...
+ HESIOD_LIBS = @HESIOD_LIBS@
+
+-KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(DL_LIB)
++KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(SELINUX_LIBS) $(DL_LIB)
+ KDB5_LIBS = $(KDB5_LIB) $(GSSRPC_LIBS)
+ GSS_LIBS = $(GSS_KRB5_LIB)
+ # needs fixing if ever used on macOS!
+diff --git a/src/configure.ac b/src/configure.ac
+index aa970b0447..40545f2bfc 100644
+--- a/src/configure.ac
++++ b/src/configure.ac
+@@ -1402,6 +1402,8 @@ AC_PATH_PROG(GROFF, groff)
+
+ KRB5_WITH_PAM
+
++KRB5_WITH_SELINUX
++
+ # Make localedir work in autoconf 2.5x.
+ if test "${localedir+set}" != set; then
+ localedir='$(datadir)/locale'
+diff --git a/src/include/k5-int.h b/src/include/k5-int.h
+index 44dc1eeb3f..c3aecba7d4 100644
+--- a/src/include/k5-int.h
++++ b/src/include/k5-int.h
+@@ -128,6 +128,7 @@ typedef unsigned char u_char;
+
+
+ #include "k5-platform.h"
++#include "k5-label.h"
+
+ #define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */
+ #define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */
+diff --git a/src/include/k5-label.h b/src/include/k5-label.h
+new file mode 100644
+index 0000000000..dfaaa847cb
+--- /dev/null
++++ b/src/include/k5-label.h
+@@ -0,0 +1,32 @@
++#ifndef _KRB5_LABEL_H
++#define _KRB5_LABEL_H
++
++#ifdef THREEPARAMOPEN
++#undef THREEPARAMOPEN
++#endif
++#ifdef WRITABLEFOPEN
++#undef WRITABLEFOPEN
++#endif
++
++/* Wrapper functions which help us create files and directories with the right
++ * context labels. */
++#ifdef USE_SELINUX
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <fcntl.h>
++#include <stdio.h>
++#include <unistd.h>
++FILE *krb5int_labeled_fopen(const char *path, const char *mode);
++int krb5int_labeled_creat(const char *path, mode_t mode);
++int krb5int_labeled_open(const char *path, int flags, ...);
++int krb5int_labeled_mkdir(const char *path, mode_t mode);
++int krb5int_labeled_mknod(const char *path, mode_t mode, dev_t device);
++#define THREEPARAMOPEN(x,y,z) krb5int_labeled_open(x,y,z)
++#define WRITABLEFOPEN(x,y) krb5int_labeled_fopen(x,y)
++void *krb5int_push_fscreatecon_for(const char *pathname);
++void krb5int_pop_fscreatecon(void *previous);
++#else
++#define WRITABLEFOPEN(x,y) fopen(x,y)
++#define THREEPARAMOPEN(x,y,z) open(x,y,z)
++#endif
++#endif
+diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
+index c0194c3c94..7e1dea2cbf 100644
+--- a/src/include/krb5/krb5.hin
++++ b/src/include/krb5/krb5.hin
+@@ -87,6 +87,12 @@
+ #define THREEPARAMOPEN(x,y,z) open(x,y,z)
+ #endif
+
++#if KRB5_PRIVATE
++#ifndef WRITABLEFOPEN
++#define WRITABLEFOPEN(x,y) fopen(x,y)
++#endif
++#endif
++
+ #define KRB5_OLD_CRYPTO
+
+ #include <stdlib.h>
+diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
+index a89b5144f6..4d6cc0bdf9 100644
+--- a/src/kadmin/dbutil/dump.c
++++ b/src/kadmin/dbutil/dump.c
+@@ -148,12 +148,21 @@ create_ofile(char *ofile, char **tmpname)
+ {
+ int fd = -1;
+ FILE *f;
++#ifdef USE_SELINUX
++ void *selabel;
++#endif
+
+ *tmpname = NULL;
+ if (asprintf(tmpname, "%s-XXXXXX", ofile) < 0)
+ goto error;
+
++#ifdef USE_SELINUX
++ selabel = krb5int_push_fscreatecon_for(ofile);
++#endif
+ fd = mkstemp(*tmpname);
++#ifdef USE_SELINUX
++ krb5int_pop_fscreatecon(selabel);
++#endif
+ if (fd == -1)
+ goto error;
+
+@@ -197,7 +206,7 @@ prep_ok_file(krb5_context context, char *file_name, int *fd_out)
+ goto cleanup;
+ }
+
+- fd = open(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600);
++ fd = THREEPARAMOPEN(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+ if (fd == -1) {
+ com_err(progname, errno, _("while creating 'ok' file, '%s'"), file_ok);
+ goto cleanup;
+diff --git a/src/kdc/main.c b/src/kdc/main.c
+index 38b9299066..085afc9220 100644
+--- a/src/kdc/main.c
++++ b/src/kdc/main.c
+@@ -848,7 +848,7 @@ write_pid_file(const char *path)
+ FILE *file;
+ unsigned long pid;
+
+- file = fopen(path, "w");
++ file = WRITABLEFOPEN(path, "w");
+ if (file == NULL)
+ return errno;
+ pid = (unsigned long) getpid();
+diff --git a/src/kprop/kpropd.c b/src/kprop/kpropd.c
+index f2341d720f..ffdac9f397 100644
+--- a/src/kprop/kpropd.c
++++ b/src/kprop/kpropd.c
+@@ -488,6 +488,9 @@ doit(int fd)
+ krb5_enctype etype;
+ int database_fd;
+ char host[INET6_ADDRSTRLEN + 1];
++#ifdef USE_SELINUX
++ void *selabel;
++#endif
+
+ signal_wrapper(SIGALRM, alarm_handler);
+ alarm(params.iprop_resync_timeout);
+@@ -543,9 +546,15 @@ doit(int fd)
+ free(name);
+ exit(1);
+ }
++#ifdef USE_SELINUX
++ selabel = krb5int_push_fscreatecon_for(file);
++#endif
+ omask = umask(077);
+ lock_fd = open(temp_file_name, O_RDWR | O_CREAT, 0600);
+ (void)umask(omask);
++#ifdef USE_SELINUX
++ krb5int_pop_fscreatecon(selabel);
++#endif
+ retval = krb5_lock_file(kpropd_context, lock_fd,
+ KRB5_LOCKMODE_EXCLUSIVE | KRB5_LOCKMODE_DONTBLOCK);
+ if (retval) {
+diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
+index c6885edf2a..9aec3c05e8 100644
+--- a/src/lib/kadm5/logger.c
++++ b/src/lib/kadm5/logger.c
+@@ -309,7 +309,7 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
+ */
+ append = (cp[4] == ':') ? O_APPEND : 0;
+ if (append || cp[4] == '=') {
+- fd = open(&cp[5], O_CREAT | O_WRONLY | append,
++ fd = THREEPARAMOPEN(&cp[5], O_CREAT | O_WRONLY | append,
+ S_IRUSR | S_IWUSR | S_IRGRP);
+ if (fd != -1)
+ f = fdopen(fd, append ? "a" : "w");
+@@ -776,7 +776,7 @@ krb5_klog_reopen(krb5_context kcontext)
+ * In case the old logfile did not get moved out of the
+ * way, open for append to prevent squashing the old logs.
+ */
+- f = fopen(log_control.log_entries[lindex].lfu_fname, "a+");
++ f = WRITABLEFOPEN(log_control.log_entries[lindex].lfu_fname, "a+");
+ if (f) {
+ set_cloexec_file(f);
+ log_control.log_entries[lindex].lfu_filep = f;
+diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c
+index 2659a25018..e9b95fce59 100644
+--- a/src/lib/kdb/kdb_log.c
++++ b/src/lib/kdb/kdb_log.c
+@@ -480,7 +480,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries)
+ return ENOMEM;
+
+ if (stat(logname, &st) == -1) {
+- log_ctx->ulogfd = open(logname, O_RDWR | O_CREAT, 0600);
++ log_ctx->ulogfd = THREEPARAMOPEN(logname, O_RDWR | O_CREAT, 0600);
+ if (log_ctx->ulogfd == -1) {
+ retval = errno;
+ goto cleanup;
+diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c
+index 1da40b51d0..f3ab7340a6 100644
+--- a/src/lib/krb5/ccache/cc_dir.c
++++ b/src/lib/krb5/ccache/cc_dir.c
+@@ -183,10 +183,19 @@ write_primary_file(const char *primary_path, const char *contents)
+ char *newpath = NULL;
+ FILE *fp = NULL;
+ int fd = -1, status;
++#ifdef USE_SELINUX
++ void *selabel;
++#endif
+
+ if (asprintf(&newpath, "%s.XXXXXX", primary_path) < 0)
+ return ENOMEM;
++#ifdef USE_SELINUX
++ selabel = krb5int_push_fscreatecon_for(primary_path);
++#endif
+ fd = mkstemp(newpath);
++#ifdef USE_SELINUX
++ krb5int_pop_fscreatecon(selabel);
++#endif
+ if (fd < 0)
+ goto cleanup;
+ #ifdef HAVE_CHMOD
+@@ -221,10 +230,23 @@ static krb5_error_code
+ verify_dir(krb5_context context, const char *dirname)
+ {
+ struct stat st;
++ int status;
++#ifdef USE_SELINUX
++ void *selabel;
++#endif
+
+ if (stat(dirname, &st) < 0) {
+- if (errno == ENOENT && mkdir(dirname, S_IRWXU) == 0)
+- return 0;
++ if (errno == ENOENT) {
++#ifdef USE_SELINUX
++ selabel = krb5int_push_fscreatecon_for(dirname);
++#endif
++ status = mkdir(dirname, S_IRWXU);
++#ifdef USE_SELINUX
++ krb5int_pop_fscreatecon(selabel);
++#endif
++ if (status == 0)
++ return 0;
++ }
+ k5_setmsg(context, KRB5_FCC_NOFILE,
+ _("Credential cache directory %s does not exist"),
+ dirname);
+diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c
+index e510211fc5..f3ea28c8ec 100644
+--- a/src/lib/krb5/keytab/kt_file.c
++++ b/src/lib/krb5/keytab/kt_file.c
+@@ -735,14 +735,14 @@ krb5_ktfileint_open(krb5_context context, krb5_keytab id, int mode)
+
+ KTCHECKLOCK(id);
+ errno = 0;
+- KTFILEP(id) = fopen(KTFILENAME(id),
++ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id),
+ (mode == KRB5_LOCKMODE_EXCLUSIVE) ? "rb+" : "rb");
+ if (!KTFILEP(id)) {
+ if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) {
+ /* try making it first time around */
+ k5_create_secure_file(context, KTFILENAME(id));
+ errno = 0;
+- KTFILEP(id) = fopen(KTFILENAME(id), "rb+");
++ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id), "rb+");
+ if (!KTFILEP(id))
+ goto report_errno;
+ writevno = 1;
+diff --git a/src/lib/krb5/os/trace.c b/src/lib/krb5/os/trace.c
+index 3369fc4ba6..95f82cda03 100644
+--- a/src/lib/krb5/os/trace.c
++++ b/src/lib/krb5/os/trace.c
+@@ -459,7 +459,7 @@ krb5_set_trace_filename(krb5_context context, const char *filename)
+ fd = malloc(sizeof(*fd));
+ if (fd == NULL)
+ return ENOMEM;
+- *fd = open(filename, O_WRONLY|O_CREAT|O_APPEND, 0600);
++ *fd = THREEPARAMOPEN(filename, O_WRONLY|O_CREAT|O_APPEND, 0600);
+ if (*fd == -1) {
+ free(fd);
+ return errno;
+diff --git a/src/plugins/kdb/db2/adb_openclose.c b/src/plugins/kdb/db2/adb_openclose.c
+index 7db30a33b0..2b9d01921d 100644
+--- a/src/plugins/kdb/db2/adb_openclose.c
++++ b/src/plugins/kdb/db2/adb_openclose.c
+@@ -152,7 +152,7 @@ osa_adb_init_db(osa_adb_db_t *dbp, char *filename, char *lockfilename,
+ * needs be open read/write so that write locking can work with
+ * POSIX systems
+ */
+- if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) {
++ if ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "r+")) == NULL) {
+ /*
+ * maybe someone took away write permission so we could only
+ * get shared locks?
+diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c
+index 2c163d91cc..9a344a603e 100644
+--- a/src/plugins/kdb/db2/kdb_db2.c
++++ b/src/plugins/kdb/db2/kdb_db2.c
+@@ -694,8 +694,8 @@ ctx_create_db(krb5_context context, krb5_db2_context *dbc)
+ if (retval)
+ return retval;
+
+- dbc->db_lf_file = open(dbc->db_lf_name, O_CREAT | O_RDWR | O_TRUNC,
+- 0600);
++ dbc->db_lf_file = THREEPARAMOPEN(dbc->db_lf_name,
++ O_CREAT | O_RDWR | O_TRUNC, 0600);
+ if (dbc->db_lf_file < 0) {
+ retval = errno;
+ goto cleanup;
+diff --git a/src/plugins/kdb/db2/libdb2/btree/bt_open.c b/src/plugins/kdb/db2/libdb2/btree/bt_open.c
+index 2977b17f3a..d5809a5a93 100644
+--- a/src/plugins/kdb/db2/libdb2/btree/bt_open.c
++++ b/src/plugins/kdb/db2/libdb2/btree/bt_open.c
+@@ -60,6 +60,7 @@ static char sccsid[] = "@(#)bt_open.c 8.11 (Berkeley) 11/2/95";
+ #include <string.h>
+ #include <unistd.h>
+
++#include "k5-int.h"
+ #include "db-int.h"
+ #include "btree.h"
+
+@@ -203,7 +204,7 @@ __bt_open(fname, flags, mode, openinfo, dflags)
+ goto einval;
+ }
+
+- if ((t->bt_fd = open(fname, flags | O_BINARY, mode)) < 0)
++ if ((t->bt_fd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0)
+ goto err;
+
+ } else {
+diff --git a/src/plugins/kdb/db2/libdb2/hash/hash.c b/src/plugins/kdb/db2/libdb2/hash/hash.c
+index 862dbb1640..686a960c96 100644
+--- a/src/plugins/kdb/db2/libdb2/hash/hash.c
++++ b/src/plugins/kdb/db2/libdb2/hash/hash.c
+@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)hash.c 8.12 (Berkeley) 11/7/95";
+ #include <assert.h>
+ #endif
+
++#include "k5-int.h"
+ #include "db-int.h"
+ #include "hash.h"
+ #include "page.h"
+@@ -129,7 +130,7 @@ __kdb2_hash_open(file, flags, mode, info, dflags)
+ new_table = 1;
+ }
+ if (file) {
+- if ((hashp->fp = open(file, flags|O_BINARY, mode)) == -1)
++ if ((hashp->fp = THREEPARAMOPEN(file, flags|O_BINARY, mode)) == -1)
+ RETURN_ERROR(errno, error0);
+ (void)fcntl(hashp->fp, F_SETFD, 1);
+ }
+diff --git a/src/plugins/kdb/db2/libdb2/recno/rec_open.c b/src/plugins/kdb/db2/libdb2/recno/rec_open.c
+index d8b26e7011..b0daa7c021 100644
+--- a/src/plugins/kdb/db2/libdb2/recno/rec_open.c
++++ b/src/plugins/kdb/db2/libdb2/recno/rec_open.c
+@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)rec_open.c 8.12 (Berkeley) 11/18/94";
+ #include <stdio.h>
+ #include <unistd.h>
+
++#include "k5-int.h"
+ #include "db-int.h"
+ #include "recno.h"
+
+@@ -68,7 +69,8 @@ __rec_open(fname, flags, mode, openinfo, dflags)
+ int rfd = -1, sverrno;
+
+ /* Open the user's file -- if this fails, we're done. */
+- if (fname != NULL && (rfd = open(fname, flags | O_BINARY, mode)) < 0)
++ if (fname != NULL &&
++ (rfd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0)
+ return (NULL);
+
+ if (fname != NULL && fcntl(rfd, F_SETFD, 1) == -1) {
+diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+index e87688d666..30f7c00ab5 100644
+--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
++++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+@@ -190,7 +190,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
+
+ /* set password in the file */
+ old_mode = umask(0177);
+- pfile = fopen(file_name, "a+");
++ pfile = WRITABLEFOPEN(file_name, "a+");
+ if (pfile == NULL) {
+ com_err(me, errno, _("Failed to open file %s: %s"), file_name,
+ strerror (errno));
+@@ -231,6 +231,9 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
+ * Delete the existing entry and add the new entry
+ */
+ FILE *newfile;
++#ifdef USE_SELINUX
++ void *selabel;
++#endif
+
+ mode_t omask;
+
+@@ -242,7 +245,13 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
+ }
+
+ omask = umask(077);
++#ifdef USE_SELINUX
++ selabel = krb5int_push_fscreatecon_for(file_name);
++#endif
+ newfile = fopen(tmp_file, "w");
++#ifdef USE_SELINUX
++ krb5int_pop_fscreatecon(selabel);
++#endif
+ umask (omask);
+ if (newfile == NULL) {
+ com_err(me, errno, _("Error creating file %s"), tmp_file);
+diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c
+index aa951df05f..79f9500f69 100644
+--- a/src/util/profile/prof_file.c
++++ b/src/util/profile/prof_file.c
+@@ -33,6 +33,7 @@
+ #endif
+
+ #include "k5-platform.h"
++#include "k5-label.h"
+
+ struct global_shared_profile_data {
+ /* This is the head of the global list of shared trees */
+@@ -391,7 +392,7 @@ static errcode_t write_data_to_file(prf_data_t data, const char *outfile,
+
+ errno = 0;
+
+- f = fopen(new_file, "w");
++ f = WRITABLEFOPEN(new_file, "w");
+ if (!f) {
+ retval = errno;
+ if (retval == 0)
+diff --git a/src/util/support/Makefile.in b/src/util/support/Makefile.in
+index 86d5a950a6..1052d53a1e 100644
+--- a/src/util/support/Makefile.in
++++ b/src/util/support/Makefile.in
+@@ -74,6 +74,7 @@ IPC_SYMS= \
+
+ STLIBOBJS= \
+ threads.o \
++ selinux.o \
+ init-addrinfo.o \
+ plugins.o \
+ errors.o \
+@@ -168,7 +169,7 @@ SRCS=\
+
+ SHLIB_EXPDEPS =
+ # Add -lm if dumping thread stats, for sqrt.
+-SHLIB_EXPLIBS= $(LIBS) $(DL_LIB)
++SHLIB_EXPLIBS= $(LIBS) $(SELINUX_LIBS) $(DL_LIB)
+
+ DEPLIBS=
+
+diff --git a/src/util/support/selinux.c b/src/util/support/selinux.c
+new file mode 100644
+index 0000000000..807d039da3
+--- /dev/null
++++ b/src/util/support/selinux.c
+@@ -0,0 +1,405 @@
++/*
++ * Copyright 2007,2008,2009,2011,2012,2013,2016 Red Hat, Inc. All Rights Reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions are met:
++ *
++ * Redistributions of source code must retain the above copyright notice, this
++ * list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above copyright notice,
++ * this list of conditions and the following disclaimer in the documentation
++ * and/or other materials provided with the distribution.
++ *
++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
++ * used to endorse or promote products derived from this software without
++ * specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
++ *
++ * File-opening wrappers for creating correctly-labeled files. So far, we can
++ * assume that this is Linux-specific, so we make many simplifying assumptions.
++ */
++
++#include "../../include/autoconf.h"
++
++#ifdef USE_SELINUX
++
++#include <k5-label.h>
++#include <k5-platform.h>
++
++#include <sys/types.h>
++#include <sys/stat.h>
++
++#include <errno.h>
++#include <fcntl.h>
++#include <limits.h>
++#include <pthread.h>
++#include <stdarg.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++
++#include <selinux/selinux.h>
++#include <selinux/context.h>
++#include <selinux/label.h>
++
++/* #define DEBUG 1 */
++static void
++debug_log(const char *fmt, ...)
++{
++#ifdef DEBUG
++ va_list ap;
++ va_start(ap, fmt);
++ if (isatty(fileno(stderr))) {
++ vfprintf(stderr, fmt, ap);
++ }
++ va_end(ap);
++#endif
++
++ return;
++}
++
++/* Mutex used to serialize use of the process-global file creation context. */
++k5_mutex_t labeled_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
++
++/* Make sure we finish initializing that mutex before attempting to use it. */
++k5_once_t labeled_once = K5_ONCE_INIT;
++static void
++label_mutex_init(void)
++{
++ k5_mutex_finish_init(&labeled_mutex);
++}
++
++static struct selabel_handle *selabel_ctx;
++static time_t selabel_last_changed;
++
++MAKE_FINI_FUNCTION(cleanup_fscreatecon);
++
++static void
++cleanup_fscreatecon(void)
++{
++ if (selabel_ctx != NULL) {
++ selabel_close(selabel_ctx);
++ selabel_ctx = NULL;
++ }
++}
++
++static char *
++push_fscreatecon(const char *pathname, mode_t mode)
++{
++ char *previous, *configuredsc, *currentsc, *genpath;
++ const char *derivedsc, *fullpath, *currentuser;
++ context_t current, derived;
++
++ previous = configuredsc = currentsc = genpath = NULL;
++ derivedsc = NULL;
++ current = derived = NULL;
++
++ fullpath = pathname;
++
++ if (!is_selinux_enabled()) {
++ goto fail;
++ }
++
++ if (getfscreatecon(&previous) != 0) {
++ goto fail;
++ }
++
++ /* Canonicalize pathname */
++ if (pathname[0] != '/') {
++ char *wd;
++ size_t len;
++ len = 0;
++
++ wd = getcwd(NULL, len);
++ if (wd == NULL) {
++ goto fail;
++ }
++
++ len = strlen(wd) + 1 + strlen(pathname) + 1;
++ genpath = malloc(len);
++ if (genpath == NULL) {
++ free(wd);
++ goto fail;
++ }
++
++ sprintf(genpath, "%s/%s", wd, pathname);
++ free(wd);
++ fullpath = genpath;
++ }
++
++ debug_log("Looking up context for \"%s\"(%05o).\n", fullpath, mode);
++
++ /* Check whether context file has changed under us */
++ if (selabel_ctx != NULL || selabel_last_changed == 0) {
++ const char *cpath;
++ struct stat st;
++ int i = -1;
++
++ cpath = selinux_file_context_path();
++ if (cpath == NULL || (i = stat(cpath, &st)) != 0 ||
++ st.st_mtime != selabel_last_changed) {
++ cleanup_fscreatecon();
++
++ selabel_last_changed = i ? time(NULL) : st.st_mtime;
++ }
++ }
++
++ if (selabel_ctx == NULL) {
++ selabel_ctx = selabel_open(SELABEL_CTX_FILE, NULL, 0);
++ }
++
++ if (selabel_ctx != NULL &&
++ selabel_lookup(selabel_ctx, &configuredsc, fullpath, mode) != 0) {
++ goto fail;
++ }
++
++ if (genpath != NULL) {
++ free(genpath);
++ genpath = NULL;
++ }
++
++ if (configuredsc == NULL) {
++ goto fail;
++ }
++
++ getcon(¤tsc);
++
++ /* AAAAAAAA */
++ if (currentsc != NULL) {
++ derived = context_new(configuredsc);
++
++ if (derived != NULL) {
++ current = context_new(currentsc);
++
++ if (current != NULL) {
++ currentuser = context_user_get(current);
++
++ if (currentuser != NULL) {
++ if (context_user_set(derived,
++ currentuser) == 0) {
++ derivedsc = context_str(derived);
++
++ if (derivedsc != NULL) {
++ freecon(configuredsc);
++ configuredsc = strdup(derivedsc);
++ }
++ }
++ }
++
++ context_free(current);
++ }
++
++ context_free(derived);
++ }
++
++ freecon(currentsc);
++ }
++
++ debug_log("Setting file creation context to \"%s\".\n", configuredsc);
++ if (setfscreatecon(configuredsc) != 0) {
++ debug_log("Unable to determine current context.\n");
++ goto fail;
++ }
++
++ freecon(configuredsc);
++ return previous;
++
++fail:
++ if (previous != NULL) {
++ freecon(previous);
++ }
++ if (genpath != NULL) {
++ free(genpath);
++ }
++ if (configuredsc != NULL) {
++ freecon(configuredsc);
++ }
++
++ cleanup_fscreatecon();
++ return NULL;
++}
++
++static void
++pop_fscreatecon(char *previous)
++{
++ if (!is_selinux_enabled()) {
++ return;
++ }
++
++ if (previous != NULL) {
++ debug_log("Resetting file creation context to \"%s\".\n", previous);
++ } else {
++ debug_log("Resetting file creation context to default.\n");
++ }
++
++ /* NULL resets to default */
++ setfscreatecon(previous);
++
++ if (previous != NULL) {
++ freecon(previous);
++ }
++
++ /* Need to clean this up here otherwise it leaks */
++ cleanup_fscreatecon();
++}
++
++void *
++krb5int_push_fscreatecon_for(const char *pathname)
++{
++ struct stat st;
++ void *retval;
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++
++ if (stat(pathname, &st) != 0) {
++ st.st_mode = S_IRUSR | S_IWUSR;
++ }
++
++ retval = push_fscreatecon(pathname, st.st_mode);
++ return retval ? retval : (void *) -1;
++}
++
++void
++krb5int_pop_fscreatecon(void *con)
++{
++ if (con != NULL) {
++ pop_fscreatecon((con == (void *) -1) ? NULL : con);
++ k5_mutex_unlock(&labeled_mutex);
++ }
++}
++
++FILE *
++krb5int_labeled_fopen(const char *path, const char *mode)
++{
++ FILE *fp;
++ int errno_save;
++ char *ctx;
++
++ if ((strcmp(mode, "r") == 0) ||
++ (strcmp(mode, "rb") == 0)) {
++ return fopen(path, mode);
++ }
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++ ctx = push_fscreatecon(path, 0);
++
++ fp = fopen(path, mode);
++ errno_save = errno;
++
++ pop_fscreatecon(ctx);
++ k5_mutex_unlock(&labeled_mutex);
++
++ errno = errno_save;
++ return fp;
++}
++
++int
++krb5int_labeled_creat(const char *path, mode_t mode)
++{
++ int fd;
++ int errno_save;
++ char *ctx;
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++ ctx = push_fscreatecon(path, 0);
++
++ fd = creat(path, mode);
++ errno_save = errno;
++
++ pop_fscreatecon(ctx);
++ k5_mutex_unlock(&labeled_mutex);
++
++ errno = errno_save;
++ return fd;
++}
++
++int
++krb5int_labeled_mknod(const char *path, mode_t mode, dev_t dev)
++{
++ int ret;
++ int errno_save;
++ char *ctx;
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++ ctx = push_fscreatecon(path, mode);
++
++ ret = mknod(path, mode, dev);
++ errno_save = errno;
++
++ pop_fscreatecon(ctx);
++ k5_mutex_unlock(&labeled_mutex);
++
++ errno = errno_save;
++ return ret;
++}
++
++int
++krb5int_labeled_mkdir(const char *path, mode_t mode)
++{
++ int ret;
++ int errno_save;
++ char *ctx;
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++ ctx = push_fscreatecon(path, S_IFDIR);
++
++ ret = mkdir(path, mode);
++ errno_save = errno;
++
++ pop_fscreatecon(ctx);
++ k5_mutex_unlock(&labeled_mutex);
++
++ errno = errno_save;
++ return ret;
++}
++
++int
++krb5int_labeled_open(const char *path, int flags, ...)
++{
++ int fd;
++ int errno_save;
++ char *ctx;
++ mode_t mode;
++ va_list ap;
++
++ if ((flags & O_CREAT) == 0) {
++ return open(path, flags);
++ }
++
++ k5_once(&labeled_once, label_mutex_init);
++ k5_mutex_lock(&labeled_mutex);
++ ctx = push_fscreatecon(path, 0);
++
++ va_start(ap, flags);
++ mode = va_arg(ap, mode_t);
++ fd = open(path, flags, mode);
++ va_end(ap);
++
++ errno_save = errno;
++
++ pop_fscreatecon(ctx);
++ k5_mutex_unlock(&labeled_mutex);
++
++ errno = errno_save;
++ return fd;
++}
++
++#endif /* USE_SELINUX */
+--
+2.38.1
+
diff --git a/SOURCES/0003-downstream-fix-debuginfo-with-y.tab.c.patch b/SOURCES/0003-downstream-fix-debuginfo-with-y.tab.c.patch
new file mode 100644
index 0000000..3c58cc1
--- /dev/null
+++ b/SOURCES/0003-downstream-fix-debuginfo-with-y.tab.c.patch
@@ -0,0 +1,44 @@
+From c7fe7cbd61f7debf052ddcc6cc5f01bb7e4f5385 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 23 Aug 2016 16:49:25 -0400
+Subject: [PATCH] [downstream] fix debuginfo with y.tab.c
+
+We want to keep these y.tab.c files around because the debuginfo points to
+them. It would be more elegant at the end to use symbolic links, but that
+could mess up people working in the tree on other things.
+
+Last-updated: krb5-1.9
+---
+ src/kadmin/cli/Makefile.in | 5 +++++
+ src/plugins/kdb/ldap/ldap_util/Makefile.in | 2 +-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/kadmin/cli/Makefile.in b/src/kadmin/cli/Makefile.in
+index adfea6e2b5..d1327e400b 100644
+--- a/src/kadmin/cli/Makefile.in
++++ b/src/kadmin/cli/Makefile.in
+@@ -37,3 +37,8 @@ clean-unix::
+ # CC_LINK is not meant for compilation and this use may break in the future.
+ datetest: getdate.c
+ $(CC_LINK) $(ALL_CFLAGS) -DTEST -o datetest getdate.c
++
++%.c: %.y
++ $(RM) y.tab.c $@
++ $(YACC.y) $<
++ $(CP) y.tab.c $@
+diff --git a/src/plugins/kdb/ldap/ldap_util/Makefile.in b/src/plugins/kdb/ldap/ldap_util/Makefile.in
+index 8669c2436c..a22f23c02c 100644
+--- a/src/plugins/kdb/ldap/ldap_util/Makefile.in
++++ b/src/plugins/kdb/ldap/ldap_util/Makefile.in
+@@ -20,7 +20,7 @@ $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIB) $(GETDATE)
+ getdate.c: $(GETDATE)
+ $(RM) getdate.c y.tab.c
+ $(YACC) $(GETDATE)
+- $(MV) y.tab.c getdate.c
++ $(CP) y.tab.c getdate.c
+
+ install:
+ $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
+--
+2.38.1
+
diff --git a/SOURCES/0004-downstream-Remove-3des-support.patch b/SOURCES/0004-downstream-Remove-3des-support.patch
new file mode 100644
index 0000000..4ec3a0f
--- /dev/null
+++ b/SOURCES/0004-downstream-Remove-3des-support.patch
@@ -0,0 +1,6228 @@
+From 7b40250066bbcc529b5348b68199c58fbad82376 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 26 Mar 2019 18:51:10 -0400
+Subject: [PATCH] [downstream] Remove 3des support
+
+Completely remove support for all DES3 enctypes (des3-cbc-raw,
+des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation
+to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain
+their constants.
+
+Last-updated: 1.20-final
+[antorres@redhat.com: remove diffs for:
+ - src/kdamin/testing/proto/kdc.conf.proto
+ - src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
+ - src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
+ - src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
+ since they were removed by Remove-TCL-based-libkadm5-API-tests.patch]
+[jrische@redhat.com: restore supportedCMSTypes (not using 3DES any more):
+ - src/plugins/preauth/pkinit/pkinit_crypto.h
+ - src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+ - src/plugins/preauth/pkinit/pkinit_clnt.c]
+---
+ doc/admin/advanced/retiring-des.rst | 11 +
+ doc/admin/conf_files/kdc_conf.rst | 7 +-
+ doc/admin/enctypes.rst | 10 +-
+ doc/admin/troubleshoot.rst | 9 +-
+ doc/appdev/refs/macros/index.rst | 1 -
+ doc/conf.py | 2 +-
+ doc/mitK5features.rst | 2 +-
+ src/Makefile.in | 4 +-
+ src/configure.ac | 4 +-
+ src/include/krb5/krb5.hin | 10 +-
+ src/kdc/kdc_util.c | 4 -
+ src/lib/crypto/Makefile.in | 8 +-
+ src/lib/crypto/builtin/Makefile.in | 6 +-
+ src/lib/crypto/builtin/des/ISSUES | 13 -
+ src/lib/crypto/builtin/des/Makefile.in | 82 ----
+ src/lib/crypto/builtin/des/d3_aead.c | 137 ------
+ src/lib/crypto/builtin/des/d3_kysched.c | 55 ---
+ src/lib/crypto/builtin/des/deps | 146 -------
+ src/lib/crypto/builtin/des/des_int.h | 285 -------------
+ src/lib/crypto/builtin/des/des_keys.c | 38 --
+ src/lib/crypto/builtin/des/destest.c | 240 -----------
+ src/lib/crypto/builtin/des/doc/libdes.doc | 208 ---------
+ src/lib/crypto/builtin/des/f_aead.c | 177 --------
+ src/lib/crypto/builtin/des/f_cbc.c | 256 ------------
+ src/lib/crypto/builtin/des/f_cksum.c | 141 -------
+ src/lib/crypto/builtin/des/f_parity.c | 64 ---
+ src/lib/crypto/builtin/des/f_sched.c | 363 ----------------
+ src/lib/crypto/builtin/des/f_tables.c | 375 -----------------
+ src/lib/crypto/builtin/des/f_tables.h | 285 -------------
+ src/lib/crypto/builtin/des/key_sched.c | 66 ---
+ src/lib/crypto/builtin/des/keytest.data | 171 --------
+ src/lib/crypto/builtin/des/t_verify.c | 395 ------------------
+ src/lib/crypto/builtin/des/weak_key.c | 90 ----
+ .../crypto/builtin/enc_provider/Makefile.in | 5 +-
+ src/lib/crypto/builtin/enc_provider/deps | 11 -
+ src/lib/crypto/builtin/enc_provider/des3.c | 109 -----
+ src/lib/crypto/crypto_tests/t_cf2.expected | 1 -
+ src/lib/crypto/crypto_tests/t_cf2.in | 5 -
+ src/lib/crypto/crypto_tests/t_cksums.c | 10 -
+ src/lib/crypto/crypto_tests/t_decrypt.c | 57 ---
+ src/lib/crypto/crypto_tests/t_derive.c | 36 --
+ src/lib/crypto/crypto_tests/t_encrypt.c | 1 -
+ src/lib/crypto/crypto_tests/t_short.c | 1 -
+ src/lib/crypto/crypto_tests/t_str2key.c | 52 ---
+ src/lib/crypto/crypto_tests/vectors.c | 4 -
+ src/lib/crypto/krb/Makefile.in | 3 -
+ src/lib/crypto/krb/cksumtypes.c | 6 -
+ src/lib/crypto/krb/crypto_int.h | 11 -
+ src/lib/crypto/krb/default_state.c | 10 -
+ src/lib/crypto/krb/enctype_util.c | 3 +
+ src/lib/crypto/krb/etypes.c | 21 -
+ src/lib/crypto/krb/prf_des.c | 47 ---
+ src/lib/crypto/krb/random_to_key.c | 28 --
+ src/lib/crypto/libk5crypto.exports | 1 -
+ src/lib/crypto/openssl/Makefile.in | 8 +-
+ src/lib/crypto/openssl/des/Makefile.in | 20 -
+ src/lib/crypto/openssl/des/deps | 14 -
+ src/lib/crypto/openssl/des/des_keys.c | 39 --
+ .../crypto/openssl/enc_provider/Makefile.in | 3 -
+ src/lib/crypto/openssl/enc_provider/deps | 11 -
+ src/lib/crypto/openssl/enc_provider/des3.c | 188 ---------
+ src/lib/crypto/openssl/kdf.c | 2 -
+ src/lib/gssapi/krb5/accept_sec_context.c | 1 -
+ src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +-
+ src/lib/gssapi/krb5/k5seal.c | 35 +-
+ src/lib/gssapi/krb5/k5sealiov.c | 27 +-
+ src/lib/gssapi/krb5/k5unseal.c | 88 ++--
+ src/lib/gssapi/krb5/k5unsealiov.c | 38 +-
+ src/lib/gssapi/krb5/util_crypt.c | 11 -
+ src/lib/krb5/krb/init_ctx.c | 3 -
+ src/lib/krb5/krb/s4u_creds.c | 2 -
+ src/lib/krb5/krb/t_etypes.c | 48 +--
+ src/lib/krb5/os/t_trace.c | 4 +-
+ src/lib/krb5/os/t_trace.ref | 2 +-
+ src/plugins/preauth/pkinit/pkcs11.h | 6 +-
+ src/plugins/preauth/pkinit/pkinit_crypto.h | 10 +-
+ src/plugins/preauth/pkinit/pkinit_kdf_test.c | 30 --
+ src/plugins/preauth/spake/t_vectors.c | 25 --
+ src/tests/gssapi/t_enctypes.py | 33 +-
+ src/tests/gssapi/t_invalid.c | 12 -
+ src/tests/gssapi/t_pcontok.c | 16 +-
+ src/tests/gssapi/t_prf.c | 7 -
+ src/tests/t_authdata.py | 2 +-
+ src/tests/t_etype_info.py | 18 +-
+ src/tests/t_keyrollover.py | 8 +-
+ src/tests/t_mkey.py | 35 --
+ src/tests/t_salt.py | 5 +-
+ src/util/k5test.py | 7 -
+ .../leash/htmlhelp/html/Encryption_Types.htm | 13 -
+ 89 files changed, 151 insertions(+), 4713 deletions(-)
+ delete mode 100644 src/lib/crypto/builtin/des/ISSUES
+ delete mode 100644 src/lib/crypto/builtin/des/Makefile.in
+ delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c
+ delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c
+ delete mode 100644 src/lib/crypto/builtin/des/deps
+ delete mode 100644 src/lib/crypto/builtin/des/des_int.h
+ delete mode 100644 src/lib/crypto/builtin/des/des_keys.c
+ delete mode 100644 src/lib/crypto/builtin/des/destest.c
+ delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc
+ delete mode 100644 src/lib/crypto/builtin/des/f_aead.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_parity.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_sched.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_tables.c
+ delete mode 100644 src/lib/crypto/builtin/des/f_tables.h
+ delete mode 100644 src/lib/crypto/builtin/des/key_sched.c
+ delete mode 100644 src/lib/crypto/builtin/des/keytest.data
+ delete mode 100644 src/lib/crypto/builtin/des/t_verify.c
+ delete mode 100644 src/lib/crypto/builtin/des/weak_key.c
+ delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c
+ delete mode 100644 src/lib/crypto/krb/prf_des.c
+ delete mode 100644 src/lib/crypto/openssl/des/Makefile.in
+ delete mode 100644 src/lib/crypto/openssl/des/deps
+ delete mode 100644 src/lib/crypto/openssl/des/des_keys.c
+ delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c
+
+diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
+index 38f76d3f45..d5e3c30c04 100644
+--- a/doc/admin/advanced/retiring-des.rst
++++ b/doc/admin/advanced/retiring-des.rst
+@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit
+ keyspace. As such, it is now considered insecure and should not be
+ used (:rfc:`6649`).
+
++In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types.
++However, due to weakenings of DES and other security concerns, it is now also
++considered insecure and should not be used (:rfc:`8429`). AES encryption
++types were added to MIT in 2003, meaning that the number of deployments with
++3DES as the strongest encryption type is hopefully small. The rotation
++procedure described herein works for both DES and 3DES.
++
+ History
+ -------
+
+@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a
+ consequence, a release prior to 1.18 is required to perform these
+ migrations.
+
++3DES (a flagged deprecated encryption type) was also removed downstream by
++rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required
++to perform these migrations.
++
+ Types of keys
+ -------------
+
+diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
+index 74a0a2acef..846c58ed82 100644
+--- a/doc/admin/conf_files/kdc_conf.rst
++++ b/doc/admin/conf_files/kdc_conf.rst
+@@ -854,8 +854,6 @@ Encryption types marked as "weak" and "deprecated" are available for
+ compatibility but not recommended for use.
+
+ ==================================================== =========================================================
+-des3-cbc-raw Triple DES cbc mode raw (weak)
+-des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated)
+ aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC
+ aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC
+ aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC
+@@ -864,7 +862,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat
+ arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak)
+ camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC
+ camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC
+-des3 The triple DES family: des3-cbc-sha1
+ aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128
+ rc4 The RC4 family: arcfour-hmac
+ camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac
+@@ -876,8 +873,8 @@ from the current list by prefixing them with a minus sign ("-").
+ Types or families can be prefixed with a plus sign ("+") for symmetry;
+ it has the same meaning as just listing the type or family. For
+ example, "``DEFAULT -rc4``" would be the default set of encryption
+-types with RC4 types removed, and "``des3 DEFAULT``" would be the
+-default set of encryption types with triple DES types moved to the
++types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be
++the default set of encryption types with aes128-sha2 moved to the
+ front.
+
+ While **aes128-cts** and **aes256-cts** are supported for all Kerberos
+diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst
+index 694922c0d9..c4d5499d3b 100644
+--- a/doc/admin/enctypes.rst
++++ b/doc/admin/enctypes.rst
+@@ -129,7 +129,7 @@ enctype weak? krb5 Windows
+ des-cbc-crc weak <1.18 >=2000
+ des-cbc-md4 weak <1.18 ?
+ des-cbc-md5 weak <1.18 >=2000
+-des3-cbc-sha1 deprecated >=1.1 none
++des3-cbc-sha1 deprecated <1.18 none
+ arcfour-hmac deprecated >=1.3 >=2000
+ arcfour-hmac-exp weak >=1.3 >=2000
+ aes128-cts-hmac-sha1-96 >=1.3 >=Vista
+@@ -148,9 +148,11 @@ default.
+ krb5 releases 1.17 and later flag deprecated encryption types
+ (including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and
+ kadmin output. krb5 release 1.19 issues a warning during initial
+-authentication if ``des3-cbc-sha1`` is used. Future releases will
+-disable ``des3-cbc-sha1`` by default and eventually remove support for
+-it.
++authentication if ``des3-cbc-sha1`` is used.
++
++krb5 releases 1.18 and later remove single-DES and 3DES
++(downstream-only patch) enctype support. Microsoft Windows never
++supported 3DES.
+
+
+ Migrating away from older encryption types
+diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst
+index ade5e1f87a..e4dc54f7e5 100644
+--- a/doc/admin/troubleshoot.rst
++++ b/doc/admin/troubleshoot.rst
+@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type
+ ......................................................................
+
+ This most commonly happens when trying to use a principal with only
+-DES keys, in a release (MIT krb5 1.7 or later) which disables DES by
+-default. DES encryption is considered weak due to its inadequate key
+-size. If you cannot migrate away from its use, you can re-enable DES
+-by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults`
+-section of :ref:`krb5.conf(5)`.
++DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES
++by default. DES encryption is considered weak due to its inadequate
++key size and has been removed upstream; 3DES is not recommended, and
++has been removed downstream by rharwood@redhat.com.
+
+
+ .. _err_cert_chain_cert_expired:
+diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
+index a0d4f26701..5f34dea5e8 100644
+--- a/doc/appdev/refs/macros/index.rst
++++ b/doc/appdev/refs/macros/index.rst
+@@ -36,7 +36,6 @@ Public
+ CKSUMTYPE_HMAC_SHA1_96_AES256.rst
+ CKSUMTYPE_HMAC_SHA256_128_AES128.rst
+ CKSUMTYPE_HMAC_SHA384_192_AES256.rst
+- CKSUMTYPE_HMAC_SHA1_DES3.rst
+ CKSUMTYPE_MD5_HMAC_ARCFOUR.rst
+ CKSUMTYPE_NIST_SHA.rst
+ CKSUMTYPE_RSA_MD4.rst
+diff --git a/doc/conf.py b/doc/conf.py
+index fa0eb80f1f..12168fa695 100644
+--- a/doc/conf.py
++++ b/doc/conf.py
+@@ -278,7 +278,7 @@ else:
+ rst_epilog += '''
+ .. |krb5conf| replace:: ``/etc/krb5.conf``
+ .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
+-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
++.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
+ .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
+ .. |copy| unicode:: U+000A9
+ '''
+diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
+index ca2d6ef117..100c64a1c1 100644
+--- a/doc/mitK5features.rst
++++ b/doc/mitK5features.rst
+@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB
+
+ krb4 support: Kerberos 5 release < 1.8
+
+-DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
++DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
+
+ Interoperability
+ ----------------
+diff --git a/src/Makefile.in b/src/Makefile.in
+index 8f14e9bf2c..ba3bb18eec 100644
+--- a/src/Makefile.in
++++ b/src/Makefile.in
+@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \
+ lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \
+ lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \
+ lib\crypto\builtin\enc_provider\Makefile \
+- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \
++ lib\crypto\builtin\md5\Makefile \
+ lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \
+ lib\crypto\builtin\hash_provider\Makefile \
+ lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \
+@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \
+ ##DOS## $(WCONFIG) config < $@.in > $@
+ ##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP)
+ ##DOS## $(WCONFIG) config < $@.in > $@
+-##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP)
+-##DOS## $(WCONFIG) config < $@.in > $@
+ ##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP)
+ ##DOS## $(WCONFIG) config < $@.in > $@
+ ##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP)
+diff --git a/src/configure.ac b/src/configure.ac
+index 40545f2bfc..8dc864718d 100644
+--- a/src/configure.ac
++++ b/src/configure.ac
+@@ -1489,12 +1489,12 @@ V5_AC_OUTPUT_MAKEFILE(.
+ lib lib/kdb
+
+ lib/crypto lib/crypto/krb lib/crypto/crypto_tests
+- lib/crypto/builtin lib/crypto/builtin/des
++ lib/crypto/builtin
+ lib/crypto/builtin/aes lib/crypto/builtin/camellia
+ lib/crypto/builtin/md4 lib/crypto/builtin/md5
+ lib/crypto/builtin/sha1 lib/crypto/builtin/sha2
+ lib/crypto/builtin/enc_provider lib/crypto/builtin/hash_provider
+- lib/crypto/openssl lib/crypto/openssl/des
++ lib/crypto/openssl
+ lib/crypto/openssl/enc_provider lib/crypto/openssl/hash_provider
+
+ lib/krb5 lib/krb5/error_tables lib/krb5/asn.1 lib/krb5/ccache
+diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
+index 7e1dea2cbf..fb9f2a366c 100644
+--- a/src/include/krb5/krb5.hin
++++ b/src/include/krb5/krb5.hin
+@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov {
+ #define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */
+ #define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */
+ #define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */
+-#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */
+-#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */
++#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */
++#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */
+ #define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */
+ /* PKINIT */
+ #define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */
+@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov {
+ #define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */
+ #define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */
+ #define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */
+-#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */
++#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */
+
+-#define ENCTYPE_DES3_CBC_SHA1 0x0010
++#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */
+ #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */
+ #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */
+ #define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */
+@@ -463,7 +463,7 @@ typedef struct _krb5_crypto_iov {
+ #define CKSUMTYPE_RSA_MD5 0x0007
+ #define CKSUMTYPE_RSA_MD5_DES 0x0008
+ #define CKSUMTYPE_NIST_SHA 0x0009
+-#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
++#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */
+ #define CKSUMTYPE_SHA1 0x000e /**< RFC 3961 */
+ #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
+diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
+index 9f2a67d189..b7a9aa4992 100644
+--- a/src/kdc/kdc_util.c
++++ b/src/kdc/kdc_util.c
+@@ -1111,8 +1111,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
+ name = "rsaEncryption-EnvOID";
+ else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV)
+ name = "id-RSAES-OAEP-EnvOID";
+- else if (ktype == ENCTYPE_DES3_CBC_ENV)
+- name = "des-ede3-cbc-EnvOID";
+ else
+ return krb5_enctype_to_name(ktype, FALSE, buf, buflen);
+
+@@ -1704,8 +1702,6 @@ krb5_boolean
+ enctype_requires_etype_info_2(krb5_enctype enctype)
+ {
+ switch(enctype) {
+- case ENCTYPE_DES3_CBC_SHA1:
+- case ENCTYPE_DES3_CBC_RAW:
+ case ENCTYPE_ARCFOUR_HMAC:
+ case ENCTYPE_ARCFOUR_HMAC_EXP :
+ return 0;
+diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
+index 10e8c74cf8..25c4f40cc3 100644
+--- a/src/lib/crypto/Makefile.in
++++ b/src/lib/crypto/Makefile.in
+@@ -10,12 +10,12 @@ LIBMINOR=1
+ RELDIR=crypto
+
+ STOBJLISTS=krb/OBJS.ST \
+- builtin/OBJS.ST builtin/des/OBJS.ST \
++ builtin/OBJS.ST \
+ builtin/aes/OBJS.ST builtin/camellia/OBJS.ST \
+ builtin/md4/OBJS.ST builtin/md5/OBJS.ST \
+ builtin/sha1/OBJS.ST builtin/sha2/OBJS.ST \
+ builtin/enc_provider/OBJS.ST builtin/hash_provider/OBJS.ST \
+- openssl/OBJS.ST openssl/des/OBJS.ST \
++ openssl/OBJS.ST \
+ openssl/enc_provider/OBJS.ST openssl/hash_provider/OBJS.ST
+
+ SUBDIROBJLISTS=$(STOBJLISTS)
+@@ -28,8 +28,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
+ SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
+
+ ##DOS##LIBNAME=$(OUTPRE)crypto.lib
+-##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
+-##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
++##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
++##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
+
+ all-unix: all-liblinks
+ install-unix: install-libs
+diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
+index daf19da195..c9e967c807 100644
+--- a/src/lib/crypto/builtin/Makefile.in
++++ b/src/lib/crypto/builtin/Makefile.in
+@@ -1,6 +1,6 @@
+ mydir=lib$(S)crypto$(S)builtin
+ BUILDTOP=$(REL)..$(S)..$(S)..
+-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
++SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
+ LOCALINCLUDES=-I$(srcdir)/../krb $(CRYPTO_IMPL_CFLAGS)
+
+ ##DOS##BUILDTOP = ..\..\..
+@@ -25,7 +25,7 @@ SRCS=\
+ $(srcdir)/kdf.c \
+ $(srcdir)/pbkdf2.c
+
+-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
++STOBJLISTS= md4/OBJS.ST \
+ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
+ enc_provider/OBJS.ST \
+ hash_provider/OBJS.ST \
+@@ -33,7 +33,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
+ camellia/OBJS.ST \
+ OBJS.ST
+
+-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
++SUBDIROBJLISTS= md4/OBJS.ST \
+ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
+ enc_provider/OBJS.ST \
+ hash_provider/OBJS.ST \
+diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES
+deleted file mode 100644
+index 1578911033..0000000000
+--- a/src/lib/crypto/builtin/des/ISSUES
++++ /dev/null
+@@ -1,13 +0,0 @@
+-Issues to be addressed for src/lib/crypto/des: -*- text -*-
+-
+-
+-"const" could be used in more places
+-
+-
+-Array types are used in calling interfaces. Under ANSI C, a value of
+-type "arraytype *" cannot be assigned to a variable of type "const
+-arraytype *", so we get compilation warnings.
+-
+-Possible fix: Rewrite internal interfaces to not use arrays this way.
+-Provide external routines compatible with old API, but not using
+-const?
+diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in
+deleted file mode 100644
+index 397ac87ed4..0000000000
+--- a/src/lib/crypto/builtin/des/Makefile.in
++++ /dev/null
+@@ -1,82 +0,0 @@
+-mydir=lib$(S)crypto$(S)builtin$(S)des
+-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+-LOCALINCLUDES=-I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS)
+-
+-##DOS##BUILDTOP = ..\..\..\..
+-##DOS##PREFIXDIR = builtin\des
+-##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst
+-
+-STLIBOBJS=\
+- d3_aead.o \
+- d3_kysched.o \
+- des_keys.o \
+- f_aead.o \
+- f_cksum.o \
+- f_parity.o \
+- f_sched.o \
+- f_tables.o \
+- key_sched.o \
+- weak_key.o
+-
+-OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \
+- $(OUTPRE)d3_kysched.$(OBJEXT) \
+- $(OUTPRE)des_keys.$(OBJEXT) \
+- $(OUTPRE)f_aead.$(OBJEXT) \
+- $(OUTPRE)f_cksum.$(OBJEXT) \
+- $(OUTPRE)f_parity.$(OBJEXT) \
+- $(OUTPRE)f_sched.$(OBJEXT) \
+- $(OUTPRE)f_tables.$(OBJEXT) \
+- $(OUTPRE)key_sched.$(OBJEXT) \
+- $(OUTPRE)weak_key.$(OBJEXT)
+-
+-SRCS= $(srcdir)/d3_aead.c \
+- $(srcdir)/d3_kysched.c \
+- $(srcdir)/des_keys.c \
+- $(srcdir)/f_aead.c \
+- $(srcdir)/f_cksum.c \
+- $(srcdir)/f_parity.c \
+- $(srcdir)/f_sched.c \
+- $(srcdir)/f_tables.c \
+- $(srcdir)/key_sched.c \
+- $(srcdir)/weak_key.c
+-
+-EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c
+-
+-##DOS##LIBOBJS = $(OBJS)
+-
+-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
+- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
+- $(OUTPRE)f_cksum.$(OBJEXT)
+-
+-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
+- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
+- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
+- $(COM_ERR_LIB) $(SUPPORT_LIB)
+-
+-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
+- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
+-
+-all-unix: all-libobjs
+-
+-check-unix: check-unix-@CRYPTO_BUILTIN_TESTS@
+-check-unix-no:
+-check-unix-yes: verify destest
+- $(RUN_TEST) ./verify -z
+- $(RUN_TEST) ./verify -m
+- $(RUN_TEST) ./verify
+- $(RUN_TEST) ./destest < $(srcdir)/keytest.data
+-
+-includes: depend
+-
+-depend: $(SRCS)
+-
+-check-windows:
+-
+-clean:
+- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \
+- t_verify.$(OBJEXT) $(TOBJS)
+-
+-clean-unix:: clean-libobjs
+-
+-@libobj_frag@
+-
+diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c
+deleted file mode 100644
+index fb83f73b43..0000000000
+--- a/src/lib/crypto/builtin/des/d3_aead.c
++++ /dev/null
+@@ -1,137 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/*
+- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
+- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
+- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
+- * in advertising or publicity pertaining to distribution of the software
+- * without specific, written prior permission. Richard P. Basch,
+- * Lehman Brothers and M.I.T. make no representations about the suitability
+- * of this software for any purpose. It is provided "as is" without
+- * express or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-#include "f_tables.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-void
+-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule ks1,
+- const mit_des_key_schedule ks2,
+- const mit_des_key_schedule ks3,
+- mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp1, *kp2, *kp3;
+- const unsigned char *ip;
+- struct iov_cursor cursor;
+- unsigned char block[MIT_DES_BLOCK_LENGTH];
+-
+- /* Get key pointers here. These won't need to be reinitialized. */
+- kp1 = (const unsigned DES_INT32 *)ks1;
+- kp2 = (const unsigned DES_INT32 *)ks2;
+- kp3 = (const unsigned DES_INT32 *)ks3;
+-
+- /* Initialize left and right with the contents of the initial vector. */
+- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
+- left = load_32_be(ip);
+- right = load_32_be(ip + 4);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
+- while (k5_iov_cursor_get(&cursor, block)) {
+- /* xor this block with the previous ciphertext. */
+- left ^= load_32_be(block);
+- right ^= load_32_be(block + 4);
+-
+- /* Encrypt what we have and store it back into block. */
+- DES_DO_ENCRYPT(left, right, kp1);
+- DES_DO_DECRYPT(left, right, kp2);
+- DES_DO_ENCRYPT(left, right, kp3);
+- store_32_be(left, block);
+- store_32_be(right, block + 4);
+-
+- k5_iov_cursor_put(&cursor, block);
+- }
+-
+- if (ivec != NULL) {
+- store_32_be(left, ivec);
+- store_32_be(right, ivec + 4);
+- }
+-}
+-
+-void
+-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule ks1,
+- const mit_des_key_schedule ks2,
+- const mit_des_key_schedule ks3,
+- mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp1, *kp2, *kp3;
+- const unsigned char *ip;
+- unsigned DES_INT32 ocipherl, ocipherr;
+- unsigned DES_INT32 cipherl, cipherr;
+- struct iov_cursor cursor;
+- unsigned char block[MIT_DES_BLOCK_LENGTH];
+-
+- /* Get key pointers here. These won't need to be reinitialized. */
+- kp1 = (const unsigned DES_INT32 *)ks1;
+- kp2 = (const unsigned DES_INT32 *)ks2;
+- kp3 = (const unsigned DES_INT32 *)ks3;
+-
+- /*
+- * Decrypting is harder than encrypting because of
+- * the necessity of remembering a lot more things.
+- * Should think about this a little more...
+- */
+-
+- /* Prime the old cipher with ivec.*/
+- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
+- ocipherl = load_32_be(ip);
+- ocipherr = load_32_be(ip + 4);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
+- while (k5_iov_cursor_get(&cursor, block)) {
+- /* Split this block into left and right. */
+- cipherl = left = load_32_be(block);
+- cipherr = right = load_32_be(block + 4);
+-
+- /* Decrypt and xor with the old cipher to get plain text. */
+- DES_DO_DECRYPT(left, right, kp3);
+- DES_DO_ENCRYPT(left, right, kp2);
+- DES_DO_DECRYPT(left, right, kp1);
+- left ^= ocipherl;
+- right ^= ocipherr;
+-
+- /* Store the encrypted halves back into block. */
+- store_32_be(left, block);
+- store_32_be(right, block + 4);
+-
+- /* Save current cipher block halves. */
+- ocipherl = cipherl;
+- ocipherr = cipherr;
+-
+- k5_iov_cursor_put(&cursor, block);
+- }
+-
+- if (ivec != NULL) {
+- store_32_be(ocipherl, ivec);
+- store_32_be(ocipherr, ivec + 4);
+- }
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c
+deleted file mode 100644
+index 55fb9449b5..0000000000
+--- a/src/lib/crypto/builtin/des/d3_kysched.c
++++ /dev/null
+@@ -1,55 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/*
+- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
+- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
+- * in advertising or publicity pertaining to distribution of the software
+- * without specific, written prior permission. Richard P. Basch,
+- * Lehman Brothers and M.I.T. make no representations about the suitability
+- * of this software for any purpose. It is provided "as is" without
+- * express or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-int
+-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
+-{
+- mit_des_make_key_sched(k[0],schedule[0]);
+- mit_des_make_key_sched(k[1],schedule[1]);
+- mit_des_make_key_sched(k[2],schedule[2]);
+-
+- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
+- return(-1);
+- if (mit_des_is_weak_key(k[0]))
+- return(-2);
+-
+- if (!mit_des_check_key_parity(k[1]))
+- return(-1);
+- if (mit_des_is_weak_key(k[1]))
+- return(-2);
+-
+- if (!mit_des_check_key_parity(k[2]))
+- return(-1);
+- if (mit_des_is_weak_key(k[2]))
+- return(-2);
+-
+- /* if key was good, return 0 */
+- return 0;
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps
+deleted file mode 100644
+index 1c1239d696..0000000000
+--- a/src/lib/crypto/builtin/des/deps
++++ /dev/null
+@@ -1,146 +0,0 @@
+-#
+-# Generated makefile dependencies follow.
+-#
+-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- d3_aead.c des_int.h f_tables.h
+-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h d3_kysched.c des_int.h
+-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c
+-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- des_int.h f_aead.c f_tables.h
+-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- des_int.h f_cksum.c f_tables.h
+-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c
+-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- des_int.h f_sched.c
+-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h f_tables.c \
+- f_tables.h
+-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h key_sched.c
+-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c
+-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h destest.c
+-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \
+- f_tables.h
+-t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- des_int.h t_verify.c
+diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
+deleted file mode 100644
+index f8dc6b296a..0000000000
+--- a/src/lib/crypto/builtin/des/des_int.h
++++ /dev/null
+@@ -1,285 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/des_int.h */
+-/*
+- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
+- * Technology. All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-/*
+- * Copyright (C) 1998 by the FundsXpress, INC.
+- *
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may require
+- * a specific license from the United States Government. It is the
+- * responsibility of any person or organization contemplating export to
+- * obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of FundsXpress. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. FundsXpress makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+- */
+-
+-/* Private include file for the Data Encryption Standard library. */
+-
+-/* only do the whole thing once */
+-#ifndef DES_INTERNAL_DEFS
+-#define DES_INTERNAL_DEFS
+-
+-#include "k5-int.h"
+-/*
+- * Begin "mit-des.h"
+- */
+-#ifndef KRB5_MIT_DES__
+-#define KRB5_MIT_DES__
+-
+-#if defined(__MACH__) && defined(__APPLE__)
+-#include <TargetConditionals.h>
+-#include <AvailabilityMacros.h>
+-#if TARGET_RT_MAC_CFM
+-#error "Use KfM 4.0 SDK headers for CFM compilation."
+-#endif
+-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
+-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
+-#endif
+-#endif /* defined(__MACH__) && defined(__APPLE__) */
+-
+-/* Macro to add deprecated attribute to DES types and functions */
+-/* Currently only defined on macOS 10.5 and later. */
+-#ifndef KRB5INT_DES_DEPRECATED
+-#define KRB5INT_DES_DEPRECATED
+-#endif
+-
+-#include <limits.h>
+-
+-#if UINT_MAX >= 0xFFFFFFFFUL
+-#define DES_INT32 int
+-#define DES_UINT32 unsigned int
+-#else
+-#define DES_INT32 long
+-#define DES_UINT32 unsigned long
+-#endif
+-
+-typedef unsigned char des_cblock[8] /* crypto-block size */
+-KRB5INT_DES_DEPRECATED;
+-
+-/*
+- * Key schedule.
+- *
+- * This used to be
+- *
+- * typedef struct des_ks_struct {
+- * union { DES_INT32 pad; des_cblock _;} __;
+- * } des_key_schedule[16];
+- *
+- * but it would cause trouble if DES_INT32 were ever more than 4
+- * bytes. The reason is that all the encryption functions cast it to
+- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
+- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
+- * caller-allocated des_key_schedule will be overflowed by the key
+- * scheduling functions. We can't assume that every platform will
+- * have an exact 32-bit int, and nothing should be looking inside a
+- * des_key_schedule anyway.
+- */
+-typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
+-KRB5INT_DES_DEPRECATED;
+-
+-typedef des_cblock mit_des_cblock;
+-typedef des_key_schedule mit_des_key_schedule;
+-
+-/* Triple-DES structures */
+-typedef mit_des_cblock mit_des3_cblock[3];
+-typedef mit_des_key_schedule mit_des3_key_schedule[3];
+-
+-#define MIT_DES_ENCRYPT 1
+-#define MIT_DES_DECRYPT 0
+-
+-typedef struct mit_des_ran_key_seed {
+- krb5_encrypt_block eblock;
+- krb5_data sequence;
+-} mit_des_random_state;
+-
+-/* the first byte of the key is already in the keyblock */
+-
+-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
+-/* This used to be 8*sizeof(krb5_octet) */
+-#define MIT_DES_KEYSIZE 8
+-
+-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
+-
+-#endif /* KRB5_MIT_DES__ */
+-/*
+- * End "mit-des.h"
+- */
+-
+-/* afsstring2key.c */
+-krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
+- const krb5_data *data,
+- const krb5_data *salt);
+-char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
+-
+-/* f_cksum.c */
+-unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
+- unsigned long, const mit_des_key_schedule,
+- const krb5_octet *);
+-
+-/* f_cbc.c (used by test programs) */
+-int
+-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+- unsigned long length, const mit_des_key_schedule schedule,
+- const mit_des_cblock ivec, int enc);
+-
+-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
+-extern const mit_des_cblock mit_des_zeroblock;
+-
+-/* fin_rndkey.c */
+-krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
+- krb5_pointer *);
+-
+-/* finish_key.c */
+-krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
+-
+-/* init_rkey.c */
+-krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
+- const krb5_keyblock *,
+- krb5_pointer *);
+-
+-/* key_parity.c */
+-void mit_des_fixup_key_parity(mit_des_cblock);
+-int mit_des_check_key_parity(mit_des_cblock);
+-
+-/* key_sched.c */
+-int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
+-
+-/* process_ky.c */
+-krb5_error_code mit_des_process_key(krb5_encrypt_block *,
+- const krb5_keyblock *);
+-
+-/* random_key.c */
+-krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
+- krb5_pointer, krb5_keyblock **);
+-
+-/* string2key.c */
+-krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
+- krb5_keyblock *, const krb5_data *,
+- const krb5_data *);
+-krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
+- const krb5_data *);
+-
+-/* weak_key.c */
+-int mit_des_is_weak_key(mit_des_cblock);
+-
+-/* cmb_keys.c */
+-krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
+- const krb5_keyblock *,
+- krb5_keyblock **);
+-
+-/* f_pcbc.c */
+-int mit_des_pcbc_encrypt();
+-
+-/* f_sched.c */
+-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
+-
+-
+-/* misc.c */
+-extern void swap_bits(char *);
+-extern unsigned long long_swap_bits(unsigned long);
+-extern unsigned long swap_six_bits_to_ansi(unsigned long);
+-extern unsigned long swap_four_bits_to_ansi(unsigned long);
+-extern unsigned long swap_bit_pos_1(unsigned long);
+-extern unsigned long swap_bit_pos_0(unsigned long);
+-extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
+-extern unsigned long rev_swap_bit_pos_0(unsigned long);
+-extern unsigned long swap_byte_bits(unsigned long);
+-extern unsigned long swap_long_bytes_bit_number(unsigned long);
+-#ifdef FILE
+-/* XXX depends on FILE being a #define! */
+-extern void test_set(FILE *, const char *, int, const char *, int);
+-#endif
+-
+-void
+-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule ks1,
+- const mit_des_key_schedule ks2,
+- const mit_des_key_schedule ks3,
+- mit_des_cblock ivec);
+-
+-void
+-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule ks1,
+- const mit_des_key_schedule ks2,
+- const mit_des_key_schedule ks3,
+- mit_des_cblock ivec);
+-
+-void
+-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule,
+- mit_des_cblock ivec);
+-
+-void
+-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule,
+- mit_des_cblock ivec);
+-
+-void
+-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule, mit_des_cblock ivec,
+- mit_des_cblock out);
+-
+-/* d3_procky.c */
+-krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
+- const krb5_keyblock *keyblock);
+-
+-/* d3_kysched.c */
+-int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
+-
+-/* d3_str2ky.c */
+-krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
+- krb5_keyblock *keyblock,
+- const krb5_data *data,
+- const krb5_data *salt);
+-
+-/* u_nfold.c */
+-krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
+- krb5_octet *output, const size_t out_len);
+-
+-/* u_rn_key.c */
+-int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
+-
+-void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
+-
+-krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
+- krb5_pointer random_state);
+-
+-krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
+- krb5_pointer random_state);
+-#endif /*DES_INTERNAL_DEFS*/
+diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c
+deleted file mode 100644
+index 027b09d728..0000000000
+--- a/src/lib/crypto/builtin/des/des_keys.c
++++ /dev/null
+@@ -1,38 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */
+-/*
+- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES_KEY_PARITY
+-
+-void
+-k5_des_fixup_key_parity(unsigned char *keybits)
+-{
+- mit_des_fixup_key_parity(keybits);
+-}
+-
+-#endif /* K5_BUILTIN_DES_KEY_PARITY */
+diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
+deleted file mode 100644
+index 52114304e3..0000000000
+--- a/src/lib/crypto/builtin/des/destest.c
++++ /dev/null
+@@ -1,240 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/destest.c */
+-/*
+- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+- * All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-/*
+- * Copyright (C) 1998 by the FundsXpress, INC.
+- *
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may require
+- * a specific license from the United States Government. It is the
+- * responsibility of any person or organization contemplating export to
+- * obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of FundsXpress. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. FundsXpress makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+- */
+-
+-/* Test a DES implementation against known inputs & outputs. */
+-
+-#include "des_int.h"
+-#include <ctype.h>
+-#include <stdio.h>
+-
+-void convert (char *, unsigned char []);
+-
+-void des_cblock_print_file (mit_des_cblock, FILE *);
+-
+-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
+-
+-int
+-main(argc, argv)
+- int argc;
+- char *argv[];
+-{
+- char block1[17], block2[17], block3[17];
+- /* Force tests of unaligned accesses. */
+- union { unsigned char c[8*4+3]; long l; } u;
+- unsigned char *ioblocks = u.c;
+- unsigned char *input = ioblocks+1;
+- unsigned char *output = ioblocks+10;
+- unsigned char *output2 = ioblocks+19;
+- unsigned char *key = ioblocks+27;
+- mit_des_key_schedule sched;
+- int num = 0;
+- int retval;
+-
+- int error = 0;
+-
+- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
+- convert(block1, key);
+- convert(block2, input);
+- convert(block3, output);
+-
+- retval = mit_des_key_sched(key, sched);
+- if (retval) {
+- fprintf(stderr, "des test: can't process key: %d\n", retval);
+- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
+- exit(1);
+- }
+- mit_des_cbc_encrypt((const mit_des_cblock *) input,
+- (mit_des_cblock *) output2, 8,
+- sched, zeroblock, 1);
+-
+- if (memcmp((char *)output2, (char *)output, 8)) {
+- fprintf(stderr,
+- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
+- block1, block2, block3,
+- output2[0],output2[1],output2[2],output2[3],
+- output2[4],output2[5],output2[6],output2[7]);
+- error++;
+- }
+-
+- /*
+- * Now try decrypting....
+- */
+- mit_des_cbc_encrypt((const mit_des_cblock *) output,
+- (mit_des_cblock *) output2, 8,
+- sched, zeroblock, 0);
+-
+- if (memcmp((char *)output2, (char *)input, 8)) {
+- fprintf(stderr,
+- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
+- block1, block2, block3,
+- output2[0],output2[1],output2[2],output2[3],
+- output2[4],output2[5],output2[6],output2[7]);
+- error++;
+- }
+-
+- num++;
+- }
+-
+- if (error)
+- printf("destest: failed to pass the test\n");
+- else
+- printf("destest: %d tests passed successfully\n", num);
+-
+- exit( (error > 256 && error % 256) ? 1 : error);
+-}
+-
+-int value[128] = {
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- 0, 1, 2, 3, 4, 5, 6, 7,
+- 8, 9, -1, -1, -1, -1, -1, -1,
+- -1, 10, 11, 12, 13, 14, 15, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+- -1, -1, -1, -1, -1, -1, -1, -1,
+-};
+-
+-void
+-convert(text, cblock)
+- char *text;
+- unsigned char cblock[];
+-{
+- int i;
+- for (i = 0; i < 8; i++) {
+- if (!isascii((unsigned char)text[i * 2]))
+- abort ();
+- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
+- printf("Bad value byte %d in %s\n", i, text);
+- exit(1);
+- }
+- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
+- }
+- return;
+-}
+-
+-/*
+- * Fake out the DES library, for the purposes of testing.
+- */
+-
+-int
+-mit_des_is_weak_key(key)
+- mit_des_cblock key;
+-{
+- return 0; /* fake it out for testing */
+-}
+-
+-void
+-des_cblock_print_file(x, fp)
+- mit_des_cblock x;
+- FILE *fp;
+-{
+- unsigned char *y = (unsigned char *) x;
+- int i = 0;
+- fprintf(fp," 0x { ");
+-
+- while (i++ < 8) {
+- fprintf(fp,"%x",*y++);
+- if (i < 8)
+- fprintf(fp,", ");
+- }
+- fprintf(fp," }");
+-}
+-
+-
+-#define smask(step) ((1<<step)-1)
+-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
+-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
+-
+-/*
+- * des_check_key_parity: returns true iff key has the correct des parity.
+- * See des_fix_key_parity for the definition of
+- * correct des parity.
+- */
+-int
+-mit_des_check_key_parity(key)
+- mit_des_cblock key;
+-{
+- unsigned int i;
+-
+- for (i=0; i<sizeof(mit_des_cblock); i++) {
+- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
+- printf("warning: bad parity key:");
+- des_cblock_print_file(key, stdout);
+- putchar('\n');
+-
+- return 1;
+- }
+- }
+-
+- return(1);
+-}
+-
+-void
+-mit_des_fixup_key_parity(key)
+- mit_des_cblock key;
+-{
+- unsigned int i;
+- for (i=0; i<sizeof(mit_des_cblock); i++)
+- {
+- key[i] &= 0xfe;
+- key[i] |= 1^parity_char(key[i]);
+- }
+-
+- return;
+-}
+diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
+deleted file mode 100644
+index 6e9431ed2e..0000000000
+--- a/src/lib/crypto/builtin/des/doc/libdes.doc
++++ /dev/null
+@@ -1,208 +0,0 @@
+-
+- How to use the Kerberos encryption library.
+-
+- Revised 10/15/85 spm
+-
+-1) The following include file is needed:
+-
+- /projects/auth/include/des.h (VAX)
+- --------------- (PC8086)
+-
+-2) The encryption library that should be linked to is:
+-
+- /projects/auth/lib/libdes.a (VAX)
+-| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
+-
+-3) For each key that may be simultaneously active,
+- allocate (either compile or malloc) a "Key_schedule" struct,
+- defined in "des.h"
+-
+-4) Create key schedules, as needed, prior to using the encryption
+- routines, via "des_set_key()".
+-
+-5) Setup the input and output areas. Make sure to note the restrictions
+- on lengths being multiples of eight bytes.
+-
+-6) Invoke the encryption/decryption routines, "ecb_encrypt()"
+- or "cbc_encrypt()"
+-
+-7) To generate a cryptographic checksum, use "cbc_cksum()"
+-/* ---------------------------------------------------------------- */
+-
+- Routine Interfaces--
+-
+-/* ----------------------------------------------------------------- */
+-
+-int
+- des_set_key(k,schedule)
+- C_Block *k;
+- Key_schedule schedule;
+-
+- Calculates a key schedule from (all) eight bytes of the input key, and
+- puts it into the indicated "Key_schedule" struct;
+-
+- Make sure to pass valid eight bytes, no padding or other processing
+- it done.
+-
+- The key schedule is then used in subsequent encryption/decryption
+- operations. Many key schedules may be created and cached for later
+- use.
+-
+- The user is responsible to clear keys and schedules no longer needed
+- to prevent their disclosure.
+-
+-| Checks the parity of the key provided, to make sure it is odd per
+-| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
+-
+-/* ---------------------------------------------------------------- */
+-
+-int
+- ecb_encrypt(input,output,schedule,encrypt)
+- C_Block *input; /* ptr to eight byte input value */
+- C_Block *output; /* ptr to eight byte output value */
+- int encrypt; /* 0 ==> decrypt, else encrypt */
+- Key_schedule schedule; /* addr of key schedule */
+-
+-This is the low level routine that encrypts or decrypts a single 8-byte
+-block in electronic code book mode. Always transforms the input
+-data into the output data.
+-
+-If encrypt is non-zero, the input (cleartext) is encrypted into the
+-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
+-
+-If encrypt is zero, the input (now ciphertext) is decrypted into
+-the output (now cleartext).
+-
+-Input and output may be the same space.
+-
+-Does not return any meaningful value. Void is not used for compatibility
+-with other compilers.
+-
+-/* -------------------------------------------------------------- */
+-
+-int
+- cbc_encrypt(input,output,length,schedule,ivec,encrypt)
+-
+- C_Block *input; /* ptr to input data */
+- C_Block *output; /* ptr to output data */
+- int length; /* desired length, in bytes */
+- Key_schedule schedule; /* addr of precomputed schedule */
+- C_Block *ivec; /* pointer to 8 byte initialization
+- * vector
+- */
+- int encrypt /* 0 ==> decrypt; else encrypt*/
+-
+-
+- If encrypt is non-zero, the routine cipher-block-chain encrypts
+- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
+- key schedule and initialization vector. If the length is not an integral
+- multiple of eight bytes, the last block is copied to a temp and zero
+- filled (highest addresses). The output is ALWAYS an integral multiple
+- of eight bytes.
+-
+- If encrypt is zero, the routine cipher-block chain decrypts the INPUT
+- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule
+- and initialization vector. Decryption ALWAYS operates on integral
+- multiples of 8 bytes, so will round the length provided up to the
+- appropriate multiple. Consequently, it will always produce the rounded-up
+- number of bytes of output cleartext. The application must determine if
+- the output cleartext was zero-padded due to cleartext lengths not integral
+- multiples of 8.
+-
+- No errors or meaningful value are returned. Void is not used for
+- compatibility with other compilers.
+-
+-
+-/* cbc checksum (MAC) only routine ---------------------------------------- */
+-int
+- cbc_cksum(input,output,length,schedule,ivec)
+-
+- C_Block *input; /* >= length bytes of inputtext */
+- C_Block *output; /* >= length bytes of outputtext */
+- int length; /* in bytes */
+- Key_schedule schedule; /* precomputed key schedule */
+- C_Block *ivec; /* 8 bytes of ivec */
+-
+-
+- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
+- encrypting the input, discarding the ciphertext output, and only retaining
+- the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
+- The input is effectively zero-padded to an integral multiple of
+- eight bytes, though the original input is not modified.
+-
+- No meaningful value is returned. Void is not used for compatibility
+- with other compilers.
+-
+-
+-/* random_key ----------------------------------------*/
+-int
+- random_key(key)
+-
+- C_Block *key;
+-
+- The start for the random number generated is set from the current time
+- in microseconds, then the random number generator is invoked
+- to create an eight byte output key (not a schedule). The key
+- generated is set to odd parity per FIPS spec.
+-
+- The caller must supply space for the output key, pointed to
+- by "*key", then after getting a new key, call the des_set_key()
+- routine when needed.
+-
+- No meaningful value is returned. Void is not used for compatibility
+- with other compilers.
+-
+-
+-/* string_to_key --------------------------------------------*/
+-
+-int
+- string_to_key(str,key)
+- char *str;
+- C_Block *key;
+-
+- This routines converts an arbitrary length, null terminated string
+- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
+-
+- The algorithm is as follows:
+-
+-| Take the first 8 bytes and remove the parity (leaving 56 bits).
+-| Do the same for the second 8 bytes, and the third, etc. Do this for
+-| as many sets of 8 bytes as necessary, filling in the remainder of the
+-| last set with nulls. Fold the second set back on the first (i.e. bit
+-| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
+-| (bit 0 of the third set is now over bit 0 of the first set). Repeat
+-| until you have done this to all sets. Xor the folded sets. Break the
+-| result into 8 7 bit bytes, and generate odd parity for each byte. You
+-| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
+-| non parity bits.
+-
+-
+-/* read_password -------------------------------------------*/
+-
+-read_password(k,prompt,verify)
+- C_Block *k;
+- char *prompt;
+- int verify;
+-
+-This routine issues the supplied prompt, turns off echo, if possible, and
+-reads an input string. If verify is non-zero, it does it again, for use
+-in applications such as changing a password. If verify is non-zero, both
+-versions are compared, and the input is requested repeatedly until they
+-match. Then, the input string is mapped into a valid DES key, internally
+-using the string_to_key routine. The newly created key is copied to the
+-area pointed to by parameter "k".
+-
+-No meaningful value is returned. If an error occurs trying to manipulate
+-the terminal echo, the routine forces the process to exit.
+-
+-/* get_line ------------------------*/
+-long get_line(p,max)
+- char *p;
+- long max;
+-
+-Reads input characters from standard input until either a newline appears or
+-else the max length is reached. The characters read are stuffed into
+-the string pointed to, which will always be null terminated. The newline
+-is not inserted in the string. The max parameter includes the byte needed
+-for the null terminator, so allocate and pass one more than the maximum
+-string length desired.
+diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
+deleted file mode 100644
+index f887735820..0000000000
+--- a/src/lib/crypto/builtin/des/f_aead.c
++++ /dev/null
+@@ -1,177 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/*
+- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
+- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
+- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
+- * in advertising or publicity pertaining to distribution of the software
+- * without specific, written prior permission. Richard P. Basch,
+- * Lehman Brothers and M.I.T. make no representations about the suitability
+- * of this software for any purpose. It is provided "as is" without
+- * express or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-#include "f_tables.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-const mit_des_cblock mit_des_zeroblock /* = all zero */;
+-
+-void
+-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule,
+- mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- struct iov_cursor cursor;
+- unsigned char block[MIT_DES_BLOCK_LENGTH];
+-
+- /* Get key pointer here. This won't need to be reinitialized. */
+- kp = (const unsigned DES_INT32 *)schedule;
+-
+- /* Initialize left and right with the contents of the initial vector. */
+- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
+- left = load_32_be(ip);
+- right = load_32_be(ip + 4);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
+- while (k5_iov_cursor_get(&cursor, block)) {
+- /* Decompose this block and xor it with the previous ciphertext. */
+- left ^= load_32_be(block);
+- right ^= load_32_be(block + 4);
+-
+- /* Encrypt what we have and put back into block. */
+- DES_DO_ENCRYPT(left, right, kp);
+- store_32_be(left, block);
+- store_32_be(right, block + 4);
+-
+- k5_iov_cursor_put(&cursor, block);
+- }
+-
+- if (ivec != NULL) {
+- store_32_be(left, ivec);
+- store_32_be(right, ivec + 4);
+- }
+-}
+-
+-void
+-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule,
+- mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- unsigned DES_INT32 ocipherl, ocipherr;
+- unsigned DES_INT32 cipherl, cipherr;
+- struct iov_cursor cursor;
+- unsigned char block[MIT_DES_BLOCK_LENGTH];
+-
+- /* Get key pointer here. This won't need to be reinitialized. */
+- kp = (const unsigned DES_INT32 *)schedule;
+-
+- /*
+- * Decrypting is harder than encrypting because of
+- * the necessity of remembering a lot more things.
+- * Should think about this a little more...
+- */
+-
+- /* Prime the old cipher with ivec. */
+- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
+- ocipherl = load_32_be(ip);
+- ocipherr = load_32_be(ip + 4);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
+- while (k5_iov_cursor_get(&cursor, block)) {
+- /* Split this block into left and right. */
+- cipherl = left = load_32_be(block);
+- cipherr = right = load_32_be(block + 4);
+-
+- /* Decrypt and xor with the old cipher to get plain text. */
+- DES_DO_DECRYPT(left, right, kp);
+- left ^= ocipherl;
+- right ^= ocipherr;
+-
+- /* Store the encrypted halves back into block. */
+- store_32_be(left, block);
+- store_32_be(right, block + 4);
+-
+- /* Save current cipher block halves. */
+- ocipherl = cipherl;
+- ocipherr = cipherr;
+-
+- k5_iov_cursor_put(&cursor, block);
+- }
+-
+- if (ivec != NULL) {
+- store_32_be(ocipherl, ivec);
+- store_32_be(ocipherr, ivec + 4);
+- }
+-}
+-
+-void
+-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
+- const mit_des_key_schedule schedule, mit_des_cblock ivec,
+- mit_des_cblock out)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- struct iov_cursor cursor;
+- unsigned char block[MIT_DES_BLOCK_LENGTH];
+-
+- /* Get key pointer here. This won't need to be reinitialized. */
+- kp = (const unsigned DES_INT32 *)schedule;
+-
+- /* Initialize left and right with the contents of the initial vector. */
+- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
+- left = load_32_be(ip);
+- right = load_32_be(ip + 4);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE);
+- while (k5_iov_cursor_get(&cursor, block)) {
+- /* Decompose this block and xor it with the previous ciphertext. */
+- left ^= load_32_be(block);
+- right ^= load_32_be(block + 4);
+-
+- /* Encrypt what we have. */
+- DES_DO_ENCRYPT(left, right, kp);
+- }
+-
+- /* Output the final ciphertext block. */
+- store_32_be(left, out);
+- store_32_be(right, out + 4);
+-}
+-
+-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
+-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
+- unsigned DES_INT32 *right,
+- const unsigned DES_INT32 *kp)
+-{
+- DES_DO_ENCRYPT_1 (*left, *right, kp);
+-}
+-
+-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
+- unsigned DES_INT32 *right,
+- const unsigned DES_INT32 *kp)
+-{
+- DES_DO_DECRYPT_1 (*left, *right, kp);
+-}
+-#endif
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c
+deleted file mode 100644
+index 84d5382f22..0000000000
+--- a/src/lib/crypto/builtin/des/f_cbc.c
++++ /dev/null
+@@ -1,256 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/f_cbc.c */
+-/*
+- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/*
+- * CBC functions; used only by the test programs at this time. (krb5 uses the
+- * functions in f_aead.c instead.)
+- */
+-
+-/*
+- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
+- */
+-#include "des_int.h"
+-#include "f_tables.h"
+-
+-/*
+- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
+- */
+-
+-/*
+- * This routine performs DES cipher-block-chaining operation, either
+- * encrypting from cleartext to ciphertext, if encrypt != 0 or
+- * decrypting from ciphertext to cleartext, if encrypt == 0.
+- *
+- * The key schedule is passed as an arg, as well as the cleartext or
+- * ciphertext. The cleartext and ciphertext should be in host order.
+- *
+- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
+- * enough space was provided, your program will get trashed.
+- *
+- * For encryption, the cleartext string is null padded, at the end, to
+- * an integral multiple of eight bytes.
+- *
+- * For decryption, the ciphertext will be used in integral multiples
+- * of 8 bytes, but only the first "length" bytes returned into the
+- * cleartext.
+- */
+-
+-const mit_des_cblock mit_des_zeroblock /* = all zero */;
+-
+-static void
+-des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+- unsigned long length, const mit_des_key_schedule schedule,
+- const mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- unsigned char *op;
+-
+- /*
+- * Get key pointer here. This won't need to be reinitialized
+- */
+- kp = (const unsigned DES_INT32 *)schedule;
+-
+- /*
+- * Initialize left and right with the contents of the initial
+- * vector.
+- */
+- ip = ivec;
+- GET_HALF_BLOCK(left, ip);
+- GET_HALF_BLOCK(right, ip);
+-
+- /*
+- * Suitably initialized, now work the length down 8 bytes
+- * at a time.
+- */
+- ip = *in;
+- op = *out;
+- while (length > 0) {
+- /*
+- * Get more input, xor it in. If the length is
+- * greater than or equal to 8 this is straight
+- * forward. Otherwise we have to fart around.
+- */
+- if (length >= 8) {
+- unsigned DES_INT32 temp;
+- GET_HALF_BLOCK(temp, ip);
+- left ^= temp;
+- GET_HALF_BLOCK(temp, ip);
+- right ^= temp;
+- length -= 8;
+- } else {
+- /*
+- * Oh, shoot. We need to pad the
+- * end with zeroes. Work backwards
+- * to do this.
+- */
+- ip += (int) length;
+- switch(length) {
+- case 7:
+- right ^= (*(--ip) & FF_UINT32) << 8;
+- case 6:
+- right ^= (*(--ip) & FF_UINT32) << 16;
+- case 5:
+- right ^= (*(--ip) & FF_UINT32) << 24;
+- case 4:
+- left ^= *(--ip) & FF_UINT32;
+- case 3:
+- left ^= (*(--ip) & FF_UINT32) << 8;
+- case 2:
+- left ^= (*(--ip) & FF_UINT32) << 16;
+- case 1:
+- left ^= (*(--ip) & FF_UINT32) << 24;
+- break;
+- }
+- length = 0;
+- }
+-
+- /*
+- * Encrypt what we have
+- */
+- DES_DO_ENCRYPT(left, right, kp);
+-
+- /*
+- * Copy the results out
+- */
+- PUT_HALF_BLOCK(left, op);
+- PUT_HALF_BLOCK(right, op);
+- }
+-}
+-
+-static void
+-des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out,
+- unsigned long length, const mit_des_key_schedule schedule,
+- const mit_des_cblock ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- unsigned char *op;
+- unsigned DES_INT32 ocipherl, ocipherr;
+- unsigned DES_INT32 cipherl, cipherr;
+-
+- /*
+- * Get key pointer here. This won't need to be reinitialized
+- */
+- kp = (const unsigned DES_INT32 *)schedule;
+-
+- /*
+- * Decrypting is harder than encrypting because of
+- * the necessity of remembering a lot more things.
+- * Should think about this a little more...
+- */
+-
+- if (length <= 0)
+- return;
+-
+- /*
+- * Prime the old cipher with ivec.
+- */
+- ip = ivec;
+- GET_HALF_BLOCK(ocipherl, ip);
+- GET_HALF_BLOCK(ocipherr, ip);
+-
+- /*
+- * Now do this in earnest until we run out of length.
+- */
+- ip = *in;
+- op = *out;
+- for (;;) { /* check done inside loop */
+- /*
+- * Read a block from the input into left and
+- * right. Save this cipher block for later.
+- */
+- GET_HALF_BLOCK(left, ip);
+- GET_HALF_BLOCK(right, ip);
+- cipherl = left;
+- cipherr = right;
+-
+- /*
+- * Decrypt this.
+- */
+- DES_DO_DECRYPT(left, right, kp);
+-
+- /*
+- * Xor with the old cipher to get plain
+- * text. Output 8 or less bytes of this.
+- */
+- left ^= ocipherl;
+- right ^= ocipherr;
+- if (length > 8) {
+- length -= 8;
+- PUT_HALF_BLOCK(left, op);
+- PUT_HALF_BLOCK(right, op);
+- /*
+- * Save current cipher block here
+- */
+- ocipherl = cipherl;
+- ocipherr = cipherr;
+- } else {
+- /*
+- * Trouble here. Start at end of output,
+- * work backwards.
+- */
+- op += (int) length;
+- switch(length) {
+- case 8:
+- *(--op) = (unsigned char) (right & 0xff);
+- case 7:
+- *(--op) = (unsigned char) ((right >> 8) & 0xff);
+- case 6:
+- *(--op) = (unsigned char) ((right >> 16) & 0xff);
+- case 5:
+- *(--op) = (unsigned char) ((right >> 24) & 0xff);
+- case 4:
+- *(--op) = (unsigned char) (left & 0xff);
+- case 3:
+- *(--op) = (unsigned char) ((left >> 8) & 0xff);
+- case 2:
+- *(--op) = (unsigned char) ((left >> 16) & 0xff);
+- case 1:
+- *(--op) = (unsigned char) ((left >> 24) & 0xff);
+- break;
+- }
+- break; /* we're done */
+- }
+- }
+-}
+-
+-int
+-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+- unsigned long length, const mit_des_key_schedule schedule,
+- const mit_des_cblock ivec, int enc)
+-{
+- /*
+- * Deal with encryption and decryption separately.
+- */
+- if (enc)
+- des_cbc_encrypt(in, out, length, schedule, ivec);
+- else
+- des_cbc_decrypt(in, out, length, schedule, ivec);
+- return 0;
+-}
+diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c
+deleted file mode 100644
+index 615a947f4a..0000000000
+--- a/src/lib/crypto/builtin/des/f_cksum.c
++++ /dev/null
+@@ -1,141 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/f_cksum.c */
+-/*
+- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/* DES implementation donated by Dennis Ferguson */
+-
+-/*
+- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
+- */
+-#include "crypto_int.h"
+-#include "des_int.h"
+-#include "f_tables.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-/*
+- * This routine performs DES cipher-block-chaining checksum operation,
+- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
+- * to a single 64 bit output MAC checksum.
+- *
+- * The key schedule is passed as an arg, as well as the cleartext or
+- * ciphertext. The cleartext and ciphertext should be in host order.
+- *
+- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
+- * provided, your program will get trashed.
+- *
+- * The input is null padded, at the end (highest addr), to an integral
+- * multiple of eight bytes.
+- */
+-
+-unsigned long
+-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
+- unsigned long length, const mit_des_key_schedule schedule,
+- const krb5_octet *ivec)
+-{
+- unsigned DES_INT32 left, right;
+- const unsigned DES_INT32 *kp;
+- const unsigned char *ip;
+- unsigned char *op;
+- DES_INT32 len;
+-
+- /*
+- * Initialize left and right with the contents of the initial
+- * vector.
+- */
+- ip = ivec;
+- GET_HALF_BLOCK(left, ip);
+- GET_HALF_BLOCK(right, ip);
+-
+- /*
+- * Suitably initialized, now work the length down 8 bytes
+- * at a time.
+- */
+- ip = in;
+- len = length;
+- while (len > 0) {
+- /*
+- * Get more input, xor it in. If the length is
+- * greater than or equal to 8 this is straight
+- * forward. Otherwise we have to fart around.
+- */
+- if (len >= 8) {
+- unsigned DES_INT32 temp;
+- GET_HALF_BLOCK(temp, ip);
+- left ^= temp;
+- GET_HALF_BLOCK(temp, ip);
+- right ^= temp;
+- len -= 8;
+- } else {
+- /*
+- * Oh, shoot. We need to pad the
+- * end with zeroes. Work backwards
+- * to do this.
+- */
+- ip += (int) len;
+- switch(len) {
+- case 7:
+- right ^= (*(--ip) & FF_UINT32) << 8;
+- case 6:
+- right ^= (*(--ip) & FF_UINT32) << 16;
+- case 5:
+- right ^= (*(--ip) & FF_UINT32) << 24;
+- case 4:
+- left ^= *(--ip) & FF_UINT32;
+- case 3:
+- left ^= (*(--ip) & FF_UINT32) << 8;
+- case 2:
+- left ^= (*(--ip) & FF_UINT32) << 16;
+- case 1:
+- left ^= (*(--ip) & FF_UINT32) << 24;
+- break;
+- }
+- len = 0;
+- }
+-
+- /*
+- * Encrypt what we have
+- */
+- kp = (const unsigned DES_INT32 *)schedule;
+- DES_DO_ENCRYPT(left, right, kp);
+- }
+-
+- /*
+- * Done. Left and right have the checksum. Put it into
+- * the output.
+- */
+- op = out;
+- PUT_HALF_BLOCK(left, op);
+- PUT_HALF_BLOCK(right, op);
+-
+- /*
+- * Return right. I'll bet the MIT code returns this
+- * inconsistantly (with the low order byte of the checksum
+- * not always in the low order byte of the DES_INT32). We won't.
+- */
+- return right & 0xFFFFFFFFUL;
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c
+deleted file mode 100644
+index a658878f6f..0000000000
+--- a/src/lib/crypto/builtin/des/f_parity.c
++++ /dev/null
+@@ -1,64 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/*
+- * These routines check and fix parity of encryption keys for the DES
+- * algorithm.
+- *
+- * They are a replacement for routines in key_parity.c, that don't require
+- * the table building that they do.
+- *
+- * Mark Eichin -- Cygnus Support
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES_KEY_PARITY
+-
+-/*
+- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
+- * 8,16,...64 in des order, implies 0, 8, 16, ...
+- * vax order.
+- */
+-#define smask(step) ((1<<step)-1)
+-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
+-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
+-
+-void
+-mit_des_fixup_key_parity(mit_des_cblock key)
+-{
+- unsigned int i;
+- for (i=0; i<sizeof(mit_des_cblock); i++)
+- {
+- key[i] &= 0xfe;
+- key[i] |= 1^parity_char(key[i]);
+- }
+-
+- return;
+-}
+-
+-#endif /* K5_BUILTIN_DES_KEY_PARITY */
+-
+-#ifdef K5_BUILTIN_DES
+-
+-/*
+- * des_check_key_parity: returns true iff key has the correct des parity.
+- * See des_fix_key_parity for the definition of
+- * correct des parity.
+- */
+-int
+-mit_des_check_key_parity(mit_des_cblock key)
+-{
+- unsigned int i;
+-
+- for (i=0; i<sizeof(mit_des_cblock); i++)
+- {
+- if((key[i] & 1) == parity_char(0xfe&key[i]))
+- {
+- return 0;
+- }
+- }
+-
+- return(1);
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c
+deleted file mode 100644
+index bbc88a1c8d..0000000000
+--- a/src/lib/crypto/builtin/des/f_sched.c
++++ /dev/null
+@@ -1,363 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/f_sched.c */
+-/*
+- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/* DES implementation donated by Dennis Ferguson */
+-
+-/*
+- * des_make_sched.c - permute a DES key, returning the resulting key schedule
+- */
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-/*
+- * Permuted choice 1 tables. These are used to extract bits
+- * from the left and right parts of the key to form Ci and Di.
+- * The code that uses these tables knows which bits from which
+- * part of each key are used to form Ci and Di.
+- */
+-static const unsigned DES_INT32 PC1_CL[8] = {
+- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
+- 0x00100000, 0x00100010, 0x00101000, 0x00101010
+-};
+-
+-static const unsigned DES_INT32 PC1_DL[16] = {
+- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
+- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
+- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
+- 0x00000011, 0x00100011, 0x00001011, 0x00101011
+-};
+-
+-static const unsigned DES_INT32 PC1_CR[16] = {
+- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
+- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
+- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
+- 0x01010000, 0x01010001, 0x01010100, 0x01010101
+-};
+-
+-static const unsigned DES_INT32 PC1_DR[8] = {
+- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
+- 0x00000100, 0x01000100, 0x00010100, 0x01010100
+-};
+-
+-
+-/*
+- * At the start of some iterations of the key schedule we do
+- * a circular left shift by one place, while for others we do a shift by
+- * two places. This has bits set for the iterations where we do 2 bit
+- * shifts, starting at the low order bit.
+- */
+-#define TWO_BIT_SHIFTS 0x7efc
+-
+-/*
+- * Permuted choice 2 tables. The first actually produces the low order
+- * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces
+- * the high order 24 bits from Di. The tables are indexed by six bit
+- * segments of Ci and Di respectively. The code is handcrafted to compute
+- * the appropriate 6 bit chunks.
+- *
+- * Note that for ease of computation, the 24 bit values are produced with
+- * six bits going into each byte. Note also that the table has been byte
+- * rearranged to produce keys which match the order we will apply them
+- * in in the des code.
+- */
+-static const unsigned DES_INT32 PC2_C[4][64] = {
+- {
+- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
+- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
+- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
+- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
+- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
+- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
+- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
+- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
+- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
+- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
+- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
+- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
+- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
+- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
+- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
+- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
+- },
+- {
+- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
+- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
+- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
+- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
+- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
+- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
+- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
+- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
+- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
+- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
+- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
+- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
+- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
+- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
+- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
+- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
+- },
+- {
+- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
+- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
+- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
+- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
+- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
+- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
+- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
+- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
+- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
+- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
+- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
+- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
+- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
+- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
+- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
+- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
+- },
+- {
+- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
+- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
+- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
+- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
+- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
+- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
+- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
+- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
+- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
+- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
+- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
+- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
+- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
+- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
+- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
+- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
+- },
+-};
+-
+-static const unsigned DES_INT32 PC2_D[4][64] = {
+- {
+- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
+- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
+- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
+- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
+- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
+- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
+- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
+- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
+- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
+- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
+- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
+- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
+- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
+- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
+- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
+- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
+- },
+- {
+- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
+- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
+- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
+- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
+- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
+- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
+- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
+- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
+- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
+- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
+- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
+- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
+- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
+- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
+- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
+- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
+- },
+- {
+- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
+- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
+- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
+- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
+- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
+- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
+- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
+- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
+- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
+- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
+- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
+- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
+- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
+- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
+- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
+- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
+- },
+- {
+- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
+- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
+- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
+- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
+- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
+- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
+- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
+- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
+- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
+- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
+- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
+- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
+- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
+- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
+- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
+- 0x01080810, 0x05080810, 0x01080811, 0x05080811
+- },
+-};
+-
+-
+-
+-/*
+- * Permute the key to give us our key schedule.
+- */
+-int
+-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
+-{
+- unsigned DES_INT32 c, d;
+-
+- {
+- /*
+- * Need a pointer for the keys and a temporary DES_INT32
+- */
+- const unsigned char *k;
+- unsigned DES_INT32 tmp;
+-
+- /*
+- * Fetch the key into something we can work with
+- */
+- k = key;
+-
+- /*
+- * The first permutted choice gives us the 28 bits for C0 and
+- * 28 for D0. C0 gets 12 bits from the left key and 16 from
+- * the right, while D0 gets 16 from the left and 12 from the
+- * right. The code knows which bits go where.
+- */
+- tmp = load_32_be(k), k += 4;
+-
+- c = PC1_CL[(tmp >> 29) & 0x7]
+- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
+- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
+- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
+- d = PC1_DL[(tmp >> 25) & 0xf]
+- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
+- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
+- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
+-
+- tmp = load_32_be(k), k += 4;
+-
+- c |= PC1_CR[(tmp >> 28) & 0xf]
+- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
+- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
+- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
+- d |= PC1_DR[(tmp >> 25) & 0x7]
+- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
+- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
+- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
+- }
+-
+- {
+- /*
+- * Need several temporaries in here
+- */
+- unsigned DES_INT32 ltmp, rtmp;
+- unsigned DES_INT32 *k;
+- int two_bit_shifts;
+- int i;
+- /*
+- * Now iterate to compute the key schedule. Note that we
+- * record the entire set of subkeys in 6 bit chunks since
+- * they are used that way. At 6 bits/char, we need
+- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
+- * The schedule must be this big.
+- */
+- k = (unsigned DES_INT32 *)schedule;
+- two_bit_shifts = TWO_BIT_SHIFTS;
+- for (i = 16; i > 0; i--) {
+- /*
+- * Do the rotation. One bit and two bit rotations
+- * are done separately. Note C and D are 28 bits.
+- */
+- if (two_bit_shifts & 0x1) {
+- c = ((c << 2) & 0xffffffc) | (c >> 26);
+- d = ((d << 2) & 0xffffffc) | (d >> 26);
+- } else {
+- c = ((c << 1) & 0xffffffe) | (c >> 27);
+- d = ((d << 1) & 0xffffffe) | (d >> 27);
+- }
+- two_bit_shifts >>= 1;
+-
+- /*
+- * Apply permutted choice 2 to C to get the first
+- * 24 bits worth of keys. Note that bits 9, 18, 22
+- * and 25 (using DES numbering) in C are unused. The
+- * shift-mask stuff is done to delete these bits from
+- * the indices, since this cuts the table size in half.
+- *
+- * The table is torqued, by the way. If the standard
+- * byte order for this (high to low order) is 1234,
+- * the table actually gives us 4132.
+- */
+- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
+- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
+- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
+- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
+- /*
+- * Apply permutted choice 2 to D to get the other half.
+- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
+- * actually turns out to be cheaper here.
+- *
+- * This table is similarly torqued. If the standard
+- * byte order is 5678, the table has the bytes permuted
+- * to give us 7685.
+- */
+- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
+- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
+- | PC2_D[2][((d >> 7) & 0x3f)]
+- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
+-
+- /*
+- * Make up two words of the key schedule, with a
+- * byte order which is convenient for the DES
+- * inner loop. The high order (first) word will
+- * hold bytes 7135 (high to low order) while the
+- * second holds bytes 4682.
+- */
+- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
+- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
+- }
+- }
+- return (0);
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c
+deleted file mode 100644
+index e50ab1fc60..0000000000
+--- a/src/lib/crypto/builtin/des/f_tables.c
++++ /dev/null
+@@ -1,375 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/f_tables.c */
+-/*
+- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/* DES implementation donated by Dennis Ferguson */
+-
+-/*
+- * des_tables.c - precomputed tables used for the DES cipher function
+- */
+-
+-/*
+- * Include the header file so something will complain if the
+- * declarations get out of sync
+- */
+-#include "crypto_int.h"
+-#include "des_int.h"
+-#include "f_tables.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-/*
+- * These tables may be declared const if you want. Many compilers
+- * don't support this, though.
+- */
+-
+-/*
+- * The DES algorithm which uses these is intended to be fairly speedy
+- * at the expense of some memory. All the standard hacks are used.
+- * The S boxes and the P permutation are precomputed into one table.
+- * The E box never actually appears explicitly since it is easy to apply
+- * this algorithmically as needed. The initial permutation and final
+- * (inverse initial) permutation are computed from tables designed to
+- * permute one byte at a time. This should run pretty fast on machines
+- * with 32 bit words and bit field/multiple bit shift instructions which
+- * are fast.
+- */
+-
+-/*
+- * The initial permutation array. This is used to compute both the
+- * left and the right halves of the initial permutation using bytes
+- * from words made from the following operations:
+- *
+- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half
+- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half
+- *
+- * The scheme is that we index into the table using each byte. The
+- * result from the high order byte is or'd with the result from the
+- * next byte shifted left once is or'd with the result from the next
+- * byte shifted left twice if or'd with the result from the low order
+- * byte shifted left by three. Clear?
+- */
+-
+-const unsigned DES_INT32 des_IP_table[256] = {
+- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
+- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
+- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
+- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
+- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
+- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
+- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
+- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
+- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
+- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
+- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
+- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
+- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
+- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
+- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
+- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
+- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
+- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
+- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
+- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
+- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
+- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
+- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
+- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
+- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
+- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
+- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
+- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
+- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
+- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
+- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
+- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
+- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
+- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
+- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
+- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
+- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
+- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
+- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
+- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
+- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
+- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
+- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
+- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
+- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
+- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
+- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
+- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
+- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
+- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
+- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
+- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
+- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
+- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
+- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
+- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
+- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
+- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
+- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
+- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
+- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
+- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
+- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
+- 0x11111100, 0x11111110, 0x11111101, 0x11111111
+-};
+-
+-/*
+- * The final permutation array. Like the IP array, used
+- * to compute both the left and right results from the bytes
+- * of words computed from:
+- *
+- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result
+- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result
+- *
+- * The result from the high order byte is shifted left 6 bits and
+- * or'd with the result from the next byte shifted left 4 bits, which
+- * is or'd with the result from the next byte shifted left 2 bits,
+- * which is or'd with the result from the low byte.
+- */
+-const unsigned DES_INT32 des_FP_table[256] = {
+- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
+- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
+- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
+- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
+- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
+- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
+- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
+- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
+- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
+- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
+- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
+- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
+- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
+- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
+- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
+- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
+- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
+- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
+- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
+- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
+- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
+- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
+- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
+- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
+- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
+- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
+- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
+- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
+- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
+- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
+- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
+- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
+- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
+- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
+- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
+- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
+- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
+- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
+- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
+- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
+- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
+- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
+- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
+- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
+- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
+- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
+- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
+- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
+- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
+- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
+- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
+- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
+- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
+- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
+- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
+- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
+- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
+- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
+- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
+- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
+- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
+- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
+- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
+- 0x01010303, 0x03010303, 0x01030303, 0x03030303
+-};
+-
+-
+-/*
+- * The SP table is actually the S boxes and the P permutation
+- * table combined. This table is actually reordered from the
+- * spec, to match the order of key application we follow.
+- */
+-const unsigned DES_INT32 des_SP_table[8][64] = {
+- {
+- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
+- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
+- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
+- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
+- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
+- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
+- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
+- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
+- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
+- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
+- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
+- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
+- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
+- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
+- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
+- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
+- },
+- {
+- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
+- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
+- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
+- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
+- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
+- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
+- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
+- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
+- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
+- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
+- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
+- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
+- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
+- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
+- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
+- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
+- },
+- {
+- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
+- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
+- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
+- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
+- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
+- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
+- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
+- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
+- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
+- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
+- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
+- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
+- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
+- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
+- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
+- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
+- },
+- {
+- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
+- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
+- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
+- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
+- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
+- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
+- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
+- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
+- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
+- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
+- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
+- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
+- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
+- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
+- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
+- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
+- },
+- {
+- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
+- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
+- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
+- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
+- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
+- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
+- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
+- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
+- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
+- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
+- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
+- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
+- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
+- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
+- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
+- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
+- },
+- {
+- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
+- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
+- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
+- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
+- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
+- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
+- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
+- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
+- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
+- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
+- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
+- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
+- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
+- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
+- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
+- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
+- },
+- {
+- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
+- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
+- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
+- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
+- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
+- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
+- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
+- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
+- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
+- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
+- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
+- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
+- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
+- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
+- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
+- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
+- },
+- {
+- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
+- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
+- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
+- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
+- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
+- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
+- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
+- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
+- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
+- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
+- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
+- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
+- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
+- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
+- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
+- 0x40000000, 0x40080010, 0x40084010, 0x00084000
+- },
+-};
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h
+deleted file mode 100644
+index fc91b566cf..0000000000
+--- a/src/lib/crypto/builtin/des/f_tables.h
++++ /dev/null
+@@ -1,285 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/f_tables.h */
+-/*
+- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/*
+- * DES implementation donated by Dennis Ferguson
+- */
+-
+-/*
+- * des_tables.h - declarations to import the DES tables, used internally
+- * by some of the library routines.
+- */
+-#ifndef __DES_TABLES_H__
+-#define __DES_TABLES_H__ /* nothing */
+-
+-#include "k5-platform.h"
+-/*
+- * These may be declared const if you wish. Be sure to change the
+- * declarations in des_tables.c as well.
+- */
+-extern const unsigned DES_INT32 des_IP_table[256];
+-extern const unsigned DES_INT32 des_FP_table[256];
+-extern const unsigned DES_INT32 des_SP_table[8][64];
+-
+-/*
+- * Use standard shortforms to reference these to save typing
+- */
+-#define IP des_IP_table
+-#define FP des_FP_table
+-#define SP des_SP_table
+-
+-#ifdef DEBUG
+-#define DEB(foofraw) printf foofraw
+-#else
+-#define DEB(foofraw) /* nothing */
+-#endif
+-
+-/*
+- * Code to do a DES round using the tables. Note that the E expansion
+- * is easy to compute algorithmically, especially if done out-of-order.
+- * Take a look at its form and compare it to everything involving temp
+- * below. Since SP[0-7] don't have any bits in common set it is okay
+- * to do the successive xor's.
+- *
+- * Note too that the SP table has been reordered to match the order of
+- * the keys (if the original order of SP was 12345678, the reordered
+- * table is 71354682). This is unnecessary, but was done since some
+- * compilers seem to like you going through the matrix from beginning
+- * to end.
+- *
+- * There is a difference in the best way to do this depending on whether
+- * one is encrypting or decrypting. If encrypting we move forward through
+- * the keys and hence should move forward through the table. If decrypting
+- * we go back. Part of the need for this comes from trying to emulate
+- * existing software which generates a single key schedule and uses it
+- * both for encrypting and decrypting. Generating separate encryption
+- * and decryption key schedules would allow one to use the same code
+- * for both.
+- *
+- * left, right and temp should be unsigned DES_INT32 values. left and right
+- * should be the high and low order parts of the cipher block at the
+- * current stage of processing (this makes sense if you read the spec).
+- * kp should be an unsigned DES_INT32 pointer which points at the current
+- * set of subkeys in the key schedule. It is advanced to the next set
+- * (i.e. by 8 bytes) when this is done.
+- *
+- * This occurs in the innermost loop of the DES function. The four
+- * variables should really be in registers.
+- *
+- * When using this, the inner loop of the DES function might look like:
+- *
+- * for (i = 0; i < 8; i++) {
+- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
+- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
+- * }
+- *
+- * Note the trick above. You are supposed to do 16 rounds, swapping
+- * left and right at the end of each round. By doing two rounds at
+- * a time and swapping left and right in the code we can avoid the
+- * swaps altogether.
+- */
+-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \
+- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
+- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
+- | SP[1][((temp) >> 16) & 0x3f] \
+- | SP[2][((temp) >> 8) & 0x3f] \
+- | SP[3][((temp) ) & 0x3f]; \
+- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
+- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
+- | SP[5][((temp) >> 16) & 0x3f] \
+- | SP[6][((temp) >> 8) & 0x3f] \
+- | SP[7][((temp) ) & 0x3f]; \
+- } while(0);
+-
+-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \
+- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
+- (left) ^= SP[7][((temp) ) & 0x3f] \
+- | SP[6][((temp) >> 8) & 0x3f] \
+- | SP[5][((temp) >> 16) & 0x3f] \
+- | SP[4][((temp) >> 24) & 0x3f]; \
+- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
+- (left) ^= SP[3][((temp) ) & 0x3f] \
+- | SP[2][((temp) >> 8) & 0x3f] \
+- | SP[1][((temp) >> 16) & 0x3f] \
+- | SP[0][((temp) >> 24) & 0x3f]; \
+- } while (0);
+-
+-/*
+- * Macros to help deal with the initial permutation table. Note
+- * the IP table only deals with 32 bits at a time, allowing us to
+- * collect the bits we need to deal with each half into an unsigned
+- * DES_INT32. By carefully selecting how the bits are ordered we also
+- * take advantages of symmetries in the table so that we can use a
+- * single table to compute the permutation of all bytes. This sounds
+- * complicated, but if you go through the process of designing the
+- * table you'll find the symmetries fall right out.
+- *
+- * The follow macros compute the set of bits used to index the
+- * table for produce the left and right permuted result.
+- *
+- * The inserted cast to unsigned DES_INT32 circumvents a bug in
+- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
+- * propagates the high-order bit in the shift.
+- */
+-#define DES_IP_LEFT_BITS(left, right) \
+- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
+-#define DES_IP_RIGHT_BITS(left, right) \
+- (((left) & 0xaaaaaaaa) | \
+- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
+-
+-/*
+- * The following macro does an in-place initial permutation given
+- * the current left and right parts of the block and a single
+- * temporary. Use this more as a guide for rolling your own, though.
+- * The best way to do the IP depends on the form of the data you
+- * are dealing with. If you use this, though, try to make left,
+- * right and temp unsigned DES_INT32s.
+- */
+-#define DES_INITIAL_PERM(left, right, temp) do { \
+- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
+- (right) = DES_IP_LEFT_BITS((left), (right)); \
+- (left) = IP[((right) >> 24) & 0xff] \
+- | (IP[((right) >> 16) & 0xff] << 1) \
+- | (IP[((right) >> 8) & 0xff] << 2) \
+- | (IP[(right) & 0xff] << 3); \
+- (right) = IP[((temp) >> 24) & 0xff] \
+- | (IP[((temp) >> 16) & 0xff] << 1) \
+- | (IP[((temp) >> 8) & 0xff] << 2) \
+- | (IP[(temp) & 0xff] << 3); \
+- } while(0);
+-
+-/*
+- * Now the final permutation stuff. The same comments apply to
+- * this as to the initial permutation, except that we use different
+- * bits and shifts.
+- *
+- * The inserted cast to unsigned DES_INT32 circumvents a bug in
+- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
+- * propagates the high-order bit in the shift.
+- */
+-#define DES_FP_LEFT_BITS(left, right) \
+- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
+-#define DES_FP_RIGHT_BITS(left, right) \
+- (((left) & 0xf0f0f0f0) | \
+- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
+-
+-
+-/*
+- * Here is a sample final permutation. Note that there is a trick
+- * here. DES requires swapping the left and right parts after the
+- * last cipher round but before the final permutation. We do this
+- * swapping internally, which is why left and right are confused
+- * at the beginning.
+- */
+-#define DES_FINAL_PERM(left, right, temp) do { \
+- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
+- (right) = DES_FP_LEFT_BITS((right), (left)); \
+- (left) = (FP[((right) >> 24) & 0xff] << 6) \
+- | (FP[((right) >> 16) & 0xff] << 4) \
+- | (FP[((right) >> 8) & 0xff] << 2) \
+- | FP[(right) & 0xff]; \
+- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
+- | (FP[((temp) >> 16) & 0xff] << 4) \
+- | (FP[((temp) >> 8) & 0xff] << 2) \
+- | FP[temp & 0xff]; \
+- } while(0);
+-
+-
+-/*
+- * Finally, as a sample of how all this might be held together, the
+- * following two macros do in-place encryptions and decryptions. left
+- * and right are two unsigned DES_INT32 variables which at the beginning
+- * are expected to hold the clear (encrypted) block in host byte order
+- * (left the high order four bytes, right the low order). At the end
+- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
+- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
+- * the start of the key schedule. All these should be in registers.
+- *
+- * You can probably do better than these by rewriting for particular
+- * situations. These aren't bad, though.
+- *
+- * The DEB macros enable debugging when this code breaks (typically
+- * when a buggy compiler breaks it), by printing the intermediate values
+- * at each stage of the encryption, so that by comparing the output to
+- * a known good machine, the location of the first error can be found.
+- */
+-#define DES_DO_ENCRYPT_1(left, right, kp) \
+- do { \
+- int i; \
+- unsigned DES_INT32 temp1; \
+- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
+- DES_INITIAL_PERM((left), (right), (temp1)); \
+- DEB ((" after IP %8lX %8lX\n", left, right)); \
+- for (i = 0; i < 8; i++) { \
+- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
+- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
+- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
+- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
+- } \
+- DES_FINAL_PERM((left), (right), (temp1)); \
+- (kp) -= (2 * 16); \
+- DEB ((" after FP %8lX %8lX \n", left, right)); \
+- } while (0)
+-
+-#define DES_DO_DECRYPT_1(left, right, kp) \
+- do { \
+- int i; \
+- unsigned DES_INT32 temp2; \
+- DES_INITIAL_PERM((left), (right), (temp2)); \
+- (kp) += (2 * 16); \
+- for (i = 0; i < 8; i++) { \
+- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
+- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
+- } \
+- DES_FINAL_PERM((left), (right), (temp2)); \
+- } while (0)
+-
+-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
+-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
+- unsigned DES_INT32 *r,
+- const unsigned DES_INT32 *k);
+-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
+- unsigned DES_INT32 *r,
+- const unsigned DES_INT32 *k);
+-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
+-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
+-#else
+-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
+-#define DES_DO_DECRYPT DES_DO_DECRYPT_1
+-#endif
+-
+-/*
+- * These are handy dandy utility thingies for straightening out bytes.
+- * Included here because they're used a couple of places.
+- */
+-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
+-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
+-
+-/* Shorthand that we'll need in several places, for creating values that
+- really can hold 32 bits regardless of the prevailing int size. */
+-#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
+-
+-#endif /* __DES_TABLES_H__ */
+diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c
+deleted file mode 100644
+index d6dedd93c6..0000000000
+--- a/src/lib/crypto/builtin/des/key_sched.c
++++ /dev/null
+@@ -1,66 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/key_sched.c */
+-/*
+- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
+- * of Technology.
+- * All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/*
+- * This routine computes the DES key schedule given a key. The
+- * permutations and shifts have been done at compile time, resulting
+- * in a direct one-step mapping from the input key to the key
+- * schedule.
+- *
+- * Also checks parity and weak keys.
+- *
+- * Watch out for the subscripts -- most effectively start at 1 instead
+- * of at zero. Maybe some bugs in that area.
+- *
+- * In case the user wants to cache the computed key schedule, it is
+- * passed as an arg. Also implies that caller has explicit control
+- * over zeroing both the key schedule and the key.
+- *
+- * Originally written 6/85 by Steve Miller, MIT Project Athena.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-int
+-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+-{
+- mit_des_make_key_sched(k,schedule);
+-
+- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
+- return(-1);
+-
+- if (mit_des_is_weak_key(k))
+- return(-2);
+-
+- /* if key was good, return 0 */
+- return 0;
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data
+deleted file mode 100644
+index 7ff34eedcf..0000000000
+--- a/src/lib/crypto/builtin/des/keytest.data
++++ /dev/null
+@@ -1,171 +0,0 @@
+-0101010101010101 95F8A5E5DD31D900 8000000000000000
+-0101010101010101 DD7F121CA5015619 4000000000000000
+-0101010101010101 2E8653104F3834EA 2000000000000000
+-0101010101010101 4BD388FF6CD81D4F 1000000000000000
+-0101010101010101 20B9E767B2FB1456 0800000000000000
+-0101010101010101 55579380D77138EF 0400000000000000
+-0101010101010101 6CC5DEFAAF04512F 0200000000000000
+-0101010101010101 0D9F279BA5D87260 0100000000000000
+-0101010101010101 D9031B0271BD5A0A 0080000000000000
+-0101010101010101 424250B37C3DD951 0040000000000000
+-0101010101010101 B8061B7ECD9A21E5 0020000000000000
+-0101010101010101 F15D0F286B65BD28 0010000000000000
+-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
+-0101010101010101 E6D5F82752AD63D1 0004000000000000
+-0101010101010101 ECBFE3BD3F591A5E 0002000000000000
+-0101010101010101 F356834379D165CD 0001000000000000
+-0101010101010101 2B9F982F20037FA9 0000800000000000
+-0101010101010101 889DE068A16F0BE6 0000400000000000
+-0101010101010101 E19E275D846A1298 0000200000000000
+-0101010101010101 329A8ED523D71AEC 0000100000000000
+-0101010101010101 E7FCE22557D23C97 0000080000000000
+-0101010101010101 12A9F5817FF2D65D 0000040000000000
+-0101010101010101 A484C3AD38DC9C19 0000020000000000
+-0101010101010101 FBE00A8A1EF8AD72 0000010000000000
+-0101010101010101 750D079407521363 0000008000000000
+-0101010101010101 64FEED9C724C2FAF 0000004000000000
+-0101010101010101 F02B263B328E2B60 0000002000000000
+-0101010101010101 9D64555A9A10B852 0000001000000000
+-0101010101010101 D106FF0BED5255D7 0000000800000000
+-0101010101010101 E1652C6B138C64A5 0000000400000000
+-0101010101010101 E428581186EC8F46 0000000200000000
+-0101010101010101 AEB5F5EDE22D1A36 0000000100000000
+-0101010101010101 E943D7568AEC0C5C 0000000080000000
+-0101010101010101 DF98C8276F54B04B 0000000040000000
+-0101010101010101 B160E4680F6C696F 0000000020000000
+-0101010101010101 FA0752B07D9C4AB8 0000000010000000
+-0101010101010101 CA3A2B036DBC8502 0000000008000000
+-0101010101010101 5E0905517BB59BCF 0000000004000000
+-0101010101010101 814EEB3B91D90726 0000000002000000
+-0101010101010101 4D49DB1532919C9F 0000000001000000
+-0101010101010101 25EB5FC3F8CF0621 0000000000800000
+-0101010101010101 AB6A20C0620D1C6F 0000000000400000
+-0101010101010101 79E90DBC98F92CCA 0000000000200000
+-0101010101010101 866ECEDD8072BB0E 0000000000100000
+-0101010101010101 8B54536F2F3E64A8 0000000000080000
+-0101010101010101 EA51D3975595B86B 0000000000040000
+-0101010101010101 CAFFC6AC4542DE31 0000000000020000
+-0101010101010101 8DD45A2DDF90796C 0000000000010000
+-0101010101010101 1029D55E880EC2D0 0000000000008000
+-0101010101010101 5D86CB23639DBEA9 0000000000004000
+-0101010101010101 1D1CA853AE7C0C5F 0000000000002000
+-0101010101010101 CE332329248F3228 0000000000001000
+-0101010101010101 8405D1ABE24FB942 0000000000000800
+-0101010101010101 E643D78090CA4207 0000000000000400
+-0101010101010101 48221B9937748A23 0000000000000200
+-0101010101010101 DD7C0BBD61FAFD54 0000000000000100
+-0101010101010101 2FBC291A570DB5C4 0000000000000080
+-0101010101010101 E07C30D7E4E26E12 0000000000000040
+-0101010101010101 0953E2258E8E90A1 0000000000000020
+-0101010101010101 5B711BC4CEEBF2EE 0000000000000010
+-0101010101010101 CC083F1E6D9E85F6 0000000000000008
+-0101010101010101 D2FD8867D50D2DFE 0000000000000004
+-0101010101010101 06E7EA22CE92708F 0000000000000002
+-0101010101010101 166B40B44ABA4BD6 0000000000000001
+-8001010101010101 0000000000000000 95A8D72813DAA94D
+-4001010101010101 0000000000000000 0EEC1487DD8C26D5
+-2001010101010101 0000000000000000 7AD16FFB79C45926
+-1001010101010101 0000000000000000 D3746294CA6A6CF3
+-0801010101010101 0000000000000000 809F5F873C1FD761
+-0401010101010101 0000000000000000 C02FAFFEC989D1FC
+-0201010101010101 0000000000000000 4615AA1D33E72F10
+-0180010101010101 0000000000000000 2055123350C00858
+-0140010101010101 0000000000000000 DF3B99D6577397C8
+-0120010101010101 0000000000000000 31FE17369B5288C9
+-0110010101010101 0000000000000000 DFDD3CC64DAE1642
+-0108010101010101 0000000000000000 178C83CE2B399D94
+-0104010101010101 0000000000000000 50F636324A9B7F80
+-0102010101010101 0000000000000000 A8468EE3BC18F06D
+-0101800101010101 0000000000000000 A2DC9E92FD3CDE92
+-0101400101010101 0000000000000000 CAC09F797D031287
+-0101200101010101 0000000000000000 90BA680B22AEB525
+-0101100101010101 0000000000000000 CE7A24F350E280B6
+-0101080101010101 0000000000000000 882BFF0AA01A0B87
+-0101040101010101 0000000000000000 25610288924511C2
+-0101020101010101 0000000000000000 C71516C29C75D170
+-0101018001010101 0000000000000000 5199C29A52C9F059
+-0101014001010101 0000000000000000 C22F0A294A71F29F
+-0101012001010101 0000000000000000 EE371483714C02EA
+-0101011001010101 0000000000000000 A81FBD448F9E522F
+-0101010801010101 0000000000000000 4F644C92E192DFED
+-0101010401010101 0000000000000000 1AFA9A66A6DF92AE
+-0101010201010101 0000000000000000 B3C1CC715CB879D8
+-0101010180010101 0000000000000000 19D032E64AB0BD8B
+-0101010140010101 0000000000000000 3CFAA7A7DC8720DC
+-0101010120010101 0000000000000000 B7265F7F447AC6F3
+-0101010110010101 0000000000000000 9DB73B3C0D163F54
+-0101010108010101 0000000000000000 8181B65BABF4A975
+-0101010104010101 0000000000000000 93C9B64042EAA240
+-0101010102010101 0000000000000000 5570530829705592
+-0101010101800101 0000000000000000 8638809E878787A0
+-0101010101400101 0000000000000000 41B9A79AF79AC208
+-0101010101200101 0000000000000000 7A9BE42F2009A892
+-0101010101100101 0000000000000000 29038D56BA6D2745
+-0101010101080101 0000000000000000 5495C6ABF1E5DF51
+-0101010101040101 0000000000000000 AE13DBD561488933
+-0101010101020101 0000000000000000 024D1FFA8904E389
+-0101010101018001 0000000000000000 D1399712F99BF02E
+-0101010101014001 0000000000000000 14C1D7C1CFFEC79E
+-0101010101012001 0000000000000000 1DE5279DAE3BED6F
+-0101010101011001 0000000000000000 E941A33F85501303
+-0101010101010801 0000000000000000 DA99DBBC9A03F379
+-0101010101010401 0000000000000000 B7FC92F91D8E92E9
+-0101010101010201 0000000000000000 AE8E5CAA3CA04E85
+-0101010101010180 0000000000000000 9CC62DF43B6EED74
+-0101010101010140 0000000000000000 D863DBB5C59A91A0
+-0101010101010120 0000000000000000 A1AB2190545B91D7
+-0101010101010110 0000000000000000 0875041E64C570F7
+-0101010101010108 0000000000000000 5A594528BEBEF1CC
+-0101010101010104 0000000000000000 FCDB3291DE21F0C0
+-0101010101010102 0000000000000000 869EFD7F9F265A09
+-1046913489980131 0000000000000000 88D55E54F54C97B4
+-1007103489988020 0000000000000000 0C0CC00C83EA48FD
+-10071034C8980120 0000000000000000 83BC8EF3A6570183
+-1046103489988020 0000000000000000 DF725DCAD94EA2E9
+-1086911519190101 0000000000000000 E652B53B550BE8B0
+-1086911519580101 0000000000000000 AF527120C485CBB0
+-5107B01519580101 0000000000000000 0F04CE393DB926D5
+-1007B01519190101 0000000000000000 C9F00FFC74079067
+-3107915498080101 0000000000000000 7CFD82A593252B4E
+-3107919498080101 0000000000000000 CB49A2F9E91363E3
+-10079115B9080140 0000000000000000 00B588BE70D23F56
+-3107911598080140 0000000000000000 406A9A6AB43399AE
+-1007D01589980101 0000000000000000 6CB773611DCA9ADA
+-9107911589980101 0000000000000000 67FD21C17DBB5D70
+-9107D01589190101 0000000000000000 9592CB4110430787
+-1007D01598980120 0000000000000000 A6B7FF68A318DDD3
+-1007940498190101 0000000000000000 4D102196C914CA16
+-0107910491190401 0000000000000000 2DFA9F4573594965
+-0107910491190101 0000000000000000 B46604816C0E0774
+-0107940491190401 0000000000000000 6E7E6221A4F34E87
+-19079210981A0101 0000000000000000 AA85E74643233199
+-1007911998190801 0000000000000000 2E5A19DB4D1962D6
+-10079119981A0801 0000000000000000 23A866A809D30894
+-1007921098190101 0000000000000000 D812D961F017D320
+-100791159819010B 0000000000000000 055605816E58608F
+-1004801598190101 0000000000000000 ABD88E8B1B7716F1
+-1004801598190102 0000000000000000 537AC95BE69DA1E1
+-1004801598190108 0000000000000000 AED0F6AE3C25CDD8
+-1002911598100104 0000000000000000 B3E35A5EE53E7B8D
+-1002911598190104 0000000000000000 61C79C71921A2EF8
+-1002911598100201 0000000000000000 E2F5728F0995013C
+-1002911698100101 0000000000000000 1AEAC39A61F0A464
+-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
+-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
+-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
+-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
+-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
+-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
+-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
+-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
+-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
+-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
+-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
+-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
+-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
+-025816164629B007 480D39006EE762F2 A1F9915541020B56
+-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
+-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
+-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
+-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
+-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
+diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
+deleted file mode 100644
+index 4a19933cad..0000000000
+--- a/src/lib/crypto/builtin/des/t_verify.c
++++ /dev/null
+@@ -1,395 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/t_verify.c */
+-/*
+- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
+- * All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-/*
+- * Copyright (C) 1998 by the FundsXpress, INC.
+- *
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may require
+- * a specific license from the United States Government. It is the
+- * responsibility of any person or organization contemplating export to
+- * obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of FundsXpress. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. FundsXpress makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+- */
+-
+-/*
+- *
+- * Program to test the correctness of the DES library
+- * implementation.
+- *
+- * exit returns 0 ==> success
+- * -1 ==> error
+- */
+-
+-#include "k5-int.h"
+-#include "des_int.h"
+-#include <stdio.h>
+-#include "com_err.h"
+-
+-static void do_encrypt(unsigned char *, unsigned char *);
+-static void do_decrypt(unsigned char *, unsigned char *);
+-
+-char *progname;
+-int nflag = 2;
+-int vflag;
+-int mflag;
+-int zflag;
+-int pid;
+-int mit_des_debug;
+-
+-unsigned char cipher_text[64];
+-unsigned char clear_text[64] = "Now is the time for all " ;
+-unsigned char clear_text2[64] = "7654321 Now is the time for ";
+-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
+-unsigned char output[64];
+-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
+-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
+-unsigned char *input;
+-
+-/* 0x0123456789abcdef */
+-unsigned char default_key[8] = {
+- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+-};
+-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
+-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
+-mit_des_cblock s_key;
+-unsigned char default_ivec[8] = {
+- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+-};
+-unsigned char *ivec;
+-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
+-
+-unsigned char cipher1[8] = {
+- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
+-};
+-unsigned char cipher2[8] = {
+- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
+-};
+-unsigned char cipher3[64] = {
+- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
+- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
+- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
+-};
+-unsigned char checksum[8] = {
+- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
+-};
+-
+-unsigned char zresult[8] = {
+- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
+-};
+-
+-unsigned char mresult[8] = {
+- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
+-};
+-
+-
+-/*
+- * Can also add :
+- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
+- */
+-
+-mit_des_key_schedule sched;
+-
+-int
+-main(argc,argv)
+- int argc;
+- char *argv[];
+-{
+- /* Local Declarations */
+- size_t in_length;
+- int retval;
+- int i, j;
+-
+-#ifdef WINDOWS
+- /* Set screen window buffer to infinite size -- MS default is tiny. */
+- _wsetscreenbuf (fileno (stdout), _WINBUFINF);
+-#endif
+- progname=argv[0]; /* salt away invoking program */
+-
+- while (--argc > 0 && (*++argv)[0] == '-')
+- for (i=1; argv[0][i] != '\0'; i++) {
+- switch (argv[0][i]) {
+-
+- /* debug flag */
+- case 'd':
+- mit_des_debug=3;
+- continue;
+-
+- case 'z':
+- zflag = 1;
+- continue;
+-
+- case 'm':
+- mflag = 1;
+- continue;
+-
+- default:
+- printf("%s: illegal flag \"%c\" ",
+- progname,argv[0][i]);
+- exit(1);
+- }
+- };
+-
+- if (argc) {
+- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
+- exit(1);
+- }
+-
+- /* do some initialisation */
+-
+- /* use known input and key */
+-
+- /* ECB zero text zero key */
+- if (zflag) {
+- input = zero_text;
+- mit_des_key_sched(zero_key, sched);
+- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
+- do_encrypt(input,cipher_text);
+- printf("\tcipher = (low to high bytes)\n\t\t");
+- for (j = 0; j<=7; j++)
+- printf("%02x ",cipher_text[j]);
+- printf("\n");
+- do_decrypt(output,cipher_text);
+- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
+- printf("verify: error in zero key test\n");
+- exit(-1);
+- }
+-
+- exit(0);
+- }
+-
+- if (mflag) {
+- input = msb_text;
+- mit_des_key_sched(key3, sched);
+- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
+- printf("key = 0x80 01 01 01 01 01 01 01\n");
+- printf(" cipher = 0xa380e02a6be54696\n");
+- do_encrypt(input,cipher_text);
+- printf("\tcipher = (low to high bytes)\n\t\t");
+- for (j = 0; j<=7; j++) {
+- printf("%02x ",cipher_text[j]);
+- }
+- printf("\n");
+- do_decrypt(output,cipher_text);
+- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
+- printf("verify: error in msb test\n");
+- exit(-1);
+- }
+- exit(0);
+- }
+-
+- /* ECB mode Davies and Price */
+- {
+- input = zero_text;
+- mit_des_key_sched(key2, sched);
+- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
+- printf("in hex. These are the correct answers, see below for\n");
+- printf("the actual answers.\n\n");
+- printf("Examples per Davies and Price.\n\n");
+- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
+- printf("\tclear = 0\n");
+- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
+- printf("ACTUAL ECB\n");
+- printf("\tclear \"%s\"\n", input);
+- do_encrypt(input,cipher_text);
+- printf("\tcipher = (low to high bytes)\n\t\t");
+- for (j = 0; j<=7; j++)
+- printf("%02x ",cipher_text[j]);
+- printf("\n\n");
+- do_decrypt(output,cipher_text);
+- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
+- printf("verify: error in ECB encryption\n");
+- exit(-1);
+- }
+- else
+- printf("verify: ECB encryption is correct\n\n");
+- }
+-
+- /* ECB mode */
+- {
+- mit_des_key_sched(default_key, sched);
+- input = clear_text;
+- ivec = default_ivec;
+- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
+- printf("\tclear = \"Now is the time for all \"\n");
+- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
+- printf("ACTUAL ECB\n\tclear \"%s\"",input);
+- do_encrypt(input,cipher_text);
+- printf("\n\tcipher = (low to high bytes)\n\t\t");
+- for (j = 0; j<=7; j++) {
+- printf("%02x ",cipher_text[j]);
+- }
+- printf("\n\n");
+- do_decrypt(output,cipher_text);
+- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
+- printf("verify: error in ECB encryption\n");
+- exit(-1);
+- }
+- else
+- printf("verify: ECB encryption is correct\n\n");
+- }
+-
+- /* CBC mode */
+- printf("EXAMPLE CBC\tkey = 0123456789abcdef");
+- printf("\tiv = 1234567890abcdef\n");
+- printf("\tclear = \"Now is the time for all \"\n");
+- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
+- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
+- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
+-
+- printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
+- in_length = strlen((char *)input);
+- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
+- (mit_des_cblock *) cipher_text,
+- (size_t) in_length,
+- sched,
+- ivec,
+- MIT_DES_ENCRYPT))) {
+- com_err("des verify", retval, "can't encrypt");
+- exit(-1);
+- }
+- printf("\tciphertext = (low to high bytes)\n");
+- for (i = 0; i <= 2; i++) {
+- printf("\t\t");
+- for (j = 0; j <= 7; j++) {
+- printf("%02x ",cipher_text[i*8+j]);
+- }
+- printf("\n");
+- }
+- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
+- (mit_des_cblock *) clear_text,
+- (size_t) in_length,
+- sched,
+- ivec,
+- MIT_DES_DECRYPT))) {
+- com_err("des verify", retval, "can't decrypt");
+- exit(-1);
+- }
+- printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
+-
+- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
+- printf("verify: error in CBC encryption\n");
+- exit(-1);
+- }
+- else
+- printf("verify: CBC encryption is correct\n\n");
+-
+- printf("EXAMPLE CBC checksum");
+- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
+- printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
+- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
+- printf("or some part thereof\n");
+- input = clear_text2;
+- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
+- sched,ivec);
+- printf("ACTUAL CBC checksum\n");
+- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
+- for (j = 0; j<=7; j++)
+- printf("%02x ",cipher_text[j]);
+- printf("\n\n");
+- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
+- printf("verify: error in CBC checksum\n");
+- exit(-1);
+- }
+- else
+- printf("verify: CBC checksum is correct\n\n");
+-
+- exit(0);
+-}
+-
+-static void
+-do_encrypt(in,out)
+- unsigned char *in;
+- unsigned char *out;
+-{
+- int i, j;
+- for (i =1; i<=nflag; i++) {
+- mit_des_cbc_encrypt((const mit_des_cblock *)in,
+- (mit_des_cblock *)out,
+- 8,
+- sched,
+- zero_text,
+- MIT_DES_ENCRYPT);
+- if (mit_des_debug) {
+- printf("\nclear %s\n",in);
+- for (j = 0; j<=7; j++)
+- printf("%02X ",in[j] & 0xff);
+- printf("\tcipher ");
+- for (j = 0; j<=7; j++)
+- printf("%02X ",out[j] & 0xff);
+- }
+- }
+-}
+-
+-static void
+-do_decrypt(in,out)
+- unsigned char *out;
+- unsigned char *in;
+- /* try to invert it */
+-{
+- int i, j;
+- for (i =1; i<=nflag; i++) {
+- mit_des_cbc_encrypt((const mit_des_cblock *)out,
+- (mit_des_cblock *)in,
+- 8,
+- sched,
+- zero_text,
+- MIT_DES_DECRYPT);
+- if (mit_des_debug) {
+- printf("clear %s\n",in);
+- for (j = 0; j<=7; j++)
+- printf("%02X ",in[j] & 0xff);
+- printf("\tcipher ");
+- for (j = 0; j<=7; j++)
+- printf("%02X ",out[j] & 0xff);
+- }
+- }
+-}
+-
+-/*
+- * Fake out the DES library, for the purposes of testing.
+- */
+-
+-int
+-mit_des_is_weak_key(key)
+- mit_des_cblock key;
+-{
+- return 0; /* fake it out for testing */
+-}
+diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c
+deleted file mode 100644
+index f8304a3638..0000000000
+--- a/src/lib/crypto/builtin/des/weak_key.c
++++ /dev/null
+@@ -1,90 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/builtin/des/weak_key.c */
+-/*
+- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
+- * All Rights Reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-/*
+- * Under U.S. law, this software may not be exported outside the US
+- * without license from the U.S. Commerce department.
+- *
+- * These routines form the library interface to the DES facilities.
+- *
+- * Originally written 8/85 by Steve Miller, MIT Project Athena.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-/*
+- * The following are the weak DES keys:
+- */
+-static const mit_des_cblock weak[16] = {
+- /* weak keys */
+- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
+- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
+- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
+-
+- /* semi-weak */
+- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
+- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
+-
+- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
+- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
+-
+- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
+- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
+-
+- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
+- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
+-
+- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
+- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
+-
+- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
+- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
+-};
+-
+-/*
+- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
+- *
+- * Requires: key has correct odd parity.
+- */
+-int
+-mit_des_is_weak_key(mit_des_cblock key)
+-{
+- unsigned int i;
+- const mit_des_cblock *weak_p = weak;
+-
+- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
+- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
+- return 1;
+- }
+-
+- return 0;
+-}
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in
+index 6ad7cbd4e0..655966b255 100644
+--- a/src/lib/crypto/builtin/enc_provider/Makefile.in
++++ b/src/lib/crypto/builtin/enc_provider/Makefile.in
+@@ -1,6 +1,6 @@
+ mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
+ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+-LOCALINCLUDES = -I$(srcdir)/../des -I$(srcdir)/../aes -I$(srcdir)/../camellia \
++LOCALINCLUDES = -I$(srcdir)/../aes -I$(srcdir)/../camellia \
+ -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS)
+
+ ##DOS##BUILDTOP = ..\..\..\..
+@@ -8,19 +8,16 @@ LOCALINCLUDES = -I$(srcdir)/../des -I$(srcdir)/../aes -I$(srcdir)/../camellia \
+ ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst
+
+ STLIBOBJS= \
+- des3.o \
+ rc4.o \
+ aes.o \
+ camellia.o
+
+ OBJS= \
+- $(OUTPRE)des3.$(OBJEXT) \
+ $(OUTPRE)aes.$(OBJEXT) \
+ $(OUTPRE)camellia.$(OBJEXT) \
+ $(OUTPRE)rc4.$(OBJEXT)
+
+ SRCS= \
+- $(srcdir)/des3.c \
+ $(srcdir)/aes.c \
+ $(srcdir)/camellia.c \
+ $(srcdir)/rc4.c
+diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps
+index a3414a38ec..dc29d9fce8 100644
+--- a/src/lib/crypto/builtin/enc_provider/deps
++++ b/src/lib/crypto/builtin/enc_provider/deps
+@@ -1,17 +1,6 @@
+ #
+ # Generated makefile dependencies follow.
+ #
+-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des3.c
+ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c
+deleted file mode 100644
+index c2634d5e10..0000000000
+--- a/src/lib/crypto/builtin/enc_provider/des3.c
++++ /dev/null
+@@ -1,109 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/*
+- * Copyright (C) 1998 by the FundsXpress, INC.
+- *
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may require
+- * a specific license from the United States Government. It is the
+- * responsibility of any person or organization contemplating export to
+- * obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of FundsXpress. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. FundsXpress makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+- */
+-
+-#include "crypto_int.h"
+-#include "des_int.h"
+-
+-#ifdef K5_BUILTIN_DES
+-
+-static krb5_error_code
+-validate_and_schedule(krb5_key key, const krb5_data *ivec,
+- const krb5_crypto_iov *data, size_t num_data,
+- mit_des3_key_schedule *schedule)
+-{
+- if (key->keyblock.length != 24)
+- return(KRB5_BAD_KEYSIZE);
+- if (iov_total_length(data, num_data, FALSE) % 8 != 0)
+- return(KRB5_BAD_MSIZE);
+- if (ivec && (ivec->length != 8))
+- return(KRB5_BAD_MSIZE);
+-
+- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
+- *schedule)) {
+- case -1:
+- return(KRB5DES_BAD_KEYPAR);
+- case -2:
+- return(KRB5DES_WEAK_KEY);
+- }
+- return 0;
+-}
+-
+-static krb5_error_code
+-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+- size_t num_data)
+-{
+- mit_des3_key_schedule schedule;
+- krb5_error_code err;
+-
+- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
+- if (err)
+- return err;
+-
+- /* this has a return value, but the code always returns zero */
+- krb5int_des3_cbc_encrypt(data, num_data,
+- schedule[0], schedule[1], schedule[2],
+- ivec != NULL ? (unsigned char *) ivec->data :
+- NULL);
+-
+- zap(schedule, sizeof(schedule));
+-
+- return(0);
+-}
+-
+-static krb5_error_code
+-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+- size_t num_data)
+-{
+- mit_des3_key_schedule schedule;
+- krb5_error_code err;
+-
+- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
+- if (err)
+- return err;
+-
+- /* this has a return value, but the code always returns zero */
+- krb5int_des3_cbc_decrypt(data, num_data,
+- schedule[0], schedule[1], schedule[2],
+- ivec != NULL ? (unsigned char *) ivec->data :
+- NULL);
+-
+- zap(schedule, sizeof(schedule));
+-
+- return 0;
+-}
+-
+-const struct krb5_enc_provider krb5int_enc_des3 = {
+- 8,
+- 21, 24,
+- k5_des3_encrypt,
+- k5_des3_decrypt,
+- NULL,
+- krb5int_des_init_state,
+- krb5int_default_free_state
+-};
+-
+-#endif /* K5_BUILTIN_DES */
+diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected
+index f8251a16cb..bc6aa50c84 100644
+--- a/src/lib/crypto/crypto_tests/t_cf2.expected
++++ b/src/lib/crypto/crypto_tests/t_cf2.expected
+@@ -1,6 +1,5 @@
+ 97df97e4b798b29eb31ed7280287a92a
+ 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
+-e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
+ 24d7f6b6bae4e5c00d2082c5ebab3672
+ edd02a39d2dbde31611c16e610be062c
+ 67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584
+diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in
+index 73e2f8fbc9..c4d23b506b 100644
+--- a/src/lib/crypto/crypto_tests/t_cf2.in
++++ b/src/lib/crypto/crypto_tests/t_cf2.in
+@@ -8,11 +8,6 @@ key1
+ key2
+ a
+ b
+-16
+-key1
+-key2
+-a
+-b
+ 23
+ key1
+ key2
+diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
+index 557340ec5e..9f9a177ef0 100644
+--- a/src/lib/crypto/crypto_tests/t_cksums.c
++++ b/src/lib/crypto/crypto_tests/t_cksums.c
+@@ -59,16 +59,6 @@ struct test {
+ "\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
+ "\xAF\xD8\x07\x09" }
+ },
+- {
+- { KV5M_DATA, 9, "six seven" },
+- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
+- { KV5M_DATA, 24,
+- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
+- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
+- { KV5M_DATA, 20,
+- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
+- "\x99\x08\x2B\xB4" }
+- },
+ {
+ { KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" },
+ CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
+diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c
+index a40a855007..716f2c337a 100644
+--- a/src/lib/crypto/crypto_tests/t_decrypt.c
++++ b/src/lib/crypto/crypto_tests/t_decrypt.c
+@@ -39,62 +39,6 @@ struct test {
+ krb5_data keybits;
+ krb5_data ciphertext;
+ } test_cases[] = {
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 0, "", }, 0,
+- { KV5M_DATA, 24,
+- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
+- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
+- { KV5M_DATA, 28,
+- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B"
+- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 1, "1", }, 1,
+- { KV5M_DATA, 24,
+- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6"
+- "\x40\x45\x23\x85\x32\x29\x62\xB6" },
+- { KV5M_DATA, 36,
+- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3"
+- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56"
+- "\x66\x09\x45\xC7" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 9, "9 bytesss", }, 2,
+- { KV5M_DATA, 24,
+- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85"
+- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" },
+- { KV5M_DATA, 44,
+- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7"
+- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44"
+- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 13, "13 bytes byte", }, 3,
+- { KV5M_DATA, 24,
+- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51"
+- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" },
+- { KV5M_DATA, 44,
+- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C"
+- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8"
+- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4,
+- { KV5M_DATA, 24,
+- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20"
+- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" },
+- { KV5M_DATA, 60,
+- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5"
+- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40"
+- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C"
+- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" }
+- },
+-
+ {
+ ENCTYPE_ARCFOUR_HMAC,
+ { KV5M_DATA, 0, "", }, 0,
+@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len)
+
+ static krb5_enctype
+ enctypes[] = {
+- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_ARCFOUR_HMAC,
+ ENCTYPE_ARCFOUR_HMAC_EXP,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c
+index afbf7477f6..93ce30da20 100644
+--- a/src/lib/crypto/crypto_tests/t_derive.c
++++ b/src/lib/crypto/crypto_tests/t_derive.c
+@@ -38,41 +38,6 @@ struct test {
+ enum deriv_alg alg;
+ krb5_data expected_key;
+ } test_cases[] = {
+- /* Kc, Ke, Kei for a DES3 key */
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 24,
+- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
+- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+- { KV5M_DATA, 5, "\0\0\0\2\x99" },
+- DERIVE_RFC3961,
+- { KV5M_DATA, 24,
+- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
+- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 24,
+- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
+- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+- DERIVE_RFC3961,
+- { KV5M_DATA, 24,
+- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
+- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- { KV5M_DATA, 24,
+- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
+- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+- { KV5M_DATA, 5, "\0\0\0\2\x55" },
+- DERIVE_RFC3961,
+- { KV5M_DATA, 24,
+- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
+- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
+- },
+-
+ /* Kc, Ke, Ki for an AES-128 key */
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+@@ -286,7 +251,6 @@ static const struct krb5_enc_provider *
+ get_enc_provider(krb5_enctype enctype)
+ {
+ switch (enctype) {
+- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3;
+ case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128;
+ case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256;
+ case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128;
+diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c
+index bd9b94691c..290a72e1e0 100644
+--- a/src/lib/crypto/crypto_tests/t_encrypt.c
++++ b/src/lib/crypto/crypto_tests/t_encrypt.c
+@@ -37,7 +37,6 @@
+
+ /* What enctypes should we test?*/
+ krb5_enctype interesting_enctypes[] = {
+- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_ARCFOUR_HMAC,
+ ENCTYPE_ARCFOUR_HMAC_EXP,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c
+index d4c2b97dfd..4466b71158 100644
+--- a/src/lib/crypto/crypto_tests/t_short.c
++++ b/src/lib/crypto/crypto_tests/t_short.c
+@@ -34,7 +34,6 @@
+ #include "k5-int.h"
+
+ krb5_enctype interesting_enctypes[] = {
+- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_ARCFOUR_HMAC,
+ ENCTYPE_ARCFOUR_HMAC_EXP,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
+index cdb1acc6d0..ef4c4a7d3b 100644
+--- a/src/lib/crypto/crypto_tests/t_str2key.c
++++ b/src/lib/crypto/crypto_tests/t_str2key.c
+@@ -35,58 +35,6 @@ struct test {
+ krb5_error_code expected_err;
+ krb5_boolean allow_weak;
+ } test_cases[] = {
+- /* Test vectors from RFC 3961 appendix A.4. */
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- "password",
+- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" },
+- { KV5M_DATA, 0, NULL },
+- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
+- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+- 0,
+- FALSE
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- "potatoe",
+- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" },
+- { KV5M_DATA, 0, NULL },
+- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
+- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
+- 0,
+- FALSE
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- "penny",
+- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" },
+- { KV5M_DATA, 0, NULL },
+- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
+- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
+- 0,
+- FALSE
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- "\xC3\x9F",
+- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" },
+- { KV5M_DATA, 0, NULL },
+- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
+- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
+- 0,
+- FALSE
+- },
+- {
+- ENCTYPE_DES3_CBC_SHA1,
+- "\xF0\x9D\x84\x9E",
+- { KV5M_DATA, 18, "EXAMPLE.COMpianist" },
+- { KV5M_DATA, 0, NULL },
+- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
+- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
+- 0,
+- FALSE
+- },
+-
+ /* Test vectors from RFC 3962 appendix B. */
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+diff --git a/src/lib/crypto/crypto_tests/vectors.c b/src/lib/crypto/crypto_tests/vectors.c
+index bcf5c9106f..eb107dbcd2 100644
+--- a/src/lib/crypto/crypto_tests/vectors.c
++++ b/src/lib/crypto/crypto_tests/vectors.c
+@@ -190,8 +190,6 @@ test_s2k (krb5_enctype enctype)
+ }
+ }
+
+-static void test_des3_s2k () { test_s2k (ENCTYPE_DES3_CBC_SHA1); }
+-
+ static void
+ keyToData (krb5_keyblock *k, krb5_data *d)
+ {
+@@ -208,8 +206,6 @@ void check_error (int r, int line) {
+ }
+ #define CHECK check_error(r, __LINE__)
+
+-extern struct krb5_enc_provider krb5int_enc_des3;
+-struct krb5_enc_provider *enc = &krb5int_enc_des3;
+ extern struct krb5_enc_provider krb5int_enc_aes128, krb5int_enc_aes256;
+
+ void DK (krb5_keyblock *out, krb5_keyblock *in, const krb5_data *usage) {
+diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
+index cb2e40a3a5..f66698bd53 100644
+--- a/src/lib/crypto/krb/Makefile.in
++++ b/src/lib/crypto/krb/Makefile.in
+@@ -47,7 +47,6 @@ STLIBOBJS=\
+ prf.o \
+ prf_aes2.o \
+ prf_cmac.o \
+- prf_des.o \
+ prf_dk.o \
+ prf_rc4.o \
+ prng.o \
+@@ -103,7 +102,6 @@ OBJS=\
+ $(OUTPRE)prf.$(OBJEXT) \
+ $(OUTPRE)prf_aes2.$(OBJEXT) \
+ $(OUTPRE)prf_cmac.$(OBJEXT) \
+- $(OUTPRE)prf_des.$(OBJEXT) \
+ $(OUTPRE)prf_dk.$(OBJEXT) \
+ $(OUTPRE)prf_rc4.$(OBJEXT) \
+ $(OUTPRE)prng.$(OBJEXT) \
+@@ -159,7 +157,6 @@ SRCS=\
+ $(srcdir)/prf.c \
+ $(srcdir)/prf_aes2.c \
+ $(srcdir)/prf_cmac.c \
+- $(srcdir)/prf_des.c \
+ $(srcdir)/prf_dk.c \
+ $(srcdir)/prf_rc4.c \
+ $(srcdir)/prng.c \
+diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c
+index f7ba322f24..25a3ffd2d2 100644
+--- a/src/lib/crypto/krb/cksumtypes.c
++++ b/src/lib/crypto/krb/cksumtypes.c
+@@ -52,12 +52,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
+ krb5int_unkeyed_checksum, NULL,
+ 20, 20, CKSUM_UNKEYED },
+
+- { CKSUMTYPE_HMAC_SHA1_DES3,
+- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
+- &krb5int_enc_des3, &krb5int_hash_sha1,
+- krb5int_dk_checksum, NULL,
+- 20, 20, 0 },
+-
+ { CKSUMTYPE_HMAC_MD5_ARCFOUR,
+ "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
+ "Microsoft HMAC MD5",
+diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
+index 3629616d96..1ee4b30e02 100644
+--- a/src/lib/crypto/krb/crypto_int.h
++++ b/src/lib/crypto/krb/crypto_int.h
+@@ -332,8 +332,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc,
+ /* Random to key */
+ krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
+ krb5_keyblock *keyblock);
+-krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
+- krb5_keyblock *keyblock);
+
+ /* Pseudo-random function */
+ krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
+@@ -411,11 +409,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
+ /* Ensure library initialization has occurred. */
+ int krb5int_crypto_init(void);
+
+-/* DES default state initialization handler (used by module enc providers). */
+-krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
+- krb5_keyusage keyusage,
+- krb5_data *state_out);
+-
+ /* Default state cleanup handler (used by module enc providers). */
+ void krb5int_default_free_state(krb5_data *state);
+
+@@ -468,7 +461,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block);
+ /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */
+
+ /* Modules must implement the following enc_providers and hash_providers: */
+-extern const struct krb5_enc_provider krb5int_enc_des3;
+ extern const struct krb5_enc_provider krb5int_enc_arcfour;
+ extern const struct krb5_enc_provider krb5int_enc_aes128;
+ extern const struct krb5_enc_provider krb5int_enc_aes256;
+@@ -485,9 +477,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384;
+
+ /* Modules must implement the following functions. */
+
+-/* Set the parity bits to the correct values in keybits. */
+-void k5_des_fixup_key_parity(unsigned char *keybits);
+-
+ /* Compute an HMAC using the provided hash function, key, and data, storing the
+ * result into output (caller-allocated). */
+ krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
+diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c
+index 0757c8b02c..f89dc79023 100644
+--- a/src/lib/crypto/krb/default_state.c
++++ b/src/lib/crypto/krb/default_state.c
+@@ -32,16 +32,6 @@
+
+ #include "crypto_int.h"
+
+-krb5_error_code
+-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage,
+- krb5_data *state_out)
+-{
+- if (alloc_data(state_out, 8))
+- return ENOMEM;
+-
+- return 0;
+-}
+-
+ void
+ krb5int_default_free_state(krb5_data *state)
+ {
+diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
+index 1542d40629..a0037912a7 100644
+--- a/src/lib/crypto/krb/enctype_util.c
++++ b/src/lib/crypto/krb/enctype_util.c
+@@ -45,6 +45,9 @@ struct {
+ { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" },
+ { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" },
+ { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" },
++ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" },
++ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" },
++ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" },
+ { ENCTYPE_NULL, NULL }
+ };
+
+diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
+index fc278783b9..7635393a41 100644
+--- a/src/lib/crypto/krb/etypes.c
++++ b/src/lib/crypto/krb/etypes.c
+@@ -35,27 +35,6 @@
+
+ /* Deprecations come from RFC 6649 and RFC 8249. */
+ const struct krb5_keytypes krb5int_enctypes_list[] = {
+- { ENCTYPE_DES3_CBC_RAW,
+- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
+- &krb5int_enc_des3, NULL,
+- 16,
+- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt,
+- krb5int_dk_string_to_key, k5_rand2key_des3,
+- NULL, /*PRF*/
+- 0,
+- ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
+-
+- { ENCTYPE_DES3_CBC_SHA1,
+- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
+- "Triple DES cbc mode with HMAC/sha1",
+- &krb5int_enc_des3, &krb5int_hash_sha1,
+- 16,
+- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt,
+- krb5int_dk_string_to_key, k5_rand2key_des3,
+- krb5int_dk_prf,
+- CKSUMTYPE_HMAC_SHA1_DES3,
+- ETYPE_DEPRECATED, 112 },
+-
+ /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
+ * consider its strength degraded and assign it an SSF value of 64. */
+ { ENCTYPE_ARCFOUR_HMAC,
+diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c
+deleted file mode 100644
+index 7a2d719c5f..0000000000
+--- a/src/lib/crypto/krb/prf_des.c
++++ /dev/null
+@@ -1,47 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */
+-/*
+- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-
+-krb5_error_code
+-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
+- const krb5_data *in, krb5_data *out)
+-{
+- const struct krb5_hash_provider *hash = &krb5int_hash_md5;
+- krb5_crypto_iov iov;
+- krb5_error_code ret;
+-
+- /* Compute a hash of the input, storing into the output buffer. */
+- iov.flags = KRB5_CRYPTO_TYPE_DATA;
+- iov.data = *in;
+- ret = hash->hash(&iov, 1, out);
+- if (ret != 0)
+- return ret;
+-
+- /* Encrypt the hash in place. */
+- iov.data = *out;
+- return ktp->enc->encrypt(key, NULL, &iov, 1);
+-}
+diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c
+index 9394385aa0..863090beb2 100644
+--- a/src/lib/crypto/krb/random_to_key.c
++++ b/src/lib/crypto/krb/random_to_key.c
+@@ -71,31 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
+ memcpy(keyblock->contents, randombits->data, randombits->length);
+ return 0;
+ }
+-
+-static inline void
+-eighth_byte(unsigned char *b)
+-{
+- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
+- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
+- ((b[6] & 1) << 7));
+-}
+-
+-krb5_error_code
+-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
+-{
+- int i;
+-
+- if (randombits->length != 21)
+- return KRB5_CRYPTO_INTERNAL;
+-
+- keyblock->magic = KV5M_KEYBLOCK;
+-
+- /* Take the seven bytes, move them around into the top 7 bits of the
+- * 8 key bytes, then compute the parity bits. Do this three times. */
+- for (i = 0; i < 3; i++) {
+- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
+- eighth_byte(&keyblock->contents[i * 8]);
+- k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
+- }
+- return 0;
+-}
+diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
+index 052f4d4b51..d8ffa63304 100644
+--- a/src/lib/crypto/libk5crypto.exports
++++ b/src/lib/crypto/libk5crypto.exports
+@@ -86,7 +86,6 @@ krb5_k_verify_checksum
+ krb5_k_verify_checksum_iov
+ krb5int_aes_encrypt
+ krb5int_aes_decrypt
+-krb5int_enc_des3
+ krb5int_arcfour_gsscrypt
+ krb5int_camellia_encrypt
+ krb5int_cmac_checksum
+diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in
+index 08de047d0a..88f7fd0a09 100644
+--- a/src/lib/crypto/openssl/Makefile.in
++++ b/src/lib/crypto/openssl/Makefile.in
+@@ -1,6 +1,6 @@
+ mydir=lib$(S)crypto$(S)openssl
+ BUILDTOP=$(REL)..$(S)..$(S)..
+-SUBDIRS=des enc_provider hash_provider
++SUBDIRS=enc_provider hash_provider
+ LOCALINCLUDES=-I$(srcdir)/../krb $(CRYPTO_IMPL_CFLAGS)
+
+ STLIBOBJS=\
+@@ -24,14 +24,14 @@ SRCS=\
+ $(srcdir)/pbkdf2.c \
+ $(srcdir)/sha256.c
+
+-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
++STOBJLISTS= md4/OBJS.ST \
+ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
+ enc_provider/OBJS.ST \
+ hash_provider/OBJS.ST \
+ aes/OBJS.ST \
+ OBJS.ST
+
+-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
++SUBDIROBJLISTS= md4/OBJS.ST \
+ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
+ enc_provider/OBJS.ST \
+ hash_provider/OBJS.ST \
+@@ -42,7 +42,7 @@ includes: depend
+
+ depend: $(SRCS)
+
+-clean-unix:: clean-libobjs
++clean-unix:: clean-libobjsn
+
+ @lib_frag@
+ @libobj_frag@
+diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in
+deleted file mode 100644
+index a6cece1dd1..0000000000
+--- a/src/lib/crypto/openssl/des/Makefile.in
++++ /dev/null
+@@ -1,20 +0,0 @@
+-mydir=lib$(S)crypto$(S)openssl$(S)des
+-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+-LOCALINCLUDES = -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS)
+-
+-STLIBOBJS= des_keys.o
+-
+-OBJS= $(OUTPRE)des_keys.$(OBJEXT)
+-
+-SRCS= $(srcdir)/des_keys.c
+-
+-all-unix: all-libobjs
+-
+-includes: depend
+-
+-depend: $(SRCS)
+-
+-clean-unix:: clean-libobjs
+-
+-@libobj_frag@
+-
+diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps
+deleted file mode 100644
+index 723c268082..0000000000
+--- a/src/lib/crypto/openssl/des/deps
++++ /dev/null
+@@ -1,14 +0,0 @@
+-#
+-# Generated makefile dependencies follow.
+-#
+-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
+- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+- $(top_srcdir)/include/socket-utils.h des_keys.c
+diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c
+deleted file mode 100644
+index 83f1cbf22a..0000000000
+--- a/src/lib/crypto/openssl/des/des_keys.c
++++ /dev/null
+@@ -1,39 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */
+-/*
+- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-
+-#include "crypto_int.h"
+-
+-#ifdef K5_OPENSSL_DES_KEY_PARITY
+-
+-#include <openssl/des.h>
+-
+-void
+-k5_des_fixup_key_parity(unsigned char *keybits)
+-{
+- DES_set_odd_parity((DES_cblock *)keybits);
+-}
+-
+-#endif
+diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
+index 26827cfed5..f0d37c1213 100644
+--- a/src/lib/crypto/openssl/enc_provider/Makefile.in
++++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
+@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+ LOCALINCLUDES = -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS)
+
+ STLIBOBJS= \
+- des3.o \
+ rc4.o \
+ aes.o \
+ camellia.o
+
+ OBJS= \
+- $(OUTPRE)des3.$(OBJEXT) \
+ $(OUTPRE)aes.$(OBJEXT) \
+ $(OUTPRE)camellia.$(OBJEXT) \
+ $(OUTPRE)rc4.$(OBJEXT)
+
+ SRCS= \
+- $(srcdir)/des3.c \
+ $(srcdir)/aes.c \
+ $(srcdir)/camellia.c \
+ $(srcdir)/rc4.c
+diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
+index 1c87a526d0..a502990a0c 100644
+--- a/src/lib/crypto/openssl/enc_provider/deps
++++ b/src/lib/crypto/openssl/enc_provider/deps
+@@ -1,17 +1,6 @@
+ #
+ # Generated makefile dependencies follow.
+ #
+-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+- des3.c
+ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
+deleted file mode 100644
+index 90fcf9acb5..0000000000
+--- a/src/lib/crypto/openssl/enc_provider/des3.c
++++ /dev/null
+@@ -1,188 +0,0 @@
+-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+-/* lib/crypto/openssl/enc_provider/des3.c */
+-/*
+- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may
+- * require a specific license from the United States Government.
+- * It is the responsibility of any person or organization contemplating
+- * export to obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of M.I.T. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. Furthermore if you modify this software you must label
+- * your software as modified software and not distribute it in such a
+- * fashion that it might be confused with the original M.I.T. software.
+- * M.I.T. makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- */
+-/*
+- * Copyright (C) 1998 by the FundsXpress, INC.
+- *
+- * All rights reserved.
+- *
+- * Export of this software from the United States of America may require
+- * a specific license from the United States Government. It is the
+- * responsibility of any person or organization contemplating export to
+- * obtain such a license before exporting.
+- *
+- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+- * distribute this software and its documentation for any purpose and
+- * without fee is hereby granted, provided that the above copyright
+- * notice appear in all copies and that both that copyright notice and
+- * this permission notice appear in supporting documentation, and that
+- * the name of FundsXpress. not be used in advertising or publicity pertaining
+- * to distribution of the software without specific, written prior
+- * permission. FundsXpress makes no representations about the suitability of
+- * this software for any purpose. It is provided "as is" without express
+- * or implied warranty.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+- */
+-
+-#include "crypto_int.h"
+-
+-#ifdef K5_OPENSSL_DES
+-
+-#include <openssl/evp.h>
+-
+-#define DES3_BLOCK_SIZE 8
+-#define DES3_KEY_SIZE 24
+-#define DES3_KEY_BYTES 21
+-
+-static krb5_error_code
+-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
+- size_t num_data, krb5_boolean *empty)
+-{
+- size_t input_length = iov_total_length(data, num_data, FALSE);
+-
+- if (key->keyblock.length != DES3_KEY_SIZE)
+- return(KRB5_BAD_KEYSIZE);
+- if ((input_length%DES3_BLOCK_SIZE) != 0)
+- return(KRB5_BAD_MSIZE);
+- if (ivec && (ivec->length != 8))
+- return(KRB5_BAD_MSIZE);
+-
+- *empty = (input_length == 0);
+- return 0;
+-}
+-
+-static krb5_error_code
+-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+- size_t num_data)
+-{
+- int ret, olen = DES3_BLOCK_SIZE;
+- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
+- struct iov_cursor cursor;
+- EVP_CIPHER_CTX *ctx;
+- krb5_boolean empty;
+-
+- ret = validate(key, ivec, data, num_data, &empty);
+- if (ret != 0 || empty)
+- return ret;
+-
+- ctx = EVP_CIPHER_CTX_new();
+- if (ctx == NULL)
+- return ENOMEM;
+-
+- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
+- key->keyblock.contents,
+- (ivec) ? (unsigned char*)ivec->data : NULL);
+- if (!ret) {
+- EVP_CIPHER_CTX_free(ctx);
+- return KRB5_CRYPTO_INTERNAL;
+- }
+-
+- EVP_CIPHER_CTX_set_padding(ctx,0);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
+- while (k5_iov_cursor_get(&cursor, iblock)) {
+- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE);
+- if (!ret)
+- break;
+- k5_iov_cursor_put(&cursor, oblock);
+- }
+-
+- if (ivec != NULL)
+- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
+-
+- EVP_CIPHER_CTX_free(ctx);
+-
+- zap(iblock, sizeof(iblock));
+- zap(oblock, sizeof(oblock));
+-
+- if (ret != 1)
+- return KRB5_CRYPTO_INTERNAL;
+- return 0;
+-}
+-
+-static krb5_error_code
+-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+- size_t num_data)
+-{
+- int ret, olen = DES3_BLOCK_SIZE;
+- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
+- struct iov_cursor cursor;
+- EVP_CIPHER_CTX *ctx;
+- krb5_boolean empty;
+-
+- ret = validate(key, ivec, data, num_data, &empty);
+- if (ret != 0 || empty)
+- return ret;
+-
+- ctx = EVP_CIPHER_CTX_new();
+- if (ctx == NULL)
+- return ENOMEM;
+-
+- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
+- key->keyblock.contents,
+- (ivec) ? (unsigned char*)ivec->data : NULL);
+- if (!ret) {
+- EVP_CIPHER_CTX_free(ctx);
+- return KRB5_CRYPTO_INTERNAL;
+- }
+-
+- EVP_CIPHER_CTX_set_padding(ctx,0);
+-
+- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
+- while (k5_iov_cursor_get(&cursor, iblock)) {
+- ret = EVP_DecryptUpdate(ctx, oblock, &olen,
+- (unsigned char *)iblock, DES3_BLOCK_SIZE);
+- if (!ret)
+- break;
+- k5_iov_cursor_put(&cursor, oblock);
+- }
+-
+- if (ivec != NULL)
+- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
+-
+- EVP_CIPHER_CTX_free(ctx);
+-
+- zap(iblock, sizeof(iblock));
+- zap(oblock, sizeof(oblock));
+-
+- if (ret != 1)
+- return KRB5_CRYPTO_INTERNAL;
+- return 0;
+-}
+-
+-const struct krb5_enc_provider krb5int_enc_des3 = {
+- DES3_BLOCK_SIZE,
+- DES3_KEY_BYTES, DES3_KEY_SIZE,
+- k5_des3_encrypt,
+- k5_des3_decrypt,
+- NULL,
+- krb5int_des_init_state,
+- krb5int_default_free_state
+-};
+-
+-#endif /* K5_OPENSSL_DES */
+diff --git a/src/lib/crypto/openssl/kdf.c b/src/lib/crypto/openssl/kdf.c
+index 41e845eae0..5a43c3d9eb 100644
+--- a/src/lib/crypto/openssl/kdf.c
++++ b/src/lib/crypto/openssl/kdf.c
+@@ -60,8 +60,6 @@ enc_name(const struct krb5_enc_provider *enc)
+ return "AES-128-CBC";
+ if (enc == &krb5int_enc_aes256)
+ return "AES-256-CBC";
+- if (enc == &krb5int_enc_des3)
+- return "DES-EDE3-CBC";
+ return NULL;
+ }
+
+diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
+index d4e90793f9..1bc807172b 100644
+--- a/src/lib/gssapi/krb5/accept_sec_context.c
++++ b/src/lib/gssapi/krb5/accept_sec_context.c
+@@ -1030,7 +1030,6 @@ kg_accept_krb5(minor_status, context_handle,
+ }
+
+ switch (negotiated_etype) {
+- case ENCTYPE_DES3_CBC_SHA1:
+ case ENCTYPE_ARCFOUR_HMAC:
+ case ENCTYPE_ARCFOUR_HMAC_EXP:
+ /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer"
+diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
+index a4446530fc..88d41130a7 100644
+--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
++++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
+@@ -125,14 +125,14 @@ enum sgn_alg {
+ /* SGN_ALG_DES_MAC = 0x0002, */
+ /* SGN_ALG_3 = 0x0003, /\* not published *\/ */
+ SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */
+- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004
++ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */
+ };
+ enum seal_alg {
+ SEAL_ALG_NONE = 0xffff,
+ /* SEAL_ALG_DES = 0x0000, */
+ /* SEAL_ALG_1 = 0x0001, /\* not published *\/ */
+ SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */
+- SEAL_ALG_DES3KD = 0x0002
++ /* SEAL_ALG_DES3KD = 0x0002 */
+ };
+
+ /* for 3DES */
+@@ -153,7 +153,7 @@ enum qop {
+ GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004,
+ GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff,
+ /* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */
+- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200,
++ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */
+ GSS_KRB5_CONF_C_QOP_MASK = 0xff00
+ };
+
+diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
+index d1cdce486f..7f7146a0a2 100644
+--- a/src/lib/gssapi/krb5/k5seal.c
++++ b/src/lib/gssapi/krb5/k5seal.c
+@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context,
+
+ /* pad the plaintext, encrypt if needed, and stick it in the token */
+
+- /* initialize the the checksum */
+- switch (signalg) {
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+- break;
+- case SGN_ALG_HMAC_MD5:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+- if (toktype != KG_TOK_SEAL_MSG)
+- sign_usage = 15;
+- break;
+- default:
+- abort ();
+- }
++ if (signalg != SGN_ALG_HMAC_MD5)
++ abort();
++
++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
++ if (toktype != KG_TOK_SEAL_MSG)
++ sign_usage = 15;
+
+ code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
+ if (code) {
+@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context,
+ gssalloc_free(t);
+ return(code);
+ }
+- switch(signalg) {
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- /*
+- * Using key derivation, the call to krb5_c_make_checksum
+- * already dealt with encrypting.
+- */
+- if (md5cksum.length != cksum_size)
+- abort ();
+- memcpy (ptr+14, md5cksum.contents, md5cksum.length);
+- break;
+- case SGN_ALG_HMAC_MD5:
+- memcpy (ptr+14, md5cksum.contents, cksum_size);
+- break;
+- }
++
++ memcpy (ptr+14, md5cksum.contents, cksum_size);
+
+ krb5_free_checksum_contents(context, &md5cksum);
+
+diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
+index 9bb2ee1099..9147bb2c78 100644
+--- a/src/lib/gssapi/krb5/k5sealiov.c
++++ b/src/lib/gssapi/krb5/k5sealiov.c
+@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context,
+ /* pad the plaintext, encrypt if needed, and stick it in the token */
+
+ /* initialize the checksum */
+- switch (ctx->signalg) {
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+- break;
+- case SGN_ALG_HMAC_MD5:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+- if (toktype != KG_TOK_WRAP_MSG)
+- sign_usage = 15;
+- break;
+- default:
+- abort ();
+- }
++ if (ctx->signalg != SGN_ALG_HMAC_MD5)
++ abort();
++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
++ if (toktype != KG_TOK_WRAP_MSG)
++ sign_usage = 15;
+
+ code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
+ if (code != 0)
+@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context,
+ if (code != 0)
+ goto cleanup;
+
+- switch (ctx->signalg) {
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- assert(md5cksum.length == ctx->cksum_size);
+- memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
+- break;
+- case SGN_ALG_HMAC_MD5:
+- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
+- break;
+- }
++ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
+
+ /* create the seq_num */
+ code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
+diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c
+index 9b183bc337..f0cc4a6809 100644
+--- a/src/lib/gssapi/krb5/k5unseal.c
++++ b/src/lib/gssapi/krb5/k5unseal.c
+@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
+ but few enough that we can try them all. */
+
+ if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
+- (ctx->sealalg == SEAL_ALG_DES3KD &&
+- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
+ (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
+ signalg != SGN_ALG_HMAC_MD5)) {
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+ }
+
+- switch (signalg) {
+- case SGN_ALG_HMAC_MD5:
+- cksum_len = 8;
+- if (toktype != KG_TOK_SEAL_MSG)
+- sign_usage = 15;
+- break;
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- cksum_len = 20;
+- break;
+- default:
++ if (signalg != SGN_ALG_HMAC_MD5) {
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+ }
+
++ cksum_len = 8;
++ if (toktype != KG_TOK_SEAL_MSG)
++ sign_usage = 15;
++
+ if ((size_t)bodysize < 14 + cksum_len) {
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
+ /* compute the checksum of the message */
+
+ /* initialize the the cksum */
+- switch (signalg) {
+- case SGN_ALG_HMAC_MD5:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+- break;
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+- break;
+- default:
+- abort ();
+- }
++ if (signalg != SGN_ALG_HMAC_MD5)
++ abort();
++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+
+ code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
+ if (code)
+ return(code);
+ md5cksum.length = sumlen;
+
+- switch (signalg) {
+- default:
++ if (signalg != SGN_ALG_HMAC_MD5) {
+ *minor_status = 0;
+ return(GSS_S_DEFECTIVE_TOKEN);
++ }
+
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- case SGN_ALG_HMAC_MD5:
+- /* compute the checksum of the message */
+-
+- /* 8 = bytes of token body to be checksummed according to spec */
++ /* compute the checksum of the message */
+
+- if (! (data_ptr = xmalloc(8 + plainlen))) {
+- if (sealalg != 0xffff)
+- xfree(plain);
+- if (toktype == KG_TOK_SEAL_MSG)
+- gssalloc_free(token.value);
+- *minor_status = ENOMEM;
+- return(GSS_S_FAILURE);
+- }
++ /* 8 = bytes of token body to be checksummed according to spec */
+
+- (void) memcpy(data_ptr, ptr-2, 8);
++ if (! (data_ptr = xmalloc(8 + plainlen))) {
++ if (sealalg != 0xffff)
++ xfree(plain);
++ if (toktype == KG_TOK_SEAL_MSG)
++ gssalloc_free(token.value);
++ *minor_status = ENOMEM;
++ return(GSS_S_FAILURE);
++ }
+
+- (void) memcpy(data_ptr+8, plain, plainlen);
++ (void) memcpy(data_ptr, ptr-2, 8);
+
+- plaind.length = 8 + plainlen;
+- plaind.data = data_ptr;
+- code = krb5_k_make_checksum(context, md5cksum.checksum_type,
+- ctx->seq, sign_usage,
+- &plaind, &md5cksum);
+- xfree(data_ptr);
++ (void) memcpy(data_ptr+8, plain, plainlen);
+
+- if (code) {
+- if (toktype == KG_TOK_SEAL_MSG)
+- gssalloc_free(token.value);
+- *minor_status = code;
+- return(GSS_S_FAILURE);
+- }
++ plaind.length = 8 + plainlen;
++ plaind.data = data_ptr;
++ code = krb5_k_make_checksum(context, md5cksum.checksum_type,
++ ctx->seq, sign_usage,
++ &plaind, &md5cksum);
++ xfree(data_ptr);
+
+- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
+- break;
++ if (code) {
++ if (toktype == KG_TOK_SEAL_MSG)
++ gssalloc_free(token.value);
++ *minor_status = code;
++ return(GSS_S_FAILURE);
+ }
+
++ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
++
+ krb5_free_checksum_contents(context, &md5cksum);
+ if (sealalg != 0xffff)
+ xfree(plain);
+diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
+index 85a9574f36..3ce2a90ce9 100644
+--- a/src/lib/gssapi/krb5/k5unsealiov.c
++++ b/src/lib/gssapi/krb5/k5unsealiov.c
+@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context,
+ }
+
+ if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
+- (ctx->sealalg == SEAL_ALG_DES3KD &&
+- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
+ (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
+ signalg != SGN_ALG_HMAC_MD5)) {
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+ }
+
+- switch (signalg) {
+- case SGN_ALG_HMAC_MD5:
+- cksum_len = 8;
+- if (toktype != KG_TOK_WRAP_MSG)
+- sign_usage = 15;
+- break;
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- cksum_len = 20;
+- break;
+- default:
++ if (signalg != SGN_ALG_HMAC_MD5) {
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+ }
+
++ cksum_len = 8;
++ if (toktype != KG_TOK_WRAP_MSG)
++ sign_usage = 15;
++
+ /* get the token parameters */
+ code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
+ &seqnum);
+@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context,
+
+ /* initialize the checksum */
+
+- switch (signalg) {
+- case SGN_ALG_HMAC_MD5:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+- break;
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+- break;
+- default:
++ if (signalg != SGN_ALG_HMAC_MD5)
+ abort();
+- }
++
++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+
+ code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
+ if (code != 0) {
+@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context,
+ goto cleanup;
+ }
+
+- switch (signalg) {
+- case SGN_ALG_HMAC_SHA1_DES3_KD:
+- case SGN_ALG_HMAC_MD5:
+- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
+- break;
+- default:
++ if (signalg != SGN_ALG_HMAC_MD5) {
+ code = 0;
+ retval = GSS_S_DEFECTIVE_TOKEN;
+ goto cleanup;
+- break;
+ }
+
++ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
+ if (code != 0) {
+ code = 0;
+ retval = GSS_S_BAD_SIG;
+diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
+index 84f1949887..32150f5e34 100644
+--- a/src/lib/gssapi/krb5/util_crypt.c
++++ b/src/lib/gssapi/krb5/util_crypt.c
+@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
+ return code;
+
+ switch (subkey->keyblock.enctype) {
+- case ENCTYPE_DES3_CBC_SHA1:
+- code = kg_copy_keys(context, ctx, subkey);
+- if (code != 0)
+- return code;
+-
+- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
+- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
+- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
+- ctx->cksum_size = 20;
+- ctx->sealalg = SEAL_ALG_DES3KD;
+- break;
+ case ENCTYPE_ARCFOUR_HMAC:
+ case ENCTYPE_ARCFOUR_HMAC_EXP:
+ /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype,
+diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
+index 87b486c53f..2b5abcd817 100644
+--- a/src/lib/krb5/krb/init_ctx.c
++++ b/src/lib/krb5/krb/init_ctx.c
+@@ -59,7 +59,6 @@
+ static krb5_enctype default_enctype_list[] = {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_ARCFOUR_HMAC,
+ ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
+ 0
+@@ -450,8 +449,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey,
+ /* Set all enctypes in the default list. */
+ for (i = 0; default_list[i]; i++)
+ mod_list(default_list[i], sel, weak, &list);
+- } else if (strcasecmp(token, "des3") == 0) {
+- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list);
+ } else if (strcasecmp(token, "aes") == 0) {
+ mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list);
+ mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
+diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
+index 44d113e7c5..9662785783 100644
+--- a/src/lib/krb5/krb/s4u_creds.c
++++ b/src/lib/krb5/krb/s4u_creds.c
+@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context,
+ assert(req_s4u_user != NULL);
+
+ switch (subkey->enctype) {
+- case ENCTYPE_DES3_CBC_SHA1:
+- case ENCTYPE_DES3_CBC_RAW:
+ case ENCTYPE_ARCFOUR_HMAC:
+ case ENCTYPE_ARCFOUR_HMAC_EXP :
+ not_newer = TRUE;
+diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c
+index 90c9f626c6..935aca12f5 100644
+--- a/src/lib/krb5/krb/t_etypes.c
++++ b/src/lib/krb5/krb/t_etypes.c
+@@ -50,17 +50,6 @@ static struct {
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
+ 0, 0
+ },
+- /* Family followed by enctype */
+- { "aes des3-cbc-sha1-kd",
+- { 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+- ENCTYPE_DES3_CBC_SHA1, 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+- ENCTYPE_DES3_CBC_SHA1, 0 },
+- 0, 0
+- },
+ /* Family with enctype removed */
+ { "camellia -camellia256-cts-cmac",
+ { 0 },
+@@ -69,46 +58,15 @@ static struct {
+ },
+ /* Default set with family added and enctype removed */
+ { "DEFAULT +aes -arcfour-hmac-md5",
+- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 },
+- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
++ { ENCTYPE_ARCFOUR_HMAC, 0 },
++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
+ ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 },
+- { ENCTYPE_DES3_CBC_SHA1,
+- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+ 0 },
+ 0, 0
+ },
+- /* Default set with families removed and enctypes added (one redundant) */
+- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp",
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_ARCFOUR_HMAC, 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 },
+- 0, 0
+- },
+- /* Default set with family moved to front */
+- { "des3 +DEFAULT",
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+- ENCTYPE_DES3_CBC_SHA1, 0 },
+- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
+- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
+- 0, 0
+- },
+- /* Two families with default set removed (exotic case), enctype added */
+- { "aes +rc4 -DEFaulT des3-hmac-sha1",
+- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1,
+- ENCTYPE_ARCFOUR_HMAC, 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
+- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
+- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
+- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
+- 0, 0
+- },
+ /* Test krb5_set_default_in_tkt_ktypes */
+ { NULL,
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
+diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c
+index 10ba8d0ac7..24064ffcfd 100644
+--- a/src/lib/krb5/os/t_trace.c
++++ b/src/lib/krb5/os/t_trace.c
+@@ -65,8 +65,8 @@ main (int argc, char *argv[])
+ krb5_principal princ = &principal_data;
+ krb5_pa_data padata, padata2, **padatap;
+ krb5_enctype enctypes[4] = {
+- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN,
+- ENCTYPE_NULL};
++ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP,
++ ENCTYPE_UNKNOWN, ENCTYPE_NULL};
+ krb5_ccache ccache;
+ krb5_keytab keytab;
+ krb5_creds creds;
+diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref
+index 044a66999e..98fb14f3f7 100644
+--- a/src/lib/krb5/os/t_trace.ref
++++ b/src/lib/krb5/os/t_trace.ref
+@@ -41,7 +41,7 @@ int, krb5_principal type: ?
+ krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0
+ krb5_pa_data **, display list of padata type numbers: (empty)
+ krb5_enctype, display shortest name of enctype: aes128-cts
+-krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511
++krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511
+ krb5_enctype *, display list of enctypes: (empty)
+ krb5_ccache, display type:name: FILE:/path/to/ccache
+ krb5_keytab, display name: FILE:/etc/krb5.keytab
+diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h
+index e3d2846315..586661bb7e 100644
+--- a/src/plugins/preauth/pkinit/pkcs11.h
++++ b/src/plugins/preauth/pkinit/pkcs11.h
+@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t;
+ #define CKK_GENERIC_SECRET (0x10)
+ #define CKK_RC2 (0x11)
+ #define CKK_RC4 (0x12)
+-#define CKK_DES (0x13)
+-#define CKK_DES2 (0x14)
+-#define CKK_DES3 (0x15)
++/* #define CKK_DES (0x13) */
++/* #define CKK_DES2 (0x14) */
++/* #define CKK_DES3 (0x15) */
+ #define CKK_CAST (0x16)
+ #define CKK_CAST3 (0x17)
+ #define CKK_CAST128 (0x18)
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
+index 94a1b22fb1..65f6210727 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
++++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
+@@ -376,11 +376,11 @@ krb5_error_code server_process_dh
+ * krb5_algorithm_identifier
+ */
+ krb5_error_code create_krb5_supportedCMSTypes
+- (krb5_context context, /* IN */
+- pkinit_plg_crypto_context plg_cryptoctx, /* IN */
+- pkinit_req_crypto_context req_cryptoctx, /* IN */
+- pkinit_identity_crypto_context id_cryptoctx, /* IN */
+- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
++ (krb5_context context, /* IN */
++ pkinit_plg_crypto_context plg_cryptoctx, /* IN */
++ pkinit_req_crypto_context req_cryptoctx, /* IN */
++ pkinit_identity_crypto_context id_cryptoctx, /* IN */
++ krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
+
+ /*
+ * this functions takes in crypto specific representation of
+diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
+index 7f38e84910..99c93ac128 100644
+--- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c
++++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
+@@ -49,7 +49,6 @@ char eighteen_bs[9];
+ char party_u_name[] = "lha@SU.SE";
+ char party_v_name[] = "krbtgt/SU.SE@SU.SE";
+ int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
+-int enctype_des3 = ENCTYPE_DES3_CBC_SHA1;
+ const krb5_data lha_data = DATA_FROM_STRING("lha");
+
+ krb5_octet key1_hex[] =
+@@ -187,35 +186,6 @@ main(int argc, char **argv)
+ goto cleanup;
+ }
+
+- /* TEST 3: SHA-512/DES3 */
+- /* set up algorithm id */
+- alg_id.algorithm = sha512_id;
+-
+- enctype = enctype_des3;
+-
+- /* call pkinit_alg_agility_kdf() with test vector values*/
+- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
+- &alg_id.algorithm,
+- u_principal, v_principal,
+- enctype, &as_req, &pk_as_rep,
+- &key_block))) {
+- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d\n",
+- retval);
+- goto cleanup;
+- }
+-
+- /* compare key to expected key value */
+-
+- if ((key_block.length == sizeof(key3_hex)) &&
+- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) {
+- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n");
+- retval = 0;
+- } else {
+- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n");
+- retval = 1;
+- goto cleanup;
+- }
+-
+ cleanup:
+ /* release all allocated resources, whether good or bad return */
+ free(secret.data);
+diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c
+index 2279202d3a..96b0307d78 100644
+--- a/src/plugins/preauth/spake/t_vectors.c
++++ b/src/plugins/preauth/spake/t_vectors.c
+@@ -56,31 +56,6 @@ struct test {
+ const char *K2;
+ const char *K3;
+ } tests[] = {
+- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519,
+- /* initial key, w, x, y, T, S, K */
+- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E",
+- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37",
+- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723",
+- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25",
+- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362",
+- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7",
+- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292",
+- /* support, challenge, thash, body */
+- "A0093007A0053003020101",
+- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389"
+- "102E6BF610C1BFBED4616C8362A20930073005A003020101",
+- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B",
+- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572"
+- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018"
+- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730"
+- "303130313030303030305AA703020100A8053003020110",
+- /* K'[0], K'[1], K'[2], K'[3] */
+- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD",
+- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520",
+- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D",
+- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4",
+- },
+-
+ { ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519,
+ /* initial key, w, x, y, T, S, K */
+ "8846F7EAEE8FB117AD06BDD830B7586C",
+diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
+index 7494d7fcdb..2f95d89967 100755
+--- a/src/tests/gssapi/t_enctypes.py
++++ b/src/tests/gssapi/t_enctypes.py
+@@ -1,24 +1,17 @@
+ from k5test import *
+
+-# Define some convenience abbreviations for enctypes we will see in
+-# test program output. For background, aes256 and aes128 are "CFX
+-# enctypes", meaning that they imply support for RFC 4121, while des3
+-# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in
+-# t_enctypes output because that's how GSSAPI does raw triple-DES
+-# encryption without the RFC3961 framing.
++# Define some convenience abbreviations for enctypes we will see in test
++# program output. For background, aes256 and aes128 are "CFX enctypes",
++# meaning that they imply support for RFC 4121, while rc4 does not.
+ aes256 = 'aes256-cts-hmac-sha1-96'
+ aes128 = 'aes128-cts-hmac-sha1-96'
+-des3 = 'des3-cbc-sha1'
+-d_des3 = 'DEPRECATED:des3-cbc-sha1'
+-des3raw = 'des3-cbc-raw'
+-d_des3raw = 'DEPRECATED:des3-cbc-raw'
+ rc4 = 'arcfour-hmac'
+ d_rc4 = 'DEPRECATED:arcfour-hmac'
+
+ # These tests make assumptions about the default enctype lists, so set
+ # them explicitly rather than relying on the library defaults.
+-supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal'
+-conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'},
++supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal'
++conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'},
+ 'realms': {'$realm': {'supported_enctypes': supp}}}
+ realm = K5Realm(krb5_conf=conf)
+ shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save'))
+@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts',
+ test_err('acc aes128', None, 'aes128-cts',
+ 'Encryption type aes256-cts-hmac-sha1-96 not permitted')
+
+-# If the initiator constrains the permitted session enctypes to des3,
+-# no acceptor subkey will be generated because we can't upgrade to a
+-# CFX enctype.
+-test('init des3', 'des3', None,
+- tktenc=aes256, tktsession=d_des3,
+- proto='rfc1964', isubkey=des3raw, asubkey=None)
+-
+ # Force the ticket session key to be rc4, so we can test some subkey
+ # upgrade cases. The ticket encryption key remains aes256.
+ realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
+
+ # With no arguments, the initiator should send an upgrade list of
+-# [aes256 aes128 des3] and the acceptor should upgrade to an aes256
++# [aes256 aes128] and the acceptor should upgrade to an aes256
+ # subkey.
+ test('upgrade noargs', None, None,
+ tktenc=aes256, tktsession=d_rc4,
+@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
+ tktenc=aes256, tktsession=d_rc4,
+ proto='cfx', isubkey=rc4, asubkey=aes128)
+
+-# If the initiator permits rc4 but prefers des3, it will send an
+-# upgrade list of [des3], but the acceptor won't generate a subkey
+-# because des3 isn't a CFX enctype.
+-test('upgrade init des3+rc4', 'des3 rc4', None,
+- tktenc=aes256, tktsession=d_rc4,
+- proto='rfc1964', isubkey=rc4, asubkey=None)
+-
+ # If the acceptor permits only aes128, subkey negotiation will fail
+ # because the ticket session key and initiator subkey are
+ # non-permitted. (This is unfortunate if the acceptor's restriction
+diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c
+index 9876a11e67..fb8fe55111 100644
+--- a/src/tests/gssapi/t_invalid.c
++++ b/src/tests/gssapi/t_invalid.c
+@@ -84,18 +84,6 @@ struct test {
+ size_t toklen;
+ const char *token;
+ } tests[] = {
+- {
+- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW,
+- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20,
+- 24,
+- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7"
+- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D",
+- 65,
+- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04"
+- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8"
+- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10"
+- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4"
+- },
+ {
+ ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC,
+ SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8,
+diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c
+index 7368f752f0..bf22bd3da1 100644
+--- a/src/tests/gssapi/t_pcontok.c
++++ b/src/tests/gssapi/t_pcontok.c
+@@ -43,7 +43,6 @@
+ #include "k5-int.h"
+ #include "common.h"
+
+-#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04
+ #define SGN_ALG_HMAC_MD5 0x11
+
+ /*
+@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out)
+ ret = krb5_k_create_key(context, &seqkb, &seq);
+ check_k5err(context, "krb5_k_create_key", ret);
+
+- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) {
+- cktype = CKSUMTYPE_HMAC_SHA1_DES3;
+- cksize = 20;
+- ckusage = 23;
+- } else if (signalg == SGN_ALG_HMAC_MD5) {
+- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+- cksize = 8;
+- ckusage = 15;
+- } else {
++ if (signalg != SGN_ALG_HMAC_MD5)
+ abort();
+- }
++
++ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
++ cksize = 8;
++ ckusage = 15;
+
+ tlen = 20 + mech_krb5.length + cksize;
+ token = malloc(tlen);
+diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
+index f71774cdc9..d1857c433f 100644
+--- a/src/tests/gssapi/t_prf.c
++++ b/src/tests/gssapi/t_prf.c
+@@ -41,13 +41,6 @@ static struct {
+ const char *key2;
+ const char *out2;
+ } tests[] = {
+- { ENCTYPE_DES3_CBC_SHA1,
+- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2",
+- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9"
+- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB",
+- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E",
+- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190"
+- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" },
+ { ENCTYPE_ARCFOUR_HMAC,
+ "3BB3AE288C12B3B9D06B208A4151B3B6",
+ "9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28"
+diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
+index 97e2474bf8..47ea9e4b47 100644
+--- a/src/tests/t_authdata.py
++++ b/src/tests/t_authdata.py
+@@ -164,7 +164,7 @@ realm.run([kvno, 'restricted'])
+ # preferred krbtgt enctype changes.
+ mark('#8139 regression test')
+ realm.kinit(realm.user_princ, password('user'), ['-f'])
+-realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1',
++realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2',
+ realm.krbtgt_princ])
+ realm.run(['./forward'])
+ realm.run([kvno, realm.host_princ])
+diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py
+index c982508d8b..96e90a69d2 100644
+--- a/src/tests/t_etype_info.py
++++ b/src/tests/t_etype_info.py
+@@ -1,6 +1,6 @@
+ from k5test import *
+
+-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac'
++supported_enctypes = 'aes128-cts rc4-hmac'
+ conf = {'libdefaults': {'allow_weak_crypto': 'true'},
+ 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}}
+ realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf)
+@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines):
+ # With no newer enctypes in the request, PA-ETYPE-INFO2,
+ # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one
+ # key for the most preferred matching enctype.
+-test_etinfo('user', 'rc4-hmac-exp des3 rc4',
+- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser',
+- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser',
++test_etinfo('user', 'rc4-hmac-exp rc4',
++ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser',
++ 'asrep etype_info rc4-hmac KRBTEST.COMuser',
+ 'asrep pw_salt KRBTEST.COMuser'])
+
+ # With a newer enctype in the request (even if it is not the most
+@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts',
+
+ # In preauth-required errors, PA-PW-SALT does not appear, but the same
+ # etype-info2 values are expected.
+-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4',
+- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser',
+- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser'])
++test_etinfo('preauthuser', 'rc4-hmac-exp rc4',
++ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser',
++ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser'])
+ test_etinfo('preauthuser', 'rc4 aes256-cts',
+ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser'])
+
+@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts',
+ # (to allow for preauth mechs which don't depend on long-term keys).
+ # An AS-REP cannot be generated without preauth as there is no reply
+ # key.
+-test_etinfo('rc4user', 'des3', [])
+-test_etinfo('nokeyuser', 'des3', [])
++test_etinfo('rc4user', 'aes128-cts', [])
++test_etinfo('nokeyuser', 'aes128-cts', [])
+
+ # Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED
+ # error if the client does optimistic preauth.
+diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
+index 2c825a6922..f29e0d5500 100755
+--- a/src/tests/t_keyrollover.py
++++ b/src/tests/t_keyrollover.py
+@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg)
+
+ # Test that the KDC only accepts the first enctype for a kvno, for a
+ # local-realm TGS request. To set this up, we abuse an edge-case
+-# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at
++# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at
+ # kvno 1 and cache a krbtgt ticket.
+-realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1',
++realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128',
+ realm.krbtgt_princ])
+ realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
+ realm.kinit(realm.user_princ, password('user'))
+@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
+ realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
+ out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
+ if 'vno 1, aes256-cts' not in out or \
+- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
++ 'vno 1, aes128-cts-hmac-sha256-128' not in out:
+ fail('keyrollover: setup for TGS enctype test failed')
+-# Now present the DES3 ticket to the KDC and make sure it's rejected.
++# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected.
+ realm.run([kvno, realm.host_princ], expected_code=1)
+
+ realm.stop()
+diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
+index 32f4070bcb..da0ed1831e 100755
+--- a/src/tests/t_mkey.py
++++ b/src/tests/t_mkey.py
+@@ -7,7 +7,6 @@ import struct
+ # default enctype for master keys.
+ aes256 = 'aes256-cts-hmac-sha1-96'
+ aes128 = 'aes128-cts-hmac-sha1-96'
+-des3 = 'des3-cbc-sha1'
+ defetype = aes256
+
+ realm = K5Realm(create_host=False, start_kadmind=True)
+@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out:
+
+ realm.stop()
+
+-# Load a dump file created with krb5 1.6, before the master key
+-# rollover changes were introduced. Write out an old-format stash
+-# file consistent with the dump's master password ("footes"). The K/M
+-# entry in this database will not have actkvno tl-data because it was
+-# created prior to master key rollover support. Verify that:
+-# 1. We can access the database using the old-format stash file.
+-# 2. list_mkeys displays the same list as for a post-1.7 KDB.
+-mark('pre-1.7 stash file')
+-dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16')
+-os.remove(stash_file)
+-f = open(stash_file, 'wb')
+-f.write(struct.pack('=HL24s', 16, 24,
+- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0'
+- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86'))
+-f.close()
+-realm.run([kdb5_util, 'load', dumpfile])
+-nprincs = len(realm.run([kadminl, 'listprincs']).splitlines())
+-check_mkvno('K/M', 1)
+-check_mkey_list((1, des3, True, True))
+-
+-# Create a new master key and verify that, without actkvkno tl-data:
+-# 1. list_mkeys displays the same as for a post-1.7 KDB.
+-# 2. update_princ_encryption still targets mkvno 1.
+-# 3. libkadm5 still uses mkvno 1 for key changes.
+-# 4. use_mkey creates the same list as for a post-1.7 KDB.
+-mark('rollover from pre-1.7 KDB')
+-add_mkey([])
+-check_mkey_list((2, defetype, False, False), (1, des3, True, True))
+-update_princ_encryption(False, 1, 0, nprincs - 1)
+-realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ])
+-check_mkvno(realm.user_princ, 1)
+-realm.run([kdb5_util, 'use_mkey', '2', 'now-1day'])
+-check_mkey_list((2, defetype, True, True), (1, des3, True, False))
+-
+ # Regression test for #8395. Purge the master key and verify that a
+ # master key fetch does not segfault.
+ mark('#8395 regression test')
+diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py
+index 65084bbf35..55ca897459 100755
+--- a/src/tests/t_salt.py
++++ b/src/tests/t_salt.py
+@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2):
+
+ # Enctype/salt pairs chosen with non-default salt types.
+ # The enctypes are mostly arbitrary.
+-salts = [('des3-cbc-sha1', 'norealm'),
++salts = [('aes128-cts-hmac-sha1-96', 'norealm'),
+ ('arcfour-hmac', 'onlyrealm'),
+ ('aes128-cts-hmac-sha1-96', 'special')]
+ # These enctypes are chosen to cover the different string-to-key routines.
+ # Omit ":normal" from aes256 to check that salttype defaulting works.
+-second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal',
+- 'des3-cbc-sha1:normal']
++second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal']
+
+ # Test using different salt types in a principal's key list.
+ # Parameters from one key in the list must not leak over to later ones.
+diff --git a/src/util/k5test.py b/src/util/k5test.py
+index 619f1995f8..771f82e3cc 100644
+--- a/src/util/k5test.py
++++ b/src/util/k5test.py
+@@ -1344,13 +1344,6 @@ _passes = [
+ # No special settings; exercises AES256.
+ ('default', None, None, None),
+
+- # Exercise the DES3 enctype.
+- ('des3', None,
+- {'libdefaults': {'permitted_enctypes': 'des3'}},
+- {'realms': {'$realm': {
+- 'supported_enctypes': 'des3-cbc-sha1:normal',
+- 'master_key_type': 'des3-cbc-sha1'}}}),
+-
+ # Exercise the arcfour enctype.
+ ('arcfour', None,
+ {'libdefaults': {'permitted_enctypes': 'rc4'}},
+diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
+index 1aebdd0b4a..c38eefd2bd 100644
+--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm
++++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
+@@ -79,19 +79,6 @@ will have an entry in the Encryption type column. <br>
+ <th>Description</th>
+ </tr>
+ <tr>
+-<th id="th2"> des3- </th>
+- <td> The triple DES family improves on
+-the original DES (Data Encryption Standard) by using 3 separate 56-bit
+-keys. Some modes of 3DES are considered weak while others are strong
+-(if slow). <ul id="helpul">
+-<li> des3-cbc-sha1</li>
+-<li> des3-cbc-raw (<b>weak</b>) </li>
+-<li>des3-hmac-sha1 </li>
+-<li>des3-cbc-sha1-kd </li>
+-</ul>
+-</td>
+- </tr>
+-<tr>
+ <th id="th2"> aes </th>
+ <td>The AES Advanced Encryption Standard
+ family, like 3DES, is a symmetric block cipher and was designed
+--
+2.38.1
+
diff --git a/SOURCES/0005-downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch b/SOURCES/0005-downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
new file mode 100644
index 0000000..b4db298
--- /dev/null
+++ b/SOURCES/0005-downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
@@ -0,0 +1,655 @@
+From b8e3a859f8904d395ea0e1a7d6c49a791029711c Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Fri, 9 Nov 2018 15:12:21 -0500
+Subject: [PATCH] [downstream] FIPS with PRNG and RADIUS and MD4
+
+NB: Use openssl's PRNG in FIPS mode and taint within krad.
+
+A lot of the FIPS error conditions from OpenSSL are incredibly
+mysterious (at best, things return NULL unexpectedly; at worst,
+internal assertions are tripped; most of the time, you just get
+ENOMEM). In order to cope with this, we need to have some level of
+awareness of what we can and can't safely call.
+
+This will slow down some calls slightly (FIPS_mode() takes multiple
+locks), but not for any ciphers we care about - which is to say that
+AES is fine. Shame about SPAKE though.
+
+post6 restores MD4 (and therefore keygen-only RC4).
+
+post7 restores MD5 and adds radius_md5_fips_override.
+
+post8 silences a static analyzer warning.
+
+post9 add missing includes for FIPS_mode() macro
+
+Last-updated: krb5-1.20.1
+---
+ doc/admin/conf_files/krb5_conf.rst | 6 +++
+ src/lib/crypto/krb/prng.c | 17 ++++++-
+ .../crypto/openssl/enc_provider/camellia.c | 7 +++
+ src/lib/crypto/openssl/enc_provider/rc4.c | 17 ++++++-
+ .../crypto/openssl/hash_provider/hash_evp.c | 12 +++++
+ src/lib/crypto/openssl/hmac.c | 7 ++-
+ src/lib/krad/attr.c | 46 ++++++++++++++-----
+ src/lib/krad/attrset.c | 5 +-
+ src/lib/krad/internal.h | 32 ++++++++++++-
+ src/lib/krad/packet.c | 22 +++++----
+ src/lib/krad/remote.c | 10 +++-
+ src/lib/krad/t_attr.c | 3 +-
+ src/lib/krad/t_attrset.c | 4 +-
+ src/plugins/preauth/spake/spake_client.c | 10 ++++
+ src/plugins/preauth/spake/spake_kdc.c | 10 ++++
+ 15 files changed, 175 insertions(+), 33 deletions(-)
+
+diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
+index d5d6e06ebb..2a4962069f 100644
+--- a/doc/admin/conf_files/krb5_conf.rst
++++ b/doc/admin/conf_files/krb5_conf.rst
+@@ -330,6 +330,12 @@ The libdefaults section may contain any of the following relations:
+ qualification of shortnames, set this relation to the empty string
+ with ``qualify_shortname = ""``. (New in release 1.18.)
+
++**radius_md5_fips_override**
++ Downstream-only option to enable use of MD5 in RADIUS
++ communication (libkrad). This allows for local (or protected
++ tunnel) communication with a RADIUS server that doesn't use krad
++ (e.g., freeradius) while in FIPS mode.
++
+ **rdns**
+ If this flag is true, reverse name lookup will be used in addition
+ to forward name lookup to canonicalizing hostnames for use in
+diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c
+index d6b79e2dea..ae37c77518 100644
+--- a/src/lib/crypto/krb/prng.c
++++ b/src/lib/crypto/krb/prng.c
+@@ -26,6 +26,14 @@
+
+ #include "crypto_int.h"
+
++#include <openssl/rand.h>
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/fips.h>
++#else
++#include <openssl/crypto.h>
++#endif
++
+ krb5_error_code KRB5_CALLCONV
+ krb5_c_random_seed(krb5_context context, krb5_data *data)
+ {
+@@ -96,9 +104,16 @@ cleanup:
+ static krb5_boolean
+ get_os_entropy(unsigned char *buf, size_t len)
+ {
+-#if defined(__linux__) && defined(SYS_getrandom)
+ int r;
+
++ /* A wild FIPS mode appeared! */
++ if (FIPS_mode()) {
++ /* The return codes on this API are not good */
++ r = RAND_bytes(buf, len);
++ return r == 1;
++ }
++
++#if defined(__linux__) && defined(SYS_getrandom)
+ while (len > 0) {
+ /*
+ * Pull from the /dev/urandom pool, but require it to have been seeded.
+diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c
+index 01920e6ce1..3dd3b0624f 100644
+--- a/src/lib/crypto/openssl/enc_provider/camellia.c
++++ b/src/lib/crypto/openssl/enc_provider/camellia.c
+@@ -32,6 +32,7 @@
+ #include <openssl/camellia.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/core_names.h>
++#include <openssl/fips.h>
+ #else
+ #include <openssl/modes.h>
+ #endif
+@@ -387,6 +388,9 @@ krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+ unsigned char blockY[CAMELLIA_BLOCK_SIZE], blockB[CAMELLIA_BLOCK_SIZE];
+ struct iov_cursor cursor;
+
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ if (output->length < CAMELLIA_BLOCK_SIZE)
+ return KRB5_BAD_MSIZE;
+
+@@ -418,6 +422,9 @@ static krb5_error_code
+ krb5int_camellia_init_state (const krb5_keyblock *key, krb5_keyusage usage,
+ krb5_data *state)
+ {
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ state->length = 16;
+ state->data = (void *) malloc(16);
+ if (state->data == NULL)
+diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
+index 448d563348..6a83f10d27 100644
+--- a/src/lib/crypto/openssl/enc_provider/rc4.c
++++ b/src/lib/crypto/openssl/enc_provider/rc4.c
+@@ -38,6 +38,10 @@
+
+ #include <openssl/evp.h>
+
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/fips.h>
++#endif
++
+ /*
+ * The loopback field is a pointer to the structure. If the application copies
+ * the state (not a valid operation, but one which happens to works with some
+@@ -69,6 +73,9 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
+ EVP_CIPHER_CTX *ctx = NULL;
+ struct arcfour_state *arcstate;
+
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ arcstate = (state != NULL) ? (void *)state->data : NULL;
+ if (arcstate != NULL) {
+ ctx = arcstate->ctx;
+@@ -116,7 +123,12 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
+ static void
+ k5_arcfour_free_state(krb5_data *state)
+ {
+- struct arcfour_state *arcstate = (void *)state->data;
++ struct arcfour_state *arcstate;
++
++ if (FIPS_mode())
++ return;
++
++ arcstate = (void *) state->data;
+
+ EVP_CIPHER_CTX_free(arcstate->ctx);
+ free(arcstate);
+@@ -128,6 +140,9 @@ k5_arcfour_init_state(const krb5_keyblock *key,
+ {
+ struct arcfour_state *arcstate;
+
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ /*
+ * The cipher state here is a saved pointer to a struct arcfour_state
+ * object, rather than a flat byte array as in most enc providers. The
+diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
+index f2fbffdb29..11659908bb 100644
+--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
++++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
+@@ -60,6 +60,11 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
+ if (ctx == NULL)
+ return ENOMEM;
+
++ if (type == EVP_md4() || type == EVP_md5()) {
++ /* See comments below in hash_md4() and hash_md5(). */
++ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
++ }
++
+ ok = EVP_DigestInit_ex(ctx, type, NULL);
+ for (i = 0; i < num_data; i++) {
+ if (!SIGN_IOV(&data[i]))
+@@ -78,6 +83,11 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
+ static krb5_error_code
+ hash_md4(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+ {
++ /*
++ * MD4 is needed in FIPS mode to perform key generation for RC4 keys used
++ * by IPA. These keys are only used along a (separately) secured channel
++ * for legacy reasons when performing trusts to Active Directory.
++ */
+ return hash_evp(EVP_md4(), data, num_data, output);
+ }
+
+@@ -90,6 +100,8 @@ const struct krb5_hash_provider krb5int_hash_md4 = {
+ static krb5_error_code
+ hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+ {
++ /* MD5 is needed in FIPS mode for communication with RADIUS servers. This
++ * is gated in libkrad by libdefaults->radius_md5_fips_override. */
+ return hash_evp(EVP_md5(), data, num_data, output);
+ }
+
+diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c
+index bf12b8d6a0..25a419d73a 100644
+--- a/src/lib/crypto/openssl/hmac.c
++++ b/src/lib/crypto/openssl/hmac.c
+@@ -59,6 +59,7 @@
+ #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/params.h>
+ #include <openssl/core_names.h>
++#include <openssl/fips.h>
+ #else
+ #include <openssl/hmac.h>
+ #endif
+@@ -111,7 +112,11 @@ map_digest(const struct krb5_hash_provider *hash)
+ return EVP_sha256();
+ else if (hash == &krb5int_hash_sha384)
+ return EVP_sha384();
+- else if (hash == &krb5int_hash_md5)
++
++ if (FIPS_mode())
++ return NULL;
++
++ if (hash == &krb5int_hash_md5)
+ return EVP_md5();
+ else if (hash == &krb5int_hash_md4)
+ return EVP_md4();
+diff --git a/src/lib/krad/attr.c b/src/lib/krad/attr.c
+index 9c13d9d755..42d354a3b5 100644
+--- a/src/lib/krad/attr.c
++++ b/src/lib/krad/attr.c
+@@ -38,7 +38,8 @@
+ typedef krb5_error_code
+ (*attribute_transform_fn)(krb5_context ctx, const char *secret,
+ const unsigned char *auth, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *is_fips);
+
+ typedef struct {
+ const char *name;
+@@ -51,12 +52,14 @@ typedef struct {
+ static krb5_error_code
+ user_password_encode(krb5_context ctx, const char *secret,
+ const unsigned char *auth, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *is_fips);
+
+ static krb5_error_code
+ user_password_decode(krb5_context ctx, const char *secret,
+ const unsigned char *auth, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *ignored);
+
+ static const attribute_record attributes[UCHAR_MAX] = {
+ {"User-Name", 1, MAX_ATTRSIZE, NULL, NULL},
+@@ -128,7 +131,8 @@ static const attribute_record attributes[UCHAR_MAX] = {
+ static krb5_error_code
+ user_password_encode(krb5_context ctx, const char *secret,
+ const unsigned char *auth, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *is_fips)
+ {
+ const unsigned char *indx;
+ krb5_error_code retval;
+@@ -154,8 +158,15 @@ user_password_encode(krb5_context ctx, const char *secret,
+ for (blck = 0, indx = auth; blck * BLOCKSIZE < len; blck++) {
+ memcpy(tmp.data + seclen, indx, BLOCKSIZE);
+
+- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp,
+- &sum);
++ if (kr_use_fips(ctx)) {
++ /* Skip encryption here. Taint so that we won't pass it out of
++ * the machine by accident. */
++ *is_fips = TRUE;
++ sum.contents = calloc(1, BLOCKSIZE);
++ } else {
++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp,
++ &sum);
++ }
+ if (retval != 0) {
+ zap(tmp.data, tmp.length);
+ zap(outbuf, len);
+@@ -180,7 +191,8 @@ user_password_encode(krb5_context ctx, const char *secret,
+ static krb5_error_code
+ user_password_decode(krb5_context ctx, const char *secret,
+ const unsigned char *auth, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *is_fips)
+ {
+ const unsigned char *indx;
+ krb5_error_code retval;
+@@ -204,8 +216,15 @@ user_password_decode(krb5_context ctx, const char *secret,
+ for (blck = 0, indx = auth; blck * BLOCKSIZE < in->length; blck++) {
+ memcpy(tmp.data + seclen, indx, BLOCKSIZE);
+
+- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0,
+- &tmp, &sum);
++ if (kr_use_fips(ctx)) {
++ /* Skip encryption here. Taint so that we won't pass it out of
++ * the machine by accident. */
++ *is_fips = TRUE;
++ sum.contents = calloc(1, BLOCKSIZE);
++ } else {
++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0,
++ &tmp, &sum);
++ }
+ if (retval != 0) {
+ zap(tmp.data, tmp.length);
+ zap(outbuf, in->length);
+@@ -248,7 +267,7 @@ krb5_error_code
+ kr_attr_encode(krb5_context ctx, const char *secret,
+ const unsigned char *auth, krad_attr type,
+ const krb5_data *in, unsigned char outbuf[MAX_ATTRSIZE],
+- size_t *outlen)
++ size_t *outlen, krb5_boolean *is_fips)
+ {
+ krb5_error_code retval;
+
+@@ -265,7 +284,8 @@ kr_attr_encode(krb5_context ctx, const char *secret,
+ return 0;
+ }
+
+- return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen);
++ return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen,
++ is_fips);
+ }
+
+ krb5_error_code
+@@ -274,6 +294,7 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
+ {
+ krb5_error_code retval;
++ krb5_boolean ignored;
+
+ retval = kr_attr_valid(type, in);
+ if (retval != 0)
+@@ -288,7 +309,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
+ return 0;
+ }
+
+- return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen);
++ return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen,
++ &ignored);
+ }
+
+ krad_attr
+diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c
+index f309f1581c..6ec031e320 100644
+--- a/src/lib/krad/attrset.c
++++ b/src/lib/krad/attrset.c
+@@ -167,7 +167,8 @@ krad_attrset_copy(const krad_attrset *set, krad_attrset **copy)
+ krb5_error_code
+ kr_attrset_encode(const krad_attrset *set, const char *secret,
+ const unsigned char *auth,
+- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen)
++ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
++ krb5_boolean *is_fips)
+ {
+ unsigned char buffer[MAX_ATTRSIZE];
+ krb5_error_code retval;
+@@ -181,7 +182,7 @@ kr_attrset_encode(const krad_attrset *set, const char *secret,
+
+ K5_TAILQ_FOREACH(a, &set->list, list) {
+ retval = kr_attr_encode(set->ctx, secret, auth, a->type, &a->attr,
+- buffer, &attrlen);
++ buffer, &attrlen, is_fips);
+ if (retval != 0)
+ return retval;
+
+diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h
+index 7619563fc5..a17b6f39b1 100644
+--- a/src/lib/krad/internal.h
++++ b/src/lib/krad/internal.h
+@@ -39,6 +39,12 @@
+ #include <sys/socket.h>
+ #include <netdb.h>
+
++#include <openssl/crypto.h>
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/fips.h>
++#endif
++
+ #ifndef UCHAR_MAX
+ #define UCHAR_MAX 255
+ #endif
+@@ -49,6 +55,13 @@
+
+ typedef struct krad_remote_st krad_remote;
+
++struct krad_packet_st {
++ char buffer[KRAD_PACKET_SIZE_MAX];
++ krad_attrset *attrset;
++ krb5_data pkt;
++ krb5_boolean is_fips;
++};
++
+ /* Validate constraints of an attribute. */
+ krb5_error_code
+ kr_attr_valid(krad_attr type, const krb5_data *data);
+@@ -57,7 +70,8 @@ kr_attr_valid(krad_attr type, const krb5_data *data);
+ krb5_error_code
+ kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth,
+ krad_attr type, const krb5_data *in,
+- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
++ krb5_boolean *is_fips);
+
+ /* Decode an attribute. */
+ krb5_error_code
+@@ -69,7 +83,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
+ krb5_error_code
+ kr_attrset_encode(const krad_attrset *set, const char *secret,
+ const unsigned char *auth,
+- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen);
++ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
++ krb5_boolean *is_fips);
+
+ /* Decode attributes from a buffer. */
+ krb5_error_code
+@@ -156,4 +171,17 @@ gai_error_code(int err)
+ }
+ }
+
++static inline krb5_boolean
++kr_use_fips(krb5_context ctx)
++{
++ int val = 0;
++
++ if (!FIPS_mode())
++ return 0;
++
++ (void)profile_get_boolean(ctx->profile, "libdefaults",
++ "radius_md5_fips_override", NULL, 0, &val);
++ return !val;
++}
++
+ #endif /* INTERNAL_H_ */
+diff --git a/src/lib/krad/packet.c b/src/lib/krad/packet.c
+index c597174b65..fc2d248001 100644
+--- a/src/lib/krad/packet.c
++++ b/src/lib/krad/packet.c
+@@ -53,12 +53,6 @@ typedef unsigned char uchar;
+ #define pkt_auth(p) ((uchar *)offset(&(p)->pkt, OFFSET_AUTH))
+ #define pkt_attr(p) ((unsigned char *)offset(&(p)->pkt, OFFSET_ATTR))
+
+-struct krad_packet_st {
+- char buffer[KRAD_PACKET_SIZE_MAX];
+- krad_attrset *attrset;
+- krb5_data pkt;
+-};
+-
+ typedef struct {
+ uchar x[(UCHAR_MAX + 1) / 8];
+ } idmap;
+@@ -187,8 +181,14 @@ auth_generate_response(krb5_context ctx, const char *secret,
+ memcpy(data.data + response->pkt.length, secret, strlen(secret));
+
+ /* Hash it. */
+- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data,
+- &hash);
++ if (kr_use_fips(ctx)) {
++ /* This checksum does very little security-wise anyway, so don't
++ * taint. */
++ hash.contents = calloc(1, AUTH_FIELD_SIZE);
++ } else {
++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data,
++ &hash);
++ }
+ free(data.data);
+ if (retval != 0)
+ return retval;
+@@ -276,7 +276,7 @@ krad_packet_new_request(krb5_context ctx, const char *secret, krad_code code,
+
+ /* Encode the attributes. */
+ retval = kr_attrset_encode(set, secret, pkt_auth(pkt), pkt_attr(pkt),
+- &attrset_len);
++ &attrset_len, &pkt->is_fips);
+ if (retval != 0)
+ goto error;
+
+@@ -314,7 +314,7 @@ krad_packet_new_response(krb5_context ctx, const char *secret, krad_code code,
+
+ /* Encode the attributes. */
+ retval = kr_attrset_encode(set, secret, pkt_auth(request), pkt_attr(pkt),
+- &attrset_len);
++ &attrset_len, &pkt->is_fips);
+ if (retval != 0)
+ goto error;
+
+@@ -451,6 +451,8 @@ krad_packet_decode_response(krb5_context ctx, const char *secret,
+ const krb5_data *
+ krad_packet_encode(const krad_packet *pkt)
+ {
++ if (pkt->is_fips)
++ return NULL;
+ return &pkt->pkt;
+ }
+
+diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
+index 06ae751bc8..929f1cef67 100644
+--- a/src/lib/krad/remote.c
++++ b/src/lib/krad/remote.c
+@@ -263,7 +263,7 @@ on_io_write(krad_remote *rr)
+ request *r;
+
+ K5_TAILQ_FOREACH(r, &rr->list, list) {
+- tmp = krad_packet_encode(r->request);
++ tmp = &r->request->pkt;
+
+ /* If the packet has already been sent, do nothing. */
+ if (r->sent == tmp->length)
+@@ -359,7 +359,7 @@ on_io_read(krad_remote *rr)
+ if (req != NULL) {
+ K5_TAILQ_FOREACH(r, &rr->list, list) {
+ if (r->request == req &&
+- r->sent == krad_packet_encode(req)->length) {
++ r->sent == req->pkt.length) {
+ request_finish(r, 0, rsp);
+ break;
+ }
+@@ -460,6 +460,12 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
+ (krad_packet_iter_cb)iterator, &r, &tmp);
+ if (retval != 0)
+ goto error;
++ else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL &&
++ rr->info->ai_family != AF_UNIX) {
++ /* This would expose cleartext passwords, so abort. */
++ retval = ESOCKTNOSUPPORT;
++ goto error;
++ }
+
+ K5_TAILQ_FOREACH(r, &rr->list, list) {
+ if (r->request == tmp) {
+diff --git a/src/lib/krad/t_attr.c b/src/lib/krad/t_attr.c
+index eb2a780c89..4d285ad9de 100644
+--- a/src/lib/krad/t_attr.c
++++ b/src/lib/krad/t_attr.c
+@@ -50,6 +50,7 @@ main()
+ const char *tmp;
+ krb5_data in;
+ size_t len;
++ krb5_boolean is_fips = FALSE;
+
+ noerror(krb5_init_context(&ctx));
+
+@@ -73,7 +74,7 @@ main()
+ in = string2data((char *)decoded);
+ retval = kr_attr_encode(ctx, secret, auth,
+ krad_attr_name2num("User-Password"),
+- &in, outbuf, &len);
++ &in, outbuf, &len, &is_fips);
+ insist(retval == 0);
+ insist(len == sizeof(encoded));
+ insist(memcmp(outbuf, encoded, len) == 0);
+diff --git a/src/lib/krad/t_attrset.c b/src/lib/krad/t_attrset.c
+index 7928335ca4..0f95762534 100644
+--- a/src/lib/krad/t_attrset.c
++++ b/src/lib/krad/t_attrset.c
+@@ -49,6 +49,7 @@ main()
+ krb5_context ctx;
+ size_t len = 0, encode_len;
+ krb5_data tmp;
++ krb5_boolean is_fips = FALSE;
+
+ noerror(krb5_init_context(&ctx));
+ noerror(krad_attrset_new(ctx, &set));
+@@ -62,7 +63,8 @@ main()
+ noerror(krad_attrset_add(set, krad_attr_name2num("User-Password"), &tmp));
+
+ /* Encode attrset. */
+- noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len));
++ noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len,
++ &is_fips));
+ krad_attrset_free(set);
+
+ /* Manually encode User-Name. */
+diff --git a/src/plugins/preauth/spake/spake_client.c b/src/plugins/preauth/spake/spake_client.c
+index 00734a13b5..13c699071f 100644
+--- a/src/plugins/preauth/spake/spake_client.c
++++ b/src/plugins/preauth/spake/spake_client.c
+@@ -38,6 +38,12 @@
+ #include "groups.h"
+ #include <krb5/clpreauth_plugin.h>
+
++#include <openssl/crypto.h>
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/fips.h>
++#endif
++
+ typedef struct reqstate_st {
+ krb5_pa_spake *msg; /* set in prep_questions, used in process */
+ krb5_keyblock *initial_key;
+@@ -375,6 +381,10 @@ clpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver,
+
+ if (maj_ver != 1)
+ return KRB5_PLUGIN_VER_NOTSUPP;
++
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ vt = (krb5_clpreauth_vtable)vtable;
+ vt->name = "spake";
+ vt->pa_type_list = pa_types;
+diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c
+index 1a772d450f..3394f8a58e 100644
+--- a/src/plugins/preauth/spake/spake_kdc.c
++++ b/src/plugins/preauth/spake/spake_kdc.c
+@@ -41,6 +41,12 @@
+
+ #include <krb5/kdcpreauth_plugin.h>
+
++#include <openssl/crypto.h>
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/fips.h>
++#endif
++
+ /*
+ * The SPAKE kdcpreauth module uses a secure cookie containing the following
+ * concatenated fields (all integer fields are big-endian):
+@@ -551,6 +557,10 @@ kdcpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver,
+
+ if (maj_ver != 1)
+ return KRB5_PLUGIN_VER_NOTSUPP;
++
++ if (FIPS_mode())
++ return KRB5_CRYPTO_INTERNAL;
++
+ vt = (krb5_kdcpreauth_vtable)vtable;
+ vt->name = "spake";
+ vt->pa_type_list = pa_types;
+--
+2.38.1
+
diff --git a/SOURCES/0006-downstream-Allow-krad-UDP-TCP-localhost-connection-w.patch b/SOURCES/0006-downstream-Allow-krad-UDP-TCP-localhost-connection-w.patch
new file mode 100644
index 0000000..5363d87
--- /dev/null
+++ b/SOURCES/0006-downstream-Allow-krad-UDP-TCP-localhost-connection-w.patch
@@ -0,0 +1,82 @@
+From 813f3840c7b9f32c1d96dcd847be91fe545653eb Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Thu, 5 May 2022 17:15:12 +0200
+Subject: [PATCH] [downstream] Allow krad UDP/TCP localhost connection
+ with FIPS
+
+libkrad allows to establish connections only to UNIX socket in FIPS
+mode, because MD5 digest is not considered safe enough to be used for
+network communication. However, FreeRadius requires connection on TCP or
+UDP ports.
+
+This commit allows TCP or UDP connections in FIPS mode if destination is
+localhost.
+
+Resolves: rhbz#2082189
+---
+ src/lib/krad/remote.c | 35 +++++++++++++++++++++++++++++++++--
+ 1 file changed, 33 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
+index 929f1cef67..063f17a613 100644
+--- a/src/lib/krad/remote.c
++++ b/src/lib/krad/remote.c
+@@ -33,6 +33,7 @@
+
+ #include <string.h>
+ #include <unistd.h>
++#include <stdbool.h>
+
+ #include <sys/un.h>
+
+@@ -74,6 +75,35 @@ on_io(verto_ctx *ctx, verto_ev *ev);
+ static void
+ on_timeout(verto_ctx *ctx, verto_ev *ev);
+
++static in_addr_t get_in_addr(struct addrinfo *info)
++{ return ((struct sockaddr_in *)(info->ai_addr))->sin_addr.s_addr; }
++
++static struct in6_addr *get_in6_addr(struct addrinfo *info)
++{ return &(((struct sockaddr_in6 *)(info->ai_addr))->sin6_addr); }
++
++static bool is_inet_localhost(struct addrinfo *info)
++{
++ struct addrinfo *p;
++
++ for (p = info; p; p = p->ai_next) {
++ switch (p->ai_family) {
++ case AF_INET:
++ if (IN_LOOPBACKNET != (get_in_addr(p) & IN_CLASSA_NET
++ >> IN_CLASSA_NSHIFT))
++ return false;
++ break;
++ case AF_INET6:
++ if (!IN6_IS_ADDR_LOOPBACK(get_in6_addr(p)))
++ return false;
++ break;
++ default:
++ return false;
++ }
++ }
++
++ return true;
++}
++
+ /* Iterate over the set of outstanding packets. */
+ static const krad_packet *
+ iterator(request **out)
+@@ -460,8 +490,9 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
+ (krad_packet_iter_cb)iterator, &r, &tmp);
+ if (retval != 0)
+ goto error;
+- else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL &&
+- rr->info->ai_family != AF_UNIX) {
++ else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL
++ && rr->info->ai_family != AF_UNIX
++ && !is_inet_localhost(rr->info)) {
+ /* This would expose cleartext passwords, so abort. */
+ retval = ESOCKTNOSUPPORT;
+ goto error;
+--
+2.38.1
+
diff --git a/SOURCES/0007-Add-configure-variable-for-default-PKCS-11-module.patch b/SOURCES/0007-Add-configure-variable-for-default-PKCS-11-module.patch
new file mode 100644
index 0000000..e07d85e
--- /dev/null
+++ b/SOURCES/0007-Add-configure-variable-for-default-PKCS-11-module.patch
@@ -0,0 +1,201 @@
+From c0a6d66e98e62b94d72bb51b8d6c00130a951215 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Fri, 22 Apr 2022 14:12:37 +0200
+Subject: [PATCH] Add configure variable for default PKCS#11 module
+
+[ghudson@mit.edu: added documentation of configure variable and doc
+substitution; shortened commit message]
+
+ticket: 9058 (new)
+---
+ doc/admin/conf_files/krb5_conf.rst | 2 +-
+ doc/build/options2configure.rst | 3 +++
+ doc/conf.py | 3 +++
+ doc/mitK5defaults.rst | 25 +++++++++++++------------
+ src/configure.ac | 8 ++++++++
+ src/doc/Makefile.in | 2 ++
+ src/man/Makefile.in | 4 +++-
+ src/man/krb5.conf.man | 2 +-
+ src/plugins/preauth/pkinit/pkinit.h | 1 -
+ 9 files changed, 34 insertions(+), 16 deletions(-)
+
+diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
+index 2a4962069f..a33711d918 100644
+--- a/doc/admin/conf_files/krb5_conf.rst
++++ b/doc/admin/conf_files/krb5_conf.rst
+@@ -1017,7 +1017,7 @@ information for PKINIT is as follows:
+ All keyword/values are optional. *modname* specifies the location
+ of a library implementing PKCS #11. If a value is encountered
+ with no keyword, it is assumed to be the *modname*. If no
+- module-name is specified, the default is ``opensc-pkcs11.so``.
++ module-name is specified, the default is |pkcs11_modname|.
+ ``slotid=`` and/or ``token=`` may be specified to force the use of
+ a particular smard card reader or token if there is more than one
+ available. ``certid=`` and/or ``certlabel=`` may be specified to
+diff --git a/doc/build/options2configure.rst b/doc/build/options2configure.rst
+index 9e355dc2c5..e879b18bd2 100644
+--- a/doc/build/options2configure.rst
++++ b/doc/build/options2configure.rst
+@@ -137,6 +137,9 @@ Environment variables
+ This option allows one to specify libraries to be passed to the
+ linker (e.g., ``-l<library>``)
+
++**PKCS11_MODNAME=**\ *library*
++ Override the built-in default PKCS11 library name.
++
+ **SS_LIB=**\ *libs*...
+ If ``-lss`` is not the correct way to link in your installed ss
+ library, for example if additional support libraries are needed,
+diff --git a/doc/conf.py b/doc/conf.py
+index 12168fa695..0ab5ff9606 100644
+--- a/doc/conf.py
++++ b/doc/conf.py
+@@ -242,6 +242,7 @@ if 'mansubs' in tags:
+ ccache = '``@CCNAME@``'
+ keytab = '``@KTNAME@``'
+ ckeytab = '``@CKTNAME@``'
++ pkcs11_modname = '``@PKCS11MOD@``'
+ elif 'pathsubs' in tags:
+ # Read configured paths from a file produced by the build system.
+ exec(open("paths.py").read())
+@@ -255,6 +256,7 @@ else:
+ ccache = ':ref:`DEFCCNAME <paths>`'
+ keytab = ':ref:`DEFKTNAME <paths>`'
+ ckeytab = ':ref:`DEFCKTNAME <paths>`'
++ pkcs11_modname = ':ref:`PKCS11_MODNAME <paths>`'
+
+ rst_epilog = '\n'
+
+@@ -275,6 +277,7 @@ else:
+ rst_epilog += '.. |ccache| replace:: %s\n' % ccache
+ rst_epilog += '.. |keytab| replace:: %s\n' % keytab
+ rst_epilog += '.. |ckeytab| replace:: %s\n' % ckeytab
++ rst_epilog += '.. |pkcs11_modname| replace:: %s\n' % pkcs11_modname
+ rst_epilog += '''
+ .. |krb5conf| replace:: ``/etc/krb5.conf``
+ .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
+diff --git a/doc/mitK5defaults.rst b/doc/mitK5defaults.rst
+index 74e69f4ad0..aea7af3dbb 100644
+--- a/doc/mitK5defaults.rst
++++ b/doc/mitK5defaults.rst
+@@ -59,18 +59,19 @@ subdirectories of ``/usr/local``. When MIT krb5 is integrated into an
+ operating system, the paths are generally chosen to match the
+ operating system's filesystem layout.
+
+-========================== ============= =========================== ===========================
+-Description Symbolic name Custom build path Typical OS path
+-========================== ============= =========================== ===========================
+-User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
+-Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
+-Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
+-Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run``
+-Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
+-Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
+-Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}``
+-Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab``
+-========================== ============= =========================== ===========================
++========================== ============== =========================== ===========================
++Description Symbolic name Custom build path Typical OS path
++========================== ============== =========================== ===========================
++User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
++Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
++Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
++Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run``
++Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
++Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
++Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}``
++Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab``
++Default PKCS11 module PKCS11_MODNAME ``opensc-pkcs11.so`` ``opensc-pkcs11.so``
++========================== ============== =========================== ===========================
+
+ The default client keytab name (DEFCKTNAME) typically defaults to
+ ``FILE:/usr/local/var/krb5/user/%{euid}/client.keytab`` for a custom
+diff --git a/src/configure.ac b/src/configure.ac
+index 8dc864718d..9774cb71ae 100644
+--- a/src/configure.ac
++++ b/src/configure.ac
+@@ -1471,6 +1471,14 @@ AC_DEFINE_UNQUOTED(DEFKTNAME, ["$DEFKTNAME"], [Define to default keytab name])
+ AC_DEFINE_UNQUOTED(DEFCKTNAME, ["$DEFCKTNAME"],
+ [Define to default client keytab name])
+
++AC_ARG_VAR(PKCS11_MODNAME, [Default PKCS11 module name])
++if test "${PKCS11_MODNAME+set}" != set; then
++ PKCS11_MODNAME=opensc-pkcs11.so
++fi
++AC_MSG_NOTICE([Default PKCS11 module name: $PKCS11_MODNAME])
++AC_DEFINE_UNQUOTED(PKCS11_MODNAME, ["$PKCS11_MODNAME"],
++ [Default PKCS11 module name])
++
+ AC_CONFIG_FILES([build-tools/krb5-config], [chmod +x build-tools/krb5-config])
+ AC_CONFIG_FILES([build-tools/kadm-server.pc
+ build-tools/kadm-client.pc
+diff --git a/src/doc/Makefile.in b/src/doc/Makefile.in
+index 379bc36511..a1b0cff0a4 100644
+--- a/src/doc/Makefile.in
++++ b/src/doc/Makefile.in
+@@ -10,6 +10,7 @@ sysconfdir=@sysconfdir@
+ DEFCCNAME=@DEFCCNAME@
+ DEFKTNAME=@DEFKTNAME@
+ DEFCKTNAME=@DEFCKTNAME@
++PKCS11_MODNAME=@PKCS11_MODNAME@
+
+ RST_SOURCES= _static \
+ _templates \
+@@ -118,6 +119,7 @@ paths.py:
+ echo 'ccache = "``$(DEFCCNAME)``"' >> $@
+ echo 'keytab = "``$(DEFKTNAME)``"' >> $@
+ echo 'ckeytab = "``$(DEFCKTNAME)``"' >> $@
++ echo 'pkcs11_modname = "``$(PKCS11_MODNAME)``"' >> $@
+
+ # Dummy rule that man/Makefile can invoke
+ version.py: $(docsrc)/version.py
+diff --git a/src/man/Makefile.in b/src/man/Makefile.in
+index 00b1b2de06..85cae0914e 100644
+--- a/src/man/Makefile.in
++++ b/src/man/Makefile.in
+@@ -8,6 +8,7 @@ sysconfdir=@sysconfdir@
+ DEFCCNAME=@DEFCCNAME@
+ DEFKTNAME=@DEFKTNAME@
+ DEFCKTNAME=@DEFCKTNAME@
++PKCS11_MODNAME=@PKCS11_MODNAME@
+
+ MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadm5.acl.sub kadmin.sub \
+ kadmind.sub kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub \
+@@ -47,7 +48,8 @@ $(docsrc)/version.py: $(top_srcdir)/patchlevel.h
+ -e 's|@SYSCONFDIR@|$(sysconfdir)|g' \
+ -e 's|@CCNAME@|$(DEFCCNAME)|g' \
+ -e 's|@KTNAME@|$(DEFKTNAME)|g' \
+- -e 's|@CKTNAME@|$(DEFCKTNAME)|g' $? > $@
++ -e 's|@CKTNAME@|$(DEFCKTNAME)|g' \
++ -e 's|@PKCS11MOD@|$(PKCS11_MODNAME)|g' $? > $@
+
+ all: $(MANSUBS)
+
+diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man
+index 51acb38815..fd2c6f2bc4 100644
+--- a/src/man/krb5.conf.man
++++ b/src/man/krb5.conf.man
+@@ -1148,7 +1148,7 @@ user\(aqs certificate and private key.
+ All keyword/values are optional. \fImodname\fP specifies the location
+ of a library implementing PKCS #11. If a value is encountered
+ with no keyword, it is assumed to be the \fImodname\fP\&. If no
+-module\-name is specified, the default is \fBopensc\-pkcs11.so\fP\&.
++module\-name is specified, the default is \fB@PKCS11MOD@\fP\&.
+ \fBslotid=\fP and/or \fBtoken=\fP may be specified to force the use of
+ a particular smard card reader or token if there is more than one
+ available. \fBcertid=\fP and/or \fBcertlabel=\fP may be specified to
+diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h
+index 8135535e2c..66f92d8f03 100644
+--- a/src/plugins/preauth/pkinit/pkinit.h
++++ b/src/plugins/preauth/pkinit/pkinit.h
+@@ -42,7 +42,6 @@
+ #ifndef WITHOUT_PKCS11
+ #include "pkcs11.h"
+
+-#define PKCS11_MODNAME "opensc-pkcs11.so"
+ #define PK_SIGLEN_GUESS 1000
+ #define PK_NOSLOT 999999
+ #endif
+--
+2.38.1
+
diff --git a/SOURCES/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch b/SOURCES/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch
new file mode 100644
index 0000000..83dfe5b
--- /dev/null
+++ b/SOURCES/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch
@@ -0,0 +1,159 @@
+From 3cc9ef956342f55cc9ae283e30fc3ba080248cf3 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Wed, 1 Jun 2022 18:02:04 +0200
+Subject: [PATCH] Set reasonable supportedCMSTypes in PKINIT
+
+The PKINIT client uses AuthPack.supportedCMSTypes to let the KDC know
+the algorithms it supports for verification of the CMS data signature.
+(The MIT krb5 KDC currently ignores this list, but other
+implementations use it.)
+
+Replace 3DES with sha512WithRSAEncryption and sha256WithRSAEncryption.
+
+[ghudson@mit.edu: simplified code and used appropriate helpers; edited
+commit message]
+
+ticket: 9066 (new)
+---
+ src/plugins/preauth/pkinit/pkinit_constants.c | 33 ++++++++++++-
+ src/plugins/preauth/pkinit/pkinit_crypto.h | 4 ++
+ .../preauth/pkinit/pkinit_crypto_openssl.c | 49 ++++++++++---------
+ 3 files changed, 60 insertions(+), 26 deletions(-)
+
+diff --git a/src/plugins/preauth/pkinit/pkinit_constants.c b/src/plugins/preauth/pkinit/pkinit_constants.c
+index 652897fa14..1da482e0b4 100644
+--- a/src/plugins/preauth/pkinit/pkinit_constants.c
++++ b/src/plugins/preauth/pkinit/pkinit_constants.c
+@@ -32,9 +32,14 @@
+
+ #include "pkinit.h"
+
+-/* statically declare OID constants for all three algorithms */
+-static char sha1_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x01};
++/* RFC 8636 id-pkinit-kdf-ah-sha1: iso(1) identified-organization(3) dod(6)
++ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha1(1) */
++static char sha1_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x01 };
++/* RFC 8636 id-pkinit-kdf-ah-sha256: iso(1) identified-organization(3) dod(6)
++ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha256(2) */
+ static char sha256_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x02 };
++/* RFC 8636 id-pkinit-kdf-ah-sha512: iso(1) identified-organization(3) dod(6)
++ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha512(3) */
+ static char sha512_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x03 };
+
+ const krb5_data sha1_id = { KV5M_DATA, sizeof(sha1_oid), sha1_oid };
+@@ -48,6 +53,30 @@ krb5_data const * const supported_kdf_alg_ids[] = {
+ NULL
+ };
+
++/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840)
++ * rsadsi(113549) pkcs(1) 1 11 */
++static char sha256WithRSAEncr_oid[9] = {
++ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b
++};
++/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840)
++ * rsadsi(113549) pkcs(1) 1 13 */
++static char sha512WithRSAEncr_oid[9] = {
++ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d
++};
++
++const krb5_data sha256WithRSAEncr_id = {
++ KV5M_DATA, sizeof(sha256WithRSAEncr_oid), sha256WithRSAEncr_oid
++};
++const krb5_data sha512WithRSAEncr_id = {
++ KV5M_DATA, sizeof(sha512WithRSAEncr_oid), sha512WithRSAEncr_oid
++};
++
++krb5_data const * const supported_cms_algs[] = {
++ &sha512WithRSAEncr_id,
++ &sha256WithRSAEncr_id,
++ NULL
++};
++
+ /* RFC 2412 section E.2 (well-known group 2) parameters, DER-encoded as
+ * DomainParameters (RFC 3279 section 2.3.3). */
+ static const uint8_t o1024[] = {
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
+index 65f6210727..64300da856 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
++++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
+@@ -620,6 +620,10 @@ extern const krb5_data oakley_4096;
+ */
+ extern krb5_data const * const supported_kdf_alg_ids[];
+
++/* CMS signature algorithms supported by this implementation, in order of
++ * decreasing preference. */
++extern krb5_data const * const supported_cms_algs[];
++
+ krb5_error_code
+ crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx,
+ uint8_t **der_out, size_t *der_len);
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+index d500455dec..1c2aa02827 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+@@ -5475,37 +5475,38 @@ create_krb5_supportedCMSTypes(krb5_context context,
+ pkinit_plg_crypto_context plg_cryptoctx,
+ pkinit_req_crypto_context req_cryptoctx,
+ pkinit_identity_crypto_context id_cryptoctx,
+- krb5_algorithm_identifier ***oids)
++ krb5_algorithm_identifier ***algs_out)
+ {
++ krb5_error_code ret;
++ krb5_algorithm_identifier **algs = NULL;
++ size_t i, count;
+
+- krb5_error_code retval = ENOMEM;
+- krb5_algorithm_identifier **loids = NULL;
+- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };
++ *algs_out = NULL;
+
+- *oids = NULL;
+- loids = malloc(2 * sizeof(krb5_algorithm_identifier *));
+- if (loids == NULL)
+- goto cleanup;
+- loids[1] = NULL;
+- loids[0] = malloc(sizeof(krb5_algorithm_identifier));
+- if (loids[0] == NULL) {
+- free(loids);
+- goto cleanup;
+- }
+- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid);
+- if (retval) {
+- free(loids[0]);
+- free(loids);
++ /* Count supported OIDs and allocate list (including null terminator). */
++ for (count = 0; supported_cms_algs[count] != NULL; count++);
++ algs = k5calloc(count + 1, sizeof(*algs), &ret);
++ if (algs == NULL)
+ goto cleanup;
++
++ /* Add an algorithm identifier for each OID, with no parameters. */
++ for (i = 0; i < count; i++) {
++ algs[i] = k5alloc(sizeof(*algs[i]), &ret);
++ if (algs[i] == NULL)
++ goto cleanup;
++ ret = krb5int_copy_data_contents(context, supported_cms_algs[i],
++ &algs[i]->algorithm);
++ if (ret)
++ goto cleanup;
++ algs[i]->parameters = empty_data();
+ }
+- loids[0]->parameters.length = 0;
+- loids[0]->parameters.data = NULL;
+
+- *oids = loids;
+- retval = 0;
+-cleanup:
++ *algs_out = algs;
++ algs = NULL;
+
+- return retval;
++cleanup:
++ free_krb5_algorithm_identifiers(&algs);
++ return ret;
+ }
+
+ krb5_error_code
+--
+2.38.1
+
diff --git a/SOURCES/0009-Simplify-plugin-loading-code.patch b/SOURCES/0009-Simplify-plugin-loading-code.patch
new file mode 100644
index 0000000..5caf10e
--- /dev/null
+++ b/SOURCES/0009-Simplify-plugin-loading-code.patch
@@ -0,0 +1,622 @@
+From 593109802b52e3f89c3a65436bfdba78f8c517c4 Mon Sep 17 00:00:00 2001
+From: Greg Hudson <ghudson@mit.edu>
+Date: Thu, 23 Jun 2022 16:41:40 -0400
+Subject: [PATCH] Simplify plugin loading code
+
+Remove the USE_CFBUNDLE code, which was only used by KfM. Handle
+platform conditionals according to current practice. Use
+k5_dir_filenames() instead of opendir() and remove the Windows
+implementation of opendir().
+---
+ src/util/support/plugins.c | 507 +++++++++++--------------------------
+ 1 file changed, 150 insertions(+), 357 deletions(-)
+
+diff --git a/src/util/support/plugins.c b/src/util/support/plugins.c
+index c6a9a21d57..0850565687 100644
+--- a/src/util/support/plugins.c
++++ b/src/util/support/plugins.c
+@@ -29,16 +29,6 @@
+ #if USE_DLOPEN
+ #include <dlfcn.h>
+ #endif
+-#include <sys/types.h>
+-#ifdef HAVE_SYS_STAT_H
+-#include <sys/stat.h>
+-#endif
+-#ifdef HAVE_SYS_PARAM_H
+-#include <sys/param.h>
+-#endif
+-#ifdef HAVE_UNISTD_H
+-#include <unistd.h>
+-#endif
+
+ #if USE_DLOPEN
+ #ifdef RTLD_GROUP
+@@ -68,16 +58,6 @@
+ #endif
+ #endif
+
+-#if USE_DLOPEN && USE_CFBUNDLE
+-#include <CoreFoundation/CoreFoundation.h>
+-
+-/* Currently CoreFoundation only exists on the Mac so we just use
+- * pthreads directly to avoid creating empty function calls on other
+- * platforms. If a thread initializer ever gets created in the common
+- * plugin code, move this there */
+-static pthread_mutex_t krb5int_bundle_mutex = PTHREAD_MUTEX_INITIALIZER;
+-#endif
+-
+ #include <stdarg.h>
+ static void Tprintf (const char *fmt, ...)
+ {
+@@ -90,374 +70,193 @@ static void Tprintf (const char *fmt, ...)
+ }
+
+ struct plugin_file_handle {
+-#if USE_DLOPEN
++#if defined(USE_DLOPEN)
+ void *dlhandle;
+-#endif
+-#ifdef _WIN32
+- HMODULE hinstPlugin;
+-#endif
+-#if !defined (USE_DLOPEN) && !defined (_WIN32)
++#elif defined(_WIN32)
++ HMODULE module;
++#else
+ char dummy;
+ #endif
+ };
+
+-#ifdef _WIN32
+-struct dirent {
+- long d_ino; /* inode (always 1 in WIN32) */
+- off_t d_off; /* offset to this dirent */
+- unsigned short d_reclen; /* length of d_name */
+- char d_name[_MAX_FNAME+1]; /* filename (null terminated) */
+-};
+-
+-typedef struct {
+- intptr_t handle; /* _findfirst/_findnext handle */
+- short offset; /* offset into directory */
+- short finished; /* 1 if there are not more files */
+- struct _finddata_t fileinfo;/* from _findfirst/_findnext */
+- char *dir; /* the dir we are reading */
+- struct dirent dent; /* the dirent to return */
+-} DIR;
++#if defined(USE_DLOPEN)
+
+-DIR * opendir(const char *dir)
++static long
++open_plugin_dlfcn(struct plugin_file_handle *h, const char *filename,
++ struct errinfo *ep)
+ {
+- DIR *dp;
+- char *filespec;
+- intptr_t handle;
+- int index;
+-
+- filespec = malloc(strlen(dir) + 2 + 1);
+- strcpy(filespec, dir);
+- index = strlen(filespec) - 1;
+- if (index >= 0 && (filespec[index] == '/' || filespec[index] == '\\'))
+- filespec[index] = '\0';
+- strcat(filespec, "/*");
+-
+- dp = (DIR *)malloc(sizeof(DIR));
+- dp->offset = 0;
+- dp->finished = 0;
+- dp->dir = strdup(dir);
+-
+- if ((handle = _findfirst(filespec, &(dp->fileinfo))) < 0) {
+- if (errno == ENOENT)
+- dp->finished = 1;
+- else {
+- free(filespec);
+- free(dp->dir);
+- free(dp);
+- return NULL;
+- }
++ const char *e;
++
++ h->dlhandle = dlopen(filename, PLUGIN_DLOPEN_FLAGS);
++ if (h->dlhandle == NULL) {
++ e = dlerror();
++ if (e == NULL)
++ e = _("unknown failure");
++ Tprintf("dlopen(%s): %s\n", filename, e);
++ k5_set_error(ep, ENOENT, _("unable to load plugin [%s]: %s"),
++ filename, e);
++ return ENOENT;
+ }
+-
+- dp->handle = handle;
+- free(filespec);
+-
+- return dp;
++ return 0;
+ }
++#define open_plugin open_plugin_dlfcn
+
+-struct dirent * readdir(DIR *dp)
++static long
++get_sym_dlfcn(struct plugin_file_handle *h, const char *csymname,
++ void **sym_out, struct errinfo *ep)
+ {
+- if (!dp || dp->finished) return NULL;
+-
+- if (dp->offset != 0) {
+- if (_findnext(dp->handle, &(dp->fileinfo)) < 0) {
+- dp->finished = 1;
+- return NULL;
+- }
++ const char *e;
++
++ if (h->dlhandle == NULL)
++ return ENOENT;
++ *sym_out = dlsym(h->dlhandle, csymname);
++ if (*sym_out == NULL) {
++ e = dlerror();
++ if (e == NULL)
++ e = _("unknown failure");
++ Tprintf("dlsym(%s): %s\n", csymname, e);
++ k5_set_error(ep, ENOENT, "%s", e);
++ return ENOENT;
+ }
+- dp->offset++;
+-
+- strncpy(dp->dent.d_name, dp->fileinfo.name, _MAX_FNAME);
+- dp->dent.d_ino = 1;
+- dp->dent.d_reclen = (unsigned short)strlen(dp->dent.d_name);
+- dp->dent.d_off = dp->offset;
+-
+- return &(dp->dent);
+-}
+-
+-int closedir(DIR *dp)
+-{
+- if (!dp) return 0;
+- _findclose(dp->handle);
+- free(dp->dir);
+- free(dp);
+-
+ return 0;
+ }
+-#endif
++#define get_sym get_sym_dlfcn
+
+-long KRB5_CALLCONV
+-krb5int_open_plugin (const char *filepath, struct plugin_file_handle **h, struct errinfo *ep)
++static void
++close_plugin_dlfcn(struct plugin_file_handle *h)
+ {
+- long err = 0;
+- struct plugin_file_handle *htmp = NULL;
+- int got_plugin = 0;
+-#if defined(USE_CFBUNDLE) || defined(_WIN32)
+- struct stat statbuf;
+-
+- if (!err) {
+- if (stat (filepath, &statbuf) < 0) {
+- err = errno;
+- Tprintf ("stat(%s): %s\n", filepath, strerror (err));
+- k5_set_error(ep, err, _("unable to find plugin [%s]: %s"),
+- filepath, strerror(err));
+- }
+- }
+-#endif
+-
+- if (!err) {
+- htmp = calloc (1, sizeof (*htmp)); /* calloc initializes ptrs to NULL */
+- if (htmp == NULL) { err = ENOMEM; }
+- }
+-
+-#if USE_DLOPEN
+- if (!err
+-#if USE_CFBUNDLE
+- && ((statbuf.st_mode & S_IFMT) == S_IFREG
+- || (statbuf.st_mode & S_IFMT) == S_IFDIR)
+-#endif /* USE_CFBUNDLE */
+- ) {
+- void *handle = NULL;
+-
+-#if USE_CFBUNDLE
+- char executablepath[MAXPATHLEN];
+-
+- if ((statbuf.st_mode & S_IFMT) == S_IFDIR) {
+- int lock_err = 0;
+- CFStringRef pluginString = NULL;
+- CFURLRef pluginURL = NULL;
+- CFBundleRef pluginBundle = NULL;
+- CFURLRef executableURL = NULL;
+-
+- /* Lock around CoreFoundation calls since objects are refcounted
+- * and the refcounts are not thread-safe. Using pthreads directly
+- * because this code is Mac-specific */
+- lock_err = pthread_mutex_lock(&krb5int_bundle_mutex);
+- if (lock_err) { err = lock_err; }
+-
+- if (!err) {
+- pluginString = CFStringCreateWithCString (kCFAllocatorDefault,
+- filepath,
+- kCFStringEncodingASCII);
+- if (pluginString == NULL) { err = ENOMEM; }
+- }
+-
+- if (!err) {
+- pluginURL = CFURLCreateWithFileSystemPath (kCFAllocatorDefault,
+- pluginString,
+- kCFURLPOSIXPathStyle,
+- true);
+- if (pluginURL == NULL) { err = ENOMEM; }
+- }
+-
+- if (!err) {
+- pluginBundle = CFBundleCreate (kCFAllocatorDefault, pluginURL);
+- if (pluginBundle == NULL) { err = ENOENT; } /* XXX need better error */
+- }
+-
+- if (!err) {
+- executableURL = CFBundleCopyExecutableURL (pluginBundle);
+- if (executableURL == NULL) { err = ENOMEM; }
+- }
+-
+- if (!err) {
+- if (!CFURLGetFileSystemRepresentation (executableURL,
+- true, /* absolute */
+- (UInt8 *)executablepath,
+- sizeof (executablepath))) {
+- err = ENOMEM;
+- }
+- }
+-
+- if (!err) {
+- /* override the path the caller passed in */
+- filepath = executablepath;
+- }
+-
+- if (executableURL != NULL) { CFRelease (executableURL); }
+- if (pluginBundle != NULL) { CFRelease (pluginBundle); }
+- if (pluginURL != NULL) { CFRelease (pluginURL); }
+- if (pluginString != NULL) { CFRelease (pluginString); }
+-
+- /* unlock after CFRelease calls since they modify refcounts */
+- if (!lock_err) { pthread_mutex_unlock (&krb5int_bundle_mutex); }
+- }
+-#endif /* USE_CFBUNDLE */
+-
+- if (!err) {
+- handle = dlopen(filepath, PLUGIN_DLOPEN_FLAGS);
+- if (handle == NULL) {
+- const char *e = dlerror();
+- if (e == NULL)
+- e = _("unknown failure");
+- Tprintf ("dlopen(%s): %s\n", filepath, e);
+- err = ENOENT; /* XXX */
+- k5_set_error(ep, err, _("unable to load plugin [%s]: %s"),
+- filepath, e);
+- }
+- }
++ if (h->dlhandle != NULL)
++ dlclose(h->dlhandle);
++}
++#define close_plugin close_plugin_dlfcn
+
+- if (!err) {
+- got_plugin = 1;
+- htmp->dlhandle = handle;
+- handle = NULL;
+- }
++#elif defined(_WIN32)
+
+- if (handle != NULL) { dlclose (handle); }
++static long
++open_plugin_win32(struct plugin_file_handle *h, const char *filename,
++ struct errinfo *ep)
++{
++ h->module = LoadLibrary(filename);
++ if (h == NULL) {
++ Tprintf("Unable to load dll: %s\n", filename);
++ k5_set_error(ep, ENOENT, _("unable to load DLL [%s]"), filename);
++ return ENOENT;
+ }
+-#endif /* USE_DLOPEN */
+-
+-#ifdef _WIN32
+- if (!err && (statbuf.st_mode & S_IFMT) == S_IFREG) {
+- HMODULE handle = NULL;
++ return 0;
++}
++#define open_plugin open_plugin_win32
+
+- handle = LoadLibrary(filepath);
+- if (handle == NULL) {
+- Tprintf ("Unable to load dll: %s\n", filepath);
+- err = ENOENT; /* XXX */
+- k5_set_error(ep, err, _("unable to load DLL [%s]"), filepath);
+- }
++static long
++get_sym_win32(struct plugin_file_handle *h, const char *csymname,
++ void **sym_out, struct errinfo *ep)
++{
++ LPVOID lpMsgBuf;
++ DWORD dw;
+
+- if (!err) {
+- got_plugin = 1;
+- htmp->hinstPlugin = handle;
+- handle = NULL;
++ if (h->module == NULL)
++ return ENOENT;
++ *sym_out = GetProcAddress(h->module, csymname);
++ if (*sym_out == NULL) {
++ Tprintf("GetProcAddress(%s): %i\n", csymname, GetLastError());
++ dw = GetLastError();
++ if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
++ FORMAT_MESSAGE_FROM_SYSTEM,
++ NULL, dw, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
++ (LPTSTR)&lpMsgBuf, 0, NULL)) {
++ k5_set_error(ep, ENOENT, _("unable to get DLL Symbol: %s"),
++ (char *)lpMsgBuf);
++ LocalFree(lpMsgBuf);
+ }
+-
+- if (handle != NULL)
+- FreeLibrary(handle);
+- }
+-#endif
+-
+- if (!err && !got_plugin) {
+- err = ENOENT; /* no plugin or no way to load plugins */
+- k5_set_error(ep, err, _("plugin unavailable: %s"), strerror(err));
++ return ENOENT;
+ }
++ return 0;
++}
++#define get_sym get_sym_win32
+
+- if (!err) {
+- *h = htmp;
+- htmp = NULL; /* h takes ownership */
+- }
++static void
++close_plugin_win32(struct plugin_file_handle *h)
++{
++ if (h->module != NULL)
++ FreeLibrary(h->module);
++}
++#define close_plugin close_plugin_win32
+
+- free(htmp);
++#else
+
+- return err;
++static long
++open_plugin_dummy(struct plugin_file_handle *h, const char *filename,
++ struct errinfo *ep)
++{
++ k5_set_error(ep, ENOENT, _("plugin loading unavailable"));
++ return ENOENT;
+ }
++#define open_plugin open_plugin_dummy
+
+ static long
+-krb5int_get_plugin_sym (struct plugin_file_handle *h,
+- const char *csymname, int isfunc, void **ptr,
+- struct errinfo *ep)
++get_sym_dummy(struct plugin_file_handle *h, const char *csymname,
++ void **sym_out, struct errinfo *ep)
+ {
+- long err = 0;
+- void *sym = NULL;
++ return ENOENT;
++}
++#define get_sym get_sym_dummy
++
++static void
++close_plugin_dummy(struct plugin_file_handle *h)
++{
++}
++#define close_plugin close_plugin_dummy
+
+-#if USE_DLOPEN
+- if (!err && !sym && (h->dlhandle != NULL)) {
+- /* XXX Do we need to add a leading "_" to the symbol name on any
+- modern platforms? */
+- sym = dlsym (h->dlhandle, csymname);
+- if (sym == NULL) {
+- const char *e = dlerror (); /* XXX copy and save away */
+- if (e == NULL)
+- e = "unknown failure";
+- Tprintf ("dlsym(%s): %s\n", csymname, e);
+- err = ENOENT; /* XXX */
+- k5_set_error(ep, err, "%s", e);
+- }
+- }
+ #endif
+
+-#ifdef _WIN32
+- LPVOID lpMsgBuf;
+- DWORD dw;
++long KRB5_CALLCONV
++krb5int_open_plugin(const char *filename,
++ struct plugin_file_handle **handle_out, struct errinfo *ep)
++{
++ long ret;
++ struct plugin_file_handle *h;
+
+- if (!err && !sym && (h->hinstPlugin != NULL)) {
+- sym = GetProcAddress(h->hinstPlugin, csymname);
+- if (sym == NULL) {
+- const char *e = "unable to get dll symbol"; /* XXX copy and save away */
+- Tprintf ("GetProcAddress(%s): %i\n", csymname, GetLastError());
+- err = ENOENT; /* XXX */
+- k5_set_error(ep, err, "%s", e);
+-
+- dw = GetLastError();
+- if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
+- FORMAT_MESSAGE_FROM_SYSTEM,
+- NULL,
+- dw,
+- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+- (LPTSTR) &lpMsgBuf,
+- 0, NULL )) {
+-
+- fprintf (stderr, "unable to get dll symbol, %s\n", (LPCTSTR)lpMsgBuf);
+- LocalFree(lpMsgBuf);
+- }
+- }
+- }
+-#endif
++ *handle_out = NULL;
+
+- if (!err && (sym == NULL)) {
+- err = ENOENT; /* unimplemented */
+- }
++ h = calloc(1, sizeof(*h));
++ if (h == NULL)
++ return ENOMEM;
+
+- if (!err) {
+- *ptr = sym;
++ ret = open_plugin(h, filename, ep);
++ if (ret) {
++ free(h);
++ return ret;
+ }
+
+- return err;
++ *handle_out = h;
++ return 0;
+ }
+
+ long KRB5_CALLCONV
+-krb5int_get_plugin_data (struct plugin_file_handle *h, const char *csymname,
+- void **ptr, struct errinfo *ep)
++krb5int_get_plugin_data(struct plugin_file_handle *h, const char *csymname,
++ void **sym_out, struct errinfo *ep)
+ {
+- return krb5int_get_plugin_sym (h, csymname, 0, ptr, ep);
++ return get_sym(h, csymname, sym_out, ep);
+ }
+
+ long KRB5_CALLCONV
+-krb5int_get_plugin_func (struct plugin_file_handle *h, const char *csymname,
+- void (**ptr)(), struct errinfo *ep)
++krb5int_get_plugin_func(struct plugin_file_handle *h, const char *csymname,
++ void (**sym_out)(), struct errinfo *ep)
+ {
+ void *dptr = NULL;
+- long err = krb5int_get_plugin_sym (h, csymname, 1, &dptr, ep);
+- if (!err) {
+- /* Cast function pointers to avoid code duplication */
+- *ptr = (void (*)()) dptr;
+- }
+- return err;
++ long ret = get_sym(h, csymname, &dptr, ep);
++
++ if (!ret)
++ *sym_out = (void (*)())dptr;
++ return ret;
+ }
+
+ void KRB5_CALLCONV
+ krb5int_close_plugin (struct plugin_file_handle *h)
+ {
+-#if USE_DLOPEN
+- if (h->dlhandle != NULL) { dlclose(h->dlhandle); }
+-#endif
+-#ifdef _WIN32
+- if (h->hinstPlugin != NULL) { FreeLibrary(h->hinstPlugin); }
+-#endif
+- free (h);
++ close_plugin(h);
++ free(h);
+ }
+
+-/* autoconf docs suggest using this preference order */
+-#if HAVE_DIRENT_H || USE_DIRENT_H
+-#include <dirent.h>
+-#define NAMELEN(D) strlen((D)->d_name)
+-#else
+-#ifndef _WIN32
+-#define dirent direct
+-#define NAMELEN(D) ((D)->d->namlen)
+-#else
+-#define NAMELEN(D) strlen((D)->d_name)
+-#endif
+-#if HAVE_SYS_NDIR_H
+-# include <sys/ndir.h>
+-#elif HAVE_SYS_DIR_H
+-# include <sys/dir.h>
+-#elif HAVE_NDIR_H
+-# include <ndir.h>
+-#endif
+-#endif
+-
+ static long
+ krb5int_plugin_file_handle_array_init (struct plugin_file_handle ***harray)
+ {
+@@ -619,42 +418,36 @@ krb5int_open_plugin_dirs (const char * const *dirnames,
+ if (handle != NULL) { krb5int_close_plugin (handle); }
+ }
+ } else {
+- /* load all plugins in each directory */
+- DIR *dir = opendir (dirnames[i]);
++ char **fnames = NULL;
++ int j;
+
+- while (dir != NULL && !err) {
+- struct dirent *d = NULL;
++ err = k5_dir_filenames(dirnames[i], &fnames);
++ for (j = 0; !err && fnames[j] != NULL; j++) {
+ char *filepath = NULL;
+ struct plugin_file_handle *handle = NULL;
+
+- d = readdir (dir);
+- if (d == NULL) { break; }
+-
+- if ((strcmp (d->d_name, ".") == 0) ||
+- (strcmp (d->d_name, "..") == 0)) {
++ if (strcmp(fnames[j], ".") == 0 ||
++ strcmp(fnames[j], "..") == 0)
+ continue;
+- }
+
+- if (!err) {
+- int len = NAMELEN (d);
+- if (asprintf(&filepath, "%s/%*s", dirnames[i], len, d->d_name) < 0) {
+- filepath = NULL;
+- err = ENOMEM;
+- }
++ if (asprintf(&filepath, "%s/%s", dirnames[i], fnames[j]) < 0) {
++ filepath = NULL;
++ err = ENOMEM;
+ }
+
+- if (!err) {
+- if (krb5int_open_plugin (filepath, &handle, ep) == 0) {
+- err = krb5int_plugin_file_handle_array_add (&h, &count, handle);
+- if (!err) { handle = NULL; } /* h takes ownership */
+- }
++ if (!err && krb5int_open_plugin(filepath, &handle, ep) == 0) {
++ err = krb5int_plugin_file_handle_array_add(&h, &count,
++ handle);
++ if (!err)
++ handle = NULL; /* h takes ownership */
+ }
+
+ free(filepath);
+- if (handle != NULL) { krb5int_close_plugin (handle); }
++ if (handle != NULL)
++ krb5int_close_plugin(handle);
+ }
+
+- if (dir != NULL) { closedir (dir); }
++ k5_free_filenames(fnames);
+ }
+ }
+
+--
+2.38.1
+
diff --git a/SOURCES/0010-Update-error-checking-for-OpenSSL-CMS_verify.patch b/SOURCES/0010-Update-error-checking-for-OpenSSL-CMS_verify.patch
new file mode 100644
index 0000000..79652f8
--- /dev/null
+++ b/SOURCES/0010-Update-error-checking-for-OpenSSL-CMS_verify.patch
@@ -0,0 +1,48 @@
+From 75f71ace74449a6e5154314229bfa61960cd326c Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Thu, 28 Jul 2022 15:20:12 +0200
+Subject: [PATCH] Update error checking for OpenSSL CMS_verify
+
+The code for CMS data verification was initially written for OpenSSL's
+PKCS7_verify() function. It now uses CMS_verify(), but error handling
+is still done using PKCS7_verify() error identifiers. Update the
+recognized error codes so that the KDC generates
+KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED errors when appropriate.
+Use ERR_peek_last_error() to observe the error generated closest to
+the API surface.
+
+[ghudson@mit.edu: edited commit message]
+
+ticket: 9069 (new)
+tags: pullup
+target_version: 1.20-next
+---
+ src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+index 1c2aa02827..16edf15cb2 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+@@ -2102,12 +2102,15 @@ cms_signeddata_verify(krb5_context context,
+ goto cleanup;
+ out = BIO_new(BIO_s_mem());
+ if (CMS_verify(cms, NULL, store, NULL, out, flags) == 0) {
+- unsigned long err = ERR_peek_error();
++ unsigned long err = ERR_peek_last_error();
+ switch(ERR_GET_REASON(err)) {
+- case PKCS7_R_DIGEST_FAILURE:
++ case RSA_R_DIGEST_NOT_ALLOWED:
++ case CMS_R_UNKNOWN_DIGEST_ALGORITHM:
++ case CMS_R_NO_MATCHING_DIGEST:
++ case CMS_R_NO_MATCHING_SIGNATURE:
+ retval = KRB5KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED;
+ break;
+- case PKCS7_R_SIGNATURE_FAILURE:
++ case CMS_R_VERIFICATION_FAILURE:
+ default:
+ retval = KRB5KDC_ERR_INVALID_SIG;
+ }
+--
+2.38.1
+
diff --git a/SOURCES/0011-downstream-Catch-SHA-1-digest-disallowed-error-for-P.patch b/SOURCES/0011-downstream-Catch-SHA-1-digest-disallowed-error-for-P.patch
new file mode 100644
index 0000000..c27d4ca
--- /dev/null
+++ b/SOURCES/0011-downstream-Catch-SHA-1-digest-disallowed-error-for-P.patch
@@ -0,0 +1,28 @@
+From 3f8a3b57cf0e057635e570d5038fb52c19ca5744 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Fri, 19 Aug 2022 10:34:52 +0200
+Subject: [PATCH] [downstream] Catch SHA-1 digest disallowed error for
+ PKINIT
+
+An OpenSSL patch causes EVP_R_INVALID_DIGEST error to be raised if
+CMS_verify is called to verify a SHA-1 signature. If this error is
+caught, it will now return KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED.
+---
+ src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+index 16edf15cb2..bfa3fe8e91 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+@@ -2104,6 +2104,7 @@ cms_signeddata_verify(krb5_context context,
+ if (CMS_verify(cms, NULL, store, NULL, out, flags) == 0) {
+ unsigned long err = ERR_peek_last_error();
+ switch(ERR_GET_REASON(err)) {
++ case EVP_R_INVALID_DIGEST:
+ case RSA_R_DIGEST_NOT_ALLOWED:
+ case CMS_R_UNKNOWN_DIGEST_ALGORITHM:
+ case CMS_R_NO_MATCHING_DIGEST:
+--
+2.38.1
+
diff --git a/SOURCES/0012-Add-and-use-ts_interval-helper.patch b/SOURCES/0012-Add-and-use-ts_interval-helper.patch
new file mode 100644
index 0000000..b19b79a
--- /dev/null
+++ b/SOURCES/0012-Add-and-use-ts_interval-helper.patch
@@ -0,0 +1,239 @@
+From 6ba011d89f9cf4661eb7110bf810cfdb514b69fa Mon Sep 17 00:00:00 2001
+From: Greg Hudson <ghudson@mit.edu>
+Date: Mon, 19 Sep 2022 15:18:50 -0400
+Subject: [PATCH] Add and use ts_interval() helper
+
+ts_delta() returns a signed result, which cannot hold an interval
+larger than 2^31-1 seconds. Intervals like this have been seen when
+admins set password expiration dates more than 68 years in the future.
+
+Add a second helper ts_interval() which returns a signed result, and
+has the arguments reversed so that the start time is first. Use it in
+warn_pw_expiry() to handle the password expiration case, in the GSS
+krb5 mech where we return an unsigned context or credential lifetime
+to the caller, and in the KEYRING ccache type where we compute an
+unsigned keyring timeout.
+
+ticket: 9071 (new)
+---
+ src/include/k5-int.h | 9 +++++++++
+ src/lib/gssapi/krb5/accept_sec_context.c | 10 ++++++----
+ src/lib/gssapi/krb5/acquire_cred.c | 3 +--
+ src/lib/gssapi/krb5/context_time.c | 2 +-
+ src/lib/gssapi/krb5/init_sec_context.c | 4 ++--
+ src/lib/gssapi/krb5/inq_context.c | 2 +-
+ src/lib/gssapi/krb5/inq_cred.c | 2 +-
+ src/lib/gssapi/krb5/s4u_gss_glue.c | 2 +-
+ src/lib/krb5/ccache/cc_keyring.c | 4 ++--
+ src/lib/krb5/krb/get_in_tkt.c | 15 +++++++--------
+ 10 files changed, 31 insertions(+), 22 deletions(-)
+
+diff --git a/src/include/k5-int.h b/src/include/k5-int.h
+index c3aecba7d4..768110e5ef 100644
+--- a/src/include/k5-int.h
++++ b/src/include/k5-int.h
+@@ -2325,6 +2325,15 @@ ts_delta(krb5_timestamp a, krb5_timestamp b)
+ return (krb5_deltat)((uint32_t)a - (uint32_t)b);
+ }
+
++/* Return (end - start) as an unsigned 32-bit value, or 0 if start > end. */
++static inline uint32_t
++ts_interval(krb5_timestamp start, krb5_timestamp end)
++{
++ if ((uint32_t)start > (uint32_t)end)
++ return 0;
++ return (uint32_t)end - (uint32_t)start;
++}
++
+ /* Increment a timestamp by a signed 32-bit interval, without relying on
+ * undefined behavior. */
+ static inline krb5_timestamp
+diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
+index 1bc807172b..7de2c9fd77 100644
+--- a/src/lib/gssapi/krb5/accept_sec_context.c
++++ b/src/lib/gssapi/krb5/accept_sec_context.c
+@@ -353,8 +353,8 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
+ *mech_type = ctx->mech_used;
+
+ if (time_rec) {
+- *time_rec = ts_delta(ctx->krb_times.endtime, now) +
+- ctx->k5_context->clockskew;
++ *time_rec = ts_interval(now - ctx->k5_context->clockskew,
++ ctx->krb_times.endtime);
+ }
+
+ /* Never return GSS_C_DELEG_FLAG since we don't support DCE credential
+@@ -1151,8 +1151,10 @@ kg_accept_krb5(minor_status, context_handle,
+
+ /* Add the maximum allowable clock skew as a grace period for context
+ * expiration, just as we do for the ticket. */
+- if (time_rec)
+- *time_rec = ts_delta(ctx->krb_times.endtime, now) + context->clockskew;
++ if (time_rec) {
++ *time_rec = ts_interval(now - context->clockskew,
++ ctx->krb_times.endtime);
++ }
+
+ if (ret_flags)
+ *ret_flags = ctx->gss_flags;
+diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
+index e226a02692..006eba114d 100644
+--- a/src/lib/gssapi/krb5/acquire_cred.c
++++ b/src/lib/gssapi/krb5/acquire_cred.c
+@@ -879,8 +879,7 @@ acquire_cred_context(krb5_context context, OM_uint32 *minor_status,
+ GSS_C_NO_NAME);
+ if (GSS_ERROR(ret))
+ goto error_out;
+- *time_rec = ts_after(cred->expire, now) ?
+- ts_delta(cred->expire, now) : 0;
++ *time_rec = ts_interval(now, cred->expire);
+ k5_mutex_unlock(&cred->lock);
+ }
+ }
+diff --git a/src/lib/gssapi/krb5/context_time.c b/src/lib/gssapi/krb5/context_time.c
+index 1fdb5a16f2..5469d8154c 100644
+--- a/src/lib/gssapi/krb5/context_time.c
++++ b/src/lib/gssapi/krb5/context_time.c
+@@ -51,7 +51,7 @@ krb5_gss_context_time(minor_status, context_handle, time_rec)
+ return(GSS_S_FAILURE);
+ }
+
+- lifetime = ts_delta(ctx->krb_times.endtime, now);
++ lifetime = ts_interval(now, ctx->krb_times.endtime);
+ if (!ctx->initiate)
+ lifetime += ctx->k5_context->clockskew;
+ if (lifetime <= 0) {
+diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
+index ea87cf6432..f0f094ccb7 100644
+--- a/src/lib/gssapi/krb5/init_sec_context.c
++++ b/src/lib/gssapi/krb5/init_sec_context.c
+@@ -664,7 +664,7 @@ kg_new_connection(
+ if (time_rec) {
+ if ((code = krb5_timeofday(context, &now)))
+ goto cleanup;
+- *time_rec = ts_delta(ctx->krb_times.endtime, now);
++ *time_rec = ts_interval(now, ctx->krb_times.endtime);
+ }
+
+ /* set the other returns */
+@@ -878,7 +878,7 @@ mutual_auth(
+ if (time_rec) {
+ if ((code = krb5_timeofday(context, &now)))
+ goto fail;
+- *time_rec = ts_delta(ctx->krb_times.endtime, now);
++ *time_rec = ts_interval(now, ctx->krb_times.endtime);
+ }
+
+ if (ret_flags)
+diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c
+index cac024da1f..51c484fdfe 100644
+--- a/src/lib/gssapi/krb5/inq_context.c
++++ b/src/lib/gssapi/krb5/inq_context.c
+@@ -120,7 +120,7 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name,
+
+ /* Add the maximum allowable clock skew as a grace period for context
+ * expiration, just as we do for the ticket during authentication. */
+- lifetime = ts_delta(ctx->krb_times.endtime, now);
++ lifetime = ts_interval(now, ctx->krb_times.endtime);
+ if (!ctx->initiate)
+ lifetime += context->clockskew;
+ if (lifetime < 0)
+diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c
+index bb63b726c8..0e675959a3 100644
+--- a/src/lib/gssapi/krb5/inq_cred.c
++++ b/src/lib/gssapi/krb5/inq_cred.c
+@@ -131,7 +131,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
+ }
+
+ if (cred->expire != 0) {
+- lifetime = ts_delta(cred->expire, now);
++ lifetime = ts_interval(now, cred->expire);
+ if (lifetime < 0)
+ lifetime = 0;
+ }
+diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c
+index 7dcfe4e1eb..fa7f980af7 100644
+--- a/src/lib/gssapi/krb5/s4u_gss_glue.c
++++ b/src/lib/gssapi/krb5/s4u_gss_glue.c
+@@ -279,7 +279,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status,
+ if (code != 0)
+ goto cleanup;
+
+- *time_rec = ts_delta(cred->expire, now);
++ *time_rec = ts_interval(now, cred->expire);
+ }
+
+ major_status = GSS_S_COMPLETE;
+diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
+index ebef37d607..1dadeef64f 100644
+--- a/src/lib/krb5/ccache/cc_keyring.c
++++ b/src/lib/krb5/ccache/cc_keyring.c
+@@ -762,7 +762,7 @@ update_keyring_expiration(krb5_context context, krb5_ccache id)
+
+ /* Setting the timeout to zero would reset the timeout, so we set it to one
+ * second instead if creds are already expired. */
+- timeout = ts_after(endtime, now) ? ts_delta(endtime, now) : 1;
++ timeout = ts_after(endtime, now) ? ts_interval(now, endtime) : 1;
+ (void)keyctl_set_timeout(data->cache_id, timeout);
+ }
+
+@@ -1343,7 +1343,7 @@ krcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds)
+
+ if (ts_after(creds->times.endtime, now)) {
+ (void)keyctl_set_timeout(cred_key,
+- ts_delta(creds->times.endtime, now));
++ ts_interval(now, creds->times.endtime));
+ }
+
+ update_keyring_expiration(context, id);
+diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
+index 8b5ab595e9..1b420a3ac2 100644
+--- a/src/lib/krb5/krb/get_in_tkt.c
++++ b/src/lib/krb5/krb/get_in_tkt.c
+@@ -1522,7 +1522,7 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options,
+ void *expire_data;
+ krb5_timestamp pw_exp, acct_exp, now;
+ krb5_boolean is_last_req;
+- krb5_deltat delta;
++ uint32_t interval;
+ char ts[256], banner[1024];
+
+ if (as_reply == NULL || as_reply->enc_part2 == NULL)
+@@ -1553,8 +1553,8 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options,
+ ret = krb5_timeofday(context, &now);
+ if (ret != 0)
+ return;
+- if (!is_last_req &&
+- (ts_after(now, pw_exp) || ts_delta(pw_exp, now) > 7 * 24 * 60 * 60))
++ interval = ts_interval(now, pw_exp);
++ if (!is_last_req && (!interval || interval > 7 * 24 * 60 * 60))
+ return;
+
+ if (!prompter)
+@@ -1564,19 +1564,18 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options,
+ if (ret != 0)
+ return;
+
+- delta = ts_delta(pw_exp, now);
+- if (delta < 3600) {
++ if (interval < 3600) {
+ snprintf(banner, sizeof(banner),
+ _("Warning: Your password will expire in less than one hour "
+ "on %s"), ts);
+- } else if (delta < 86400 * 2) {
++ } else if (interval < 86400 * 2) {
+ snprintf(banner, sizeof(banner),
+ _("Warning: Your password will expire in %d hour%s on %s"),
+- delta / 3600, delta < 7200 ? "" : "s", ts);
++ interval / 3600, interval < 7200 ? "" : "s", ts);
+ } else {
+ snprintf(banner, sizeof(banner),
+ _("Warning: Your password will expire in %d days on %s"),
+- delta / 86400, ts);
++ interval / 86400, ts);
+ }
+
+ /* PROMPTER_INVOCATION */
+--
+2.38.1
+
diff --git a/SOURCES/0013-downstream-Make-tests-compatible-with-sssd_krb5_loca.patch b/SOURCES/0013-downstream-Make-tests-compatible-with-sssd_krb5_loca.patch
new file mode 100644
index 0000000..a094f87
--- /dev/null
+++ b/SOURCES/0013-downstream-Make-tests-compatible-with-sssd_krb5_loca.patch
@@ -0,0 +1,41 @@
+From 9aa12e932f08651785519890896647069e7a30b1 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Wed, 7 Dec 2022 13:22:42 +0100
+Subject: [PATCH] [downstream] Make tests compatible with
+ sssd_krb5_locator_plugin.so
+
+The sssd_krb5_locator_plugin.so plugin provided by sssd-client conflicts
+with the upstream test t_discover_uri.py. The test has to be modified in
+order to avoid false positive.
+---
+ src/lib/krb5/os/t_discover_uri.py | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/krb5/os/t_discover_uri.py b/src/lib/krb5/os/t_discover_uri.py
+index 87bac17929..26bc95a8dc 100644
+--- a/src/lib/krb5/os/t_discover_uri.py
++++ b/src/lib/krb5/os/t_discover_uri.py
+@@ -1,3 +1,4 @@
++from os.path import exists
+ from k5test import *
+
+ entries = ('URI _kerberos.TEST krb5srv::kkdcp:https://kdc1 1 1\n',
+@@ -37,8 +38,14 @@ realm.env['RESOLV_WRAPPER_HOSTS'] = hosts_filename
+ out = realm.run(['./t_locate_kdc', 'TEST'], env=realm.env)
+ l = out.splitlines()
+
++if (exists('/usr/lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so')
++ or exists('/usr/lib64/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so')):
++ line_range = range(6, 14)
++else:
++ line_range = range(4, 12)
++
+ j = 0
+-for i in range(4, 12):
++for i in line_range:
+ if l[i].strip() != expected[j]:
+ fail('URI answers do not match')
+ j += 1
+--
+2.38.1
+
diff --git a/SOURCES/0014-downstream-Do-not-set-root-as-ksu-file-owner.patch b/SOURCES/0014-downstream-Do-not-set-root-as-ksu-file-owner.patch
new file mode 100644
index 0000000..8c5b484
--- /dev/null
+++ b/SOURCES/0014-downstream-Do-not-set-root-as-ksu-file-owner.patch
@@ -0,0 +1,31 @@
+From fb13766f8fbd78acfcf7a150332a4e5474e4f52a Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Mon, 9 Jan 2023 22:39:52 +0100
+Subject: [PATCH] [downstream] Do not set root as ksu file owner
+
+Upstream Makefile uses the install command to set root as owner of the
+ksu executable file. However, this is no longer supported on latest
+versions of the Mock build environment.
+
+In case of ksu, the owner, group, and mode are already set using %attr()
+in the specfile.
+---
+ src/config/pre.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/config/pre.in b/src/config/pre.in
+index 7eaa2f351c..e9ae71471e 100644
+--- a/src/config/pre.in
++++ b/src/config/pre.in
+@@ -185,7 +185,7 @@ INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP)
+ INSTALL_SCRIPT=@INSTALL_PROGRAM@
+ INSTALL_DATA=@INSTALL_DATA@
+ INSTALL_SHLIB=@INSTALL_SHLIB@
+-INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root
++INSTALL_SETUID=$(INSTALL)
+ ## This is needed because autoconf will sometimes define @exec_prefix@ to be
+ ## ${prefix}.
+ prefix=@prefix@
+--
+2.38.1
+
diff --git a/SOURCES/0015-downstream-Allow-KRB5KDF-MD5-and-MD4-in-FIPS-mode.patch b/SOURCES/0015-downstream-Allow-KRB5KDF-MD5-and-MD4-in-FIPS-mode.patch
new file mode 100644
index 0000000..8b0ba6e
--- /dev/null
+++ b/SOURCES/0015-downstream-Allow-KRB5KDF-MD5-and-MD4-in-FIPS-mode.patch
@@ -0,0 +1,165 @@
+From 6aea69170c2064aaea73ad3283b6d7dd0cae47e1 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Thu, 19 Jan 2023 19:22:27 +0100
+Subject: [PATCH] [downstream] Allow KRB5KDF, MD5, and MD4 in FIPS mode
+
+OpenSSL's restrictions to use KRB5KDF, MD5, and MD4 in FIPS mode are
+bypassed in case AES SHA-1 HMAC or RC4 encryption types are allowed by
+the crypto policy.
+---
+ .../crypto/openssl/hash_provider/hash_evp.c | 97 +++++++++++++++++--
+ src/lib/crypto/openssl/kdf.c | 2 +-
+ 2 files changed, 89 insertions(+), 10 deletions(-)
+
+diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
+index 11659908bb..eb2e693e9f 100644
+--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
++++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
+@@ -44,6 +44,49 @@
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #endif
+
++#include <openssl/provider.h>
++#include <openssl/fips.h>
++#include <threads.h>
++
++typedef struct ossl_lib_md_context {
++ OSSL_LIB_CTX *libctx;
++ OSSL_PROVIDER *default_provider;
++ OSSL_PROVIDER *legacy_provider;
++} ossl_md_context_t;
++
++static thread_local ossl_md_context_t *ossl_md_ctx = NULL;
++
++static krb5_error_code
++init_ossl_md_ctx(ossl_md_context_t *ctx, const char *algo)
++{
++ ctx->libctx = OSSL_LIB_CTX_new();
++ if (!ctx->libctx)
++ return KRB5_CRYPTO_INTERNAL;
++
++ /* Load both legacy and default provider as both may be needed. */
++ ctx->default_provider = OSSL_PROVIDER_load(ctx->libctx, "default");
++ ctx->legacy_provider = OSSL_PROVIDER_load(ctx->libctx, "legacy");
++
++ if (!(ctx->default_provider && ctx->legacy_provider))
++ return KRB5_CRYPTO_INTERNAL;
++
++ return 0;
++}
++
++static void
++deinit_ossl_ctx(ossl_md_context_t *ctx)
++{
++ if (ctx->legacy_provider)
++ OSSL_PROVIDER_unload(ctx->legacy_provider);
++
++ if (ctx->default_provider)
++ OSSL_PROVIDER_unload(ctx->default_provider);
++
++ if (ctx->libctx)
++ OSSL_LIB_CTX_free(ctx->libctx);
++}
++
++
+ static krb5_error_code
+ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
+@@ -60,11 +103,6 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
+ if (ctx == NULL)
+ return ENOMEM;
+
+- if (type == EVP_md4() || type == EVP_md5()) {
+- /* See comments below in hash_md4() and hash_md5(). */
+- EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+- }
+-
+ ok = EVP_DigestInit_ex(ctx, type, NULL);
+ for (i = 0; i < num_data; i++) {
+ if (!SIGN_IOV(&data[i]))
+@@ -77,6 +115,43 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
+ }
+
++static krb5_error_code
++hash_legacy_evp(const char *algo, const krb5_crypto_iov *data, size_t num_data,
++ krb5_data *output)
++{
++ krb5_error_code err;
++ EVP_MD *md = NULL;
++
++ if (!ossl_md_ctx) {
++ ossl_md_ctx = malloc(sizeof(ossl_md_context_t));
++ if (!ossl_md_ctx) {
++ err = ENOMEM;
++ goto end;
++ }
++
++ err = init_ossl_md_ctx(ossl_md_ctx, algo);
++ if (err) {
++ deinit_ossl_ctx(ossl_md_ctx);
++ free(ossl_md_ctx);
++ ossl_md_ctx = NULL;
++ goto end;
++ }
++ }
++
++ md = EVP_MD_fetch(ossl_md_ctx->libctx, algo, NULL);
++ if (!md) {
++ err = KRB5_CRYPTO_INTERNAL;
++ goto end;
++ }
++
++ err = hash_evp(md, data, num_data, output);
++
++end:
++ if (md)
++ EVP_MD_free(md);
++
++ return err;
++}
+ #endif
+
+ #ifdef K5_OPENSSL_MD4
+@@ -88,7 +163,8 @@ hash_md4(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+ * by IPA. These keys are only used along a (separately) secured channel
+ * for legacy reasons when performing trusts to Active Directory.
+ */
+- return hash_evp(EVP_md4(), data, num_data, output);
++ return FIPS_mode() ? hash_legacy_evp("MD4", data, num_data, output)
++ : hash_evp(EVP_md4(), data, num_data, output);
+ }
+
+ const struct krb5_hash_provider krb5int_hash_md4 = {
+@@ -100,9 +176,12 @@ const struct krb5_hash_provider krb5int_hash_md4 = {
+ static krb5_error_code
+ hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+ {
+- /* MD5 is needed in FIPS mode for communication with RADIUS servers. This
+- * is gated in libkrad by libdefaults->radius_md5_fips_override. */
+- return hash_evp(EVP_md5(), data, num_data, output);
++ /*
++ * MD5 is needed in FIPS mode for communication with RADIUS servers. This
++ * is gated in libkrad by libdefaults->radius_md5_fips_override.
++ */
++ return FIPS_mode() ? hash_legacy_evp("MD5", data, num_data, output)
++ : hash_evp(EVP_md5(), data, num_data, output);
+ }
+
+ const struct krb5_hash_provider krb5int_hash_md5 = {
+diff --git a/src/lib/crypto/openssl/kdf.c b/src/lib/crypto/openssl/kdf.c
+index 5a43c3d9eb..8528ddc4a9 100644
+--- a/src/lib/crypto/openssl/kdf.c
++++ b/src/lib/crypto/openssl/kdf.c
+@@ -198,7 +198,7 @@ k5_derive_random_rfc3961(const struct krb5_enc_provider *enc, krb5_key key,
+ goto done;
+ }
+
+- kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL);
++ kdf = EVP_KDF_fetch(NULL, "KRB5KDF", "-fips");
+ if (kdf == NULL) {
+ ret = KRB5_CRYPTO_INTERNAL;
+ goto done;
+--
+2.38.1
+
diff --git a/SOURCES/0016-Add-PAC-full-checksums.patch b/SOURCES/0016-Add-PAC-full-checksums.patch
new file mode 100644
index 0000000..fe4edbf
--- /dev/null
+++ b/SOURCES/0016-Add-PAC-full-checksums.patch
@@ -0,0 +1,672 @@
+From f09300d9a9988215263775ac122b7ea2898d04db Mon Sep 17 00:00:00 2001
+From: Greg Hudson <ghudson@mit.edu>
+Date: Thu, 22 Dec 2022 03:05:23 -0500
+Subject: [PATCH] Add PAC full checksums
+
+A paper by Tom Tervoort noted that computing the PAC privsvr checksum
+over only the server checksum is vulnerable to collision attacks
+(CVE-2022-37967). In response, Microsoft has added a second KDC
+checksum over the full contents of the PAC. Generate and verify full
+KDC checksums in PACs for service tickets. Update the t_pac.c ticket
+test case to use a ticket issued by a recent version of Active
+Directory (provided by Stefan Metzmacher).
+
+ticket: 9084 (new)
+---
+ doc/appdev/refs/macros/index.rst | 1 +
+ src/include/krb5/krb5.hin | 1 +
+ src/lib/krb5/krb/pac.c | 92 +++++++++--------
+ src/lib/krb5/krb/pac_sign.c | 146 +++++++++++++++-----------
+ src/lib/krb5/krb/t_pac.c | 171 ++++++++++++++++++-------------
+ src/tests/t_authdata.py | 4 +-
+ 6 files changed, 240 insertions(+), 175 deletions(-)
+
+diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
+index 5f34dea5e8..3eeee25593 100644
+--- a/doc/appdev/refs/macros/index.rst
++++ b/doc/appdev/refs/macros/index.rst
+@@ -247,6 +247,7 @@ Public
+ KRB5_PAC_SERVER_CHECKSUM.rst
+ KRB5_PAC_TICKET_CHECKSUM.rst
+ KRB5_PAC_UPN_DNS_INFO.rst
++ KRB5_PAC_FULL_CHECKSUM.rst
+ KRB5_PADATA_AFS3_SALT.rst
+ KRB5_PADATA_AP_REQ.rst
+ KRB5_PADATA_AS_CHECKSUM.rst
+diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
+index fb9f2a366c..2ba4010514 100644
+--- a/src/include/krb5/krb5.hin
++++ b/src/include/krb5/krb5.hin
+@@ -8164,6 +8164,7 @@ krb5_verify_authdata_kdc_issued(krb5_context context,
+ #define KRB5_PAC_TICKET_CHECKSUM 16 /**< Ticket checksum */
+ #define KRB5_PAC_ATTRIBUTES_INFO 17 /**< PAC attributes */
+ #define KRB5_PAC_REQUESTOR 18 /**< PAC requestor SID */
++#define KRB5_PAC_FULL_CHECKSUM 19 /**< KDC full checksum */
+
+ struct krb5_pac_data;
+ /** PAC data structure to convey authorization information */
+diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c
+index f6c4373de0..954482e0c7 100644
+--- a/src/lib/krb5/krb/pac.c
++++ b/src/lib/krb5/krb/pac.c
+@@ -490,7 +490,8 @@ zero_signature(krb5_context context, const krb5_pac pac, krb5_ui_4 type,
+ size_t i;
+
+ assert(type == KRB5_PAC_SERVER_CHECKSUM ||
+- type == KRB5_PAC_PRIVSVR_CHECKSUM);
++ type == KRB5_PAC_PRIVSVR_CHECKSUM ||
++ type == KRB5_PAC_FULL_CHECKSUM);
+ assert(data->length >= pac->data.length);
+
+ for (i = 0; i < pac->pac->cBuffers; i++) {
+@@ -557,17 +558,17 @@ verify_checksum(krb5_context context, const krb5_pac pac, uint32_t buffer_type,
+ }
+
+ static krb5_error_code
+-verify_server_checksum(krb5_context context, const krb5_pac pac,
+- const krb5_keyblock *server)
++verify_pac_checksums(krb5_context context, const krb5_pac pac,
++ krb5_boolean expect_full_checksum,
++ const krb5_keyblock *server, const krb5_keyblock *privsvr)
+ {
+ krb5_error_code ret;
+- krb5_data copy; /* PAC with zeroed checksums */
++ krb5_data copy, server_checksum;
+
++ /* Make a copy of the PAC with zeroed out server and privsvr checksums. */
+ ret = krb5int_copy_data_contents(context, &pac->data, ©);
+ if (ret)
+ return ret;
+-
+- /* Zero out both checksum buffers */
+ ret = zero_signature(context, pac, KRB5_PAC_SERVER_CHECKSUM, ©);
+ if (ret)
+ goto cleanup;
+@@ -575,32 +576,46 @@ verify_server_checksum(krb5_context context, const krb5_pac pac,
+ if (ret)
+ goto cleanup;
+
+- ret = verify_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, server,
+- KRB5_KEYUSAGE_APP_DATA_CKSUM, ©);
++ if (server != NULL) {
++ /* Verify the server checksum over the PAC copy. */
++ ret = verify_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, server,
++ KRB5_KEYUSAGE_APP_DATA_CKSUM, ©);
++ }
+
+-cleanup:
+- free(copy.data);
+- return ret;
+-}
++ if (privsvr != NULL && expect_full_checksum) {
++ /* Zero the full checksum buffer in the copy and verify the full
++ * checksum over the copy with all three checksums zeroed. */
++ ret = zero_signature(context, pac, KRB5_PAC_FULL_CHECKSUM, ©);
++ if (ret)
++ goto cleanup;
++ ret = verify_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM, privsvr,
++ KRB5_KEYUSAGE_APP_DATA_CKSUM, ©);
++ if (ret)
++ goto cleanup;
++ }
+
+-static krb5_error_code
+-verify_kdc_checksum(krb5_context context, const krb5_pac pac,
+- const krb5_keyblock *privsvr)
+-{
+- krb5_error_code ret;
+- krb5_data server_checksum;
++ if (privsvr != NULL) {
++ /* Verify the privsvr checksum over the server checksum. */
++ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
++ &server_checksum);
++ if (ret)
++ return ret;
++ if (server_checksum.length < PAC_SIGNATURE_DATA_LENGTH)
++ return KRB5_BAD_MSIZE;
++ server_checksum.data += PAC_SIGNATURE_DATA_LENGTH;
++ server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH;
+
+- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+- &server_checksum);
+- if (ret)
+- return ret;
+- if (server_checksum.length < PAC_SIGNATURE_DATA_LENGTH)
+- return KRB5_BAD_MSIZE;
+- server_checksum.data += PAC_SIGNATURE_DATA_LENGTH;
+- server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH;
++ ret = verify_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, privsvr,
++ KRB5_KEYUSAGE_APP_DATA_CKSUM, &server_checksum);
++ if (ret)
++ goto cleanup;
++ }
++
++ pac->verified = TRUE;
+
+- return verify_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, privsvr,
+- KRB5_KEYUSAGE_APP_DATA_CKSUM, &server_checksum);
++cleanup:
++ free(copy.data);
++ return ret;
+ }
+
+ /* Per MS-PAC 2.8.3, tickets encrypted to TGS and password change principals
+@@ -628,6 +643,7 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt,
+ krb5_authdata **authdata, *orig, **ifrel = NULL, **recoded_ifrel = NULL;
+ uint8_t z = 0;
+ krb5_authdata zpac = { KV5M_AUTHDATA, KRB5_AUTHDATA_WIN2K_PAC, 1, &z };
++ krb5_boolean is_service_tkt;
+ size_t i, j;
+
+ *pac_out = NULL;
+@@ -669,7 +685,8 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt,
+ if (ret)
+ goto cleanup;
+
+- if (privsvr != NULL && k5_pac_should_have_ticket_signature(server_princ)) {
++ is_service_tkt = k5_pac_should_have_ticket_signature(server_princ);
++ if (privsvr != NULL && is_service_tkt) {
+ /* To check the PAC ticket signatures, re-encode the ticket with the
+ * PAC contents replaced by a single zero. */
+ orig = ifrel[j];
+@@ -693,8 +710,9 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt,
+ goto cleanup;
+ }
+
+- ret = krb5_pac_verify_ext(context, pac, enc_tkt->times.authtime, NULL,
+- server, privsvr, FALSE);
++ ret = verify_pac_checksums(context, pac, is_service_tkt, server, privsvr);
++ if (ret)
++ goto cleanup;
+
+ *pac_out = pac;
+ pac = NULL;
+@@ -730,14 +748,8 @@ krb5_pac_verify_ext(krb5_context context,
+ {
+ krb5_error_code ret;
+
+- if (server != NULL) {
+- ret = verify_server_checksum(context, pac, server);
+- if (ret != 0)
+- return ret;
+- }
+-
+- if (privsvr != NULL) {
+- ret = verify_kdc_checksum(context, pac, privsvr);
++ if (server != NULL || privsvr != NULL) {
++ ret = verify_pac_checksums(context, pac, FALSE, server, privsvr);
+ if (ret != 0)
+ return ret;
+ }
+@@ -749,8 +761,6 @@ krb5_pac_verify_ext(krb5_context context,
+ return ret;
+ }
+
+- pac->verified = TRUE;
+-
+ return 0;
+ }
+
+diff --git a/src/lib/krb5/krb/pac_sign.c b/src/lib/krb5/krb/pac_sign.c
+index 0f9581abbb..8ea61ac17b 100644
+--- a/src/lib/krb5/krb/pac_sign.c
++++ b/src/lib/krb5/krb/pac_sign.c
+@@ -187,26 +187,41 @@ k5_pac_encode_header(krb5_context context, krb5_pac pac)
+ return 0;
+ }
+
+-krb5_error_code KRB5_CALLCONV
+-krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
+- krb5_const_principal principal, const krb5_keyblock *server_key,
+- const krb5_keyblock *privsvr_key, krb5_data *data)
++/* Find the buffer of type buftype in pac and write within it a checksum of
++ * type cksumtype over data. Set *cksum_out to the checksum. */
++static krb5_error_code
++compute_pac_checksum(krb5_context context, krb5_pac pac, uint32_t buftype,
++ const krb5_keyblock *key, krb5_cksumtype cksumtype,
++ const krb5_data *data, krb5_data *cksum_out)
+ {
+- return krb5_pac_sign_ext(context, pac, authtime, principal, server_key,
+- privsvr_key, FALSE, data);
++ krb5_error_code ret;
++ krb5_data buf;
++ krb5_crypto_iov iov[2];
++
++ ret = k5_pac_locate_buffer(context, pac, buftype, &buf);
++ if (ret)
++ return ret;
++
++ assert(buf.length > PAC_SIGNATURE_DATA_LENGTH);
++ *cksum_out = make_data(buf.data + PAC_SIGNATURE_DATA_LENGTH,
++ buf.length - PAC_SIGNATURE_DATA_LENGTH);
++ iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
++ iov[0].data = *data;
++ iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
++ iov[1].data = *cksum_out;
++ return krb5_c_make_checksum_iov(context, cksumtype, key,
++ KRB5_KEYUSAGE_APP_DATA_CKSUM, iov, 2);
+ }
+
+-krb5_error_code KRB5_CALLCONV
+-krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
+- krb5_const_principal principal,
+- const krb5_keyblock *server_key,
+- const krb5_keyblock *privsvr_key, krb5_boolean with_realm,
+- krb5_data *data)
++static krb5_error_code
++sign_pac(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
++ krb5_const_principal principal, const krb5_keyblock *server_key,
++ const krb5_keyblock *privsvr_key, krb5_boolean with_realm,
++ krb5_boolean is_service_tkt, krb5_data *data)
+ {
+ krb5_error_code ret;
+- krb5_data server_cksum, privsvr_cksum;
++ krb5_data full_cksum, server_cksum, privsvr_cksum;
+ krb5_cksumtype server_cksumtype, privsvr_cksumtype;
+- krb5_crypto_iov iov[2];
+
+ data->length = 0;
+ data->data = NULL;
+@@ -214,67 +229,53 @@ krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
+ if (principal != NULL) {
+ ret = k5_insert_client_info(context, pac, authtime, principal,
+ with_realm);
+- if (ret != 0)
++ if (ret)
+ return ret;
+ }
+
+- /* Create zeroed buffers for both checksums */
++ /* Create zeroed buffers for all checksums. */
+ ret = k5_insert_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+ server_key, &server_cksumtype);
+- if (ret != 0)
++ if (ret)
+ return ret;
+-
+ ret = k5_insert_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
+ privsvr_key, &privsvr_cksumtype);
+- if (ret != 0)
++ if (ret)
+ return ret;
++ if (is_service_tkt) {
++ ret = k5_insert_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM,
++ privsvr_key, &privsvr_cksumtype);
++ if (ret)
++ return ret;
++ }
+
+- /* Now, encode the PAC header so that the checksums will include it */
++ /* Encode the PAC header so that the checksums will include it. */
+ ret = k5_pac_encode_header(context, pac);
+- if (ret != 0)
+- return ret;
+-
+- /* Generate the server checksum over the entire PAC */
+- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+- &server_cksum);
+- if (ret != 0)
++ if (ret)
+ return ret;
+
+- assert(server_cksum.length > PAC_SIGNATURE_DATA_LENGTH);
+-
+- iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
+- iov[0].data = pac->data;
+-
+- iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
+- iov[1].data.data = server_cksum.data + PAC_SIGNATURE_DATA_LENGTH;
+- iov[1].data.length = server_cksum.length - PAC_SIGNATURE_DATA_LENGTH;
++ if (is_service_tkt) {
++ /* Generate a full KDC checksum over the whole PAC. */
++ ret = compute_pac_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM,
++ privsvr_key, privsvr_cksumtype,
++ &pac->data, &full_cksum);
++ if (ret)
++ return ret;
++ }
+
+- ret = krb5_c_make_checksum_iov(context, server_cksumtype,
+- server_key, KRB5_KEYUSAGE_APP_DATA_CKSUM,
+- iov, sizeof(iov)/sizeof(iov[0]));
+- if (ret != 0)
++ /* Generate the server checksum over the whole PAC, including the full KDC
++ * checksum if we added one. */
++ ret = compute_pac_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM,
++ server_key, server_cksumtype, &pac->data,
++ &server_cksum);
++ if (ret)
+ return ret;
+
+- /* Generate the privsvr checksum over the server checksum buffer */
+- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
++ /* Generate the privsvr checksum over the server checksum buffer. */
++ ret = compute_pac_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
++ privsvr_key, privsvr_cksumtype, &server_cksum,
+ &privsvr_cksum);
+- if (ret != 0)
+- return ret;
+-
+- assert(privsvr_cksum.length > PAC_SIGNATURE_DATA_LENGTH);
+-
+- iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
+- iov[0].data.data = server_cksum.data + PAC_SIGNATURE_DATA_LENGTH;
+- iov[0].data.length = server_cksum.length - PAC_SIGNATURE_DATA_LENGTH;
+-
+- iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
+- iov[1].data.data = privsvr_cksum.data + PAC_SIGNATURE_DATA_LENGTH;
+- iov[1].data.length = privsvr_cksum.length - PAC_SIGNATURE_DATA_LENGTH;
+-
+- ret = krb5_c_make_checksum_iov(context, privsvr_cksumtype,
+- privsvr_key, KRB5_KEYUSAGE_APP_DATA_CKSUM,
+- iov, sizeof(iov)/sizeof(iov[0]));
+- if (ret != 0)
++ if (ret)
+ return ret;
+
+ data->data = k5memdup(pac->data.data, pac->data.length, &ret);
+@@ -288,6 +289,26 @@ krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
+ return 0;
+ }
+
++krb5_error_code KRB5_CALLCONV
++krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
++ krb5_const_principal principal, const krb5_keyblock *server_key,
++ const krb5_keyblock *privsvr_key, krb5_data *data)
++{
++ return sign_pac(context, pac, authtime, principal, server_key,
++ privsvr_key, FALSE, FALSE, data);
++}
++
++krb5_error_code KRB5_CALLCONV
++krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime,
++ krb5_const_principal principal,
++ const krb5_keyblock *server_key,
++ const krb5_keyblock *privsvr_key, krb5_boolean with_realm,
++ krb5_data *data)
++{
++ return sign_pac(context, pac, authtime, principal, server_key, privsvr_key,
++ with_realm, FALSE, data);
++}
++
+ /* Add a signature over der_enc_tkt in privsvr to pac. der_enc_tkt should be
+ * encoded with a dummy PAC authdata element containing a single zero byte. */
+ static krb5_error_code
+@@ -359,6 +380,7 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt,
+ krb5_error_code ret;
+ krb5_data *der_enc_tkt = NULL, pac_data = empty_data();
+ krb5_authdata **list, *pac_ad;
++ krb5_boolean is_service_tkt;
+ size_t count;
+
+ /* Reallocate space for another authdata element in enc_tkt. */
+@@ -377,7 +399,8 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt,
+ memmove(list + 1, list, (count + 1) * sizeof(*list));
+ list[0] = pac_ad;
+
+- if (k5_pac_should_have_ticket_signature(server_princ)) {
++ is_service_tkt = k5_pac_should_have_ticket_signature(server_princ);
++ if (is_service_tkt) {
+ ret = encode_krb5_enc_tkt_part(enc_tkt, &der_enc_tkt);
+ if (ret)
+ goto cleanup;
+@@ -388,9 +411,8 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt,
+ goto cleanup;
+ }
+
+- ret = krb5_pac_sign_ext(context, pac, enc_tkt->times.authtime,
+- client_princ, server, privsvr, with_realm,
+- &pac_data);
++ ret = sign_pac(context, pac, enc_tkt->times.authtime, client_princ, server,
++ privsvr, with_realm, is_service_tkt, &pac_data);
+ if (ret)
+ goto cleanup;
+
+diff --git a/src/lib/krb5/krb/t_pac.c b/src/lib/krb5/krb/t_pac.c
+index 173bde7bab..81f1642ab0 100644
+--- a/src/lib/krb5/krb/t_pac.c
++++ b/src/lib/krb5/krb/t_pac.c
+@@ -607,78 +607,102 @@ check_pac(krb5_context context, int index, const unsigned char *pdata,
+
+ static const krb5_keyblock ticket_sig_krbtgt_key = {
+ 0, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+- 32, U("\x7a\x58\x98\xd2\xaf\xa6\xaf\xc0\x6a\xce\x06\x04\x4b\xc2\x70\x84"
+- "\x9b\x8e\x0a\x6c\x4c\x07\xdc\x6f\xbb\x48\x43\xe1\xd2\xaa\x97\xf7")
++ 32, U("\x03\x73\x81\xEC\x43\x96\x7B\xC2\xAC\x3D\xF5\x2A\xAE\x95\xA6\x8E"
++ "\xBE\x24\x58\xDB\xCE\x52\x28\x20\xAF\x5E\xB7\x04\xA2\x22\x71\x4F")
+ };
+
+ static const krb5_keyblock ticket_sig_server_key = {
+- 0, ENCTYPE_ARCFOUR_HMAC,
+- 16, U("\xed\x23\x11\x20\x7a\x21\x44\x20\xbf\xc0\x8d\x36\xf7\xf6\xb2\x3e")
++ 0, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
++ 32, U("\x11\x4A\x84\xE3\x14\x8F\xAA\xB1\xFA\x7B\x53\x51\xB2\x8A\xC2\xF1"
++ "\xFD\x19\x6D\x61\xE0\xF3\xF2\x3E\x1F\xDB\xD3\xC1\x79\x7D\xC1\xEE")
+ };
+
++/* A ticket issued by an Active Directory KDC (Windows Server 2022), containing
++ * a PAC with a full checksum. */
+ static const krb5_data ticket_data = {
+- .length = 972, .data =
+- "\x61\x82\x03\xC8\x30\x82\x03\xC4\xA0\x03\x02\x01\x05\xA1\x0A\x1B"
+- "\x08\x43\x44\x4F\x4D\x2E\x43\x4F\x4D\xA2\x0F\x30\x0D\xA0\x03\x02"
+- "\x01\x01\xA1\x06\x30\x04\x1B\x02\x73\x31\xA3\x82\x03\x9E\x30\x82"
+- "\x03\x9A\xA0\x03\x02\x01\x17\xA1\x03\x02\x01\x03\xA2\x82\x03\x8C"
+- "\x04\x82\x03\x88\x44\x31\x61\x20\x17\xC9\xFE\xBC\xAC\x46\xB5\x77"
+- "\xE9\x68\x04\x4C\x9B\x31\x91\x0C\xC1\xD4\xDD\xEF\xC7\x34\x20\x08"
+- "\x90\x91\xE8\x79\xE0\xB5\x03\x26\xA4\x65\xDE\xEC\x47\x03\x2A\x8F"
+- "\x61\xE7\x4D\x38\x5A\x42\x95\x5A\xF9\x2F\x41\x2C\x2A\x6E\x60\xA1"
+- "\xEB\x51\xB3\xBD\x4C\x00\x41\x2A\x44\x76\x08\x37\x1A\x51\xFD\x65"
+- "\x67\x7E\xBF\x3D\x90\x86\xE3\x9A\x54\x6B\x67\xA8\x08\x7A\x73\xCC"
+- "\xC3\xB7\x4B\xD5\x5C\x3A\x14\x6C\xC1\x5F\x54\x4B\x92\x55\xB4\xB7"
+- "\x92\x23\x3F\x53\x89\x47\x8E\x1F\x8B\xB9\xDB\x3B\x93\xE8\x70\xE4"
+- "\x24\xB8\x9D\xF0\x0E\x35\x28\xF8\x7A\x27\x5D\xF7\x25\x97\x9C\xF5"
+- "\x9F\x9F\x64\x04\xF2\xA3\xAB\x11\x15\xB6\xDA\x18\xD6\x46\xD5\xE6"
+- "\xB8\x08\xDE\x0A\x62\xFD\xF8\xAA\x52\x90\xD9\x67\x29\xB2\xCD\x06"
+- "\xB6\xB0\x50\x2B\x3F\x0F\xA3\xA5\xBF\xAA\x6E\x40\x03\xD6\x5F\x02"
+- "\xBC\xD8\x18\x47\x97\x09\xD7\xE4\x96\x3B\xCB\xEB\x92\x2C\x3C\x49"
+- "\xFF\x1F\x71\xE0\x52\x94\x0F\x8B\x9F\xB8\x2A\xBB\x9C\xE2\xA3\xDD"
+- "\x38\x89\xE2\xB1\x0B\x9E\x1F\x7A\xB3\xE3\xD2\xB0\x94\xDC\x87\xBE"
+- "\x37\xA6\xD3\xB3\x29\x35\x9A\x72\xC3\x7A\xF1\xA9\xE6\xC5\xD1\x26"
+- "\x83\x65\x44\x17\xBA\x55\xA8\x5E\x94\x26\xED\xE9\x8A\x93\x11\x5D"
+- "\x7E\x20\x1B\x9C\x15\x9E\x13\x37\x03\x4D\xDD\x99\x51\xD8\x66\x29"
+- "\x6A\xB9\xFB\x49\xFE\x52\x78\xDA\x86\x85\xA9\xA3\xB9\xEF\xEC\xAD"
+- "\x35\xA6\x8D\xAC\x0F\x75\x22\xBB\x0B\x49\x1C\x13\x52\x40\xC9\x52"
+- "\x69\x09\x54\xD1\x0F\x94\x3F\x22\x48\x67\xB0\x96\x28\xAA\xE6\x28"
+- "\xD9\x0C\x08\xEF\x51\xED\x15\x5E\xA2\x53\x59\xA5\x03\xB4\x06\x20"
+- "\x3D\xCC\xB4\xC5\xF8\x8C\x73\x67\xA3\x21\x3D\x19\xCD\xD4\x12\x28"
+- "\xD2\x93\xDE\x0D\xF0\x71\x10\x50\xD6\x33\x35\x04\x11\x64\x43\x39"
+- "\xC3\xDF\x96\xE3\x66\xE3\x85\xCA\xE7\x67\x14\x3A\xF0\x43\xAA\xBB"
+- "\xD4\x1D\xB5\x24\xB5\x74\x90\x25\xA7\x87\x7E\xDB\xD3\x83\x8A\x3A"
+- "\x69\xA8\x2D\xAF\xB7\xB8\xF3\xDC\x13\xAF\x45\x61\x3F\x59\x39\x7E"
+- "\x69\xDE\x0C\x04\xF1\x10\x6B\xB4\x56\xFA\x21\x9F\x72\x2B\x60\x86"
+- "\xE3\x23\x0E\xC4\x51\xF6\xBE\xD8\xE1\x5F\xEE\x73\x4C\x17\x4C\x2C"
+- "\x1B\xFB\x9F\x1F\x7A\x3B\x07\x5B\x8E\xF1\x01\xAC\xD6\x30\x94\x8A"
+- "\x5D\x22\x6F\x08\xCE\xED\x5E\xB6\xDB\x86\x8C\x87\xEB\x8D\x91\xFF"
+- "\x0A\x86\x30\xBD\xC0\xF8\x25\xE7\xAE\x24\x35\xF2\xFC\xE5\xFD\x1B"
+- "\xB0\x05\x4A\xA3\xE5\xEB\x2E\x05\xAD\x99\x67\x49\x87\xE6\xB3\x87"
+- "\x82\xA4\x59\xA7\x6E\xDD\xF2\xB6\x66\xE8\xF7\x70\xF5\xBD\xC9\x0E"
+- "\xFA\x9C\x79\x84\xD4\x9B\x05\x0E\xBB\xF5\xDB\xEF\xFC\xCC\x26\xF2"
+- "\x93\xCF\xD2\x04\x3C\xA9\x2C\x65\x42\x97\x86\xD8\x38\x0A\x1E\xF6"
+- "\xD6\xCA\x30\xB5\x1A\xEC\xFB\xBA\x3B\x84\x57\xB0\xFD\xFB\xE6\xBC"
+- "\xF2\x76\xF6\x4C\xBB\xAB\xB1\x31\xA1\x27\x7C\xE6\xE6\x81\xB6\xCE"
+- "\x84\x86\x40\xB6\x40\x33\xC4\xF8\xB4\x15\xCF\xAA\xA5\x51\x78\xB9"
+- "\x8B\x50\x25\xB2\x88\x86\x96\x72\x8C\x71\x4D\xB5\x3A\x94\x86\x77"
+- "\x0E\x95\x9B\x16\x93\xEF\x3A\x11\x79\xBA\x83\xF7\x74\xD3\x8D\xBA"
+- "\x15\xE1\x2C\x04\x57\xA8\x92\x1E\x9D\x00\x8E\x20\xFD\x30\x70\xE7"
+- "\xF5\x65\x2F\x19\x0C\x94\xBA\x03\x71\x12\x96\xCD\xC8\xB4\x96\xDB"
+- "\xCE\x19\xC2\xDF\x3C\xC2\xF6\x3D\x53\xED\x98\xA5\x41\x72\x2A\x22"
+- "\x7B\xF3\x2B\x17\x6C\xE1\x39\x7D\xAE\x9B\x11\xF9\xC1\xA6\x9E\x9F"
+- "\x89\x3C\x12\xAA\x94\x74\xA7\x4F\x70\xE8\xB9\xDE\x04\xF0\x9D\x39"
+- "\x24\x2D\x92\xE8\x46\x2D\x2E\xF0\x40\x66\x1A\xD9\x27\xF9\x98\xF1"
+- "\x81\x1D\x70\x62\x63\x30\x6D\xCD\x84\x04\x5F\xFA\x83\xD3\xEC\x8D"
+- "\x86\xFB\x40\x61\xC1\x8A\x45\xFF\x7B\xD9\xD4\x18\x61\x7F\x51\xE3"
+- "\xFC\x1E\x18\xF0\xAF\xC6\x18\x2C\xE1\x6D\x5D\xF9\x62\xFC\x20\xA3"
+- "\xB2\x8A\x5F\xE5\xBB\x29\x0F\x99\x63\x07\x88\x38\x3A\x3B\x73\x2A"
+- "\x6D\xDA\x3D\xA8\x0D\x8F\x56\x41\x89\x82\xE5\xB8\x61\x00\x64\x7D"
+- "\x17\x0C\xCE\x03\x55\x8F\xF4\x5B\x0D\x50\xF2\xEB\x05\x67\xBE\xDB"
+- "\x7B\x75\xC5\xEA\xA1\xAB\x1D\xB0\x3C\x6D\x42\x08\x0B\x9A\x45\x20"
+- "\xA8\x8F\xE5\x67\x47\x30\xDE\x93\x5F\x43\x05\xEB\xA8\x2D\x80\xF5"
+- "\x1A\xB8\x4A\x4E\x42\x2D\x0B\x7A\xDC\x46\x20\x2D\x13\x17\xDD\x4B"
+- "\x94\x96\xAA\x1F\x06\x0C\x1F\x62\x07\x9C\x40\xA1"
++ .length = 1307, .data =
++ "\x61\x82\x05\x17\x30\x82\x05\x13\xA0\x03\x02\x01\x05\xA1\x0F\x1B"
++ "\x0D\x57\x32\x30\x32\x32\x2D\x4C\x37\x2E\x42\x41\x53\x45\xA2\x2A"
++ "\x30\x28\xA0\x03\x02\x01\x01\xA1\x21\x30\x1F\x1B\x04\x63\x69\x66"
++ "\x73\x1B\x17\x77\x32\x30\x32\x32\x2D\x31\x31\x38\x2E\x77\x32\x30"
++ "\x32\x32\x2D\x6C\x37\x2E\x62\x61\x73\x65\xA3\x82\x04\xCD\x30\x82"
++ "\x04\xC9\xA0\x03\x02\x01\x12\xA1\x03\x02\x01\x05\xA2\x82\x04\xBB"
++ "\x04\x82\x04\xB7\x44\x5C\x7B\x5A\x3F\x2E\xA3\x50\x34\xDE\xB0\x69"
++ "\x23\x2D\x47\x89\x2C\xC0\xA3\xF9\xDD\x70\xAA\xA5\x1E\xFE\x74\xE5"
++ "\x19\xA2\x4F\x65\x6C\x9E\x00\xB4\x60\x00\x7C\x0C\x29\x43\x31\x99"
++ "\x77\x02\x73\xED\xB9\x40\xF5\xD2\xD1\xC9\x20\x0F\xE3\x38\xF9\xCC"
++ "\x5E\x2A\xBD\x1F\x91\x66\x1A\xD8\x2A\x80\x3C\x2C\x00\x3C\x1E\xC9"
++ "\x2A\x29\x19\x19\x96\x18\x54\x03\x97\x8F\x1D\x5F\xDB\xE9\x66\x68"
++ "\xCD\xB1\xD5\x00\x35\x69\x49\x45\xF1\x6A\x78\x7B\x37\x71\x87\x14"
++ "\x1C\x98\x4D\x69\xCB\x1B\xD8\xF5\xA3\xD8\x53\x4A\x75\x76\x62\xBA"
++ "\x6C\x3F\xEA\x8B\x97\x21\xCA\x8A\x46\x4B\x38\xDA\x09\x9F\x5A\xC8"
++ "\x38\xFF\x34\x97\x5B\xA2\xE5\xBA\xC9\x87\x17\xD8\x08\x05\x7A\x83"
++ "\x04\xD6\x02\x8E\x9B\x18\xB6\x40\x1A\xF7\x47\x25\x24\x3E\x37\x1E"
++ "\xF6\xC1\x3A\x1F\xCA\xB3\x43\x5A\xAE\x94\x83\x31\xAF\xFB\xEE\xED"
++ "\x46\x71\xEF\xE2\x37\x37\x15\xFE\x1B\x0B\x9E\xF8\x3E\x0C\x43\x96"
++ "\xB6\x0A\x04\x78\xF8\x5E\xAA\x33\x1F\xE2\x07\x5A\x8D\xC4\x4E\x32"
++ "\x6D\xD6\xA0\xC5\xEA\x3D\x12\x59\xD4\x41\x40\x4E\xA1\xD8\xBE\xED"
++ "\x17\xCB\x68\xCC\x59\xCB\x53\xB2\x0E\x58\x8A\xA9\x33\x7F\x6F\x2B"
++ "\x37\x89\x08\x44\xBA\xC7\x67\x17\xBB\x91\xF7\xC3\x0F\x00\xF8\xAA"
++ "\xA1\x33\xA6\x08\x47\xCA\xFA\xE8\x49\x27\x45\x46\xF1\xC1\xC3\x5F"
++ "\xE2\x45\x0A\x7D\x64\x52\x8C\x2E\xE1\xDE\xFF\xB2\x64\xEC\x69\x98"
++ "\x15\xDF\x9E\xB1\xEB\xD6\x9D\x08\x06\x4E\x73\xC1\x0B\x71\x21\x05"
++ "\x9E\xBC\xA2\x17\xCF\xB3\x70\xF4\xEF\xB8\x69\xA9\x94\x27\xFD\x5E"
++ "\x72\xB1\x2D\xD2\x20\x1B\x57\x80\xAB\x38\x97\xCF\x22\x68\x4F\xB8"
++ "\xB7\x17\x53\x25\x67\x0B\xED\xD1\x58\x20\x0D\x45\xF9\x09\xFA\xE7"
++ "\x61\x3E\xDB\xC2\x59\x7B\x3A\x3B\x59\x81\x51\xAA\xA4\x81\xF4\x96"
++ "\x3B\xE1\x6F\x6F\xF4\x8E\x68\x9E\xBA\x1E\x0F\xF2\x44\x68\x11\xFC"
++ "\x2B\x5F\xBE\xF2\xEA\x07\x80\xB9\xCA\x9E\x41\xBD\x2F\x81\xF5\x11"
++ "\x2A\x12\xF3\x4F\xD6\x12\x16\x0F\x21\x90\xF1\xD3\x1E\xF1\xA4\x94"
++ "\x46\xEA\x30\xF3\x84\x06\xC1\xA4\x51\xFC\x43\x35\xBD\xEF\x4D\x89"
++ "\x1D\xA5\x44\xB2\x69\xC4\x0F\xBF\x86\x01\x08\x44\x77\xD5\xB4\xB7"
++ "\x5C\x3F\xA7\xD4\x2F\x39\x73\x85\x88\xEE\xB1\x64\x1D\x80\x6C\xEE"
++ "\x6E\x31\x90\x92\x0D\xA1\xB7\xC4\x5C\xCC\xEE\x91\xC8\xCB\x11\x2D"
++ "\x4A\x1A\x7D\x43\x8F\xEB\x60\x09\xED\x1B\x07\x58\xBE\xBC\xBD\x29"
++ "\xF3\xB3\xA3\x4F\xC5\x8A\x30\x33\xB9\xA9\x9F\x43\x08\x27\x15\xC4"
++ "\x9C\x5D\x8E\xBD\x5C\x05\xC6\x05\x9C\x87\x60\x08\x1E\xE2\x52\xB8"
++ "\x45\x8D\x28\xB6\x2C\x15\x46\x74\x9F\x0E\xAA\x6B\x70\x3A\x2A\x55"
++ "\x45\x26\xB2\x58\x4D\x35\xA6\xF1\x96\xBE\x60\xB2\x71\x7B\xF8\x54"
++ "\xB9\x90\x21\x8E\xB9\x0F\x35\x98\x5E\x88\xEB\x1A\x53\xB4\x59\x7F"
++ "\xAF\x69\x1C\x61\x67\xF4\xF6\xBD\xAC\x24\xCD\xB7\xA9\x67\xE8\xA1"
++ "\x83\x85\x5F\x11\x74\x1F\xF7\x4C\x78\x36\xEF\x50\x74\x88\x58\x4B"
++ "\x1A\x9F\x84\x9A\x9A\x05\x92\xEC\x1D\xD5\xF3\xC4\x95\x51\x28\xE2"
++ "\x3F\x32\x87\xB2\xFD\x21\x27\x66\xE4\x6B\x85\x2F\xDC\x7B\xC0\x22"
++ "\xEB\x7A\x94\x20\x5A\x7B\xD3\x7A\xB9\x5B\xF8\x1A\x5A\x84\x4E\xA1"
++ "\x73\x41\x53\xD2\x60\xF7\x7C\xEE\x68\x59\x85\x80\xFC\x3D\x70\x4B"
++ "\x04\x32\xE7\xF2\xFD\xBD\xB3\xD9\x21\xE2\x37\x56\xA2\x16\xCC\xDE"
++ "\x8A\xD3\xBC\x71\xEF\x58\x19\x0E\x45\x8A\x5B\x53\xD6\x77\x30\x6A"
++ "\xA7\xF8\x68\x06\x4E\x07\xCA\xCE\x30\xD7\x35\xAB\x1A\xC7\x18\xD4"
++ "\xC6\x2F\x1A\xFF\xE9\x7A\x94\x0B\x76\x5E\x7E\x29\x0C\xE6\xD3\x3B"
++ "\x5B\x44\x96\xA8\xF1\x29\x23\x95\xD9\x79\xB3\x39\xFC\x76\xED\xE1"
++ "\x1E\x67\x4E\xF7\xE8\x7B\x7A\x12\x9E\xD8\x4B\x35\x09\x0A\xF2\xC1"
++ "\x63\x5B\xEE\xFD\x2A\xC2\xA6\x66\x30\x3C\x1F\x95\xAF\x65\x22\x95"
++ "\x14\x1D\xF5\xD5\xDC\x38\x79\x35\x1C\xCD\x24\x47\xE0\xFD\x08\xC8"
++ "\xF4\x15\x55\x9F\xD9\xC7\xAC\x3F\x67\xB3\x4F\xEB\x26\x7C\x8E\xD6"
++ "\x74\xB3\x0A\xCD\xE7\xFA\xBE\x7E\xA3\x3E\xEC\x61\x50\x77\x52\x56"
++ "\xCF\x90\x5D\x48\xFB\xD4\x2C\x6C\x61\x8B\xDD\x2B\xF5\x92\x1F\x30"
++ "\xBF\x3F\x80\x0D\x31\xDB\xB2\x0B\x7D\x84\xE3\xA6\x42\x7F\x00\x38"
++ "\x44\x02\xC5\xB8\xD9\x58\x29\x9D\x68\x5C\x32\x8B\x76\xAE\xED\x15"
++ "\xF9\x7C\xAE\x7B\xB6\x8E\xD6\x54\x24\xFF\xFA\x87\x05\xEF\x15\x08"
++ "\x5E\x4B\x21\xA2\x2F\x49\xE7\x0F\xC3\xD0\xB9\x49\x22\xEF\xD5\xCA"
++ "\xB2\x11\xF2\x17\xB6\x77\x24\x68\x76\xB2\x07\xF8\x0A\x73\xDD\x65"
++ "\x9C\x75\x64\xF7\xA1\xC6\x23\x08\x84\x72\x3E\x54\x2E\xEB\x9B\x40"
++ "\xA6\x83\x87\xEB\xB5\x00\x40\x4F\xE1\x72\x2A\x59\x3A\x06\x60\x29"
++ "\x7E\x25\x2F\xD8\x80\x40\x8C\x59\xCA\xCF\x8E\x44\xE4\x2D\x84\x7E"
++ "\xCB\xFD\x1E\x3B\xD5\xFF\x9A\xB9\x66\x93\x6D\x5E\xC8\xB7\x13\x26"
++ "\xD6\x38\x1B\x2B\xE1\x87\x96\x05\xD5\xF3\xAB\x68\xF7\x12\x62\x2C"
++ "\x58\xC1\xC9\x85\x3C\x72\xF1\x26\xEE\xC0\x09\x5F\x1D\x4B\xAC\x01"
++ "\x41\xC8\x12\xF8\xF3\x93\x43\x41\xFF\xEC\x0B\x80\xE2\xEE\x20\x85"
++ "\x25\xCD\x6C\x30\x8C\x0D\x24\x2E\xBA\x19\xEA\x28\x7F\xCF\xD5\x10"
++ "\x5C\xE9\xB2\x9D\x5F\x16\xE4\xC0\xF3\xCC\xD9\x68\x4A\x05\x08\x70"
++ "\x17\x26\xC8\x5C\x4A\xBF\x94\x6A\x0E\xD5\xDA\x67\x47\x4B\xAF\x44"
++ "\xE3\x94\xAA\x05\xDB\xA2\x49\x74\xFA\x5C\x69\xAB\x44\xB7\xF7\xBA"
++ "\xAE\x7A\x23\x87\xEB\x54\x7E\x80\xF1\x5B\x60\xA5\x93\xE5\xD4\x24"
++ "\x84\xF7\x0A\x16\x10\xBE\xE9\x4D\xD8\x6B\x15\x40\x5D\x74\xDA\x1B"
++ "\xFF\x2E\x4D\x17\x9D\x35\xF7\x0D\xCF\x66\x38\x0D\x8A\xE4\xDD\x6B"
++ "\xE1\x0F\x1F\xBD\xFD\x4F\x30\x37\x3F\x96\xB4\x92\x54\xD3\x9A\x7A"
++ "\xD1\x5B\x5B\xA9\x54\x16\xE6\x24\xAB\xD4\x23\x39\x7D\xD2\xC7\x09"
++ "\xFA\xD4\x86\x55\x4D\x60\xC2\x87\x67\x6B\xE6"
+ };
+
+ static void
+@@ -686,7 +710,7 @@ test_pac_ticket_signature(krb5_context context)
+ {
+ krb5_error_code ret;
+ krb5_ticket *ticket;
+- krb5_principal sprinc;
++ krb5_principal cprinc, sprinc;
+ krb5_authdata **authdata1, **authdata2;
+ krb5_pac pac, pac2, pac3;
+ uint32_t *list;
+@@ -701,7 +725,13 @@ test_pac_ticket_signature(krb5_context context)
+ if (ret)
+ err(context, ret, "while decrypting ticket");
+
+- ret = krb5_parse_name(context, "s1@CDOM.COM", &sprinc);
++ ret = krb5_parse_name(context, "administrator@W2022-L7.BASE", &cprinc);
++ if (ret)
++ err(context, ret, "krb5_parse_name");
++
++ ret = krb5_parse_name(context,
++ "cifs/w2022-118.w2022-l7.base@W2022-L7.BASE",
++ &sprinc);
+ if (ret)
+ err(context, ret, "krb5_parse_name");
+
+@@ -713,7 +743,7 @@ test_pac_ticket_signature(krb5_context context)
+
+ /* In this test, the server is also the client. */
+ ret = krb5_pac_verify(context, pac, ticket->enc_part2->times.authtime,
+- ticket->server, NULL, NULL);
++ cprinc, NULL, NULL);
+ if (ret)
+ err(context, ret, "while verifying PAC client info");
+
+@@ -722,7 +752,7 @@ test_pac_ticket_signature(krb5_context context)
+ ticket->enc_part2->authorization_data = NULL;
+
+ ret = krb5_kdc_sign_ticket(context, ticket->enc_part2, pac, sprinc,
+- sprinc, &ticket_sig_server_key,
++ cprinc, &ticket_sig_server_key,
+ &ticket_sig_krbtgt_key, FALSE);
+ if (ret)
+ err(context, ret, "while signing ticket");
+@@ -781,6 +811,7 @@ test_pac_ticket_signature(krb5_context context)
+ krb5_pac_free(context, pac);
+ krb5_pac_free(context, pac2);
+ krb5_pac_free(context, pac3);
++ krb5_free_principal(context, cprinc);
+ krb5_free_principal(context, sprinc);
+ krb5_free_ticket(context, ticket);
+ }
+diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
+index 47ea9e4b47..e934799268 100644
+--- a/src/tests/t_authdata.py
++++ b/src/tests/t_authdata.py
+@@ -11,7 +11,7 @@ realm = K5Realm(krb5_conf=conf)
+ # container.
+ mark('baseline authdata')
+ out = realm.run(['./adata', realm.host_princ])
+-if '?128: [6, 7, 10, 16]' not in out or '^-42: Hello' not in out:
++if '?128: [6, 7, 10, 16, 19]' not in out or '^-42: Hello' not in out:
+ fail('expected authdata not seen for basic request')
+
+ # Requested authdata is copied into the ticket, with KDC-only types
+@@ -243,7 +243,7 @@ out = realm.run(['./adata', '-p', realm.user_princ, 'service/2'])
+ if '+97: [indcl]' not in out or '[inds1]' in out:
+ fail('correct auth-indicator not seen for S4U2Proxy req')
+ # Make sure a PAC with an S4U_DELEGATION_INFO(11) buffer is included.
+-if '?128: [1, 6, 7, 10, 11, 16]' not in out:
++if '?128: [1, 6, 7, 10, 11, 16, 19]' not in out:
+ fail('PAC with delegation info not seen for S4U2Proxy req')
+
+ # Get another S4U2Proxy ticket including request-authdata.
+--
+2.39.1
+
diff --git a/SOURCES/0017-Fix-possible-double-free-during-KDB-creation.patch b/SOURCES/0017-Fix-possible-double-free-during-KDB-creation.patch
new file mode 100644
index 0000000..59b6c48
--- /dev/null
+++ b/SOURCES/0017-Fix-possible-double-free-during-KDB-creation.patch
@@ -0,0 +1,45 @@
+From ff9c99b689855a646c371379d30a668dfd7a87a7 Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Wed, 1 Feb 2023 15:57:26 +0100
+Subject: [PATCH] Fix possible double-free during KDB creation
+
+In krb5_dbe_def_encrypt_key_data(), when we free
+key_data->key_data_contents[0], reset it to null so the caller doesn't
+free it as well.
+
+Since commit a06945b4ec267e8b80e5e8c95edd89930ff12103 this bug
+manifests as a double-free during KDB creation if master key
+encryption fails.
+
+[ghudson@mit.edu: edited commit message]
+
+ticket: 9086 (new)
+tags: pullup
+target_version: 1.20-next
+---
+ src/lib/kdb/encrypt_key.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c
+index dc612c810e..91debea533 100644
+--- a/src/lib/kdb/encrypt_key.c
++++ b/src/lib/kdb/encrypt_key.c
+@@ -109,6 +109,7 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,
+ if ((retval = krb5_c_encrypt(context, mkey, /* XXX */ 0, 0,
+ &plain, &cipher))) {
+ free(key_data->key_data_contents[0]);
++ key_data->key_data_contents[0] = NULL;
+ return retval;
+ }
+
+@@ -121,6 +122,7 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,
+ key_data->key_data_contents[1] = malloc(keysalt->data.length);
+ if (key_data->key_data_contents[1] == NULL) {
+ free(key_data->key_data_contents[0]);
++ key_data->key_data_contents[0] = NULL;
+ return ENOMEM;
+ }
+ memcpy(key_data->key_data_contents[1], keysalt->data.data,
+--
+2.39.1
+
diff --git a/SOURCES/0018-Fix-meridian-type-in-kadmin-datetime-parser.patch b/SOURCES/0018-Fix-meridian-type-in-kadmin-datetime-parser.patch
new file mode 100644
index 0000000..2973380
--- /dev/null
+++ b/SOURCES/0018-Fix-meridian-type-in-kadmin-datetime-parser.patch
@@ -0,0 +1,36 @@
+From 604fce63b468d0efce4438df4ba0286f00bfce8d Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Tue, 21 Feb 2023 10:03:35 +0100
+Subject: [PATCH] Fix meridian type in kadmin datetime parser
+
+The meridian suffix is typed as "Number" in kadmin YACC file for
+datetime parsing, while it should be using the "Meridian" enumeration
+one.
+
+This results in invalid Meridian value on 64-bit IBM zSystems (s390x),
+causing core dumped errors on most kadmin commands where meridian
+suffices are used.
+
+Upstream PR:
+https://github.com/krb5/krb5/pull/1290
+---
+ src/kadmin/cli/getdate.y | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/kadmin/cli/getdate.y b/src/kadmin/cli/getdate.y
+index b9dceec1ee..d14cf963c5 100644
+--- a/src/kadmin/cli/getdate.y
++++ b/src/kadmin/cli/getdate.y
+@@ -181,7 +181,8 @@ static time_t yyRelSeconds;
+
+ %token tAGO tID tDST tNEVER
+ %token <Number> tDAY tDAYZONE tMINUTE_UNIT tMONTH tMONTH_UNIT
+-%token <Number> tSEC_UNIT tSNUMBER tUNUMBER tZONE tMERIDIAN
++%token <Number> tSEC_UNIT tSNUMBER tUNUMBER tZONE
++%token <Meridian> tMERIDIAN
+ %type <Meridian> o_merid
+
+ %%
+--
+2.39.1
+
diff --git a/SOURCES/Add-APIs-for-marshalling-credentials.patch b/SOURCES/Add-APIs-for-marshalling-credentials.patch
deleted file mode 100644
index 7d77bba..0000000
--- a/SOURCES/Add-APIs-for-marshalling-credentials.patch
+++ /dev/null
@@ -1,220 +0,0 @@
-From 3d11179707923b033fa413387a33296b673ff52d Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Thu, 14 Jan 2021 18:13:09 -0500
-Subject: [PATCH] Add APIs for marshalling credentials
-
-Faciliate KCM daemon implementations by providing functions to
-deserialize and reserialize credentials in the FILE v4 format.
-
-[ghudson@mit.edu: minor editorial changes]
-
-ticket: 8980 (new)
-(cherry picked from commit 18ea3bd2fca55b789b7de9c663624bc11d348fa6)
----
- doc/appdev/refs/api/index.rst | 2 ++
- src/include/krb5/krb5.hin | 36 ++++++++++++++++++++++
- src/lib/krb5/ccache/ccmarshal.c | 53 +++++++++++++++++++++++++++++++++
- src/lib/krb5/ccache/t_marshal.c | 15 +++++++++-
- src/lib/krb5/libkrb5.exports | 2 ++
- src/lib/krb5_32.def | 4 +++
- 6 files changed, 111 insertions(+), 1 deletion(-)
-
-diff --git a/doc/appdev/refs/api/index.rst b/doc/appdev/refs/api/index.rst
-index 727d9b492..9e03fd386 100644
---- a/doc/appdev/refs/api/index.rst
-+++ b/doc/appdev/refs/api/index.rst
-@@ -232,6 +232,7 @@ Rarely used public interfaces
- krb5_kt_remove_entry.rst
- krb5_kt_start_seq_get.rst
- krb5_make_authdata_kdc_issued.rst
-+ krb5_marshal_credentials.rst
- krb5_merge_authdata.rst
- krb5_mk_1cred.rst
- krb5_mk_error.rst
-@@ -285,6 +286,7 @@ Rarely used public interfaces
- krb5_tkt_creds_get_times.rst
- krb5_tkt_creds_init.rst
- krb5_tkt_creds_step.rst
-+ krb5_unmarshal_credentials.rst
- krb5_verify_init_creds.rst
- krb5_verify_init_creds_opt_init.rst
- krb5_verify_init_creds_opt_set_ap_req_nofail.rst
-diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
-index 63e67a2ba..c26dde535 100644
---- a/src/include/krb5/krb5.hin
-+++ b/src/include/krb5/krb5.hin
-@@ -3125,6 +3125,42 @@ krb5_get_credentials(krb5_context context, krb5_flags options,
- krb5_ccache ccache, krb5_creds *in_creds,
- krb5_creds **out_creds);
-
-+/**
-+ * Serialize a @c krb5_creds object.
-+ *
-+ * @param [in] context Library context
-+ * @param [in] creds The credentials object to serialize
-+ * @param [out] data_out The serialized credentials
-+ *
-+ * Serialize @a creds in the format used by the FILE ccache format (vesion 4)
-+ * and KCM ccache protocol.
-+ *
-+ * Use krb5_free_data() to free @a data_out when it is no longer needed.
-+ *
-+ * @retval 0 Success; otherwise - Kerberos error codes
-+ */
-+krb5_error_code KRB5_CALLCONV
-+krb5_marshal_credentials(krb5_context context, krb5_creds *in_creds,
-+ krb5_data **data_out);
-+
-+/**
-+ * Deserialize a @c krb5_creds object.
-+ *
-+ * @param [in] context Library context
-+ * @param [in] data The serialized credentials
-+ * @param [out] creds_out The resulting creds object
-+ *
-+ * Deserialize @a data to credentials in the format used by the FILE ccache
-+ * format (vesion 4) and KCM ccache protocol.
-+ *
-+ * Use krb5_free_creds() to free @a creds_out when it is no longer needed.
-+ *
-+ * @retval 0 Success; otherwise - Kerberos error codes
-+ */
-+krb5_error_code KRB5_CALLCONV
-+krb5_unmarshal_credentials(krb5_context context, const krb5_data *data,
-+ krb5_creds **creds_out);
-+
- /** @deprecated Replaced by krb5_get_validated_creds. */
- krb5_error_code KRB5_CALLCONV
- krb5_get_credentials_validate(krb5_context context, krb5_flags options,
-diff --git a/src/lib/krb5/ccache/ccmarshal.c b/src/lib/krb5/ccache/ccmarshal.c
-index ae634ccab..ab284e721 100644
---- a/src/lib/krb5/ccache/ccmarshal.c
-+++ b/src/lib/krb5/ccache/ccmarshal.c
-@@ -515,3 +515,56 @@ k5_marshal_mcred(struct k5buf *buf, krb5_creds *mcred)
- if (mcred->second_ticket.length > 0)
- put_data(buf, version, &mcred->second_ticket);
- }
-+
-+krb5_error_code KRB5_CALLCONV
-+krb5_marshal_credentials(krb5_context context, krb5_creds *in_creds,
-+ krb5_data **data_out)
-+{
-+ krb5_error_code ret;
-+ krb5_data *data;
-+ struct k5buf buf;
-+
-+ *data_out = NULL;
-+
-+ data = k5alloc(sizeof(krb5_data), &ret);
-+ if (ret)
-+ return ret;
-+
-+ k5_buf_init_dynamic(&buf);
-+ k5_marshal_cred(&buf, 4, in_creds);
-+
-+ ret = k5_buf_status(&buf);
-+ if (ret) {
-+ free(data);
-+ return ret;
-+ }
-+
-+ /* Steal payload from buf. */
-+ *data = make_data(buf.data, buf.len);
-+ *data_out = data;
-+ return 0;
-+}
-+
-+krb5_error_code KRB5_CALLCONV
-+krb5_unmarshal_credentials(krb5_context context, const krb5_data *data,
-+ krb5_creds **creds_out)
-+{
-+ krb5_error_code ret;
-+ krb5_creds *creds;
-+
-+ *creds_out = NULL;
-+
-+ creds = k5alloc(sizeof(krb5_creds), &ret);
-+ if (ret)
-+ return ret;
-+
-+ ret = k5_unmarshal_cred((unsigned char *)data->data, data->length, 4,
-+ creds);
-+ if (ret) {
-+ free(creds);
-+ return ret;
-+ }
-+
-+ *creds_out = creds;
-+ return 0;
-+}
-diff --git a/src/lib/krb5/ccache/t_marshal.c b/src/lib/krb5/ccache/t_marshal.c
-index bd0284afa..96e0931a2 100644
---- a/src/lib/krb5/ccache/t_marshal.c
-+++ b/src/lib/krb5/ccache/t_marshal.c
-@@ -268,13 +268,14 @@ main(int argc, char **argv)
- krb5_context context;
- krb5_ccache cache;
- krb5_principal princ;
-- krb5_creds cred1, cred2;
-+ krb5_creds cred1, cred2, *alloc_cred;
- krb5_cc_cursor cursor;
- const char *filename;
- char *ccname, filebuf[256];
- int version, fd;
- const struct test *t;
- struct k5buf buf;
-+ krb5_data ser_data, *alloc_data;
-
- if (argc != 2)
- abort();
-@@ -285,6 +286,18 @@ main(int argc, char **argv)
- if (krb5_init_context(&context) != 0)
- abort();
-
-+ /* Test public functions for unmarshalling and marshalling. */
-+ ser_data = make_data((char *)tests[3].cred1, tests[3].cred1len);
-+ if (krb5_unmarshal_credentials(context, &ser_data, &alloc_cred) != 0)
-+ abort();
-+ verify_cred1(alloc_cred);
-+ if (krb5_marshal_credentials(context, alloc_cred, &alloc_data) != 0)
-+ abort();
-+ assert(alloc_data->length == tests[3].cred1len);
-+ assert(memcmp(tests[3].cred1, alloc_data->data, alloc_data->length) == 0);
-+ krb5_free_data(context, alloc_data);
-+ krb5_free_creds(context, alloc_cred);
-+
- for (version = FIRST_VERSION; version <= 4; version++) {
- t = &tests[version - 1];
-
-diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
-index 2d9d56530..adbfa332b 100644
---- a/src/lib/krb5/libkrb5.exports
-+++ b/src/lib/krb5/libkrb5.exports
-@@ -489,6 +489,7 @@ krb5_lock_file
- krb5_make_authdata_kdc_issued
- krb5_make_full_ipaddr
- krb5_make_fulladdr
-+krb5_marshal_credentials
- krb5_mcc_ops
- krb5_merge_authdata
- krb5_mk_1cred
-@@ -592,6 +593,7 @@ krb5_timeofday
- krb5_timestamp_to_sfstring
- krb5_timestamp_to_string
- krb5_unlock_file
-+krb5_unmarshal_credentials
- krb5_unpack_full_ipaddr
- krb5_unparse_name
- krb5_unparse_name_ext
-diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def
-index 4953907aa..60b8dd311 100644
---- a/src/lib/krb5_32.def
-+++ b/src/lib/krb5_32.def
-@@ -503,3 +503,7 @@ EXPORTS
- ; new in 1.19
- k5_cc_store_primary_cred @470 ; PRIVATE
- k5_kt_have_match @471 ; PRIVATE GSSAPI
-+
-+; new in 1.20
-+ krb5_marshal_credentials @472
-+ krb5_unmarshal_credentials @473
diff --git a/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch b/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch
deleted file mode 100644
index 5187e5c..0000000
--- a/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-From 418e64100d1e3f8c8e3f773909347bad270a2921 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
-Date: Thu, 11 Feb 2021 15:33:10 +0100
-Subject: [PATCH] Add KCM_OP_GET_CRED_LIST for faster iteration
-
-For large caches, one IPC operation per credential dominates the cost
-of iteration. Instead transfer the whole list of credentials to the
-client in one IPC operation.
-
-Add optional support for the new opcode to the test KCM server to
-allow testing of the main and fallback code paths.
-
-[ghudson@mit.edu: fixed memory leaks and potential memory errors;
-adjusted code style and comments; rewrote commit message; added
-kcmserver.py support and tests]
-
-ticket: 8990 (new)
-(cherry picked from commit 81bdb47d8ded390263d8ee48f71d5c312b4f1736)
-(cherry picked from commit a0ee8b02e56c65e5dcd569caed0e151cef004ef4)
----
- src/include/kcm.h | 12 ++-
- src/lib/krb5/ccache/cc_kcm.c | 144 ++++++++++++++++++++++++++++++++---
- src/tests/kcmserver.py | 28 ++++++-
- src/tests/t_ccache.py | 10 ++-
- 4 files changed, 175 insertions(+), 19 deletions(-)
-
-diff --git a/src/include/kcm.h b/src/include/kcm.h
-index 5ea1447cd..e4140c3a0 100644
---- a/src/include/kcm.h
-+++ b/src/include/kcm.h
-@@ -51,9 +51,9 @@
- *
- * All replies begin with a 32-bit big-endian reply code.
- *
-- * Parameters are appended to the request or reply with no delimiters. Flags
-- * and time offsets are stored as 32-bit big-endian integers. Names are
-- * marshalled as zero-terminated strings. Principals and credentials are
-+ * Parameters are appended to the request or reply with no delimiters. Flags,
-+ * time offsets, and lengths are stored as 32-bit big-endian integers. Names
-+ * are marshalled as zero-terminated strings. Principals and credentials are
- * marshalled in the v4 FILE ccache format. UUIDs are 16 bytes. UUID lists
- * are not delimited, so nothing can come after them.
- */
-@@ -89,7 +89,11 @@ typedef enum kcm_opcode {
- KCM_OP_HAVE_NTLM_CRED,
- KCM_OP_DEL_NTLM_CRED,
- KCM_OP_DO_NTLM_AUTH,
-- KCM_OP_GET_NTLM_USER_LIST
-+ KCM_OP_GET_NTLM_USER_LIST,
-+
-+ /* MIT extensions */
-+ KCM_OP_MIT_EXTENSION_BASE = 13000,
-+ KCM_OP_GET_CRED_LIST, /* (name) -> (count, count*{len, cred}) */
- } kcm_opcode;
-
- #endif /* KCM_H */
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 9093f894d..772928e4d 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -61,6 +61,17 @@ struct uuid_list {
- size_t pos;
- };
-
-+struct cred_list {
-+ krb5_creds *creds;
-+ size_t count;
-+ size_t pos;
-+};
-+
-+struct kcm_cursor {
-+ struct uuid_list *uuids;
-+ struct cred_list *creds;
-+};
-+
- struct kcmio {
- SOCKET fd;
- #ifdef __APPLE__
-@@ -489,6 +500,69 @@ free_uuid_list(struct uuid_list *uuids)
- free(uuids);
- }
-
-+static void
-+free_cred_list(struct cred_list *list)
-+{
-+ size_t i;
-+
-+ if (list == NULL)
-+ return;
-+
-+ /* Creds are transferred to the caller as list->pos is incremented, so we
-+ * can start freeing there. */
-+ for (i = list->pos; i < list->count; i++)
-+ krb5_free_cred_contents(NULL, &list->creds[i]);
-+ free(list->creds);
-+ free(list);
-+}
-+
-+/* Fetch a cred list from req->reply. */
-+static krb5_error_code
-+kcmreq_get_cred_list(struct kcmreq *req, struct cred_list **creds_out)
-+{
-+ struct cred_list *list;
-+ const unsigned char *data;
-+ krb5_error_code ret = 0;
-+ size_t count, len, i;
-+
-+ *creds_out = NULL;
-+
-+ /* Check a rough bound on the count to prevent very large allocations. */
-+ count = k5_input_get_uint32_be(&req->reply);
-+ if (count > req->reply.len / 4)
-+ return KRB5_KCM_MALFORMED_REPLY;
-+
-+ list = malloc(sizeof(*list));
-+ if (list == NULL)
-+ return ENOMEM;
-+
-+ list->creds = NULL;
-+ list->count = count;
-+ list->pos = 0;
-+ list->creds = k5calloc(count, sizeof(*list->creds), &ret);
-+ if (list->creds == NULL) {
-+ free(list);
-+ return ret;
-+ }
-+
-+ for (i = 0; i < count; i++) {
-+ len = k5_input_get_uint32_be(&req->reply);
-+ data = k5_input_get_bytes(&req->reply, len);
-+ if (data == NULL)
-+ break;
-+ ret = k5_unmarshal_cred(data, len, 4, &list->creds[i]);
-+ if (ret)
-+ break;
-+ }
-+ if (i < count) {
-+ free_cred_list(list);
-+ return (ret == ENOMEM) ? ENOMEM : KRB5_KCM_MALFORMED_REPLY;
-+ }
-+
-+ *creds_out = list;
-+ return 0;
-+}
-+
- static void
- kcmreq_free(struct kcmreq *req)
- {
-@@ -753,33 +827,53 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache,
- {
- krb5_error_code ret;
- struct kcmreq req = EMPTY_KCMREQ;
-- struct uuid_list *uuids;
-+ struct uuid_list *uuids = NULL;
-+ struct cred_list *creds = NULL;
-+ struct kcm_cursor *cursor;
-
- *cursor_out = NULL;
-
- get_kdc_offset(context, cache);
-
-- kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache);
-+ kcmreq_init(&req, KCM_OP_GET_CRED_LIST, cache);
- ret = cache_call(context, cache, &req);
-- if (ret)
-+ if (ret == 0) {
-+ /* GET_CRED_LIST is available. */
-+ ret = kcmreq_get_cred_list(&req, &creds);
-+ if (ret)
-+ goto cleanup;
-+ } else if (ret == KRB5_FCC_INTERNAL) {
-+ /* Fall back to GET_CRED_UUID_LIST. */
-+ kcmreq_free(&req);
-+ kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache);
-+ ret = cache_call(context, cache, &req);
-+ if (ret)
-+ goto cleanup;
-+ ret = kcmreq_get_uuid_list(&req, &uuids);
-+ if (ret)
-+ goto cleanup;
-+ } else {
- goto cleanup;
-- ret = kcmreq_get_uuid_list(&req, &uuids);
-- if (ret)
-+ }
-+
-+ cursor = k5alloc(sizeof(*cursor), &ret);
-+ if (cursor == NULL)
- goto cleanup;
-- *cursor_out = (krb5_cc_cursor)uuids;
-+ cursor->uuids = uuids;
-+ cursor->creds = creds;
-+ *cursor_out = (krb5_cc_cursor)cursor;
-
- cleanup:
- kcmreq_free(&req);
- return ret;
- }
-
--static krb5_error_code KRB5_CALLCONV
--kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
-- krb5_creds *cred_out)
-+static krb5_error_code
-+next_cred_by_uuid(krb5_context context, krb5_ccache cache,
-+ struct uuid_list *uuids, krb5_creds *cred_out)
- {
- krb5_error_code ret;
- struct kcmreq req;
-- struct uuid_list *uuids = (struct uuid_list *)*cursor;
-
- memset(cred_out, 0, sizeof(*cred_out));
-
-@@ -797,11 +891,39 @@ kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
- return map_invalid(ret);
- }
-
-+static krb5_error_code KRB5_CALLCONV
-+kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
-+ krb5_creds *cred_out)
-+{
-+ struct kcm_cursor *c = (struct kcm_cursor *)*cursor;
-+ struct cred_list *list;
-+
-+ if (c->uuids != NULL)
-+ return next_cred_by_uuid(context, cache, c->uuids, cred_out);
-+
-+ list = c->creds;
-+ if (list->pos >= list->count)
-+ return KRB5_CC_END;
-+
-+ /* Transfer memory ownership of one cred to the caller. */
-+ *cred_out = list->creds[list->pos];
-+ memset(&list->creds[list->pos], 0, sizeof(*list->creds));
-+ list->pos++;
-+
-+ return 0;
-+}
-+
- static krb5_error_code KRB5_CALLCONV
- kcm_end_seq_get(krb5_context context, krb5_ccache cache,
- krb5_cc_cursor *cursor)
- {
-- free_uuid_list((struct uuid_list *)*cursor);
-+ struct kcm_cursor *c = *cursor;
-+
-+ if (c == NULL)
-+ return 0;
-+ free_uuid_list(c->uuids);
-+ free_cred_list(c->creds);
-+ free(c);
- *cursor = NULL;
- return 0;
- }
-diff --git a/src/tests/kcmserver.py b/src/tests/kcmserver.py
-index 57432e5a7..8c5e66ff1 100644
---- a/src/tests/kcmserver.py
-+++ b/src/tests/kcmserver.py
-@@ -23,6 +23,7 @@
- # traceback.print_exception(etype, value, tb, file=f)
- # sys.excepthook = ehook
-
-+import optparse
- import select
- import socket
- import struct
-@@ -49,12 +50,14 @@ class KCMOpcodes(object):
- SET_DEFAULT_CACHE = 21
- GET_KDC_OFFSET = 22
- SET_KDC_OFFSET = 23
-+ GET_CRED_LIST = 13001
-
-
- class KRB5Errors(object):
- KRB5_CC_END = -1765328242
- KRB5_CC_NOSUPP = -1765328137
- KRB5_FCC_NOFILE = -1765328189
-+ KRB5_FCC_INTERNAL = -1765328188
-
-
- def make_uuid():
-@@ -183,6 +186,14 @@ def op_set_kdc_offset(argbytes):
- return 0, b''
-
-
-+def op_get_cred_list(argbytes):
-+ name, rest = unmarshal_name(argbytes)
-+ cache = get_cache(name)
-+ creds = [cache.creds[u] for u in cache.cred_uuids]
-+ return 0, (struct.pack('>L', len(creds)) +
-+ b''.join(struct.pack('>L', len(c)) + c for c in creds))
-+
-+
- ophandlers = {
- KCMOpcodes.GEN_NEW : op_gen_new,
- KCMOpcodes.INITIALIZE : op_initialize,
-@@ -197,7 +208,8 @@ ophandlers = {
- KCMOpcodes.GET_DEFAULT_CACHE : op_get_default_cache,
- KCMOpcodes.SET_DEFAULT_CACHE : op_set_default_cache,
- KCMOpcodes.GET_KDC_OFFSET : op_get_kdc_offset,
-- KCMOpcodes.SET_KDC_OFFSET : op_set_kdc_offset
-+ KCMOpcodes.SET_KDC_OFFSET : op_set_kdc_offset,
-+ KCMOpcodes.GET_CRED_LIST : op_get_cred_list
- }
-
- # Read and respond to a request from the socket s.
-@@ -215,7 +227,11 @@ def service_request(s):
-
- majver, minver, op = struct.unpack('>BBH', req[:4])
- argbytes = req[4:]
-- code, payload = ophandlers[op](argbytes)
-+
-+ if op in ophandlers:
-+ code, payload = ophandlers[op](argbytes)
-+ else:
-+ code, payload = KRB5Errors.KRB5_FCC_INTERNAL, b''
-
- # The KCM response is the code (4 bytes) and the response payload.
- # The Heimdal IPC response is the length of the KCM response (4
-@@ -226,9 +242,15 @@ def service_request(s):
- s.sendall(hipc_response)
- return True
-
-+parser = optparse.OptionParser()
-+parser.add_option('-c', '--credlist', action='store_true', dest='credlist',
-+ default=False, help='Support KCM_OP_GET_CRED_LIST')
-+(options, args) = parser.parse_args()
-+if not options.credlist:
-+ del ophandlers[KCMOpcodes.GET_CRED_LIST]
-
- server = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
--server.bind(sys.argv[1])
-+server.bind(args[0])
- server.listen(5)
- select_input = [server,]
- sys.stderr.write('starting...\n')
-diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py
-index 66804afa5..90040fb7b 100755
---- a/src/tests/t_ccache.py
-+++ b/src/tests/t_ccache.py
-@@ -125,10 +125,18 @@ def collection_test(realm, ccname):
-
-
- collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc'))
-+
-+# Test KCM without and with GET_CRED_LIST support.
- kcmserver_path = os.path.join(srctop, 'tests', 'kcmserver.py')
--realm.start_server([sys.executable, kcmserver_path, kcm_socket_path],
-+kcmd = realm.start_server([sys.executable, kcmserver_path, kcm_socket_path],
-+ 'starting...')
-+collection_test(realm, 'KCM:')
-+stop_daemon(kcmd)
-+os.remove(kcm_socket_path)
-+realm.start_server([sys.executable, kcmserver_path, '-c', kcm_socket_path],
- 'starting...')
- collection_test(realm, 'KCM:')
-+
- if test_keyring:
- def cleanup_keyring(anchor, name):
- out = realm.run(['keyctl', 'list', anchor])
diff --git a/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch b/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch
deleted file mode 100644
index 269a457..0000000
--- a/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 2f039fc910022c9569fe6941a194f0b26bd6c894 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Fri, 20 Sep 2019 16:11:29 -0400
-Subject: [PATCH] Add buildsystem detection of the OpenSSL-3 KDF interface
-
-(cherry picked from commit a3e03dfd40928c4615bd9b8546eac0c104377850)
----
- src/configure.ac | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/configure.ac b/src/configure.ac
-index eb6307468..9c2e816fe 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -282,6 +282,10 @@ AC_SUBST(CRYPTO_IMPL)
- AC_SUBST(CRYPTO_IMPL_CFLAGS)
- AC_SUBST(CRYPTO_IMPL_LIBS)
-
-+if test "$CRYPTO_IMPL" = openssl; then
-+ AC_CHECK_FUNCS(EVP_KDF_fetch)
-+fi
-+
- AC_ARG_WITH([prng-alg],
- AC_HELP_STRING([--with-prng-alg=ALG], [use specified PRNG algorithm. @<:@fortuna@:>@]),
- [PRNG_ALG=$withval
diff --git a/SOURCES/Add-configure-variable-for-default-PKCS-11-module.patch b/SOURCES/Add-configure-variable-for-default-PKCS-11-module.patch
deleted file mode 100644
index 2300bd2..0000000
--- a/SOURCES/Add-configure-variable-for-default-PKCS-11-module.patch
+++ /dev/null
@@ -1,201 +0,0 @@
-From 2a6a4568ed1df4ed89604b09fa11785c9ae38c67 Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Fri, 22 Apr 2022 14:12:37 +0200
-Subject: [PATCH] Add configure variable for default PKCS#11 module
-
-[ghudson@mit.edu: added documentation of configure variable and doc
-substitution; shortened commit message]
-
-ticket: 9058 (new)
----
- doc/admin/conf_files/krb5_conf.rst | 2 +-
- doc/build/options2configure.rst | 3 +++
- doc/conf.py | 3 +++
- doc/mitK5defaults.rst | 25 +++++++++++++------------
- src/configure.ac | 8 ++++++++
- src/doc/Makefile.in | 2 ++
- src/man/Makefile.in | 4 +++-
- src/man/krb5.conf.man | 2 +-
- src/plugins/preauth/pkinit/pkinit.h | 1 -
- 9 files changed, 34 insertions(+), 16 deletions(-)
-
-diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
-index adba8238d..3d25c9a12 100644
---- a/doc/admin/conf_files/krb5_conf.rst
-+++ b/doc/admin/conf_files/krb5_conf.rst
-@@ -1020,7 +1020,7 @@ information for PKINIT is as follows:
- All keyword/values are optional. *modname* specifies the location
- of a library implementing PKCS #11. If a value is encountered
- with no keyword, it is assumed to be the *modname*. If no
-- module-name is specified, the default is ``opensc-pkcs11.so``.
-+ module-name is specified, the default is |pkcs11_modname|.
- ``slotid=`` and/or ``token=`` may be specified to force the use of
- a particular smard card reader or token if there is more than one
- available. ``certid=`` and/or ``certlabel=`` may be specified to
-diff --git a/doc/build/options2configure.rst b/doc/build/options2configure.rst
-index a8959626d..8f8ac911c 100644
---- a/doc/build/options2configure.rst
-+++ b/doc/build/options2configure.rst
-@@ -143,6 +143,9 @@ Environment variables
- This option allows one to specify libraries to be passed to the
- linker (e.g., ``-l<library>``)
-
-+**PKCS11_MODNAME=**\ *library*
-+ Override the built-in default PKCS11 library name.
-+
- **SS_LIB=**\ *libs*...
- If ``-lss`` is not the correct way to link in your installed ss
- library, for example if additional support libraries are needed,
-diff --git a/doc/conf.py b/doc/conf.py
-index 4fb6aae14..29fd53375 100644
---- a/doc/conf.py
-+++ b/doc/conf.py
-@@ -235,6 +235,7 @@ if 'mansubs' in tags:
- ccache = '``@CCNAME@``'
- keytab = '``@KTNAME@``'
- ckeytab = '``@CKTNAME@``'
-+ pkcs11_modname = '``@PKCS11MOD@``'
- elif 'pathsubs' in tags:
- # Read configured paths from a file produced by the build system.
- exec(open("paths.py").read())
-@@ -248,6 +249,7 @@ else:
- ccache = ':ref:`DEFCCNAME <paths>`'
- keytab = ':ref:`DEFKTNAME <paths>`'
- ckeytab = ':ref:`DEFCKTNAME <paths>`'
-+ pkcs11_modname = ':ref:`PKCS11_MODNAME <paths>`'
-
- rst_epilog = '\n'
-
-@@ -268,6 +270,7 @@ else:
- rst_epilog += '.. |ccache| replace:: %s\n' % ccache
- rst_epilog += '.. |keytab| replace:: %s\n' % keytab
- rst_epilog += '.. |ckeytab| replace:: %s\n' % ckeytab
-+ rst_epilog += '.. |pkcs11_modname| replace:: %s\n' % pkcs11_modname
- rst_epilog += '''
- .. |krb5conf| replace:: ``/etc/krb5.conf``
- .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
-diff --git a/doc/mitK5defaults.rst b/doc/mitK5defaults.rst
-index 74e69f4ad..aea7af3db 100644
---- a/doc/mitK5defaults.rst
-+++ b/doc/mitK5defaults.rst
-@@ -59,18 +59,19 @@ subdirectories of ``/usr/local``. When MIT krb5 is integrated into an
- operating system, the paths are generally chosen to match the
- operating system's filesystem layout.
-
--========================== ============= =========================== ===========================
--Description Symbolic name Custom build path Typical OS path
--========================== ============= =========================== ===========================
--User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
--Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
--Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
--Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run``
--Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
--Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
--Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}``
--Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab``
--========================== ============= =========================== ===========================
-+========================== ============== =========================== ===========================
-+Description Symbolic name Custom build path Typical OS path
-+========================== ============== =========================== ===========================
-+User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
-+Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
-+Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
-+Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run``
-+Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
-+Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
-+Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}``
-+Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab``
-+Default PKCS11 module PKCS11_MODNAME ``opensc-pkcs11.so`` ``opensc-pkcs11.so``
-+========================== ============== =========================== ===========================
-
- The default client keytab name (DEFCKTNAME) typically defaults to
- ``FILE:/usr/local/var/krb5/user/%{euid}/client.keytab`` for a custom
-diff --git a/src/configure.ac b/src/configure.ac
-index 363d5d62d..3a0633177 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1466,6 +1466,14 @@ AC_DEFINE_UNQUOTED(DEFKTNAME, ["$DEFKTNAME"], [Define to default keytab name])
- AC_DEFINE_UNQUOTED(DEFCKTNAME, ["$DEFCKTNAME"],
- [Define to default client keytab name])
-
-+AC_ARG_VAR(PKCS11_MODNAME, [Default PKCS11 module name])
-+if test "${PKCS11_MODNAME+set}" != set; then
-+ PKCS11_MODNAME=opensc-pkcs11.so
-+fi
-+AC_MSG_NOTICE([Default PKCS11 module name: $PKCS11_MODNAME])
-+AC_DEFINE_UNQUOTED(PKCS11_MODNAME, ["$PKCS11_MODNAME"],
-+ [Default PKCS11 module name])
-+
- AC_CONFIG_FILES([build-tools/krb5-config], [chmod +x build-tools/krb5-config])
- AC_CONFIG_FILES([build-tools/kadm-server.pc
- build-tools/kadm-client.pc
-diff --git a/src/doc/Makefile.in b/src/doc/Makefile.in
-index 379bc3651..a1b0cff0a 100644
---- a/src/doc/Makefile.in
-+++ b/src/doc/Makefile.in
-@@ -10,6 +10,7 @@ sysconfdir=@sysconfdir@
- DEFCCNAME=@DEFCCNAME@
- DEFKTNAME=@DEFKTNAME@
- DEFCKTNAME=@DEFCKTNAME@
-+PKCS11_MODNAME=@PKCS11_MODNAME@
-
- RST_SOURCES= _static \
- _templates \
-@@ -118,6 +119,7 @@ paths.py:
- echo 'ccache = "``$(DEFCCNAME)``"' >> $@
- echo 'keytab = "``$(DEFKTNAME)``"' >> $@
- echo 'ckeytab = "``$(DEFCKTNAME)``"' >> $@
-+ echo 'pkcs11_modname = "``$(PKCS11_MODNAME)``"' >> $@
-
- # Dummy rule that man/Makefile can invoke
- version.py: $(docsrc)/version.py
-diff --git a/src/man/Makefile.in b/src/man/Makefile.in
-index 00b1b2de0..85cae0914 100644
---- a/src/man/Makefile.in
-+++ b/src/man/Makefile.in
-@@ -8,6 +8,7 @@ sysconfdir=@sysconfdir@
- DEFCCNAME=@DEFCCNAME@
- DEFKTNAME=@DEFKTNAME@
- DEFCKTNAME=@DEFCKTNAME@
-+PKCS11_MODNAME=@PKCS11_MODNAME@
-
- MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadm5.acl.sub kadmin.sub \
- kadmind.sub kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub \
-@@ -47,7 +48,8 @@ $(docsrc)/version.py: $(top_srcdir)/patchlevel.h
- -e 's|@SYSCONFDIR@|$(sysconfdir)|g' \
- -e 's|@CCNAME@|$(DEFCCNAME)|g' \
- -e 's|@KTNAME@|$(DEFKTNAME)|g' \
-- -e 's|@CKTNAME@|$(DEFCKTNAME)|g' $? > $@
-+ -e 's|@CKTNAME@|$(DEFCKTNAME)|g' \
-+ -e 's|@PKCS11MOD@|$(PKCS11_MODNAME)|g' $? > $@
-
- all: $(MANSUBS)
-
-diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man
-index 3a702ca8f..e4202723f 100644
---- a/src/man/krb5.conf.man
-+++ b/src/man/krb5.conf.man
-@@ -1151,7 +1151,7 @@ user\(aqs certificate and private key.
- All keyword/values are optional. \fImodname\fP specifies the location
- of a library implementing PKCS #11. If a value is encountered
- with no keyword, it is assumed to be the \fImodname\fP\&. If no
--module\-name is specified, the default is \fBopensc\-pkcs11.so\fP\&.
-+module\-name is specified, the default is \fB@PKCS11MOD@\fP\&.
- \fBslotid=\fP and/or \fBtoken=\fP may be specified to force the use of
- a particular smard card reader or token if there is more than one
- available. \fBcertid=\fP and/or \fBcertlabel=\fP may be specified to
-diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h
-index b437fd53f..a2018cb10 100644
---- a/src/plugins/preauth/pkinit/pkinit.h
-+++ b/src/plugins/preauth/pkinit/pkinit.h
-@@ -42,7 +42,6 @@
- #ifndef WITHOUT_PKCS11
- #include "pkcs11.h"
-
--#define PKCS11_MODNAME "opensc-pkcs11.so"
- #define PK_SIGLEN_GUESS 1000
- #define PK_NOSLOT 999999
- #endif
---
-2.35.1
-
diff --git a/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch b/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch
deleted file mode 100644
index 2af7a11..0000000
--- a/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-From c76a01279bbbbcfd296d2ead8f6e2a5bee7e8443 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Fri, 15 Jan 2021 14:43:34 -0500
-Subject: [PATCH] Add hostname canonicalization helper to k5test.py
-
-To facilitate fallback tests, add a canonicalize_hostname() function
-to k5test.py which works similarly to krb5_expand_hostname(). Use it
-in t_gssapi.py for the recently-added acceptor name fallback test.
-
-(cherry picked from commit 225fffe4e912772acea3a01d45bafb60bfb80948)
----
- src/tests/gssapi/t_gssapi.py | 11 +++--------
- src/util/k5test.py | 22 ++++++++++++++++++++++
- 2 files changed, 25 insertions(+), 8 deletions(-)
-
-diff --git a/src/tests/gssapi/t_gssapi.py b/src/tests/gssapi/t_gssapi.py
-index 1af6f31c2..e22cec427 100755
---- a/src/tests/gssapi/t_gssapi.py
-+++ b/src/tests/gssapi/t_gssapi.py
-@@ -8,7 +8,7 @@ for realm in multipass_realms():
- realm.run(['./t_iov', '-s', 'p:' + realm.host_princ])
- realm.run(['./t_pcontok', 'p:' + realm.host_princ])
-
--realm = K5Realm(krb5_conf={'libdefaults': {'rdns': 'false'}})
-+realm = K5Realm()
-
- # Test gss_add_cred().
- realm.run(['./t_add_cred'])
-@@ -62,13 +62,8 @@ realm.run(['./t_accname', 'p:host/-nomatch-',
- expected_msg=' not found in keytab')
-
- # If possible, test with an acceptor name requiring fallback to match
--# against a keytab entry. Forward-canonicalize the hostname, relying
--# on the rdns=false realm setting.
--try:
-- ai = socket.getaddrinfo(hostname, None, 0, 0, 0, socket.AI_CANONNAME)
-- (family, socktype, proto, canonname, sockaddr) = ai[0]
--except socket.gaierror:
-- canonname = hostname
-+# against a keytab entry.
-+canonname = canonicalize_hostname(hostname)
- if canonname != hostname:
- os.rename(realm.keytab, realm.keytab + '.save')
- canonprinc = 'host/' + canonname
-diff --git a/src/util/k5test.py b/src/util/k5test.py
-index 789b0f4b9..251d11a9d 100644
---- a/src/util/k5test.py
-+++ b/src/util/k5test.py
-@@ -155,6 +155,10 @@ Scripts may use the following functions and variables:
- * password(name): Return a weakly random password based on name. The
- password will be consistent across calls with the same name.
-
-+* canonicalize_hostname(name, rdns=True): Return the DNS
-+ canonicalization of name, optionally using reverse DNS. On error,
-+ return name converted to lowercase.
-+
- * stop_daemon(proc): Stop a daemon process started with
- realm.start_server() or realm.start_in_inetd(). Only necessary if
- the port needs to be reused; daemon processes will be stopped
-@@ -458,6 +462,24 @@ def password(name):
- return name + str(os.getpid())
-
-
-+def canonicalize_hostname(name, rdns=True):
-+ """Canonicalize name using DNS, optionally with reverse DNS."""
-+ try:
-+ ai = socket.getaddrinfo(name, None, 0, 0, 0, socket.AI_CANONNAME)
-+ except socket.gaierror as e:
-+ return name.lower()
-+ (family, socktype, proto, canonname, sockaddr) = ai[0]
-+
-+ if not rdns:
-+ return canonname.lower()
-+
-+ try:
-+ rname = socket.getnameinfo(sockaddr, socket.NI_NAMEREQD)
-+ except socket.gaierror:
-+ return canonname.lower()
-+ return rname[0].lower()
-+
-+
- # Exit handler which ensures processes are cleaned up and, on failure,
- # prints messages to help developers debug the problem.
- def _onexit():
diff --git a/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch b/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch
deleted file mode 100644
index 269eec4..0000000
--- a/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 4c2f596da5ddb8a1687a4f9c969d5a8dcd2cbcc7 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Thu, 3 Jun 2021 16:03:07 -0400
-Subject: [PATCH] Allow kinit with keytab to defer canonicalization
-
-[ghudson@mit.edu: added tests]
-
-ticket: 9012 (new)
-(cherry picked from commit 5e6a6efc5df689d9fb8730d0227167ffbb6ece0e)
-(cherry picked from commit 090c7319652466339e3e6482bdd1b5a294638dff)
----
- src/clients/kinit/kinit.c | 11 -----------
- src/tests/t_keytab.py | 13 +++++++++++++
- 2 files changed, 13 insertions(+), 11 deletions(-)
-
-diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c
-index d1f5d74c3..5a6d7237c 100644
---- a/src/clients/kinit/kinit.c
-+++ b/src/clients/kinit/kinit.c
-@@ -510,17 +510,6 @@ k5_begin(struct k_opts *opts, struct k5_data *k5)
- _("when creating default server principal name"));
- goto cleanup;
- }
-- if (k5->me->realm.data[0] == 0) {
-- ret = krb5_unparse_name(k5->ctx, k5->me, &k5->name);
-- if (ret == 0) {
-- com_err(progname, KRB5_ERR_HOST_REALM_UNKNOWN,
-- _("(principal %s)"), k5->name);
-- } else {
-- com_err(progname, KRB5_ERR_HOST_REALM_UNKNOWN,
-- _("for local services"));
-- }
-- goto cleanup;
-- }
- } else if (k5->out_cc != NULL) {
- /* If the output ccache is initialized, use its principal. */
- if (krb5_cc_get_principal(k5->ctx, k5->out_cc, &princ) == 0)
-diff --git a/src/tests/t_keytab.py b/src/tests/t_keytab.py
-index 850375c92..a9adebb26 100755
---- a/src/tests/t_keytab.py
-+++ b/src/tests/t_keytab.py
-@@ -41,6 +41,19 @@ realm.kinit(realm.user_princ, flags=['-i'],
- expected_msg='keytab specified, forcing -k')
- realm.klist(realm.user_princ)
-
-+# Test default principal for -k. This operation requires
-+# canonicalization against the keytab in krb5_get_init_creds_keytab()
-+# as the krb5_sname_to_principal() result won't have a realm. Try
-+# with and without without fallback processing since the code paths
-+# are different.
-+mark('default principal for -k')
-+realm.run([kinit, '-k'])
-+realm.klist(realm.host_princ)
-+no_canon_conf = {'libdefaults': {'dns_canonicalize_hostname': 'false'}}
-+no_canon = realm.special_env('no_canon', False, krb5_conf=no_canon_conf)
-+realm.run([kinit, '-k'], env=no_canon)
-+realm.klist(realm.host_princ)
-+
- # Test extracting keys with multiple key versions present.
- mark('multi-kvno extract')
- os.remove(realm.keytab)
diff --git a/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch b/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch
deleted file mode 100644
index e084c39..0000000
--- a/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-From 92a4b760d741494dacbb4d9db4cf2db9e3b01f2c Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Mon, 29 Mar 2021 14:32:56 -0400
-Subject: [PATCH] Fix KCM flag transmission for remove_cred
-
-MIT krb5 uses low bits for KRB5_TC flags, while Heimdal uses high bits
-so that the same flag word can also hold KRB5_GC flags. Add a mapping
-function and send the Heimdal flag values when performing a
-remove_cred operation.
-
-ticket: 8995
-(cherry picked from commit 11a82cf424f9c905bb73680c64524f087090d4ef)
-(cherry picked from commit 04f0de4420508161ce439f262f2761ff51a07ab0)
----
- src/include/kcm.h | 19 +++++++++++++++++++
- src/lib/krb5/ccache/cc_kcm.c | 36 +++++++++++++++++++++++++++++++++++-
- 2 files changed, 54 insertions(+), 1 deletion(-)
-
-diff --git a/src/include/kcm.h b/src/include/kcm.h
-index e4140c3a0..9b66f1cbd 100644
---- a/src/include/kcm.h
-+++ b/src/include/kcm.h
-@@ -56,8 +56,27 @@
- * are marshalled as zero-terminated strings. Principals and credentials are
- * marshalled in the v4 FILE ccache format. UUIDs are 16 bytes. UUID lists
- * are not delimited, so nothing can come after them.
-+ *
-+ * Flag words must use Heimdal flag values, which are not the same as MIT krb5
-+ * values for KRB5_GC and KRB5_TC constants. The same flag word may contain
-+ * both kinds of flags in Heimdal, but not in MIT krb5. Defines for the
-+ * applicable Heimdal flag values are given below using KCM_GC and KCM_TC
-+ * prefixes.
- */
-
-+#define KCM_GC_CACHED (1U << 0)
-+
-+#define KCM_TC_DONT_MATCH_REALM (1U << 31)
-+#define KCM_TC_MATCH_KEYTYPE (1U << 30)
-+#define KCM_TC_MATCH_SRV_NAMEONLY (1U << 29)
-+#define KCM_TC_MATCH_FLAGS_EXACT (1U << 28)
-+#define KCM_TC_MATCH_FLAGS (1U << 27)
-+#define KCM_TC_MATCH_TIMES_EXACT (1U << 26)
-+#define KCM_TC_MATCH_TIMES (1U << 25)
-+#define KCM_TC_MATCH_AUTHDATA (1U << 24)
-+#define KCM_TC_MATCH_2ND_TKT (1U << 23)
-+#define KCM_TC_MATCH_IS_SKEY (1U << 22)
-+
- /* Opcodes without comments are currently unused in the MIT client
- * implementation. */
- typedef enum kcm_opcode {
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 772928e4d..1f81a2190 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -110,6 +110,40 @@ map_invalid(krb5_error_code code)
- KRB5_KCM_MALFORMED_REPLY : code;
- }
-
-+/*
-+ * Map an MIT krb5 KRB5_TC flag word to the equivalent Heimdal flag word. Note
-+ * that there is no MIT krb5 equivalent for Heimdal's KRB5_TC_DONT_MATCH_REALM
-+ * (which is like KRB5_TC_MATCH_SRV_NAMEONLY but also applies to the client
-+ * principal) and no Heimdal equivalent for MIT krb5's KRB5_TC_SUPPORTED_KTYPES
-+ * (which matches against enctypes from the krb5_context rather than the
-+ * matching cred).
-+ */
-+static inline krb5_flags
-+map_tcflags(krb5_flags mitflags)
-+{
-+ krb5_flags heimflags = 0;
-+
-+ if (mitflags & KRB5_TC_MATCH_TIMES)
-+ heimflags |= KCM_TC_MATCH_TIMES;
-+ if (mitflags & KRB5_TC_MATCH_IS_SKEY)
-+ heimflags |= KCM_TC_MATCH_IS_SKEY;
-+ if (mitflags & KRB5_TC_MATCH_FLAGS)
-+ heimflags |= KCM_TC_MATCH_FLAGS;
-+ if (mitflags & KRB5_TC_MATCH_TIMES_EXACT)
-+ heimflags |= KCM_TC_MATCH_TIMES_EXACT;
-+ if (mitflags & KRB5_TC_MATCH_FLAGS_EXACT)
-+ heimflags |= KCM_TC_MATCH_FLAGS_EXACT;
-+ if (mitflags & KRB5_TC_MATCH_AUTHDATA)
-+ heimflags |= KCM_TC_MATCH_AUTHDATA;
-+ if (mitflags & KRB5_TC_MATCH_SRV_NAMEONLY)
-+ heimflags |= KCM_TC_MATCH_SRV_NAMEONLY;
-+ if (mitflags & KRB5_TC_MATCH_2ND_TKT)
-+ heimflags |= KCM_TC_MATCH_2ND_TKT;
-+ if (mitflags & KRB5_TC_MATCH_KTYPE)
-+ heimflags |= KCM_TC_MATCH_KEYTYPE;
-+ return heimflags;
-+}
-+
- /* Begin a request for the given opcode. If cache is non-null, supply the
- * cache name as a request parameter. */
- static void
-@@ -936,7 +970,7 @@ kcm_remove_cred(krb5_context context, krb5_ccache cache, krb5_flags flags,
- struct kcmreq req;
-
- kcmreq_init(&req, KCM_OP_REMOVE_CRED, cache);
-- k5_buf_add_uint32_be(&req.reqbuf, flags);
-+ k5_buf_add_uint32_be(&req.reqbuf, map_tcflags(flags));
- k5_marshal_mcred(&req.reqbuf, mcred);
- ret = cache_call(context, cache, &req);
- kcmreq_free(&req);
diff --git a/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch b/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch
deleted file mode 100644
index a0cd5ad..0000000
--- a/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From b4f3df953015bf6d2d4c973b458f778f31615c11 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Tue, 11 May 2021 14:04:07 -0400
-Subject: [PATCH] Fix KCM retrieval support for sssd
-
-Commit 795ebba8c039be172ab93cd41105c73ffdba0fdb added a retrieval
-handler using KCM_OP_RETRIEVE, falling back on the same error codes as
-the previous KCM_OP_GET_CRED_LIST support. But sssd (as of 2.4)
-returns KRB5_CC_NOSUPP instead of KRB5_CC_IO if it recognizes an
-opcode but does not implement it. Add a helper function to recognize
-all known unsupported-opcode error codes, and use it in kcm_retrieve()
-and kcm_start_seq_get().
-
-ticket: 8997
-(cherry picked from commit da103e36e13f3c846bcddbe38dd518a21e5260a0)
-(cherry picked from commit a5b2cff51808cd86fe8195e7ac074ecd25c3344d)
----
- src/lib/krb5/ccache/cc_kcm.c | 18 ++++++++++++++++--
- 1 file changed, 16 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 23fcf13ea..18505cd3d 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -144,6 +144,20 @@ map_tcflags(krb5_flags mitflags)
- return heimflags;
- }
-
-+/*
-+ * Return true if code could indicate an unsupported operation. Heimdal's KCM
-+ * returns KRB5_FCC_INTERNAL. sssd's KCM daemon (as of sssd 2.4) returns
-+ * KRB5_CC_NO_SUPP if it recognizes the operation but does not implement it,
-+ * and KRB5_CC_IO if it doesn't recognize the operation (which is unfortunate
-+ * since it could also indicate a communication failure).
-+ */
-+static krb5_boolean
-+unsupported_op_error(krb5_error_code code)
-+{
-+ return code == KRB5_FCC_INTERNAL || code == KRB5_CC_IO ||
-+ code == KRB5_CC_NOSUPP;
-+}
-+
- /* Begin a request for the given opcode. If cache is non-null, supply the
- * cache name as a request parameter. */
- static void
-@@ -841,7 +855,7 @@ kcm_retrieve(krb5_context context, krb5_ccache cache, krb5_flags flags,
- ret = cache_call(context, cache, &req);
-
- /* Fall back to iteration if the server does not support retrieval. */
-- if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) {
-+ if (unsupported_op_error(ret)) {
- ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred,
- cred_out);
- goto cleanup;
-@@ -922,7 +936,7 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache,
- ret = kcmreq_get_cred_list(&req, &creds);
- if (ret)
- goto cleanup;
-- } else if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) {
-+ } else if (unsupported_op_error(ret)) {
- /* Fall back to GET_CRED_UUID_LIST. */
- kcmreq_free(&req);
- kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache);
diff --git a/SOURCES/Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch b/SOURCES/Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
deleted file mode 100644
index e756c95..0000000
--- a/SOURCES/Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 0a8dfc380fe3b210662ba1b1d452fcec2f84841b Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Tue, 3 Aug 2021 01:15:27 -0400
-Subject: [PATCH] Fix KDC null deref on TGS inner body null server
-
-After the KDC decodes a FAST inner body, it does not check for a null
-server. Prior to commit 39548a5b17bbda9eeb63625a201cfd19b9de1c5b this
-would typically result in an error from krb5_unparse_name(), but with
-the addition of get_local_tgt() it results in a null dereference. Add
-a null check.
-
-Reported by Joseph Sutton of Catalyst.
-
-CVE-2021-37750:
-
-In MIT krb5 releases 1.14 and later, an authenticated attacker can
-cause a null dereference in the KDC by sending a FAST TGS request with
-no server field.
-
-ticket: 9008 (new)
-tags: pullup
-target_version: 1.19-next
-target_version: 1.18-next
-
-(cherry picked from commit d775c95af7606a51bf79547a94fa52ddd1cb7f49)
-(cherry picked from commit bb8fa495d00ccd931eec87a01b8920636cf7903e)
-(cherry picked from commit dfe383f8251d0edc7e5e08ec5e4fdd9b7f902b2a)
----
- src/kdc/do_tgs_req.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
-index 463a9c0dd..7c596a111 100644
---- a/src/kdc/do_tgs_req.c
-+++ b/src/kdc/do_tgs_req.c
-@@ -208,6 +208,11 @@ process_tgs_req(krb5_kdc_req *request, krb5_data *pkt,
- status = "FIND_FAST";
- goto cleanup;
- }
-+ if (sprinc == NULL) {
-+ status = "NULL_SERVER";
-+ errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
-+ goto cleanup;
-+ }
-
- errcode = get_local_tgt(kdc_context, &sprinc->realm, header_server,
- &local_tgt, &local_tgt_storage, &local_tgt_key);
diff --git a/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch b/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch
deleted file mode 100644
index 38677b4..0000000
--- a/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From 3fe94b5854c56da38ba14994b6c371c3e3b9094e Mon Sep 17 00:00:00 2001
-From: Joseph Sutton <josephsutton@catalyst.net.nz>
-Date: Wed, 7 Jul 2021 11:47:44 +1200
-Subject: [PATCH] Fix KDC null deref on bad encrypted challenge
-
-The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check
-to avoid further processing if the armor key is NULL. However, this
-check is bypassed by a call to k5memdup0() which overwrites retval
-with 0 if the allocation succeeds. If the armor key is NULL, a call
-to krb5_c_fx_cf2_simple() will then dereference it, resulting in a
-crash. Add a check before the k5memdup0() call to avoid overwriting
-retval.
-
-CVE-2021-36222:
-
-In MIT krb5 releases 1.16 and later, an unauthenticated attacker can
-cause a null dereference in the KDC by sending a request containing a
-PA-ENCRYPTED-CHALLENGE padata element without using FAST.
-
-[ghudson@mit.edu: trimmed patch; added test case; edited commit
-message]
-
-ticket: 9007 (new)
-tags: pullup
-target_version: 1.19-next
-target_version: 1.18-next
-
-(cherry picked from commit fc98f520caefff2e5ee9a0026fdf5109944b3562)
-(cherry picked from commit 791211b00a53b394376d096c881b725ee739a936)
----
- src/kdc/kdc_preauth_ec.c | 3 ++-
- src/tests/Makefile.in | 1 +
- src/tests/t_cve-2021-36222.py | 46 +++++++++++++++++++++++++++++++++++
- 3 files changed, 49 insertions(+), 1 deletion(-)
- create mode 100644 src/tests/t_cve-2021-36222.py
-
-diff --git a/src/kdc/kdc_preauth_ec.c b/src/kdc/kdc_preauth_ec.c
-index 7e636b3f9..43a9902cc 100644
---- a/src/kdc/kdc_preauth_ec.c
-+++ b/src/kdc/kdc_preauth_ec.c
-@@ -87,7 +87,8 @@ ec_verify(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request,
- }
-
- /* Check for a configured FAST ec auth indicator. */
-- realmstr = k5memdup0(realm.data, realm.length, &retval);
-+ if (retval == 0)
-+ realmstr = k5memdup0(realm.data, realm.length, &retval);
- if (realmstr != NULL)
- retval = profile_get_string(context->profile, KRB5_CONF_REALMS,
- realmstr,
-diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
-index ab416cc5f..20f27d748 100644
---- a/src/tests/Makefile.in
-+++ b/src/tests/Makefile.in
-@@ -159,6 +159,7 @@ check-pytests: unlockiter s4u2self
- $(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS)
-+ $(RUNPYTEST) $(srcdir)/t_cve-2021-36222.py $(PYTESTFLAGS)
- $(RM) au.log
- $(RUNPYTEST) $(srcdir)/t_audit.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/jsonwalker.py -d $(srcdir)/au_dict.json \
-diff --git a/src/tests/t_cve-2021-36222.py b/src/tests/t_cve-2021-36222.py
-new file mode 100644
-index 000000000..57e04993b
---- /dev/null
-+++ b/src/tests/t_cve-2021-36222.py
-@@ -0,0 +1,46 @@
-+import socket
-+from k5test import *
-+
-+realm = K5Realm()
-+
-+# CVE-2021-36222 KDC null dereference on encrypted challenge preauth
-+# without FAST
-+
-+s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
-+a = (hostname, realm.portbase)
-+
-+m = ('6A81A0' '30819D' # [APPLICATION 10] SEQUENCE
-+ 'A103' '0201' '05' # [1] pvno = 5
-+ 'A203' '0201' '0A' # [2] msg-type = 10
-+ 'A30E' '300C' # [3] padata = SEQUENCE OF
-+ '300A' # SEQUENCE
-+ 'A104' '0202' '008A' # [1] padata-type = PA-ENCRYPTED-CHALLENGE
-+ 'A202' '0400' # [2] padata-value = ""
-+ 'A48180' '307E' # [4] req-body = SEQUENCE
-+ 'A007' '0305' '0000000000' # [0] kdc-options = 0
-+ 'A120' '301E' # [1] cname = SEQUENCE
-+ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL
-+ 'A117' '3015' # [1] name-string = SEQUENCE-OF
-+ '1B06' '6B7262746774' # krbtgt
-+ '1B0B' '4B5242544553542E434F4D'
-+ # KRBTEST.COM
-+ 'A20D' '1B0B' '4B5242544553542E434F4D'
-+ # [2] realm = KRBTEST.COM
-+ 'A320' '301E' # [3] sname = SEQUENCE
-+ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL
-+ 'A117' '3015' # [1] name-string = SEQUENCE-OF
-+ '1B06' '6B7262746774' # krbtgt
-+ '1B0B' '4B5242544553542E434F4D'
-+ # KRBTEST.COM
-+ 'A511' '180F' '31393934303631303036303331375A'
-+ # [5] till = 19940610060317Z
-+ 'A703' '0201' '00' # [7] nonce = 0
-+ 'A808' '3006' # [8] etype = SEQUENCE OF
-+ '020112' '020111') # aes256-cts aes128-cts
-+
-+s.sendto(bytes.fromhex(m), a)
-+
-+# Make sure kinit still works.
-+realm.kinit(realm.user_princ, password('user'))
-+
-+success('CVE-2021-36222 regression test')
diff --git a/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch b/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch
deleted file mode 100644
index a2b9e34..0000000
--- a/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 51938a8b731740299fe47d132b8840edba4141bc Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Sat, 29 May 2021 12:05:49 -0400
-Subject: [PATCH] Fix k5tls module for OpenSSL 3
-
-Starting in OpenSSL 3, connection termination without a close_notify
-alert causes SSL_read() to return SSL_ERROR_SSL instead of
-SSL_ERROR_SYSCALL. OpenSSL 3 also provides a new option
-SSL_OP_IGNORE_UNEXPECTED_EOF which allows an application to explicitly
-ignore possible truncation attacks and receive SSL_ERROR_ZERO_RETURN
-instead.
-
-Remove the call to SSL_CTX_get_options() since SSL_CTX_set_options()
-doesn't clear existing options.
-
-[ghudson@mit.edu: edited commit message and comment]
-
-(cherry picked from commit aa9b4a2a64046afd2fab7cb49c346295874a5fb6)
-(cherry picked from commit 201e38845e9f70234bcaa9ba7c25b28e38169b0a)
----
- src/plugins/tls/k5tls/openssl.c | 17 ++++++++++++++---
- 1 file changed, 14 insertions(+), 3 deletions(-)
-
-diff --git a/src/plugins/tls/k5tls/openssl.c b/src/plugins/tls/k5tls/openssl.c
-index 76a43b3cd..99fda7ffc 100644
---- a/src/plugins/tls/k5tls/openssl.c
-+++ b/src/plugins/tls/k5tls/openssl.c
-@@ -433,7 +433,7 @@ setup(krb5_context context, SOCKET fd, const char *servername,
- char **anchors, k5_tls_handle *handle_out)
- {
- int e;
-- long options;
-+ long options = SSL_OP_NO_SSLv2;
- SSL_CTX *ctx = NULL;
- SSL *ssl = NULL;
- k5_tls_handle handle = NULL;
-@@ -448,8 +448,19 @@ setup(krb5_context context, SOCKET fd, const char *servername,
- ctx = SSL_CTX_new(SSLv23_client_method());
- if (ctx == NULL)
- goto error;
-- options = SSL_CTX_get_options(ctx);
-- SSL_CTX_set_options(ctx, options | SSL_OP_NO_SSLv2);
-+
-+#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF
-+ /*
-+ * For OpenSSL 3 and later, mark close_notify alerts as optional. We don't
-+ * need to worry about truncation attacks because the protocols this module
-+ * is used with (Kerberos and change-password) receive a single
-+ * length-delimited message from the server. For prior versions of OpenSSL
-+ * we check for SSL_ERROR_SYSCALL when reading instead (this error changes
-+ * to SSL_ERROR_SSL in OpenSSL 3).
-+ */
-+ options |= SSL_OP_IGNORE_UNEXPECTED_EOF;
-+#endif
-+ SSL_CTX_set_options(ctx, options);
-
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
- X509_STORE_set_flags(SSL_CTX_get_cert_store(ctx), 0);
diff --git a/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch b/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch
deleted file mode 100644
index 07a202d..0000000
--- a/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From ddbd548562d951d327a10c9dcb975418427f6fea Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Mon, 7 Jun 2021 15:00:41 -0400
-Subject: [PATCH] Fix kadmin -k with fallback or referral realm
-
-kadmin -k produces a client principal name with
-krb5_sname_to_principal(), but it gets converted to a string and back
-due to the signature of kadm5_init_with_skey(), which loses track of
-the name type, so no canonicalization is performed.
-
-In libkadm5clnt initialization, recognize the important subset of this
-case--an empty realm indicates either fallback processing or the
-referral realm--and restore the host-based name type so that the
-client principal can be canonicalized against the keytab.
-
-ticket: 9013 (new)
-(cherry picked from commit dcb79089276624d7ddf44e08d35bd6d7d7e557d2)
-(cherry picked from commit cd8ff035f5b4720a8fc457355726f7bd0eab5eaa)
----
- src/lib/kadm5/clnt/client_init.c | 7 +++++++
- src/tests/t_kadmin.py | 12 ++++++++++++
- 2 files changed, 19 insertions(+)
-
-diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
-index aa1223bb3..0aaca701f 100644
---- a/src/lib/kadm5/clnt/client_init.c
-+++ b/src/lib/kadm5/clnt/client_init.c
-@@ -221,9 +221,16 @@ init_any(krb5_context context, char *client_name, enum init_type init_type,
- return KADM5_MISSING_KRB5_CONF_PARAMS;
- }
-
-+ /*
-+ * Parse the client name. If it has an empty realm, it is almost certainly
-+ * a host-based principal using DNS fallback processing or the referral
-+ * realm, so give it the appropriate name type for canonicalization.
-+ */
- code = krb5_parse_name(handle->context, client_name, &client);
- if (code)
- goto error;
-+ if (init_type == INIT_SKEY && client->realm.length == 0)
-+ client->type = KRB5_NT_SRV_HST;
-
- /*
- * Get credentials. Also does some fallbacks in case kadmin/fqdn
-diff --git a/src/tests/t_kadmin.py b/src/tests/t_kadmin.py
-index fe6a3cc2e..98453d92e 100644
---- a/src/tests/t_kadmin.py
-+++ b/src/tests/t_kadmin.py
-@@ -51,4 +51,16 @@ for i in range(200):
- realm.run_kadmin(['addprinc', '-randkey', 'foo%d' % i])
- realm.run_kadmin(['listprincs'], expected_msg='foo199')
-
-+# Test kadmin -k with the default principal, with and without
-+# fallback. This operation requires canonicalization against the
-+# keytab in krb5_get_init_creds_keytab() as the
-+# krb5_sname_to_principal() result won't have a realm. Try with and
-+# without without fallback processing since the code paths are
-+# different.
-+mark('kadmin -k')
-+realm.run([kadmin, '-k', 'getprinc', realm.host_princ])
-+no_canon_conf = {'libdefaults': {'dns_canonicalize_hostname': 'false'}}
-+no_canon = realm.special_env('no_canon', False, krb5_conf=no_canon_conf)
-+realm.run([kadmin, '-k', 'getprinc', realm.host_princ], env=no_canon)
-+
- success('kadmin and kpasswd tests')
diff --git a/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch b/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch
deleted file mode 100644
index ba5a8b5..0000000
--- a/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch
+++ /dev/null
@@ -1,552 +0,0 @@
-From f85a818fe1a7438db7e1ea579818da67e0be017d Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Sat, 15 May 2021 17:35:25 -0400
-Subject: [PATCH] Fix softpkcs11 build issues with openssl 3.0
-
-EVP_PKEY_get0_RSA() has been modified to have const return type. Remove
-its usages in favor of the EVP_PKEY interface. Also remove calls to
-RSA_blinding_off(), which we don't need and would require a non-const
-object. Similarly, remove RSA_set_method() calls that set a pre-existing
-default.
-
-Since softpkcs11 doesn't link against krb5 and can't use zap(), allocate
-buffers with OPENSSL_malloc() so can use OPENSSL_clear_free().
-
-Move several argument validation checks to the top of their functions.
-
-Fix some incorrect/inconsistent log messages.
-
-(cherry picked from commit 00de1aad7b3647b91017c7009b0bc65cd0c8b2e0)
-(cherry picked from commit a86b780ef275b35e8dc1e6d1886ec8e8d941f7c4)
----
- src/tests/softpkcs11/main.c | 360 ++++++++++++++----------------------
- 1 file changed, 141 insertions(+), 219 deletions(-)
-
-diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c
-index 1cccdfb43..caa537b68 100644
---- a/src/tests/softpkcs11/main.c
-+++ b/src/tests/softpkcs11/main.c
-@@ -375,10 +375,9 @@ add_st_object(void)
- return NULL;
- soft_token.object.objs = objs;
-
-- o = malloc(sizeof(*o));
-+ o = calloc(1, sizeof(*o));
- if (o == NULL)
- return NULL;
-- memset(o, 0, sizeof(*o));
- o->attrs = NULL;
- o->num_attributes = 0;
- o->object_handle = soft_token.object.num_objs;
-@@ -424,7 +423,7 @@ add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key)
- CK_ULONG modulus_bits = 0;
- CK_BYTE *exponent = NULL;
- size_t exponent_len = 0;
-- RSA *rsa;
-+ const RSA *rsa;
- const BIGNUM *n, *e;
-
- rsa = EVP_PKEY_get0_RSA(key);
-@@ -445,8 +444,6 @@ add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key)
- add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT,
- exponent, exponent_len);
-
-- RSA_set_method(rsa, RSA_PKCS1_OpenSSL());
--
- free(modulus);
- free(exponent);
- }
-@@ -679,10 +676,6 @@ add_certificate(char *label,
- } else {
- /* XXX verify keytype */
-
-- if (key_type == CKK_RSA)
-- RSA_set_method(EVP_PKEY_get0_RSA(o->u.private_key.key),
-- RSA_PKCS1_OpenSSL());
--
- if (X509_check_private_key(cert, o->u.private_key.key) != 1) {
- EVP_PKEY_free(o->u.private_key.key);
- o->u.private_key.key = NULL;
-@@ -695,7 +688,7 @@ add_certificate(char *label,
- }
-
- ret = CKR_OK;
-- out:
-+out:
- if (ret != CKR_OK) {
- st_logf("something went wrong when adding cert!\n");
-
-@@ -1224,8 +1217,6 @@ C_Login(CK_SESSION_HANDLE hSession,
- }
-
- /* XXX check keytype */
-- RSA_set_method(EVP_PKEY_get0_RSA(o->u.private_key.key),
-- RSA_PKCS1_OpenSSL());
-
- if (X509_check_private_key(o->u.private_key.cert, o->u.private_key.key) != 1) {
- EVP_PKEY_free(o->u.private_key.key);
-@@ -1495,8 +1486,9 @@ C_Encrypt(CK_SESSION_HANDLE hSession,
- struct st_object *o;
- void *buffer = NULL;
- CK_RV ret;
-- RSA *rsa;
-- int padding, len, buffer_len, padding_len;
-+ size_t buffer_len = 0;
-+ int padding;
-+ EVP_PKEY_CTX *ctx = NULL;
-
- st_logf("Encrypt\n");
-
-@@ -1512,70 +1504,58 @@ C_Encrypt(CK_SESSION_HANDLE hSession,
- return CKR_ARGUMENTS_BAD;
- }
-
-- rsa = EVP_PKEY_get0_RSA(o->u.public_key);
--
-- if (rsa == NULL)
-- return CKR_ARGUMENTS_BAD;
--
-- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */
--
-- buffer_len = RSA_size(rsa);
--
-- buffer = malloc(buffer_len);
-- if (buffer == NULL) {
-- ret = CKR_DEVICE_MEMORY;
-- goto out;
-- }
--
-- ret = CKR_OK;
-- switch(state->encrypt_mechanism->mechanism) {
-- case CKM_RSA_PKCS:
-- padding = RSA_PKCS1_PADDING;
-- padding_len = RSA_PKCS1_PADDING_SIZE;
-- break;
-- case CKM_RSA_X_509:
-- padding = RSA_NO_PADDING;
-- padding_len = 0;
-- break;
-- default:
-- ret = CKR_FUNCTION_NOT_SUPPORTED;
-- goto out;
-- }
--
-- if ((CK_ULONG)buffer_len + padding_len < ulDataLen) {
-- ret = CKR_ARGUMENTS_BAD;
-- goto out;
-- }
--
- if (pulEncryptedDataLen == NULL) {
- st_logf("pulEncryptedDataLen NULL\n");
- ret = CKR_ARGUMENTS_BAD;
- goto out;
- }
-
-- if (pData == NULL_PTR) {
-+ if (pData == NULL) {
- st_logf("data NULL\n");
- ret = CKR_ARGUMENTS_BAD;
- goto out;
- }
-
-- len = RSA_public_encrypt(ulDataLen, pData, buffer, rsa, padding);
-- if (len <= 0) {
-+ switch(state->encrypt_mechanism->mechanism) {
-+ case CKM_RSA_PKCS:
-+ padding = RSA_PKCS1_PADDING;
-+ break;
-+ case CKM_RSA_X_509:
-+ padding = RSA_NO_PADDING;
-+ break;
-+ default:
-+ ret = CKR_FUNCTION_NOT_SUPPORTED;
-+ goto out;
-+ }
-+
-+ ctx = EVP_PKEY_CTX_new(o->u.public_key, NULL);
-+ if (ctx == NULL || EVP_PKEY_encrypt_init(ctx) <= 0 ||
-+ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 ||
-+ EVP_PKEY_encrypt(ctx, NULL, &buffer_len, pData, ulDataLen) <= 0) {
- ret = CKR_DEVICE_ERROR;
- goto out;
- }
-- if (len > buffer_len)
-- abort();
-
-- if (pEncryptedData != NULL_PTR)
-- memcpy(pEncryptedData, buffer, len);
-- *pulEncryptedDataLen = len;
--
-- out:
-- if (buffer) {
-- memset(buffer, 0, buffer_len);
-- free(buffer);
-+ buffer = OPENSSL_malloc(buffer_len);
-+ if (buffer == NULL) {
-+ ret = CKR_DEVICE_MEMORY;
-+ goto out;
- }
-+
-+ if (EVP_PKEY_encrypt(ctx, buffer, &buffer_len, pData, ulDataLen) <= 0) {
-+ ret = CKR_DEVICE_ERROR;
-+ goto out;
-+ }
-+ st_logf("Encrypt done\n");
-+
-+ if (pEncryptedData != NULL)
-+ memcpy(pEncryptedData, buffer, buffer_len);
-+ *pulEncryptedDataLen = buffer_len;
-+
-+ ret = CKR_OK;
-+out:
-+ OPENSSL_clear_free(buffer, buffer_len);
-+ EVP_PKEY_CTX_free(ctx);
- return ret;
- }
-
-@@ -1646,8 +1626,9 @@ C_Decrypt(CK_SESSION_HANDLE hSession,
- struct st_object *o;
- void *buffer = NULL;
- CK_RV ret;
-- RSA *rsa;
-- int padding, len, buffer_len, padding_len;
-+ size_t buffer_len = 0;
-+ int padding;
-+ EVP_PKEY_CTX *ctx = NULL;
-
- st_logf("Decrypt\n");
-
-@@ -1663,41 +1644,6 @@ C_Decrypt(CK_SESSION_HANDLE hSession,
- return CKR_ARGUMENTS_BAD;
- }
-
-- rsa = EVP_PKEY_get0_RSA(o->u.private_key.key);
--
-- if (rsa == NULL)
-- return CKR_ARGUMENTS_BAD;
--
-- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */
--
-- buffer_len = RSA_size(rsa);
--
-- buffer = malloc(buffer_len);
-- if (buffer == NULL) {
-- ret = CKR_DEVICE_MEMORY;
-- goto out;
-- }
--
-- ret = CKR_OK;
-- switch(state->decrypt_mechanism->mechanism) {
-- case CKM_RSA_PKCS:
-- padding = RSA_PKCS1_PADDING;
-- padding_len = RSA_PKCS1_PADDING_SIZE;
-- break;
-- case CKM_RSA_X_509:
-- padding = RSA_NO_PADDING;
-- padding_len = 0;
-- break;
-- default:
-- ret = CKR_FUNCTION_NOT_SUPPORTED;
-- goto out;
-- }
--
-- if ((CK_ULONG)buffer_len + padding_len < ulEncryptedDataLen) {
-- ret = CKR_ARGUMENTS_BAD;
-- goto out;
-- }
--
- if (pulDataLen == NULL) {
- st_logf("pulDataLen NULL\n");
- ret = CKR_ARGUMENTS_BAD;
-@@ -1710,24 +1656,48 @@ C_Decrypt(CK_SESSION_HANDLE hSession,
- goto out;
- }
-
-- len = RSA_private_decrypt(ulEncryptedDataLen, pEncryptedData, buffer,
-- rsa, padding);
-- if (len <= 0) {
-+ switch(state->decrypt_mechanism->mechanism) {
-+ case CKM_RSA_PKCS:
-+ padding = RSA_PKCS1_PADDING;
-+ break;
-+ case CKM_RSA_X_509:
-+ padding = RSA_NO_PADDING;
-+ break;
-+ default:
-+ ret = CKR_FUNCTION_NOT_SUPPORTED;
-+ goto out;
-+ }
-+
-+ ctx = EVP_PKEY_CTX_new(o->u.private_key.key, NULL);
-+ if (ctx == NULL || EVP_PKEY_decrypt_init(ctx) <= 0 ||
-+ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 ||
-+ EVP_PKEY_decrypt(ctx, NULL, &buffer_len, pEncryptedData,
-+ ulEncryptedDataLen) <= 0) {
- ret = CKR_DEVICE_ERROR;
- goto out;
- }
-- if (len > buffer_len)
-- abort();
-+
-+ buffer = OPENSSL_malloc(buffer_len);
-+ if (buffer == NULL) {
-+ ret = CKR_DEVICE_MEMORY;
-+ goto out;
-+ }
-+
-+ if (EVP_PKEY_decrypt(ctx, buffer, &buffer_len, pEncryptedData,
-+ ulEncryptedDataLen) <= 0) {
-+ ret = CKR_DEVICE_ERROR;
-+ goto out;
-+ }
-+ st_logf("Decrypt done\n");
-
- if (pData != NULL_PTR)
-- memcpy(pData, buffer, len);
-- *pulDataLen = len;
-+ memcpy(pData, buffer, buffer_len);
-+ *pulDataLen = buffer_len;
-
-- out:
-- if (buffer) {
-- memset(buffer, 0, buffer_len);
-- free(buffer);
-- }
-+ ret = CKR_OK;
-+out:
-+ OPENSSL_clear_free(buffer, buffer_len);
-+ EVP_PKEY_CTX_free(ctx);
- return ret;
- }
-
-@@ -1806,8 +1776,9 @@ C_Sign(CK_SESSION_HANDLE hSession,
- struct st_object *o;
- void *buffer = NULL;
- CK_RV ret;
-- RSA *rsa;
-- int padding, len, buffer_len, padding_len;
-+ int padding;
-+ size_t buffer_len = 0;
-+ EVP_PKEY_CTX *ctx = NULL;
-
- st_logf("Sign\n");
- VERIFY_SESSION_HANDLE(hSession, &state);
-@@ -1822,40 +1793,6 @@ C_Sign(CK_SESSION_HANDLE hSession,
- return CKR_ARGUMENTS_BAD;
- }
-
-- rsa = EVP_PKEY_get0_RSA(o->u.private_key.key);
--
-- if (rsa == NULL)
-- return CKR_ARGUMENTS_BAD;
--
-- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */
--
-- buffer_len = RSA_size(rsa);
--
-- buffer = malloc(buffer_len);
-- if (buffer == NULL) {
-- ret = CKR_DEVICE_MEMORY;
-- goto out;
-- }
--
-- switch(state->sign_mechanism->mechanism) {
-- case CKM_RSA_PKCS:
-- padding = RSA_PKCS1_PADDING;
-- padding_len = RSA_PKCS1_PADDING_SIZE;
-- break;
-- case CKM_RSA_X_509:
-- padding = RSA_NO_PADDING;
-- padding_len = 0;
-- break;
-- default:
-- ret = CKR_FUNCTION_NOT_SUPPORTED;
-- goto out;
-- }
--
-- if ((CK_ULONG)buffer_len < ulDataLen + padding_len) {
-- ret = CKR_ARGUMENTS_BAD;
-- goto out;
-- }
--
- if (pulSignatureLen == NULL) {
- st_logf("signature len NULL\n");
- ret = CKR_ARGUMENTS_BAD;
-@@ -1868,26 +1805,46 @@ C_Sign(CK_SESSION_HANDLE hSession,
- goto out;
- }
-
-- len = RSA_private_encrypt(ulDataLen, pData, buffer, rsa, padding);
-- st_logf("private encrypt done\n");
-- if (len <= 0) {
-+ switch(state->sign_mechanism->mechanism) {
-+ case CKM_RSA_PKCS:
-+ padding = RSA_PKCS1_PADDING;
-+ break;
-+ case CKM_RSA_X_509:
-+ padding = RSA_NO_PADDING;
-+ break;
-+ default:
-+ ret = CKR_FUNCTION_NOT_SUPPORTED;
-+ goto out;
-+ }
-+
-+ ctx = EVP_PKEY_CTX_new(o->u.private_key.key, NULL);
-+ if (ctx == NULL || EVP_PKEY_sign_init(ctx) <= 0 ||
-+ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 ||
-+ EVP_PKEY_sign(ctx, NULL, &buffer_len, pData, ulDataLen) <= 0) {
- ret = CKR_DEVICE_ERROR;
- goto out;
- }
-- if (len > buffer_len)
-- abort();
-
-- if (pSignature != NULL_PTR)
-- memcpy(pSignature, buffer, len);
-- *pulSignatureLen = len;
-+ buffer = OPENSSL_malloc(buffer_len);
-+ if (buffer == NULL) {
-+ ret = CKR_DEVICE_MEMORY;
-+ goto out;
-+ }
-+
-+ if (EVP_PKEY_sign(ctx, buffer, &buffer_len, pData, ulDataLen) <= 0) {
-+ ret = CKR_DEVICE_ERROR;
-+ goto out;
-+ }
-+ st_logf("Sign done\n");
-+
-+ if (pSignature != NULL)
-+ memcpy(pSignature, buffer, buffer_len);
-+ *pulSignatureLen = buffer_len;
-
- ret = CKR_OK;
--
-- out:
-- if (buffer) {
-- memset(buffer, 0, buffer_len);
-- free(buffer);
-- }
-+out:
-+ OPENSSL_clear_free(buffer, buffer_len);
-+ EVP_PKEY_CTX_free(ctx);
- return ret;
- }
-
-@@ -1951,10 +1908,9 @@ C_Verify(CK_SESSION_HANDLE hSession,
- {
- struct session_state *state;
- struct st_object *o;
-- void *buffer = NULL;
- CK_RV ret;
-- RSA *rsa;
-- int padding, len, buffer_len;
-+ int padding;
-+ EVP_PKEY_CTX *ctx = NULL;
-
- st_logf("Verify\n");
- VERIFY_SESSION_HANDLE(hSession, &state);
-@@ -1969,39 +1925,6 @@ C_Verify(CK_SESSION_HANDLE hSession,
- return CKR_ARGUMENTS_BAD;
- }
-
-- rsa = EVP_PKEY_get0_RSA(o->u.public_key);
--
-- if (rsa == NULL)
-- return CKR_ARGUMENTS_BAD;
--
-- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */
--
-- buffer_len = RSA_size(rsa);
--
-- buffer = malloc(buffer_len);
-- if (buffer == NULL) {
-- ret = CKR_DEVICE_MEMORY;
-- goto out;
-- }
--
-- ret = CKR_OK;
-- switch(state->verify_mechanism->mechanism) {
-- case CKM_RSA_PKCS:
-- padding = RSA_PKCS1_PADDING;
-- break;
-- case CKM_RSA_X_509:
-- padding = RSA_NO_PADDING;
-- break;
-- default:
-- ret = CKR_FUNCTION_NOT_SUPPORTED;
-- goto out;
-- }
--
-- if ((CK_ULONG)buffer_len < ulDataLen) {
-- ret = CKR_ARGUMENTS_BAD;
-- goto out;
-- }
--
- if (pSignature == NULL) {
- st_logf("signature NULL\n");
- ret = CKR_ARGUMENTS_BAD;
-@@ -2014,34 +1937,34 @@ C_Verify(CK_SESSION_HANDLE hSession,
- goto out;
- }
-
-- len = RSA_public_decrypt(ulDataLen, pData, buffer, rsa, padding);
-- st_logf("private encrypt done\n");
-- if (len <= 0) {
-+ switch(state->verify_mechanism->mechanism) {
-+ case CKM_RSA_PKCS:
-+ padding = RSA_PKCS1_PADDING;
-+ break;
-+ case CKM_RSA_X_509:
-+ padding = RSA_NO_PADDING;
-+ break;
-+ default:
-+ ret = CKR_FUNCTION_NOT_SUPPORTED;
-+ goto out;
-+ }
-+
-+ ctx = EVP_PKEY_CTX_new(o->u.public_key, NULL);
-+ if (ctx == NULL || EVP_PKEY_verify_init(ctx) <= 0 ||
-+ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 ||
-+ EVP_PKEY_verify(ctx, pSignature, ulSignatureLen, pData,
-+ ulDataLen) <= 0) {
- ret = CKR_DEVICE_ERROR;
- goto out;
- }
-- if (len > buffer_len)
-- abort();
-+ st_logf("Verify done\n");
-
-- if ((CK_ULONG)len != ulSignatureLen) {
-- ret = CKR_GENERAL_ERROR;
-- goto out;
-- }
--
-- if (memcmp(pSignature, buffer, len) != 0) {
-- ret = CKR_GENERAL_ERROR;
-- goto out;
-- }
--
-- out:
-- if (buffer) {
-- memset(buffer, 0, buffer_len);
-- free(buffer);
-- }
-+ ret = CKR_OK;
-+out:
-+ EVP_PKEY_CTX_free(ctx);
- return ret;
- }
-
--
- CK_RV
- C_VerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
-@@ -2072,7 +1995,6 @@ C_GenerateRandom(CK_SESSION_HANDLE hSession,
- return CKR_FUNCTION_NOT_SUPPORTED;
- }
-
--
- CK_FUNCTION_LIST funcs = {
- { 2, 11 },
- C_Initialize,
diff --git a/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch b/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch
deleted file mode 100644
index 5473b5d..0000000
--- a/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From 8f70ad82a645ccb7fb1677d260baa5e4112890d4 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Mon, 7 Jun 2021 13:27:29 -0400
-Subject: [PATCH] Fix some principal realm canonicalization cases
-
-The no_hostrealm and subst_defrealm flags in struct canonprinc were
-only applied when dns_canonicalize_hostname=fallback; in the other
-cases, the initial krb5_sname_to_principal() result is treated as
-canonical. For no_hostrealm this limitation doesn't currently matter,
-because all uses pass a principal with no realm as input. However,
-subst_defrealm is used to convert the referral realm to the default
-realm in krb5_get_init_creds_keytab(), krb5_cc_cache_match(), and
-gss_acquire_cred() when it needs to check the desired name against a
-specified ccache.
-
-In k5_canonprinc(), if the input principal is a
-krb5_sname_to_principal() result and fallback isn't in effect, apply
-subst_defrealm. Document in os-proto.h that no_hostrealm doesn't
-remove an existing realm and that krb5_sname_to_principal() may
-already have looked one up.
-
-ticket: 9011 (new)
-(cherry picked from commit c077d0c6430c4ac163443aacc03d14d206a4cbb8)
-(cherry picked from commit 5ae9bc98f23aeaa2ce17debe5a9b0cf1130e54ed)
----
- src/lib/krb5/os/os-proto.h | 13 +++++++++----
- src/lib/krb5/os/sn2princ.c | 24 +++++++++++++++++++++---
- 2 files changed, 30 insertions(+), 7 deletions(-)
-
-diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h
-index 7d5e7978f..a985f2aec 100644
---- a/src/lib/krb5/os/os-proto.h
-+++ b/src/lib/krb5/os/os-proto.h
-@@ -85,10 +85,15 @@ struct sendto_callback_info {
-
- /*
- * Initialize with all zeros except for princ. Set no_hostrealm to disable
-- * host-to-realm lookup, which ordinarily happens after canonicalizing the host
-- * part. Set subst_defrealm to substitute the default realm for the referral
-- * realm after realm lookup (this has no effect if no_hostrealm is set). Free
-- * with free_canonprinc() when done.
-+ * host-to-realm lookup, which ordinarily happens during fallback processing
-+ * after canonicalizing the host part. Set subst_defrealm to substitute the
-+ * default realm for the referral realm after realm lookup. Do not set both
-+ * flags. Free with free_canonprinc() when done.
-+ *
-+ * no_hostrealm only applies if fallback processing is in use
-+ * (dns_canonicalize_hostname = fallback). It will not remove the realm if
-+ * krb5_sname_to_principal() already canonicalized the hostname and looked up a
-+ * realm. subst_defrealm applies whether or not fallback processing is in use.
- */
- struct canonprinc {
- krb5_const_principal princ;
-diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c
-index c99b7da17..93c155932 100644
---- a/src/lib/krb5/os/sn2princ.c
-+++ b/src/lib/krb5/os/sn2princ.c
-@@ -271,18 +271,36 @@ krb5_error_code
- k5_canonprinc(krb5_context context, struct canonprinc *iter,
- krb5_const_principal *princ_out)
- {
-+ krb5_error_code ret;
- int step = ++iter->step;
-
- *princ_out = NULL;
-
-- /* If we're not doing fallback, the input principal is canonical. */
-- if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK ||
-- iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 ||
-+ /* If the hostname isn't from krb5_sname_to_principal(), the input
-+ * principal is canonical. */
-+ if (iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 ||
- iter->princ->data[1].length == 0) {
- *princ_out = (step == 1) ? iter->princ : NULL;
- return 0;
- }
-
-+ /* If we're not doing fallback, the hostname is canonical, but we may need
-+ * to substitute the default realm. */
-+ if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK) {
-+ if (step > 1)
-+ return 0;
-+ iter->copy = *iter->princ;
-+ if (iter->subst_defrealm && iter->copy.realm.length == 0) {
-+ ret = krb5_get_default_realm(context, &iter->realm);
-+ if (ret)
-+ return ret;
-+ iter->copy = *iter->princ;
-+ iter->copy.realm = string2data(iter->realm);
-+ }
-+ *princ_out = &iter->copy;
-+ return 0;
-+ }
-+
- /* Canonicalize without DNS at step 1, with DNS at step 2. */
- if (step > 2)
- return 0;
diff --git a/SOURCES/Handle-OpenSSL-3-s-providers.patch b/SOURCES/Handle-OpenSSL-3-s-providers.patch
deleted file mode 100644
index d7b0d90..0000000
--- a/SOURCES/Handle-OpenSSL-3-s-providers.patch
+++ /dev/null
@@ -1,301 +0,0 @@
-From e3f3d31a3db23f6c8437cd0efe45f67a7f4fc6aa Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Sat, 15 May 2021 21:18:06 -0400
-Subject: [PATCH] Handle OpenSSL 3's providers
-
-OpenSSL 3 compartmentalizes what algorithms it uses, which for us means
-another hoop to jump through to use dubious cryptography. (Right now,
-we need to load "legacy" in order to access MD4 and RC4.)
-
-Use our normal initializer logic to set up providers both in the OpenSSL
-provider an the PKINIT plugin. Since DT_FINI is too late, release them
-using atexit() as OpenSSL does.
-
-(cherry picked from commit bea5a703a06da1f1ab56821b77a2d3661cb0dda4)
-[rharwood@redhat.com: work around des3 removal and rc4 fips changes]
----
- src/configure.ac | 1 +
- src/lib/crypto/openssl/enc_provider/aes.c | 16 ++++++
- .../crypto/openssl/enc_provider/camellia.c | 16 ++++++
- src/lib/crypto/openssl/enc_provider/rc4.c | 4 ++
- .../crypto/openssl/hash_provider/hash_evp.c | 5 ++
- src/lib/crypto/openssl/init.c | 53 +++++++++++++++++++
- src/plugins/preauth/pkinit/Makefile.in | 1 +
- .../preauth/pkinit/pkinit_crypto_openssl.c | 33 ++++++++++--
- 8 files changed, 126 insertions(+), 3 deletions(-)
-
-diff --git a/src/configure.ac b/src/configure.ac
-index 9c2e816fe..20066918b 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -284,6 +284,7 @@ AC_SUBST(CRYPTO_IMPL_LIBS)
-
- if test "$CRYPTO_IMPL" = openssl; then
- AC_CHECK_FUNCS(EVP_KDF_fetch)
-+ AC_CHECK_FUNCS(OSSL_PROVIDER_load)
- fi
-
- AC_ARG_WITH([prng-alg],
-diff --git a/src/lib/crypto/openssl/enc_provider/aes.c b/src/lib/crypto/openssl/enc_provider/aes.c
-index 6b4622fe9..31c90a69d 100644
---- a/src/lib/crypto/openssl/enc_provider/aes.c
-+++ b/src/lib/crypto/openssl/enc_provider/aes.c
-@@ -68,6 +68,10 @@ cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx;
- struct iov_cursor cursor;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-@@ -102,6 +106,10 @@ cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx;
- struct iov_cursor cursor;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-@@ -137,6 +145,10 @@ cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- struct iov_cursor cursor;
- AES_KEY enck;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- memset(iv_cts,0,sizeof(iv_cts));
- if (ivec && ivec->data){
- if (ivec->length != sizeof(iv_cts))
-@@ -190,6 +202,10 @@ cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- struct iov_cursor cursor;
- AES_KEY deck;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- memset(iv_cts,0,sizeof(iv_cts));
- if (ivec && ivec->data){
- if (ivec->length != sizeof(iv_cts))
-diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c
-index f79679a0b..7cc7fc6fb 100644
---- a/src/lib/crypto/openssl/enc_provider/camellia.c
-+++ b/src/lib/crypto/openssl/enc_provider/camellia.c
-@@ -92,6 +92,10 @@ cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx;
- struct iov_cursor cursor;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-@@ -126,6 +130,10 @@ cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx;
- struct iov_cursor cursor;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-@@ -161,6 +169,10 @@ cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- struct iov_cursor cursor;
- CAMELLIA_KEY enck;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- memset(iv_cts,0,sizeof(iv_cts));
- if (ivec && ivec->data){
- if (ivec->length != sizeof(iv_cts))
-@@ -214,6 +226,10 @@ cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- struct iov_cursor cursor;
- CAMELLIA_KEY deck;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- memset(iv_cts,0,sizeof(iv_cts));
- if (ivec && ivec->data){
- if (ivec->length != sizeof(iv_cts))
-diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
-index 9bf407899..a10cb5192 100644
---- a/src/lib/crypto/openssl/enc_provider/rc4.c
-+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
-@@ -66,6 +66,10 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx = NULL;
- struct arcfour_state *arcstate;
-
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-+
- if (FIPS_mode())
- return KRB5_CRYPTO_INTERNAL;
-
-diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
-index 2eb5139c0..09d7b3896 100644
---- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
-+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
-@@ -41,6 +41,11 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
- const krb5_data *d;
- size_t i;
- int ok;
-+ krb5_error_code ret;
-+
-+ ret = krb5int_crypto_init();
-+ if (ret)
-+ return ret;
-
- if (output->length != (unsigned int)EVP_MD_size(type))
- return KRB5_CRYPTO_INTERNAL;
-diff --git a/src/lib/crypto/openssl/init.c b/src/lib/crypto/openssl/init.c
-index 1139bce53..f72dbfe81 100644
---- a/src/lib/crypto/openssl/init.c
-+++ b/src/lib/crypto/openssl/init.c
-@@ -26,12 +26,65 @@
-
- #include "crypto_int.h"
-
-+#ifdef HAVE_OSSL_PROVIDER_LOAD
-+
-+/*
-+ * Starting in OpenSSL 3, algorithms are grouped into containers called
-+ * "providers", not all of which are loaded by default. At time of writing,
-+ * we need MD4 and RC4 from the legacy provider. Oddly, 3DES is not in
-+ * legacy.
-+ */
-+
-+#include <openssl/provider.h>
-+
-+static OSSL_PROVIDER *legacy_provider = NULL;
-+static OSSL_PROVIDER *default_provider = NULL;
-+
-+static void
-+unload_providers(void)
-+{
-+ if (default_provider != NULL)
-+ (void)OSSL_PROVIDER_unload(default_provider);
-+ if (legacy_provider != NULL)
-+ (void)OSSL_PROVIDER_unload(legacy_provider);
-+ default_provider = NULL;
-+ legacy_provider = NULL;
-+}
-+
-+int
-+krb5int_crypto_impl_init(void)
-+{
-+ legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
-+ default_provider = OSSL_PROVIDER_load(NULL, "default");
-+
-+ /*
-+ * Someone might build openssl without the legacy provider. They will
-+ * have a bad time, but some things will still work. I don't know think
-+ * this configuration is worth supporting.
-+ */
-+ if (legacy_provider == NULL || default_provider == NULL)
-+ abort();
-+
-+ /*
-+ * If we attempt to do this with our normal LIBFINIFUNC logic (DT_FINI),
-+ * OpenSSL will have cleaned itself up by the time we're invoked. OpenSSL
-+ * registers its cleanup (OPENSSL_cleanup) with atexit() - do the same and
-+ * we'll be higher on the stack.
-+ */
-+ atexit(unload_providers);
-+ return 0;
-+}
-+
-+#else /* !HAVE_OSSL_PROVIDER_LOAD */
-+
- int
- krb5int_crypto_impl_init(void)
- {
- return 0;
- }
-
-+#endif
-+
- void
- krb5int_crypto_impl_cleanup(void)
- {
-diff --git a/src/plugins/preauth/pkinit/Makefile.in b/src/plugins/preauth/pkinit/Makefile.in
-index 15ca0eb48..d20fb18a8 100644
---- a/src/plugins/preauth/pkinit/Makefile.in
-+++ b/src/plugins/preauth/pkinit/Makefile.in
-@@ -5,6 +5,7 @@ MODULE_INSTALL_DIR = $(KRB5_PA_MODULE_DIR)
- LIBBASE=pkinit
- LIBMAJOR=0
- LIBMINOR=0
-+LIBINITFUNC=pkinit_openssl_init
- RELDIR=../plugins/preauth/pkinit
- # Depends on libk5crypto and libkrb5
- SHLIB_EXPDEPS = \
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index 350c2118a..42e5c581d 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -44,6 +44,13 @@
- #include <openssl/params.h>
- #endif
-
-+#ifdef HAVE_OSSL_PROVIDER_LOAD
-+#include <openssl/provider.h>
-+
-+static OSSL_PROVIDER *legacy_provider = NULL;
-+static OSSL_PROVIDER *default_provider = NULL;
-+#endif
-+
- static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context );
- static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context );
-
-@@ -2937,12 +2944,32 @@ cleanup:
- return retval;
- }
-
-+/* pkinit_openssl_init() and unload_providers() are largely duplicated from
-+ * lib/crypto/openssl/init.c - see explanations there. */
-+static void
-+unload_providers(void)
-+{
-+ if (default_provider != NULL)
-+ (void)OSSL_PROVIDER_unload(default_provider);
-+ if (legacy_provider != NULL)
-+ (void)OSSL_PROVIDER_unload(legacy_provider);
-+ default_provider = NULL;
-+ legacy_provider = NULL;
-+}
-+
- int
- pkinit_openssl_init()
- {
-- /* Initialize OpenSSL. */
-- ERR_load_crypto_strings();
-- OpenSSL_add_all_algorithms();
-+#ifdef HAVE_OSSL_PROVIDER_LOAD
-+ legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
-+ default_provider = OSSL_PROVIDER_load(NULL, "default");
-+
-+ if (legacy_provider == NULL || default_provider == NULL)
-+ abort();
-+
-+ atexit(unload_providers);
-+#endif
-+
- return 0;
- }
-
diff --git a/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch b/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch
deleted file mode 100644
index b4ef05b..0000000
--- a/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 68a557557ab8a3208fab8a70daf4d970b9fc4787 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
-Date: Tue, 30 Mar 2021 14:35:28 +0200
-Subject: [PATCH] Make KCM iteration fallback work with sssd-kcm
-
-sssd-kcm returns KRB5_CC_IO if the operation code is not known.
-
-ticket: 8990
-(cherry picked from commit 06afae820a44c1dc96ad88a0b16c3e50bc938b2a)
-(cherry picked from commit 2dbca7e14c945d6394e0e05f285a068dcd541295)
----
- src/lib/krb5/ccache/cc_kcm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 1f81a2190..46705f1da 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -876,7 +876,7 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache,
- ret = kcmreq_get_cred_list(&req, &creds);
- if (ret)
- goto cleanup;
-- } else if (ret == KRB5_FCC_INTERNAL) {
-+ } else if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) {
- /* Fall back to GET_CRED_UUID_LIST. */
- kcmreq_free(&req);
- kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache);
diff --git a/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch b/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch
deleted file mode 100644
index aba67b9..0000000
--- a/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch
+++ /dev/null
@@ -1,1751 +0,0 @@
-From d467303bd7c5dba858b0af30349ce796cebd193f Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Thu, 22 Apr 2021 15:51:36 -0400
-Subject: [PATCH] Move some dejagnu kadmin tests to Python tests
-
-Remove the dejagnu scripts kadmin.exp, pwchange.exp, and pwhist.exp.
-
-Add a new Python test script t_kadmin.py for the miscellaneous kadmin
-tests from kadmin.exp.
-
-In t_changepw.py, use modprinc +needchange for one of the kinit
-password change tests to gain the same coverage as pwchange.exp had,
-and add the "password changes are usable by kinit" tests from
-kadmin.exp.
-
-In t_policy.py, add the ticket 929 regression tests from kadmin.exp
-and the ticket 2841 regression tests from pwhist.exp.
-
-(cherry picked from commit 8027531caf6911bb07bf13de087da0e6bef5a348)
-(cherry picked from commit 9b3d8b9c395bf1a889ea6d6439dc3543c680480d)
----
- src/tests/Makefile.in | 1 +
- src/tests/dejagnu/krb-standalone/kadmin.exp | 1133 -----------------
- src/tests/dejagnu/krb-standalone/pwchange.exp | 145 ---
- src/tests/dejagnu/krb-standalone/pwhist.exp | 217 ----
- src/tests/t_changepw.py | 34 +-
- src/tests/t_kadmin.py | 54 +
- src/tests/t_policy.py | 62 +
- 7 files changed, 143 insertions(+), 1503 deletions(-)
- delete mode 100644 src/tests/dejagnu/krb-standalone/kadmin.exp
- delete mode 100644 src/tests/dejagnu/krb-standalone/pwchange.exp
- delete mode 100644 src/tests/dejagnu/krb-standalone/pwhist.exp
- create mode 100644 src/tests/t_kadmin.py
-
-diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
-index 6b7749129..ab416cc5f 100644
---- a/src/tests/Makefile.in
-+++ b/src/tests/Makefile.in
-@@ -147,6 +147,7 @@ check-pytests: unlockiter s4u2self
- $(RUNPYTEST) $(srcdir)/t_referral.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_skew.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_keytab.py $(PYTESTFLAGS)
-+ $(RUNPYTEST) $(srcdir)/t_kadmin.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_kadmin_acl.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_kadmin_parsing.py $(PYTESTFLAGS)
- $(RUNPYTEST) $(srcdir)/t_kdb.py $(PYTESTFLAGS)
-diff --git a/src/tests/dejagnu/krb-standalone/kadmin.exp b/src/tests/dejagnu/krb-standalone/kadmin.exp
-deleted file mode 100644
-index fa50a61fb..000000000
---- a/src/tests/dejagnu/krb-standalone/kadmin.exp
-+++ /dev/null
-@@ -1,1133 +0,0 @@
--# Kerberos kadmin test.
--# This is a DejaGnu test script.
--# This script tests Kerberos kadmin5 using kadmin.local as verification.
--
--#++
--# kadmin_add - Test add new v5 principal function of kadmin.
--#
--# Adds principal $pname with password $password. Returns 1 on success.
--#--
--proc kadmin_add { pname password } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- set good 0
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin add $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin add $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin add $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*:" {
-- send "adminpass$KEY\r"
-- }
-- expect "Enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" }
-- expect "Re-enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" }
-- expect "Principal \"$pname@$REALMNAME\" created." { set good 1 }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin add)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- #
-- # use kadmin.local to verify that a principal was created and that its
-- # salt types are 0 (normal).
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin add $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin add $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local: " { send "getprinc $pname\r" }
-- expect "Principal: $pname@$REALMNAME" { set good 1 }
-- expect "Expiration date:" { verbose "got expiration date" }
-- expect "Last password change:" { verbose "got last pwchange" }
-- expect "Password expiration date:" { verbose "got pwexpire date" }
-- expect "Maximum ticket life:" { verbose "got max life" }
-- expect "Maximum renewable life:" { verbose "got max rlife" }
-- expect "Last modified:" { verbose "got last modified" }
-- expect "Last successful authentication:" { verbose "last succ auth" }
-- expect "Last failed authentication:" { verbose "last pw failed" }
-- expect "Failed password attempts:" { verbose "num failed attempts" }
-- expect "Number of keys:" { verbose "num keys"}
-- expect {
-- "Key: " { verbose "Key listed"
-- exp_continue
-- }
-- "Attributes:" { verbose "attributes" }
-- }
-- expect "kadmin.local: " { send "q\r" }
--
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- pass "kadmin add $pname"
-- return 1
-- }
-- else {
-- fail "kadmin add $pname"
-- return 0
-- }
-- }
-- else {
-- fail "kadmin add $pname"
-- return 0
-- }
--}
--
--#++
--# kadmin_add_rnd - Test add new v5 principal with random key function.
--#
--# Adds principal $pname with random key. Returns 1 on success.
--#--
--proc kadmin_add_rnd { pname { flags "" } } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- set good 0
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank -randkey $flags $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin add rnd $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin add_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin add_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect "Principal \"$pname@$REALMNAME\" created." { set good 1 }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin add_rnd)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- #
-- # use kadmin.local to verify that a principal was created and that its
-- # salt types are 0 (normal).
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin add_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin add_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local:" { send "getprinc $pname\r" }
-- expect "Principal: $pname@$REALMNAME" { set good 1 }
-- expect "kadmin.local:" { send "q\r" }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- pass "kadmin add_rnd $pname"
-- return 1
-- }
-- else {
-- fail "kadmin add_rnd $pname"
-- return 0
-- }
-- }
-- else {
-- fail "kadmin add_rnd $pname"
-- return 0
-- }
--}
--
--#++
--# kadmin_show - Test show principal function of kadmin.
--#
--# Retrieves entry for $pname. Returns 1 on success.
--#--
--proc kadmin_show { pname } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_principal $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin show $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin show $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin show $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *"
-- send "adminpass$KEY\r"
-- expect -re "\r.*Principal: $pname@$REALMNAME.*Key: .*Attributes:.*Policy: .*\r"
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin show)"
-- catch "close -i $spawn_id"
-- pass "kadmin show $pname"
-- return 1
--}
--
--#++
--# kadmin_cpw - Test change password function of kadmin
--#
--# Change password of $pname to $password. Returns 1 on success.
--#--
--proc kadmin_cpw { pname password } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "cpw $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin cpw $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin cpw $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin cpw $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
--
-- expect "Enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" }
-- expect "Re-enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" }
-- # When in doubt, jam one of these in there.
-- expect "\r"
-- expect "Password for \"$pname@$REALMNAME\" changed."
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin cpw)"
-- catch "close -i $spawn_id"
-- pass "kadmin cpw $pname"
-- return 1
--}
--
--#++
--# kadmin_cpw_rnd - Test change random key function of kadmin.
--#
--# Changes principal $pname's key to a new random key. Returns 1 on success.
--#--
--proc kadmin_cpw_rnd { pname } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "cpw -randkey $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin cpw_rnd $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin cpw_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin cpw_rnd $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- # When in doubt, jam one of these in there.
-- expect "\r"
-- expect "Key for \"$pname@$REALMNAME\" randomized."
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin cpw_rnd)"
-- catch "close -i $spawn_id"
-- pass "kadmin cpw_rnd $pname"
-- return 1
--}
--
--#++
--# kadmin_modify - Test modify principal function of kadmin.
--#
--# Modifies principal $pname with flags $flags. Returns 1 on success.
--#--
--proc kadmin_modify { pname flags } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "modprinc $flags $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin modify $pname ($flags) lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin modify $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin modify $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *"
-- send "adminpass$KEY\r"
-- # When in doubt, jam one of these in there.
-- expect "\r"
-- expect "Principal \"$pname@$REALMNAME\" modified."
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin modify)"
-- catch "close -i $spawn_id"
-- pass "kadmin modify $pname"
-- return 1
--}
--
--
--#++
--# kadmin_list - Test list database function of kadmin.
--#
--# Lists the database and verifies that output matches regular expression
--# "(.*@$REALMNAME)*". Returns 1 on success.
--#--
--proc kadmin_list { } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- # "*" would match everything
-- # "*n" should match a few like kadmin/admin but see ticket 5667
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_principals *n"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin ldb lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- "Communication failure" {
-- fail "kadmin ldb got RPC error"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin ldb"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin ldb"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect -re "\(.*@$REALMNAME\r\n\)+"
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin list)"
-- catch "close -i $spawn_id"
-- pass "kadmin ldb"
-- return 1
--}
--
--#++
--# kadmin_extract - Test extract service key function of kadmin.
--#
--# Extracts service key for service name $name instance $instance. Returns
--# 1 on success.
--#--
--proc kadmin_extract { instance name } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- catch "exec rm -f $tmppwd/keytab"
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "xst -k $tmppwd/keytab $name/$instance"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin xst $instance $name lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin xst $instance $name"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin xst $instance $name"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin xst)"
-- catch "close -i $spawn_id"
-- catch "exec rm -f $instance-new-keytab"
-- pass "kadmin xst $instance $name"
-- return 1
--}
--
--#++
--# kadmin_delete - Test delete principal function of kadmin.
--#
--# Deletes principal $pname. Returns 1 on success.
--#--
--proc kadmin_delete { pname } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- set good 0
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delprinc -force $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin_delete $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect "Principal \"$pname@$REALMNAME\" deleted." { set good 1 }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin delprinc)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- #
-- # use kadmin.local to verify that the old principal is not present.
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local: " { send "getprinc $pname\r" }
-- expect "Principal does not exist while retrieving \"$pname@$REALMNAME\"." { set good 1 }
-- expect "kadmin.local: " { send "quit\r" }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- pass "kadmin delprinc $pname"
-- return 1
-- }
-- else {
-- fail "kadmin delprinc $pname"
-- return 0
-- }
-- }
-- else {
-- fail "kadmin delprinc $pname"
-- return 0
-- }
--}
--
--#++
--# kadmin_delete - Test delete principal function of kadmin.
--#
--# Deletes principal $pname. Returns 1 on success.
--#--
--proc kadmin_delete_locked_down { pname } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- #
-- # First test that we fail, then unlock and retry
-- #
--
-- set good 0
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delprinc -force $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin_delete $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect "delete_principal: Operation requires ``delete'' privilege while deleting principal \"$pname@$REALMNAME\"" { set good 1 }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin delprinc)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- #
-- # use kadmin.local to remove lockdown.
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delprinc $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local: " { send "modprinc -lockdown_keys $pname\r" }
-- expect "Principal \"$pname@$REALMNAME\" modified." { set good 1 }
-- expect "kadmin.local: " { send "quit\r" }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- set good 0
-- if {[kadmin_delete $pname]} { set good 1 }
-- }
-- if { $good == 1 } {
-- pass "kadmin delprinc $pname"
-- return 1
-- }
-- else {
-- fail "kadmin delprinc $pname"
-- return 0
-- }
-- }
-- else {
-- fail "kadmin delprinc $pname"
-- return 0
-- }
--}
--
--#++
--# kpasswd_cpw - Test password changing using kpasswd.
--#
--# Change $princ's password from $opw to $npw. Returns 1 on success.
--#--
--proc kpasswd_cpw { princ opw npw } {
-- global KPASSWD
-- global REALMNAME
--
-- spawn $KPASSWD $princ
-- expect_after {
-- timeout {
-- fail "kpasswd $princ $npw"
--# catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kpasswd $princ $npw"
--# catch "expect_after"
-- return 0
-- }
-- }
--
--# expect "Changing password for $princ."
--# expect "Old password:" { send "$opw\r" }
--# expect "New password:" { send "$npw\r" }
--# expect "New password (again):" { send "$npw\r" }
-- expect "Password for $princ@$REALMNAME:" { send "$opw\r" }
-- expect "Enter new password:" { send "$npw\r" }
-- expect "Enter it again:" { send "$npw\r" }
--# expect "Kerberos password changed."
-- expect "Password changed."
-- expect_after
-- expect eof
--
-- if ![check_exit_status "kpasswd"] {
-- fail "kpasswd $princ $npw"
-- return 0
-- }
-- pass "kpasswd $princ $npw"
-- return 1
--}
--
--#++
--# kadmin_addpol - Test add new policy function of kadmin.
--#
--# Adds policy $pname. Returns 1 on success.
--#--
--proc kadmin_addpol { pname } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- set good 0
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "addpol $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin addpol $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin addpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin addpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin addpol)"
-- catch "close -i $spawn_id"
-- #
-- # use kadmin.local to verify that a policy was created
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin addpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin addpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local: " { send "getpol $pname\r" }
-- expect "Policy: $pname" { set good 1 }
-- expect "Maximum password life:" { verbose "got max pw life" }
-- expect "Minimum password life:" { verbose "got min pw life" }
-- expect "Minimum password length:" { verbose "got min pw length" }
-- expect "Minimum number of password character classes:" {
-- verbose "got min pw character classes" }
-- expect "Number of old keys kept:" { verbose "got num old keys kept" }
-- expect "kadmin.local: " { send "q\r" }
--
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local showpol)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- pass "kadmin addpol $pname"
-- return 1
-- }
-- else {
-- fail "kadmin addpol $pname"
-- return 0
-- }
--}
--
--#++
--# kadmin_delpol - Test delete policy function of kadmin.
--#
--# Deletes policy $pname. Returns 1 on success.
--#--
--proc kadmin_delpol { pname } {
-- global REALMNAME
-- global KADMIN
-- global KADMIN_LOCAL
-- global KEY
-- global spawn_id
-- global tmppwd
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delpol -force $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin_delpol $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin delpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin delpol)"
-- catch "close -i $spawn_id"
-- #
-- # use kadmin.local to verify that the old policy is not present.
-- #
-- envstack_push
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -r $REALMNAME
-- envstack_pop
-- expect_after {
-- -i $spawn_id
-- timeout {
-- fail "kadmin delpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin delpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- set good 0
-- expect "kadmin.local: " { send "getpol $pname\r" }
-- expect "Policy does not exist while retrieving policy \"$pname\"." {
-- set good 1
-- }
-- expect "kadmin.local: " { send "quit\r" }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin.local showpol)"
-- catch "close -i $spawn_id"
-- if { $good == 1 } {
-- pass "kadmin delpol $pname"
-- return 1
-- }
-- else {
-- fail "kadmin delpol $pname"
-- return 0
-- }
--}
--
--#++
--# kadmin_listpols - Test list policy database function of kadmin.
--#
--# Lists the policies. Returns 1 on success.
--#--
--proc kadmin_listpols { } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_policies *"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin lpols lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin lpols"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin lpols"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *" {
-- send "adminpass$KEY\r"
-- }
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin listpols)"
-- catch "close -i $spawn_id"
-- pass "kadmin lpols"
-- return 1
--}
--
--#++
--# kadmin_modpol - Test modify policy function of kadmin.
--#
--# Modifies policy $pname with flags $flags. Returns 1 on success.
--#--
--proc kadmin_modpol { pname flags } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "modpol $flags $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin modpol $pname ($flags) lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin modpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin modpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *"
-- send "adminpass$KEY\r"
-- # When in doubt, jam one of these in there.
-- expect "\r"
-- # Sadly, kadmin doesn't print a confirmation message for policy operations.
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin modpol)"
-- catch "close -i $spawn_id"
-- pass "kadmin modpol $pname"
-- return 1
--}
--
--#++
--# kadmin_showpol - Test show policy function of kadmin.
--#
--# Retrieves entry for $pname. Returns 1 on success.
--#--
--proc kadmin_showpol { pname } {
-- global REALMNAME
-- global KADMIN
-- global KEY
-- global spawn_id
--
-- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_policy $pname"
-- expect_after {
-- "Cannot contact any KDC" {
-- fail "kadmin showpol $pname lost KDC"
-- catch "expect_after"
-- return 0
-- }
-- timeout {
-- fail "kadmin showpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- eof {
-- fail "kadmin showpol $pname"
-- catch "expect_after"
-- return 0
-- }
-- }
-- expect -re "assword\[^\r\n\]*: *"
-- send "adminpass$KEY\r"
-- expect -re "\r.*Policy: $pname.*Number of old keys kept: .*\r"
-- expect_after
-- expect eof
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin showpol)"
-- catch "close -i $spawn_id"
-- pass "kadmin showpol $pname"
-- return 1
--}
--
--#++
--# kdestroy
--#--
--proc kdestroy { } {
-- global KDESTROY
--
-- spawn $KDESTROY -5
-- if ![check_exit_status "kdestroy"] {
-- return 0
-- }
-- return 1
--}
--
--# Wrap the tests in a procedure, so that we can kill the daemons if
--# we get some sort of error.
--
--proc kadmin_test { } {
-- global hostname
--
-- # Start up the kerberos and kadmind daemons
-- if {![start_kerberos_daemons 0] } {
-- return
-- }
--
-- # Test basic kadmin functions.
-- if {![kadmin_add v5principal/instance1 v5principal] \
-- || ![kadmin_addpol standardpol] \
-- || ![kadmin_showpol standardpol] \
-- || ![kadmin_listpols] \
-- || ![kadmin_modpol standardpol "-minlength 5"] \
-- || ![kadmin_add v4principal/instance2 v4principal] \
-- || ![kadmin_add_rnd v5random] \
-- || ![kadmin_show v5principal/instance1] \
-- || ![kadmin_show v4principal/instance2] \
-- || ![kadmin_show v5random] \
-- || ![kadmin_cpw v5principal/instance1 faroutman] \
-- || ![kadmin_cpw v4principal/instance2 honkydory] \
-- || ![kadmin_cpw_rnd v5random] \
-- || ![kadmin_modify v5random -allow_tix] \
-- || ![kadmin_modify v5random +allow_tix] \
-- || ![kadmin_modify v5random "-policy standardpol"] \
-- || ![kadmin_list] \
-- || ![kadmin_extract instance1 v5principal] \
-- || ![kadmin_delete v5random] \
-- || ![kadmin_delete v4principal/instance2] \
-- || ![kadmin_delete v5principal/instance1] \
-- || ![kadmin_delpol standardpol]} {
-- return
-- }
--
--# You cannot extract a v4 key...
--# || ![kadmin_extractv4 instance2 v4principal] \
--
-- # now test kpasswd
-- if {![kadmin_add testprinc/instance thisisatest] \
-- || ![kpasswd_cpw testprinc/instance thisisatest anothertest] \
-- || ![kpasswd_cpw testprinc/instance anothertest goredsox] \
-- || ![kadmin_delete testprinc/instance]} {
-- return
-- }
--
-- # now test that we can kinit with principals/passwords.
-- # We defer kdestroying until after kpasswd at least once to test FAST automatic use in kpasswd
-- if {![kadmin_add testprinc1/instance thisisatest] \
-- || ![kinit testprinc1/instance thisisatest 0] \
-- || ![kpasswd_cpw testprinc1/instance thisisatest anothertest] \
-- || ![kdestroy] \
-- || ![kinit testprinc1/instance anothertest 0] \
-- || ![kdestroy] \
-- || ![kpasswd_cpw testprinc1/instance anothertest goredsox] \
-- || ![kinit testprinc1/instance goredsox 0] \
-- || ![kdestroy] \
-- || ![kadmin_cpw testprinc1/instance betterwork] \
-- || ![kinit testprinc1/instance betterwork 0] \
-- || ![kdestroy] \
-- || ![kadmin_delete testprinc1/instance]} {
-- return
-- }
--
-- # now test modify changes.
-- if {![kadmin_add testuser longtestpw] \
-- || ![kinit testuser longtestpw 0] \
-- || ![kdestroy] \
-- || ![kadmin_modify testuser "-maxlife \"2500 seconds\""] \
-- || ![kinit testuser longtestpw 0] \
-- || ![kdestroy] \
-- || ![kadmin_delete testuser]} {
-- return
-- }
--
-- # now test that reducing the history number doesn't make kadmind vulnerable.
-- if {![kadmin_addpol crashpol] \
-- || ![kadmin_modpol crashpol "-history 5"] \
-- || ![kadmin_add crash first] \
-- || ![kadmin_modify crash "-policy crashpol"] \
-- || ![kadmin_cpw crash second] \
-- || ![kadmin_cpw crash third] \
-- || ![kadmin_cpw crash fourth] \
-- || ![kadmin_modpol crashpol "-history 3"] \
-- || ![kadmin_cpw crash fifth] \
-- || ![kadmin_delete crash] \
-- || ![kadmin_delpol crashpol]} {
-- return
-- }
--
-- # test retrieval of large number of principals
-- # bug [2877]
-- for { set i 0 } { $i < 200 } { incr i } {
-- if { ![kadmin_add "foo$i" foopass] } {
-- return
-- }
-- }
--
-- if { ![kadmin_list] } {
-- return
-- }
--
-- # test fallback to kadmin/hostname
-- if {![kadmin_add_rnd kadmin/$hostname] \
-- || ![kadmin_delete_locked_down kadmin/admin] \
-- || ![kadmin_list] \
-- || ![kadmin_add_rnd kadmin/admin -allow_tgs_req] \
-- || ![kadmin_list]} {
-- return
-- }
--
-- verbose "kadmin_test succeeded"
--}
--
--run_once kadmin {
-- # Set up the kerberos database.
-- if {![get_hostname] \
-- || ![setup_kerberos_files] \
-- || ![setup_kerberos_env] \
-- || ![setup_kerberos_db 0]} {
-- return
-- }
--
-- # Run the test.
-- set status [catch kadmin_test msg]
--
-- # Shut down the kerberos daemons and the rsh daemon.
-- stop_kerberos_daemons
--
-- if { $status != 0 } {
-- send_error "ERROR: error in kadmin.exp\n"
-- send_error "$msg\n"
-- exit 1
-- }
--}
-diff --git a/src/tests/dejagnu/krb-standalone/pwchange.exp b/src/tests/dejagnu/krb-standalone/pwchange.exp
-deleted file mode 100644
-index 010e8344a..000000000
---- a/src/tests/dejagnu/krb-standalone/pwchange.exp
-+++ /dev/null
-@@ -1,145 +0,0 @@
--# Password-changing Kerberos test.
--# This is a DejaGnu test script.
--
--# We are about to start up a couple of daemon processes. We do all
--# the rest of the tests inside a proc, so that we can easily kill the
--# processes when the procedure ends.
--
--proc kinit_expecting_pwchange { name pass newpass } {
-- global REALMNAME
-- global KINIT
-- global spawn_id
--
-- # Use kinit to get a ticket.
-- #
-- # For now always get forwardable tickets. Later when we need to make
-- # tests that distinguish between forwardable tickets and otherwise
-- # we should but another option to this proc. --proven
-- #
-- spawn $KINIT -5 -f $name@$REALMNAME
-- expect {
-- "Password for $name@$REALMNAME:" {
-- verbose "kinit started"
-- }
-- timeout {
-- fail "kinit"
-- return 0
-- }
-- eof {
-- fail "kinit"
-- return 0
-- }
-- }
-- send "$pass\r"
-- expect {
-- "Enter new password: " { }
-- timeout {
-- fail "kinit (new password prompt)"
-- return 0
-- }
-- eof {
-- fail "kinit (new password prompt)"
-- return 0
-- }
-- }
-- send "$newpass\r"
-- expect {
-- " again: " { }
-- timeout {
-- fail "kinit (new password prompt2)"
-- return 0
-- }
-- eof {
-- fail "kinit (new password prompt2)"
-- return 0
-- }
-- }
-- send "$newpass\r"
-- expect eof
-- if ![check_exit_status kinit] {
-- return 0
-- }
--
-- return 1
--}
--
--proc doit { } {
-- global REALMNAME
-- global KLIST
-- global KDESTROY
-- global KEY
-- global KADMIN_LOCAL
-- global KTUTIL
-- global hostname
-- global tmppwd
-- global spawn_id
-- global supported_enctypes
-- global KRBIV
-- global portbase
-- global mode
--
-- # Start up the kerberos and kadmind daemons.
-- if ![start_kerberos_daemons 0] {
-- return
-- }
--
-- # Use kadmin to add a key.
-- if ![add_kerberos_key pwchanger 0] {
-- return
-- }
--
-- setup_kerberos_env kdc
-- spawn $KADMIN_LOCAL -q "modprinc +needchange pwchanger"
-- catch expect_after
-- expect {
-- timeout {
-- fail "kadmin.local modprinc +needchange"
-- }
-- eof {
-- pass "kadmin.local modprinc +needchange"
-- }
-- }
-- set k_stat [wait -i $spawn_id]
-- verbose "wait -i $spawn_id returned $k_stat (kadmin modprinc +needchange)"
-- catch "close -i $spawn_id"
--
-- setup_kerberos_env client
-- if ![kinit_expecting_pwchange pwchanger pwchanger$KEY floople] {
-- return
-- }
-- pass "kinit (password change)"
-- if ![kinit pwchanger floople 0] {
-- return
-- }
-- pass "kinit (new password)"
--
-- # Destroy the ticket.
-- spawn $KDESTROY -5
-- if ![check_exit_status "kdestroy"] {
-- return
-- }
-- pass "kdestroy"
--}
--
--run_once pwchange {
-- # Set up the Kerberos files and environment.
-- if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} {
-- return
-- }
--
-- # Initialize the Kerberos database. The argument tells
-- # setup_kerberos_db that it is being called from here.
-- if ![setup_kerberos_db 0] {
-- return
-- }
--
-- set status [catch doit msg]
--
-- stop_kerberos_daemons
--
-- if { $status != 0 } {
-- send_error "ERROR: error in pwchange.exp\n"
-- send_error "$msg\n"
-- exit 1
-- }
--}
-diff --git a/src/tests/dejagnu/krb-standalone/pwhist.exp b/src/tests/dejagnu/krb-standalone/pwhist.exp
-deleted file mode 100644
-index ed7a3771a..000000000
---- a/src/tests/dejagnu/krb-standalone/pwhist.exp
-+++ /dev/null
-@@ -1,217 +0,0 @@
--# password history tests
--
--# one *non-interactive* kadmin.local request
--proc onerq { rq pname str {flags ""} } {
-- global REALMNAME
-- global KADMIN_LOCAL
--
-- spawn $KADMIN_LOCAL -r $REALMNAME -q "$rq $flags $pname"
-- expect_after {
-- timeout {
-- verbose "kadmin.local $rq $flags $pname timed out"
-- catch expect_after
-- kill [exp_pid]
-- close
-- expect eof
-- wait
-- return 0
-- } eof {
-- verbose "kadmin.local $rq $flags $pname got EOF"
-- catch expect_after
-- wait
-- return 0
-- }
-- }
-- expect $str
-- expect_after
-- expect eof
-- wait
-- return 1
--}
--
--proc addprinc { pname pw } {
-- global REALMNAME
--
-- return [onerq addprinc $pname \
-- "Principal \"$pname@$REALMNAME\" created." "-pw $pw"]
--}
--
--proc delprinc { pname } {
-- global REALMNAME
-- return [onerq delprinc $pname \
-- "Principal \"$pname@$REALMNAME\" deleted." "-force"]
--}
--
--proc cpw { pname pw } {
-- global REALMNAME
--
-- return [onerq cpw $pname \
-- "Password for \"$pname@$REALMNAME\" changed." "-pw $pw"]
--}
--
--proc modprinc { pname flags } {
-- global REALMNAME
--
-- return [onerq modprinc $pname \
-- "Principal \"$pname@$REALMNAME\" modified." $flags]
--}
--
--proc addpol { pname } {
-- if ![onerq addpol $pname ""] {
-- return 0
-- }
-- return [onerq getpol $pname "Policy: $pname"]
--}
--
--proc delpol { pname } {
-- onerq delpol $pname "" -force
-- return [onerq getpol $pname \
-- "Policy does not exist while retrieving policy \"$pname\"."]
--}
--
--proc modpol { pname flags } {
-- return [onerq modpol $pname "" $flags]
--}
--
--# Mandatory command must return true.
--# Issues a break in its parent on failure.
--proc mustrun { cmd } {
-- if ![eval $cmd] {
-- perror "mandatory command failed: $cmd"
-- uplevel break
-- }
--}
--
--# Fail test if command fails.
--# Issues a break in its parent on failure.
--proc chkpass { cmd } {
-- upvar test test
-- if ![eval $cmd] {
-- verbose "unexpected failure: $cmd"
-- fail $test
-- uplevel break
-- }
--}
--
--# Fail test if command succeeds.
--# Issues a break in its parent on failure.
--proc chkfail { cmd } {
-- upvar test test
-- if [eval $cmd] {
-- verbose "unexpected success: $cmd"
-- fail $test
-- uplevel break
-- }
--}
--
--# wrapper to run command (actually usually sequence of commands)
--#
--# If any part of CMD throws an exception, set failall, otherwise pass.
--# If failall is already true, report unresolved.
--proc wraptest { test cmd } {
-- upvar failall failall
-- if $failall {
-- unresolved $test
-- return
-- }
-- if [catch $cmd] {
-- set failall 1
-- } else {
-- pass $test
-- }
--}
--
--run_once pwhist {
-- # Set up the kerberos database.
-- if {![get_hostname] \
-- || ![setup_kerberos_files] \
-- || ![setup_kerberos_env kdc] \
-- || ![setup_kerberos_db 0]} {
-- return
-- }
--
-- set failall 0
-- wraptest "nkeys=1, nhist=3" {
-- mustrun { addpol crashpol }
-- mustrun { modpol crashpol "-history 3"}
-- mustrun { addprinc crash 1111 }
-- mustrun { modprinc crash "-policy crashpol" }
-- chkpass { cpw crash 2222 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- }
-- verbose {old_keys [ 1111 ->[] ]}
--
-- # The following will result in reading/writing past array bounds if
-- # add_to_history() is not patched.
-- #
-- # NOTE: A pass from this test does not mean the bug isn't present;
-- # check with Purify, valgrind, etc.
-- wraptest "array bounds ok on nkeys=1, nhist 3->2" {
-- mustrun { modpol crashpol "-history 2" }
-- chkpass { cpw crash 3333 }
-- }
-- verbose {old_keys [ ->2222 ]}
--
-- wraptest "verify nhist=2" {
-- mustrun { delprinc crash }
-- mustrun { addprinc crash 1111 }
-- mustrun { modprinc crash "-policy crashpol" }
-- chkpass { cpw crash 2222 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- }
-- verbose {old_keys [ ->1111 ]}
--
-- # The following will fail if growing the history array causes an extra
-- # key to be lost due to failure to shift entries.
-- wraptest "grow nhist 2->3" {
-- mustrun { modpol crashpol "-history 3" }
-- chkpass { cpw crash 3333 }
-- chkfail { cpw crash 3333 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- }
-- verbose {old_keys [ 2222 ->1111 ]}
--
-- wraptest "grow nhist 3->4" {
-- mustrun { modpol crashpol "-history 4" }
-- chkfail { cpw crash 3333 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- chkpass { cpw crash 4444 }
-- chkfail { cpw crash 3333 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- }
-- verbose {old_keys [ 2222 3333 ->1111 ]}
-- wraptest "shrink nhist 4->3" {
-- mustrun { modpol crashpol "-history 3" }
-- chkfail { cpw crash 4444 }
-- chkfail { cpw crash 3333 }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 1111 }
-- chkpass { cpw crash 5555 }
-- }
-- verbose {old_keys [ 4444 ->3333 ]}
-- wraptest "verify nhist=3" {
-- chkfail { cpw crash 5555 }
-- chkfail { cpw crash 4444 }
-- chkfail { cpw crash 3333 }
-- chkpass { cpw crash 2222 }
-- }
-- verbose {old_keys [ ->4444 5555 ]}
-- wraptest "shrink nhist 3->2" {
-- mustrun { modpol crashpol "-history 2" }
-- chkfail { cpw crash 2222 }
-- chkfail { cpw crash 5555 }
-- chkfail { cpw crash 4444 }
-- chkpass { cpw crash 3333 }
-- }
-- verbose {old_keys [ ->2222 ]}
--
-- delprinc crash
-- delpol crashpol
--
-- stop_kerberos_daemons
--}
-diff --git a/src/tests/t_changepw.py b/src/tests/t_changepw.py
-index 573bdbd49..bf8e3a9eb 100755
---- a/src/tests/t_changepw.py
-+++ b/src/tests/t_changepw.py
-@@ -1,23 +1,24 @@
- from k5test import *
-
--# This file is intended to cover any password-changing mechanism. For
--# now it only contains a regression test for #7868.
--
- realm = K5Realm(create_host=False, get_creds=False, start_kadmind=True)
-+realm.prep_kadmin()
-
- # Mark a principal as expired and change its password through kinit.
-+mark('password change via kinit')
- realm.run([kadminl, 'modprinc', '-pwexpire', '1 day ago', 'user'])
- pwinput = password('user') + '\nabcd\nabcd\n'
- realm.run([kinit, realm.user_princ], input=pwinput)
-
--# Do the same thing with FAST, with tracing turned on.
--realm.run([kadminl, 'modprinc', '-pwexpire', '1 day ago', 'user'])
-+# Regression test for #7868 (preauth options ignored when
-+# krb5_get_init_creds_password() initiates a password change). This
-+# time use the REQUIRES_PWCHANGE bit instead of the password
-+# expiration time.
-+mark('password change via kinit with FAST')
-+realm.run([kadminl, 'modprinc', '+needchange', 'user'])
- pwinput = 'abcd\nefgh\nefgh\n'
- out, trace = realm.run([kinit, '-T', realm.ccache, realm.user_princ],
- input=pwinput, return_trace=True)
--
--# Read the trace and check that FAST was used when getting the
--# kadmin/changepw ticket.
-+# Check that FAST was used when getting the kadmin/changepw ticket.
- getting_changepw = fast_used_for_changepw = False
- for line in trace.splitlines():
- if 'Getting initial credentials for user@' in line:
-@@ -29,4 +30,21 @@ for line in trace.splitlines():
- if not fast_used_for_changepw:
- fail('FAST was not used to get kadmin/changepw ticket')
-
-+# Test that passwords specified via kadmin and kpasswd are usable with
-+# kinit.
-+mark('password change usability by kinit')
-+realm.run([kadminl, 'addprinc', '-pw', 'pw1', 'testprinc'])
-+# Run kpasswd with an active cache to exercise automatic FAST use.
-+realm.kinit('testprinc', 'pw1')
-+realm.run([kpasswd, 'testprinc'], input='pw1\npw2\npw2\n')
-+realm.kinit('testprinc', 'pw2')
-+realm.run([kdestroy])
-+realm.run([kpasswd, 'testprinc'], input='pw2\npw3\npw3\n')
-+realm.kinit('testprinc', 'pw3')
-+realm.run([kdestroy])
-+realm.run_kadmin(['cpw', '-pw', 'pw4', 'testprinc'])
-+realm.kinit('testprinc', 'pw4')
-+realm.run([kdestroy])
-+realm.run([kadminl, 'delprinc', 'testprinc'])
-+
- success('Password change tests')
-diff --git a/src/tests/t_kadmin.py b/src/tests/t_kadmin.py
-new file mode 100644
-index 000000000..fe6a3cc2e
---- /dev/null
-+++ b/src/tests/t_kadmin.py
-@@ -0,0 +1,54 @@
-+from k5test import *
-+
-+realm = K5Realm(start_kadmind=True)
-+
-+# Create a principal. Test -q option and keyboard entry of the admin
-+# password and principal password. Verify creation with kadmin.local.
-+realm.run([kadmin, '-q', 'addprinc princ/pw'],
-+ input=password('admin') + '\npw1\npw1\n')
-+realm.run([kadminl, 'getprinc', 'princ/pw'],
-+ expected_msg='Principal: princ/pw@KRBTEST.COM')
-+
-+# Run the remaining tests with a cache for efficiency.
-+realm.prep_kadmin()
-+
-+realm.run_kadmin(['addpol', 'standardpol'])
-+realm.run_kadmin(['listpols'], expected_msg='standardpol')
-+realm.run_kadmin(['modpol', '-minlength', '5', 'standardpol'])
-+realm.run_kadmin(['getpol', 'standardpol'],
-+ expected_msg='Minimum password length: 5')
-+
-+realm.run_kadmin(['addprinc', '-randkey', 'princ/random'])
-+realm.run([kadminl, 'getprinc', 'princ/random'],
-+ expected_msg='Principal: princ/random@KRBTEST.COM')
-+
-+realm.run_kadmin(['cpw', 'princ/pw'], input='newpw\nnewpw\n')
-+realm.run_kadmin(['cpw', '-randkey', 'princ/random'])
-+
-+realm.run_kadmin(['modprinc', '-allow_tix', 'princ/random'])
-+realm.run_kadmin(['modprinc', '+allow_tix', 'princ/random'])
-+realm.run_kadmin(['modprinc', '-policy', 'standardpol', 'princ/random'])
-+
-+realm.run_kadmin(['listprincs'], expected_msg='princ/random@KRBTEST.COM')
-+
-+realm.run_kadmin(['ktadd', 'princ/pw'])
-+
-+realm.run_kadmin(['delprinc', 'princ/random'])
-+realm.run([kadminl, 'getprinc', 'princ/random'], expected_code=1,
-+ expected_msg='Principal does not exist')
-+realm.run_kadmin(['delprinc', 'princ/pw'])
-+realm.run([kadminl, 'getprinc', 'princ/pw'], expected_code=1,
-+ expected_msg='Principal does not exist')
-+
-+realm.run_kadmin(['delpol', 'standardpol'])
-+realm.run([kadminl, 'getpol', 'standardpol'], expected_code=1,
-+ expected_msg='Policy does not exist')
-+
-+# Regression test for #2877 (fixed-sized GSSRPC buffers can't
-+# accomodate large listprinc results).
-+mark('large listprincs result')
-+for i in range(200):
-+ realm.run_kadmin(['addprinc', '-randkey', 'foo%d' % i])
-+realm.run_kadmin(['listprincs'], expected_msg='foo199')
-+
-+success('kadmin and kpasswd tests')
-diff --git a/src/tests/t_policy.py b/src/tests/t_policy.py
-index 5a0c06b86..2bb4f5f18 100755
---- a/src/tests/t_policy.py
-+++ b/src/tests/t_policy.py
-@@ -25,6 +25,68 @@ realm.run([kadminl, 'cpw', '-pw', 'l0ngenough', 'pwuser'], expected_code=1,
- realm.run([kadminl, 'cpw', '-pw', '3rdpassword', 'pwuser'])
- realm.run([kadminl, 'cpw', '-pw', 'l0ngenough', 'pwuser'])
-
-+# Regression test for #929 (kadmind crash with more historical
-+# passwords in a principal entry than current policy history setting).
-+mark('password history (policy value reduced below current array size)')
-+realm.run([kadminl, 'addpol', '-history', '5', 'histpol'])
-+realm.addprinc('histprinc', 'first')
-+realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc'])
-+realm.run([kadminl, 'cpw', '-pw', 'second', 'histprinc'])
-+realm.run([kadminl, 'cpw', '-pw', 'third', 'histprinc'])
-+realm.run([kadminl, 'cpw', '-pw', 'fourth', 'histprinc'])
-+realm.run([kadminl, 'modpol', '-history', '3', 'histpol'])
-+realm.run([kadminl, 'cpw', '-pw', 'fifth', 'histprinc'])
-+realm.run([kadminl, 'delprinc', 'histprinc'])
-+
-+# Regression test for #2841 (heap buffer overflow when policy history
-+# value is reduced to match the number of historical passwords for a
-+# principal).
-+mark('password history (policy value reduced to current array size)')
-+def histfail(*pwlist):
-+ for pw in pwlist:
-+ realm.run([kadminl, 'cpw', '-pw', pw, 'histprinc'], expected_code=1,
-+ expected_msg='Cannot reuse password')
-+realm.run([kadminl, 'modpol', '-history', '3', 'histpol'])
-+realm.addprinc('histprinc', '1111')
-+realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc'])
-+realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc'])
-+histfail('2222', '1111')
-+realm.run([kadminl, 'modpol', '-history', '2', 'histpol'])
-+realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc'])
-+
-+# Test that the history array is properly resized if the policy
-+# history value is increased after the array is filled.
-+mark('password history (policy value increase)')
-+realm.run([kadminl, 'delprinc', 'histprinc'])
-+realm.addprinc('histprinc', '1111')
-+realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc'])
-+realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc'])
-+histfail('2222', '1111')
-+realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc'], expected_code=1,
-+ expected_msg='Cannot reuse password')
-+realm.run([kadminl, 'cpw', '-pw', '1111', 'histprinc'], expected_code=1,
-+ expected_msg='Cannot reuse password')
-+realm.run([kadminl, 'modpol', '-history', '3', 'histpol'])
-+realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc'])
-+histfail('3333', '2222', '1111')
-+realm.run([kadminl, 'modpol', '-history', '4', 'histpol'])
-+histfail('3333', '2222', '1111')
-+realm.run([kadminl, 'cpw', '-pw', '4444', 'histprinc'])
-+histfail('4444', '3333', '2222', '1111')
-+
-+# Test that when the policy history value is reduced, all currently
-+# known old passwords still fail until the next password change, after
-+# which the new number of old passwords fails (but no more).
-+mark('password history (policy value reduction)')
-+realm.run([kadminl, 'modpol', '-history', '3', 'histpol'])
-+histfail('4444', '3333', '2222', '1111')
-+realm.run([kadminl, 'cpw', '-pw', '5555', 'histprinc'])
-+histfail('5555', '3333', '3333')
-+realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc'])
-+realm.run([kadminl, 'modpol', '-history', '2', 'histpol'])
-+histfail('2222', '5555', '4444')
-+realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc'])
-+
- # Test references to nonexistent policies.
- mark('nonexistent policy references')
- realm.run([kadminl, 'addprinc', '-randkey', '-policy', 'newpol', 'newuser'])
diff --git a/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch b/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch
deleted file mode 100644
index 3c90b97..0000000
--- a/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch
+++ /dev/null
@@ -1,150 +0,0 @@
-From c99ecf1bb49e2fbd0bf30a7b357cf06407b9588a Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Sat, 15 May 2021 18:04:58 -0400
-Subject: [PATCH] Remove deprecated OpenSSL calls from softpkcs11
-
-Rewrite add_pubkey_info() in terms of the EVP_PKEY interface. In this
-process, fix its unchecked allocations and fail fast for non-RSA keys.
-
-(cherry picked from commit d6bf42279675100e3e4fe7c6e08eef74d49624cb)
-(cherry picked from commit 5072bfdfaddae762680d0f9d97afa6dbf8274760)
----
- src/configure.ac | 1 +
- src/tests/softpkcs11/main.c | 106 ++++++++++++++++++++++++------------
- 2 files changed, 72 insertions(+), 35 deletions(-)
-
-diff --git a/src/configure.ac b/src/configure.ac
-index 3e1052db7..eb6307468 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1114,6 +1114,7 @@ int i = 1;
- ])], k5_cv_openssl_version_okay=yes, k5_cv_openssl_version_okay=no)])
- old_LIBS="$LIBS"
- AC_CHECK_LIB(crypto, PKCS7_get_signer_info)
-+ AC_CHECK_FUNCS(EVP_PKEY_get_bn_param)
- LIBS="$old_LIBS"
- fi
- if test "$k5_cv_openssl_version_okay" = yes && (test "$enable_pkinit" = yes || test "$enable_pkinit" = try); then
-diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c
-index caa537b68..86b4ef711 100644
---- a/src/tests/softpkcs11/main.c
-+++ b/src/tests/softpkcs11/main.c
-@@ -413,47 +413,83 @@ add_object_attribute(struct st_object *o,
- return CKR_OK;
- }
-
-+#ifdef HAVE_EVP_PKEY_GET_BN_PARAM
-+
-+/* Declare owner pointers since EVP_PKEY_get_bn_param() gives us copies. */
-+#define DECLARE_BIGNUM(name) BIGNUM *name = NULL
-+#define RELEASE_BIGNUM(bn) BN_clear_free(bn)
- static CK_RV
--add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key)
-+get_bignums(EVP_PKEY *key, BIGNUM **n, BIGNUM **e)
- {
-- switch (key_type) {
-- case CKK_RSA: {
-- CK_BYTE *modulus = NULL;
-- size_t modulus_len = 0;
-- CK_ULONG modulus_bits = 0;
-- CK_BYTE *exponent = NULL;
-- size_t exponent_len = 0;
-- const RSA *rsa;
-- const BIGNUM *n, *e;
-+ if (EVP_PKEY_get_bn_param(key, "n", n) == 0 ||
-+ EVP_PKEY_get_bn_param(key, "e", e) == 0)
-+ return CKR_DEVICE_ERROR;
-
-- rsa = EVP_PKEY_get0_RSA(key);
-- RSA_get0_key(rsa, &n, &e, NULL);
-- modulus_bits = BN_num_bits(n);
--
-- modulus_len = BN_num_bytes(n);
-- modulus = malloc(modulus_len);
-- BN_bn2bin(n, modulus);
--
-- exponent_len = BN_num_bytes(e);
-- exponent = malloc(exponent_len);
-- BN_bn2bin(e, exponent);
--
-- add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len);
-- add_object_attribute(o, 0, CKA_MODULUS_BITS,
-- &modulus_bits, sizeof(modulus_bits));
-- add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT,
-- exponent, exponent_len);
--
-- free(modulus);
-- free(exponent);
-- }
-- default:
-- /* XXX */
-- break;
-- }
- return CKR_OK;
- }
-
-+#else
-+
-+/* Declare const pointers since the old API gives us aliases. */
-+#define DECLARE_BIGNUM(name) const BIGNUM *name
-+#define RELEASE_BIGNUM(bn)
-+static CK_RV
-+get_bignums(EVP_PKEY *key, const BIGNUM **n, const BIGNUM **e)
-+{
-+ const RSA *rsa;
-+
-+ rsa = EVP_PKEY_get0_RSA(key);
-+ RSA_get0_key(rsa, n, e, NULL);
-+
-+ return CKR_OK;
-+}
-+
-+#endif
-+
-+static CK_RV
-+add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key)
-+{
-+ CK_BYTE *modulus = NULL, *exponent = 0;
-+ size_t modulus_len = 0, exponent_len = 0;
-+ CK_ULONG modulus_bits = 0;
-+ CK_RV ret;
-+ DECLARE_BIGNUM(n);
-+ DECLARE_BIGNUM(e);
-+
-+ if (key_type != CKK_RSA)
-+ abort();
-+
-+ ret = get_bignums(key, &n, &e);
-+ if (ret != CKR_OK)
-+ goto done;
-+
-+ modulus_bits = BN_num_bits(n);
-+ modulus_len = BN_num_bytes(n);
-+ exponent_len = BN_num_bytes(e);
-+
-+ modulus = malloc(modulus_len);
-+ exponent = malloc(exponent_len);
-+ if (modulus == NULL || exponent == NULL) {
-+ ret = CKR_DEVICE_MEMORY;
-+ goto done;
-+ }
-+
-+ BN_bn2bin(n, modulus);
-+ BN_bn2bin(e, exponent);
-+
-+ add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len);
-+ add_object_attribute(o, 0, CKA_MODULUS_BITS, &modulus_bits,
-+ sizeof(modulus_bits));
-+ add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, exponent, exponent_len);
-+
-+ ret = CKR_OK;
-+done:
-+ free(modulus);
-+ free(exponent);
-+ RELEASE_BIGNUM(n);
-+ RELEASE_BIGNUM(e);
-+ return ret;
-+}
-
- static int
- pem_callback(char *buf, int num, int w, void *key)
diff --git a/SOURCES/Set-reasonable-supportedCMSTypes-in-PKINIT.patch b/SOURCES/Set-reasonable-supportedCMSTypes-in-PKINIT.patch
deleted file mode 100644
index 6e87e04..0000000
--- a/SOURCES/Set-reasonable-supportedCMSTypes-in-PKINIT.patch
+++ /dev/null
@@ -1,188 +0,0 @@
-From dea9421ccdbe5c8f63aae85341a8f091c6019407 Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Wed, 1 Jun 2022 18:02:04 +0200
-Subject: [PATCH] Set reasonable supportedCMSTypes in PKINIT
-
-The PKINIT client uses AuthPack.supportedCMSTypes to let the KDC know
-the algorithms it supports for verification of the CMS data signature.
-(The MIT krb5 KDC currently ignores this list, but other
-implementations use it.)
-
-Replace 3DES with sha512WithRSAEncryption and sha256WithRSAEncryption.
-
-[ghudson@mit.edu: simplified code and used appropriate helpers; edited
-commit message]
-
-ticket: 9066 (new)
----
- src/plugins/preauth/pkinit/Makefile.in | 4 +-
- src/plugins/preauth/pkinit/pkinit_clnt.c | 8 ++++
- ...nit_kdf_constants.c => pkinit_constants.c} | 24 ++++++++++++
- src/plugins/preauth/pkinit/pkinit_crypto.h | 16 ++++++++
- .../preauth/pkinit/pkinit_crypto_openssl.c | 39 +++++++++++++++++++
- 5 files changed, 89 insertions(+), 2 deletions(-)
- rename src/plugins/preauth/pkinit/{pkinit_kdf_constants.c => pkinit_constants.c} (76%)
-
-diff --git a/src/plugins/preauth/pkinit/Makefile.in b/src/plugins/preauth/pkinit/Makefile.in
-index d20fb18a8..97aaded03 100644
---- a/src/plugins/preauth/pkinit/Makefile.in
-+++ b/src/plugins/preauth/pkinit/Makefile.in
-@@ -18,7 +18,7 @@ STLIBOBJS= \
- pkinit_srv.o \
- pkinit_lib.o \
- pkinit_clnt.o \
-- pkinit_kdf_constants.o \
-+ pkinit_constants.o \
- pkinit_profile.o \
- pkinit_identity.o \
- pkinit_matching.o \
-@@ -29,7 +29,7 @@ SRCS= \
- $(srcdir)/pkinit_srv.c \
- $(srcdir)/pkinit_lib.c \
- $(srcdir)/pkinit_kdf_test.c \
-- $(srcdir)/pkinit_kdf_constants.c \
-+ $(srcdir)/pkinit_constants.c \
- $(srcdir)/pkinit_clnt.c \
- $(srcdir)/pkinit_profile.c \
- $(srcdir)/pkinit_identity.c \
-diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
-index a385da7c3..2817cc213 100644
---- a/src/plugins/preauth/pkinit/pkinit_clnt.c
-+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
-@@ -212,6 +212,14 @@ pkinit_as_req_create(krb5_context context,
- auth_pack.clientPublicValue = &info;
- auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids;
-
-+ /* add List of CMS algorithms */
-+ retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
-+ reqctx->cryptoctx,
-+ reqctx->idctx, &cmstypes);
-+ auth_pack.supportedCMSTypes = cmstypes;
-+ if (retval)
-+ goto cleanup;
-+
- switch(protocol) {
- case DH_PROTOCOL:
- TRACE_PKINIT_CLIENT_REQ_DH(context);
-diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_constants.c b/src/plugins/preauth/pkinit/pkinit_constants.c
-similarity index 76%
-rename from src/plugins/preauth/pkinit/pkinit_kdf_constants.c
-rename to src/plugins/preauth/pkinit/pkinit_constants.c
-index 1604f1670..1832e8f7b 100644
---- a/src/plugins/preauth/pkinit/pkinit_kdf_constants.c
-+++ b/src/plugins/preauth/pkinit/pkinit_constants.c
-@@ -57,3 +57,27 @@ krb5_data const * const supported_kdf_alg_ids[] = {
- &sha512_id,
- NULL
- };
-+
-+/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840)
-+ * rsadsi(113549) pkcs(1) 1 11 */
-+static char sha256WithRSAEncr_oid[9] = {
-+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b
-+};
-+/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840)
-+ * rsadsi(113549) pkcs(1) 1 13 */
-+static char sha512WithRSAEncr_oid[9] = {
-+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d
-+};
-+
-+const krb5_data sha256WithRSAEncr_id = {
-+ KV5M_DATA, sizeof(sha256WithRSAEncr_oid), sha256WithRSAEncr_oid
-+};
-+const krb5_data sha512WithRSAEncr_id = {
-+ KV5M_DATA, sizeof(sha512WithRSAEncr_oid), sha512WithRSAEncr_oid
-+};
-+
-+krb5_data const * const supported_cms_algs[] = {
-+ &sha512WithRSAEncr_id,
-+ &sha256WithRSAEncr_id,
-+ NULL
-+};
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
-index 1f9868351..f38a77093 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto.h
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
-@@ -380,6 +380,18 @@ krb5_error_code server_process_dh
- unsigned int *server_key_len_out); /* OUT
- receives length of DH secret key */
-
-+/*
-+ * this functions takes in crypto specific representation of
-+ * supportedCMSTypes and creates a list of
-+ * krb5_algorithm_identifier
-+ */
-+krb5_error_code create_krb5_supportedCMSTypes
-+ (krb5_context context, /* IN */
-+ pkinit_plg_crypto_context plg_cryptoctx, /* IN */
-+ pkinit_req_crypto_context req_cryptoctx, /* IN */
-+ pkinit_identity_crypto_context id_cryptoctx, /* IN */
-+ krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
-+
- /*
- * this functions takes in crypto specific representation of
- * trustedCertifiers and creates a list of
-@@ -617,6 +629,10 @@ extern const size_t krb5_pkinit_sha512_oid_len;
- */
- extern krb5_data const * const supported_kdf_alg_ids[];
-
-+/* CMS signature algorithms supported by this implementation, in order of
-+ * decreasing preference. */
-+extern krb5_data const * const supported_cms_algs[];
-+
- krb5_error_code
- crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx,
- uint8_t **der_out, size_t *der_len);
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index 2a6ef4aaa..41a7464b5 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -5582,6 +5582,45 @@ cleanup:
- return retval;
- }
-
-+krb5_error_code
-+create_krb5_supportedCMSTypes(krb5_context context,
-+ pkinit_plg_crypto_context plg_cryptoctx,
-+ pkinit_req_crypto_context req_cryptoctx,
-+ pkinit_identity_crypto_context id_cryptoctx,
-+ krb5_algorithm_identifier ***algs_out)
-+{
-+ krb5_error_code ret;
-+ krb5_algorithm_identifier **algs = NULL;
-+ size_t i, count;
-+
-+ *algs_out = NULL;
-+
-+ /* Count supported OIDs and allocate list (including null terminator). */
-+ for (count = 0; supported_cms_algs[count] != NULL; count++);
-+ algs = k5calloc(count + 1, sizeof(*algs), &ret);
-+ if (algs == NULL)
-+ goto cleanup;
-+
-+ /* Add an algorithm identifier for each OID, with no parameters. */
-+ for (i = 0; i < count; i++) {
-+ algs[i] = k5alloc(sizeof(*algs[i]), &ret);
-+ if (algs[i] == NULL)
-+ goto cleanup;
-+ ret = krb5int_copy_data_contents(context, supported_cms_algs[i],
-+ &algs[i]->algorithm);
-+ if (ret)
-+ goto cleanup;
-+ algs[i]->parameters = empty_data();
-+ }
-+
-+ *algs_out = algs;
-+ algs = NULL;
-+
-+cleanup:
-+ free_krb5_algorithm_identifiers(&algs);
-+ return ret;
-+}
-+
- krb5_error_code
- create_krb5_trustedCertifiers(krb5_context context,
- pkinit_plg_crypto_context plg_cryptoctx,
---
-2.35.3
-
diff --git a/SOURCES/Support-host-based-GSS-initiator-names.patch b/SOURCES/Support-host-based-GSS-initiator-names.patch
deleted file mode 100644
index 4a224d0..0000000
--- a/SOURCES/Support-host-based-GSS-initiator-names.patch
+++ /dev/null
@@ -1,578 +0,0 @@
-From e33835c4b6c6ce71757e9f659db03afa4bfd9a9a Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Fri, 15 Jan 2021 13:51:34 -0500
-Subject: [PATCH] Support host-based GSS initiator names
-
-When checking if we can get initial credentials in the GSS krb5 mech,
-use krb5_kt_have_match() to support fallback iteration. When scanning
-the ccache or getting initial credentials, rewrite cred->name->princ
-to the canonical client name. When a name check is necessary (such as
-when the caller specifies both a name and ccache), use a new internal
-API k5_sname_compare() to support fallback iteration. Add fallback
-iteration to krb5_cc_cache_match() to allow host-based names to be
-canonicalized against the cache collection.
-
-Create and store the matching principal for acceptor names in
-acquire_accept_cred() so that it isn't affected by changes in
-cred->name->princ during acquire_init_cred().
-
-ticket: 8978 (new)
-(cherry picked from commit c374ab40dd059a5938ffc0440d87457ac5da3a46)
----
- src/include/k5-int.h | 9 +++
- src/include/k5-trace.h | 3 +
- src/lib/gssapi/krb5/accept_sec_context.c | 15 +---
- src/lib/gssapi/krb5/acquire_cred.c | 89 ++++++++++++++----------
- src/lib/gssapi/krb5/gssapiP_krb5.h | 1 +
- src/lib/gssapi/krb5/rel_cred.c | 1 +
- src/lib/krb5/ccache/cccursor.c | 57 +++++++++++----
- src/lib/krb5/libkrb5.exports | 1 +
- src/lib/krb5/os/sn2princ.c | 23 +++++-
- src/lib/krb5_32.def | 1 +
- src/tests/gssapi/t_client_keytab.py | 44 ++++++++++++
- src/tests/gssapi/t_credstore.py | 32 +++++++++
- 12 files changed, 214 insertions(+), 62 deletions(-)
-
-diff --git a/src/include/k5-int.h b/src/include/k5-int.h
-index efb523689..46f2ce2d3 100644
---- a/src/include/k5-int.h
-+++ b/src/include/k5-int.h
-@@ -2411,4 +2411,13 @@ void k5_change_error_message_code(krb5_context ctx, krb5_error_code oldcode,
- #define k5_prependmsg krb5_prepend_error_message
- #define k5_wrapmsg krb5_wrap_error_message
-
-+/*
-+ * Like krb5_principal_compare(), but with canonicalization of sname if
-+ * fallback is enabled. This function should be avoided if multiple matches
-+ * are required, since repeated canonicalization is inefficient.
-+ */
-+krb5_boolean
-+k5_sname_compare(krb5_context context, krb5_const_principal sname,
-+ krb5_const_principal princ);
-+
- #endif /* _KRB5_INT_H */
-diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h
-index b3e039dc8..79b5a7a85 100644
---- a/src/include/k5-trace.h
-+++ b/src/include/k5-trace.h
-@@ -105,6 +105,9 @@ void krb5int_trace(krb5_context context, const char *fmt, ...);
-
- #endif /* DISABLE_TRACING */
-
-+#define TRACE_CC_CACHE_MATCH(c, princ, ret) \
-+ TRACE(c, "Matching {princ} in collection with result: {kerr}", \
-+ princ, ret)
- #define TRACE_CC_DESTROY(c, cache) \
- TRACE(c, "Destroying ccache {ccache}", cache)
- #define TRACE_CC_GEN_NEW(c, cache) \
-diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
-index fcf2c2152..a1d7e0d96 100644
---- a/src/lib/gssapi/krb5/accept_sec_context.c
-+++ b/src/lib/gssapi/krb5/accept_sec_context.c
-@@ -683,7 +683,6 @@ kg_accept_krb5(minor_status, context_handle,
- krb5_flags ap_req_options = 0;
- krb5_enctype negotiated_etype;
- krb5_authdata_context ad_context = NULL;
-- krb5_principal accprinc = NULL;
- krb5_ap_req *request = NULL;
-
- code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
-@@ -849,17 +848,9 @@ kg_accept_krb5(minor_status, context_handle,
- }
- }
-
-- if (!cred->default_identity) {
-- if ((code = kg_acceptor_princ(context, cred->name, &accprinc))) {
-- major_status = GSS_S_FAILURE;
-- goto fail;
-- }
-- }
--
-- code = krb5_rd_req_decoded(context, &auth_context, request, accprinc,
-- cred->keytab, &ap_req_options, NULL);
--
-- krb5_free_principal(context, accprinc);
-+ code = krb5_rd_req_decoded(context, &auth_context, request,
-+ cred->acceptor_mprinc, cred->keytab,
-+ &ap_req_options, NULL);
- if (code) {
- major_status = GSS_S_FAILURE;
- goto fail;
-diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
-index 632ee7def..e226a0269 100644
---- a/src/lib/gssapi/krb5/acquire_cred.c
-+++ b/src/lib/gssapi/krb5/acquire_cred.c
-@@ -123,11 +123,11 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status,
- /* Try to verify that keytab contains at least one entry for name. Return 0 if
- * it does, KRB5_KT_NOTFOUND if it doesn't, or another error as appropriate. */
- static krb5_error_code
--check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name)
-+check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name,
-+ krb5_principal mprinc)
- {
- krb5_error_code code;
- krb5_keytab_entry ent;
-- krb5_principal accprinc = NULL;
- char *princname;
-
- if (name->service == NULL) {
-@@ -141,21 +141,15 @@ check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name)
- if (kt->ops->start_seq_get == NULL)
- return 0;
-
-- /* Get the partial principal for the acceptor name. */
-- code = kg_acceptor_princ(context, name, &accprinc);
-- if (code)
-- return code;
--
-- /* Scan the keytab for host-based entries matching accprinc. */
-- code = k5_kt_have_match(context, kt, accprinc);
-+ /* Scan the keytab for host-based entries matching mprinc. */
-+ code = k5_kt_have_match(context, kt, mprinc);
- if (code == KRB5_KT_NOTFOUND) {
-- if (krb5_unparse_name(context, accprinc, &princname) == 0) {
-+ if (krb5_unparse_name(context, mprinc, &princname) == 0) {
- k5_setmsg(context, code, _("No key table entry found matching %s"),
- princname);
- free(princname);
- }
- }
-- krb5_free_principal(context, accprinc);
- return code;
- }
-
-@@ -202,8 +196,14 @@ acquire_accept_cred(krb5_context context, OM_uint32 *minor_status,
- }
-
- if (cred->name != NULL) {
-+ code = kg_acceptor_princ(context, cred->name, &cred->acceptor_mprinc);
-+ if (code) {
-+ major = GSS_S_FAILURE;
-+ goto cleanup;
-+ }
-+
- /* Make sure we have keys matching the desired name in the keytab. */
-- code = check_keytab(context, kt, cred->name);
-+ code = check_keytab(context, kt, cred->name, cred->acceptor_mprinc);
- if (code) {
- if (code == KRB5_KT_NOTFOUND) {
- k5_change_error_message_code(context, code, KG_KEYTAB_NOMATCH);
-@@ -324,7 +324,6 @@ static krb5_boolean
- can_get_initial_creds(krb5_context context, krb5_gss_cred_id_rec *cred)
- {
- krb5_error_code code;
-- krb5_keytab_entry entry;
-
- if (cred->password != NULL)
- return TRUE;
-@@ -336,20 +335,21 @@ can_get_initial_creds(krb5_context context, krb5_gss_cred_id_rec *cred)
- if (cred->name == NULL)
- return !krb5_kt_have_content(context, cred->client_keytab);
-
-- /* Check if we have a keytab key for the client principal. */
-- code = krb5_kt_get_entry(context, cred->client_keytab, cred->name->princ,
-- 0, 0, &entry);
-- if (code) {
-- krb5_clear_error_message(context);
-- return FALSE;
-- }
-- krb5_free_keytab_entry_contents(context, &entry);
-- return TRUE;
-+ /*
-+ * Check if we have a keytab key for the client principal. This is a bit
-+ * more permissive than we really want because krb5_kt_have_match()
-+ * supports wildcarding and obeys ignore_acceptor_hostname, but that should
-+ * generally be harmless.
-+ */
-+ code = k5_kt_have_match(context, cred->client_keytab, cred->name->princ);
-+ return code == 0;
- }
-
--/* Scan cred->ccache for name, expiry time, impersonator, refresh time. */
-+/* Scan cred->ccache for name, expiry time, impersonator, refresh time. If
-+ * check_name is true, verify the cache name against the credential name. */
- static krb5_error_code
--scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred)
-+scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred,
-+ krb5_boolean check_name)
- {
- krb5_error_code code;
- krb5_ccache ccache = cred->ccache;
-@@ -365,23 +365,31 @@ scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred)
- if (code)
- return code;
-
-- /* Credentials cache principal must match the initiator name. */
- code = krb5_cc_get_principal(context, ccache, &ccache_princ);
- if (code != 0)
- goto cleanup;
-- if (cred->name != NULL &&
-- !krb5_principal_compare(context, ccache_princ, cred->name->princ)) {
-- code = KG_CCACHE_NOMATCH;
-- goto cleanup;
-- }
-
-- /* Save the ccache principal as the credential name if not already set. */
-- if (!cred->name) {
-+ if (cred->name == NULL) {
-+ /* Save the ccache principal as the credential name. */
- code = kg_init_name(context, ccache_princ, NULL, NULL, NULL,
- KG_INIT_NAME_NO_COPY, &cred->name);
- if (code)
- goto cleanup;
- ccache_princ = NULL;
-+ } else {
-+ /* Check against the desired name if needed. */
-+ if (check_name) {
-+ if (!k5_sname_compare(context, cred->name->princ, ccache_princ)) {
-+ code = KG_CCACHE_NOMATCH;
-+ goto cleanup;
-+ }
-+ }
-+
-+ /* Replace the credential name principal with the canonical client
-+ * principal, retaining acceptor_mprinc if set. */
-+ krb5_free_principal(context, cred->name->princ);
-+ cred->name->princ = ccache_princ;
-+ ccache_princ = NULL;
- }
-
- assert(cred->name->princ != NULL);
-@@ -447,7 +455,7 @@ get_cache_for_name(krb5_context context, krb5_gss_cred_id_rec *cred)
- assert(cred->name != NULL && cred->ccache == NULL);
- #ifdef USE_LEASH
- code = get_ccache_leash(context, cred->name->princ, &cred->ccache);
-- return code ? code : scan_ccache(context, cred);
-+ return code ? code : scan_ccache(context, cred, TRUE);
- #else
- /* Check first whether we can acquire tickets, to avoid overwriting the
- * extended error message from krb5_cc_cache_match. */
-@@ -456,7 +464,7 @@ get_cache_for_name(krb5_context context, krb5_gss_cred_id_rec *cred)
- /* Look for an existing cache for the client principal. */
- code = krb5_cc_cache_match(context, cred->name->princ, &cred->ccache);
- if (code == 0)
-- return scan_ccache(context, cred);
-+ return scan_ccache(context, cred, FALSE);
- if (code != KRB5_CC_NOTFOUND || !can_get)
- return code;
- krb5_clear_error_message(context);
-@@ -633,6 +641,13 @@ get_initial_cred(krb5_context context, const struct verify_params *verify,
- kg_cred_set_initial_refresh(context, cred, &creds.times);
- cred->have_tgt = TRUE;
- cred->expire = creds.times.endtime;
-+
-+ /* Steal the canonical client principal name from creds and save it in the
-+ * credential name, retaining acceptor_mprinc if set. */
-+ krb5_free_principal(context, cred->name->princ);
-+ cred->name->princ = creds.client;
-+ creds.client = NULL;
-+
- krb5_free_cred_contents(context, &creds);
- cleanup:
- krb5_get_init_creds_opt_free(context, opt);
-@@ -721,7 +736,7 @@ acquire_init_cred(krb5_context context, OM_uint32 *minor_status,
-
- if (cred->ccache != NULL) {
- /* The caller specified a ccache; check what's in it. */
-- code = scan_ccache(context, cred);
-+ code = scan_ccache(context, cred, TRUE);
- if (code == KRB5_FCC_NOFILE) {
- /* See if we can get initial creds. If the caller didn't specify
- * a name, pick one from the client keytab. */
-@@ -984,7 +999,7 @@ kg_cred_resolve(OM_uint32 *minor_status, krb5_context context,
- }
- }
- if (cred->ccache != NULL) {
-- code = scan_ccache(context, cred);
-+ code = scan_ccache(context, cred, FALSE);
- if (code)
- goto kerr;
- }
-@@ -996,7 +1011,7 @@ kg_cred_resolve(OM_uint32 *minor_status, krb5_context context,
- code = krb5int_cc_default(context, &cred->ccache);
- if (code)
- goto kerr;
-- code = scan_ccache(context, cred);
-+ code = scan_ccache(context, cred, FALSE);
- if (code == KRB5_FCC_NOFILE) {
- /* Default ccache doesn't exist; fall through to client keytab. */
- krb5_cc_close(context, cred->ccache);
-diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
-index 3bacdcd35..fd7abbd77 100644
---- a/src/lib/gssapi/krb5/gssapiP_krb5.h
-+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
-@@ -175,6 +175,7 @@ typedef struct _krb5_gss_cred_id_rec {
- /* name/type of credential */
- gss_cred_usage_t usage;
- krb5_gss_name_t name;
-+ krb5_principal acceptor_mprinc;
- krb5_principal impersonator;
- unsigned int default_identity : 1;
- unsigned int iakerb_mech : 1;
-diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c
-index a9515daf7..0da6c1b95 100644
---- a/src/lib/gssapi/krb5/rel_cred.c
-+++ b/src/lib/gssapi/krb5/rel_cred.c
-@@ -72,6 +72,7 @@ krb5_gss_release_cred(minor_status, cred_handle)
- if (cred->name)
- kg_release_name(context, &cred->name);
-
-+ krb5_free_principal(context, cred->acceptor_mprinc);
- krb5_free_principal(context, cred->impersonator);
-
- if (cred->req_enctypes)
-diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c
-index 8f5872116..760216d05 100644
---- a/src/lib/krb5/ccache/cccursor.c
-+++ b/src/lib/krb5/ccache/cccursor.c
-@@ -30,6 +30,7 @@
-
- #include "cc-int.h"
- #include "../krb/int-proto.h"
-+#include "../os/os-proto.h"
-
- #include <assert.h>
-
-@@ -141,18 +142,18 @@ krb5_cccol_cursor_free(krb5_context context,
- return 0;
- }
-
--krb5_error_code KRB5_CALLCONV
--krb5_cc_cache_match(krb5_context context, krb5_principal client,
-- krb5_ccache *cache_out)
-+static krb5_error_code
-+match_caches(krb5_context context, krb5_const_principal client,
-+ krb5_ccache *cache_out)
- {
- krb5_error_code ret;
- krb5_cccol_cursor cursor;
- krb5_ccache cache = NULL;
- krb5_principal princ;
-- char *name;
- krb5_boolean eq;
-
- *cache_out = NULL;
-+
- ret = krb5_cccol_cursor_new(context, &cursor);
- if (ret)
- return ret;
-@@ -169,20 +170,52 @@ krb5_cc_cache_match(krb5_context context, krb5_principal client,
- krb5_cc_close(context, cache);
- }
- krb5_cccol_cursor_free(context, &cursor);
-+
- if (ret)
- return ret;
-- if (cache == NULL) {
-- ret = krb5_unparse_name(context, client, &name);
-- if (ret == 0) {
-- k5_setmsg(context, KRB5_CC_NOTFOUND,
-+ if (cache == NULL)
-+ return KRB5_CC_NOTFOUND;
-+
-+ *cache_out = cache;
-+ return 0;
-+}
-+
-+krb5_error_code KRB5_CALLCONV
-+krb5_cc_cache_match(krb5_context context, krb5_principal client,
-+ krb5_ccache *cache_out)
-+{
-+ krb5_error_code ret;
-+ struct canonprinc iter = { client, .subst_defrealm = TRUE };
-+ krb5_const_principal canonprinc = NULL;
-+ krb5_ccache cache = NULL;
-+ char *name;
-+
-+ *cache_out = NULL;
-+
-+ while ((ret = k5_canonprinc(context, &iter, &canonprinc)) == 0 &&
-+ canonprinc != NULL) {
-+ ret = match_caches(context, canonprinc, &cache);
-+ if (ret != KRB5_CC_NOTFOUND)
-+ break;
-+ }
-+ free_canonprinc(&iter);
-+
-+ if (ret == 0 && canonprinc == NULL) {
-+ ret = KRB5_CC_NOTFOUND;
-+ if (krb5_unparse_name(context, client, &name) == 0) {
-+ k5_setmsg(context, ret,
- _("Can't find client principal %s in cache collection"),
- name);
- krb5_free_unparsed_name(context, name);
- }
-- ret = KRB5_CC_NOTFOUND;
-- } else
-- *cache_out = cache;
-- return ret;
-+ }
-+
-+ TRACE_CC_CACHE_MATCH(context, client, ret);
-+ if (ret)
-+ return ret;
-+
-+ *cache_out = cache;
-+ return 0;
- }
-
- /* Store the error state for code from context into errsave, but only if code
-diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
-index adbfa332b..df6e2ffbe 100644
---- a/src/lib/krb5/libkrb5.exports
-+++ b/src/lib/krb5/libkrb5.exports
-@@ -181,6 +181,7 @@ k5_size_authdata_context
- k5_size_context
- k5_size_keyblock
- k5_size_principal
-+k5_sname_compare
- k5_unmarshal_cred
- k5_unmarshal_princ
- k5_unwrap_cammac_svc
-diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c
-index 8b7214189..c99b7da17 100644
---- a/src/lib/krb5/os/sn2princ.c
-+++ b/src/lib/krb5/os/sn2princ.c
-@@ -277,7 +277,8 @@ k5_canonprinc(krb5_context context, struct canonprinc *iter,
-
- /* If we're not doing fallback, the input principal is canonical. */
- if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK ||
-- iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2) {
-+ iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 ||
-+ iter->princ->data[1].length == 0) {
- *princ_out = (step == 1) ? iter->princ : NULL;
- return 0;
- }
-@@ -288,6 +289,26 @@ k5_canonprinc(krb5_context context, struct canonprinc *iter,
- return canonicalize_princ(context, iter, step == 2, princ_out);
- }
-
-+krb5_boolean
-+k5_sname_compare(krb5_context context, krb5_const_principal sname,
-+ krb5_const_principal princ)
-+{
-+ krb5_error_code ret;
-+ struct canonprinc iter = { sname, .subst_defrealm = TRUE };
-+ krb5_const_principal canonprinc = NULL;
-+ krb5_boolean match = FALSE;
-+
-+ while ((ret = k5_canonprinc(context, &iter, &canonprinc)) == 0 &&
-+ canonprinc != NULL) {
-+ if (krb5_principal_compare(context, canonprinc, princ)) {
-+ match = TRUE;
-+ break;
-+ }
-+ }
-+ free_canonprinc(&iter);
-+ return match;
-+}
-+
- krb5_error_code KRB5_CALLCONV
- krb5_sname_to_principal(krb5_context context, const char *hostname,
- const char *sname, krb5_int32 type,
-diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def
-index 60b8dd311..cf690dbe4 100644
---- a/src/lib/krb5_32.def
-+++ b/src/lib/krb5_32.def
-@@ -507,3 +507,4 @@ EXPORTS
- ; new in 1.20
- krb5_marshal_credentials @472
- krb5_unmarshal_credentials @473
-+ k5_sname_compare @474 ; PRIVATE GSSAPI
-diff --git a/src/tests/gssapi/t_client_keytab.py b/src/tests/gssapi/t_client_keytab.py
-index 7847b3ecd..9a61d53b8 100755
---- a/src/tests/gssapi/t_client_keytab.py
-+++ b/src/tests/gssapi/t_client_keytab.py
-@@ -141,5 +141,49 @@ msgs = ('Getting initial credentials for user/admin@KRBTEST.COM',
- '/Matching credential not found')
- realm.run(['./t_ccselect', phost], expected_code=1,
- expected_msg='Ticket expired', expected_trace=msgs)
-+realm.run([kdestroy, '-A'])
-+
-+# Test 19: host-based initiator name
-+mark('host-based initiator name')
-+hsvc = 'h:svc@' + hostname
-+svcprinc = 'svc/%s@%s' % (hostname, realm.realm)
-+realm.addprinc(svcprinc)
-+realm.extract_keytab(svcprinc, realm.client_keytab)
-+# On the first run we match against the keytab while getting tickets,
-+# substituting the default realm.
-+msgs = ('/Can\'t find client principal svc/%s@ in' % hostname,
-+ 'Getting initial credentials for svc/%s@' % hostname,
-+ 'Found entries for %s in keytab' % svcprinc,
-+ 'Retrieving %s from FILE:%s' % (svcprinc, realm.client_keytab),
-+ 'Storing %s -> %s in' % (svcprinc, realm.krbtgt_princ),
-+ 'Retrieving %s -> %s from' % (svcprinc, realm.krbtgt_princ),
-+ 'authenticator for %s -> %s' % (svcprinc, realm.host_princ))
-+realm.run(['./t_ccselect', phost, hsvc], expected_trace=msgs)
-+# On the second run we match against the collection.
-+msgs = ('Matching svc/%s@ in collection with result: 0' % hostname,
-+ 'Getting credentials %s -> %s' % (svcprinc, realm.host_princ),
-+ 'authenticator for %s -> %s' % (svcprinc, realm.host_princ))
-+realm.run(['./t_ccselect', phost, hsvc], expected_trace=msgs)
-+realm.run([kdestroy, '-A'])
-+
-+# Test 20: host-based initiator name with fallback
-+mark('host-based fallback initiator name')
-+canonname = canonicalize_hostname(hostname)
-+if canonname != hostname:
-+ hfsvc = 'h:fsvc@' + hostname
-+ canonprinc = 'fsvc/%s@%s' % (canonname, realm.realm)
-+ realm.addprinc(canonprinc)
-+ realm.extract_keytab(canonprinc, realm.client_keytab)
-+ msgs = ('/Can\'t find client principal fsvc/%s@ in' % hostname,
-+ 'Found entries for %s in keytab' % canonprinc,
-+ 'authenticator for %s -> %s' % (canonprinc, realm.host_princ))
-+ realm.run(['./t_ccselect', phost, hfsvc], expected_trace=msgs)
-+ msgs = ('Matching fsvc/%s@ in collection with result: 0' % hostname,
-+ 'Getting credentials %s -> %s' % (canonprinc, realm.host_princ))
-+ realm.run(['./t_ccselect', phost, hfsvc], expected_trace=msgs)
-+ realm.run([kdestroy, '-A'])
-+else:
-+ skipped('GSS initiator name fallback test',
-+ '%s does not canonicalize to a different name' % hostname)
-
- success('Client keytab tests')
-diff --git a/src/tests/gssapi/t_credstore.py b/src/tests/gssapi/t_credstore.py
-index c11975bf5..9be57bb82 100644
---- a/src/tests/gssapi/t_credstore.py
-+++ b/src/tests/gssapi/t_credstore.py
-@@ -15,6 +15,38 @@ msgs = ('Storing %s -> %s in %s' % (service_cs, realm.krbtgt_princ,
- realm.run(['./t_credstore', '-s', 'p:' + service_cs, 'ccache', storagecache,
- 'keytab', servicekeytab], expected_trace=msgs)
-
-+mark('matching')
-+scc = 'FILE:' + os.path.join(realm.testdir, 'service_cache')
-+realm.kinit(realm.host_princ, flags=['-k', '-c', scc])
-+realm.run(['./t_credstore', '-i', 'p:' + realm.host_princ, 'ccache', scc])
-+realm.run(['./t_credstore', '-i', 'h:host', 'ccache', scc])
-+realm.run(['./t_credstore', '-i', 'h:host@' + hostname, 'ccache', scc])
-+realm.run(['./t_credstore', '-i', 'p:wrong', 'ccache', scc],
-+ expected_code=1, expected_msg='does not match desired name')
-+realm.run(['./t_credstore', '-i', 'h:host@-nomatch-', 'ccache', scc],
-+ expected_code=1, expected_msg='does not match desired name')
-+realm.run(['./t_credstore', '-i', 'h:svc', 'ccache', scc],
-+ expected_code=1, expected_msg='does not match desired name')
-+
-+mark('matching (fallback)')
-+canonname = canonicalize_hostname(hostname)
-+if canonname != hostname:
-+ canonprinc = 'host/%s@%s' % (canonname, realm.realm)
-+ realm.addprinc(canonprinc)
-+ realm.extract_keytab(canonprinc, realm.keytab)
-+ realm.kinit(canonprinc, flags=['-k', '-c', scc])
-+ realm.run(['./t_credstore', '-i', 'h:host', 'ccache', scc])
-+ realm.run(['./t_credstore', '-i', 'h:host@' + hostname, 'ccache', scc])
-+ realm.run(['./t_credstore', '-i', 'h:host@' + canonname, 'ccache', scc])
-+ realm.run(['./t_credstore', '-i', 'p:' + canonprinc, 'ccache', scc])
-+ realm.run(['./t_credstore', '-i', 'p:' + realm.host_princ, 'ccache', scc],
-+ expected_code=1, expected_msg='does not match desired name')
-+ realm.run(['./t_credstore', '-i', 'h:host@-nomatch-', 'ccache', scc],
-+ expected_code=1, expected_msg='does not match desired name')
-+else:
-+ skipped('fallback matching test',
-+ '%s does not canonicalize to a different name' % hostname)
-+
- mark('rcache')
- # t_credstore -r should produce a replay error normally, but not with
- # rcache set to "none:".
diff --git a/SOURCES/Try-harder-to-avoid-password-change-replay-errors.patch b/SOURCES/Try-harder-to-avoid-password-change-replay-errors.patch
deleted file mode 100644
index 814043e..0000000
--- a/SOURCES/Try-harder-to-avoid-password-change-replay-errors.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From ad8e02485791023dcf66ef4612616f03895ceeb3 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Fri, 4 Mar 2022 00:45:00 -0500
-Subject: [PATCH] Try harder to avoid password change replay errors
-
-Commit d7b3018d338fc9c989c3fa17505870f23c3759a8 (ticket 7905) changed
-change_set_password() to prefer TCP. However, because UDP_LAST falls
-back to UDP after one second, we can still get a replay error due to a
-dropped packet, before the TCP layer has a chance to retry.
-
-Instead, try k5_sendto() with NO_UDP, and only fall back to UDP after
-TCP fails completely without reaching a server. In sendto_kdc.c,
-implement an ONLY_UDP transport strategy to allow the UDP fallback.
-
-ticket: 9037
----
- src/lib/krb5/os/changepw.c | 9 ++++++++-
- src/lib/krb5/os/os-proto.h | 1 +
- src/lib/krb5/os/sendto_kdc.c | 12 ++++++++----
- 3 files changed, 17 insertions(+), 5 deletions(-)
-
-diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c
-index 9f968da7f..c59232586 100644
---- a/src/lib/krb5/os/changepw.c
-+++ b/src/lib/krb5/os/changepw.c
-@@ -255,9 +255,16 @@ change_set_password(krb5_context context,
- callback_info.pfn_cleanup = kpasswd_sendto_msg_cleanup;
- krb5_free_data_contents(callback_ctx.context, &chpw_rep);
-
-+ /* UDP retransmits may be seen as replays. Only try UDP after other
-+ * transports fail completely. */
- code = k5_sendto(callback_ctx.context, NULL, &creds->server->realm,
-- &sl, UDP_LAST, &callback_info, &chpw_rep,
-+ &sl, NO_UDP, &callback_info, &chpw_rep,
- ss2sa(&remote_addr), &addrlen, NULL, NULL, NULL);
-+ if (code == KRB5_KDC_UNREACH) {
-+ code = k5_sendto(callback_ctx.context, NULL, &creds->server->realm,
-+ &sl, ONLY_UDP, &callback_info, &chpw_rep,
-+ ss2sa(&remote_addr), &addrlen, NULL, NULL, NULL);
-+ }
- if (code)
- goto cleanup;
-
-diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h
-index a985f2aec..91d2791ce 100644
---- a/src/lib/krb5/os/os-proto.h
-+++ b/src/lib/krb5/os/os-proto.h
-@@ -49,6 +49,7 @@ typedef enum {
- UDP_FIRST = 0,
- UDP_LAST,
- NO_UDP,
-+ ONLY_UDP
- } k5_transport_strategy;
-
- /* A single server hostname or address. */
-diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
-index 0eedec175..c7f5d861a 100644
---- a/src/lib/krb5/os/sendto_kdc.c
-+++ b/src/lib/krb5/os/sendto_kdc.c
-@@ -802,11 +802,14 @@ resolve_server(krb5_context context, const krb5_data *realm,
- int err, result;
- char portbuf[PORT_LENGTH];
-
-- /* Skip UDP entries if we don't want UDP. */
-+ /* Skip entries excluded by the strategy. */
- if (strategy == NO_UDP && entry->transport == UDP)
- return 0;
-+ if (strategy == ONLY_UDP && entry->transport != UDP &&
-+ entry->transport != TCP_OR_UDP)
-+ return 0;
-
-- transport = (strategy == UDP_FIRST) ? UDP : TCP;
-+ transport = (strategy == UDP_FIRST || strategy == ONLY_UDP) ? UDP : TCP;
- if (entry->hostname == NULL) {
- /* Added by a module, so transport is either TCP or UDP. */
- ai.ai_socktype = socktype_for_transport(entry->transport);
-@@ -850,8 +853,9 @@ resolve_server(krb5_context context, const krb5_data *realm,
- }
-
- /* For TCP_OR_UDP entries, add each address again with the non-preferred
-- * transport, unless we are avoiding UDP. Flag these as deferred. */
-- if (retval == 0 && entry->transport == TCP_OR_UDP && strategy != NO_UDP) {
-+ * transport, if there is one. Flag these as deferred. */
-+ if (retval == 0 && entry->transport == TCP_OR_UDP &&
-+ (strategy == UDP_FIRST || strategy == UDP_LAST)) {
- transport = (strategy == UDP_FIRST) ? TCP : UDP;
- for (a = addrs; a != 0 && retval == 0; a = a->ai_next) {
- a->ai_socktype = socktype_for_transport(transport);
---
-2.35.1
-
diff --git a/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch b/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch
deleted file mode 100644
index 4884d1f..0000000
--- a/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch
+++ /dev/null
@@ -1,236 +0,0 @@
-From 43e3bca2a711de257091454bc5e25a985340d847 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Fri, 26 Mar 2021 23:38:54 -0400
-Subject: [PATCH] Use KCM_OP_RETRIEVE in KCM client
-
-In kcm_retrieve(), try KCM_OP_RETRIEVE. Fall back to iteration if the
-server doesn't implement it, or if we can an answer incompatible with
-KRB5_TC_SUPPORTED_KTYPES.
-
-In kcmserver.py, implement partial decoding for creds and cred tags so
-that we can do a basic principal name match.
-
-ticket: 8997 (new)
-(cherry picked from commit 795ebba8c039be172ab93cd41105c73ffdba0fdb)
-(cherry picked from commit c56d4b87de0f30a38dc61d374ad225d02d581eb3)
----
- src/include/kcm.h | 2 +-
- src/lib/krb5/ccache/cc_kcm.c | 52 +++++++++++++++++++++++++++++++++---
- src/tests/kcmserver.py | 44 +++++++++++++++++++++++++++---
- src/tests/t_ccache.py | 11 +++++---
- 4 files changed, 99 insertions(+), 10 deletions(-)
-
-diff --git a/src/include/kcm.h b/src/include/kcm.h
-index 9b66f1cbd..85c20d345 100644
---- a/src/include/kcm.h
-+++ b/src/include/kcm.h
-@@ -87,7 +87,7 @@ typedef enum kcm_opcode {
- KCM_OP_INITIALIZE, /* (name, princ) -> () */
- KCM_OP_DESTROY, /* (name) -> () */
- KCM_OP_STORE, /* (name, cred) -> () */
-- KCM_OP_RETRIEVE,
-+ KCM_OP_RETRIEVE, /* (name, flags, credtag) -> (cred) */
- KCM_OP_GET_PRINCIPAL, /* (name) -> (princ) */
- KCM_OP_GET_CRED_UUID_LIST, /* (name) -> (uuid, ...) */
- KCM_OP_GET_CRED_BY_UUID, /* (name, uuid) -> (cred) */
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 46705f1da..23fcf13ea 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -826,9 +826,55 @@ static krb5_error_code KRB5_CALLCONV
- kcm_retrieve(krb5_context context, krb5_ccache cache, krb5_flags flags,
- krb5_creds *mcred, krb5_creds *cred_out)
- {
-- /* There is a KCM opcode for retrieving creds, but Heimdal's client doesn't
-- * use it. It causes the KCM daemon to actually make a TGS request. */
-- return k5_cc_retrieve_cred_default(context, cache, flags, mcred, cred_out);
-+ krb5_error_code ret;
-+ struct kcmreq req = EMPTY_KCMREQ;
-+ krb5_creds cred;
-+ krb5_enctype *enctypes = NULL;
-+
-+ memset(&cred, 0, sizeof(cred));
-+
-+ /* Include KCM_GC_CACHED in flags to prevent Heimdal's sssd from making a
-+ * TGS request itself. */
-+ kcmreq_init(&req, KCM_OP_RETRIEVE, cache);
-+ k5_buf_add_uint32_be(&req.reqbuf, map_tcflags(flags) | KCM_GC_CACHED);
-+ k5_marshal_mcred(&req.reqbuf, mcred);
-+ ret = cache_call(context, cache, &req);
-+
-+ /* Fall back to iteration if the server does not support retrieval. */
-+ if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) {
-+ ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred,
-+ cred_out);
-+ goto cleanup;
-+ }
-+ if (ret)
-+ goto cleanup;
-+
-+ ret = k5_unmarshal_cred(req.reply.ptr, req.reply.len, 4, &cred);
-+ if (ret)
-+ goto cleanup;
-+
-+ /* In rare cases we might retrieve a credential with a session key this
-+ * context can't support, in which case we must retry using iteration. */
-+ if (flags & KRB5_TC_SUPPORTED_KTYPES) {
-+ ret = krb5_get_tgs_ktypes(context, cred.server, &enctypes);
-+ if (ret)
-+ goto cleanup;
-+ if (!k5_etypes_contains(enctypes, cred.keyblock.enctype)) {
-+ ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred,
-+ cred_out);
-+ goto cleanup;
-+ }
-+ }
-+
-+ *cred_out = cred;
-+ memset(&cred, 0, sizeof(cred));
-+
-+cleanup:
-+ kcmreq_free(&req);
-+ krb5_free_cred_contents(context, &cred);
-+ free(enctypes);
-+ /* Heimdal's KCM returns KRB5_CC_END if no cred is found. */
-+ return (ret == KRB5_CC_END) ? KRB5_CC_NOTFOUND : map_invalid(ret);
- }
-
- static krb5_error_code KRB5_CALLCONV
-diff --git a/src/tests/kcmserver.py b/src/tests/kcmserver.py
-index 8c5e66ff1..25e6f2bbe 100644
---- a/src/tests/kcmserver.py
-+++ b/src/tests/kcmserver.py
-@@ -40,6 +40,7 @@ class KCMOpcodes(object):
- INITIALIZE = 4
- DESTROY = 5
- STORE = 6
-+ RETRIEVE = 7
- GET_PRINCIPAL = 8
- GET_CRED_UUID_LIST = 9
- GET_CRED_BY_UUID = 10
-@@ -54,6 +55,7 @@ class KCMOpcodes(object):
-
-
- class KRB5Errors(object):
-+ KRB5_CC_NOTFOUND = -1765328243
- KRB5_CC_END = -1765328242
- KRB5_CC_NOSUPP = -1765328137
- KRB5_FCC_NOFILE = -1765328189
-@@ -86,11 +88,29 @@ def get_cache(name):
- return cache
-
-
-+def unpack_data(argbytes):
-+ dlen, = struct.unpack('>L', argbytes[:4])
-+ return argbytes[4:dlen+4], argbytes[dlen+4:]
-+
-+
- def unmarshal_name(argbytes):
- offset = argbytes.find(b'\0')
- return argbytes[0:offset], argbytes[offset+1:]
-
-
-+def unmarshal_princ(argbytes):
-+ # Ignore the type at argbytes[0:4].
-+ ncomps, = struct.unpack('>L', argbytes[4:8])
-+ realm, rest = unpack_data(argbytes[8:])
-+ comps = []
-+ for i in range(ncomps):
-+ comp, rest = unpack_data(rest)
-+ comps.append(comp)
-+ # Asssume no quoting is needed.
-+ princ = b'/'.join(comps) + b'@' + realm
-+ return princ, rest
-+
-+
- def op_gen_new(argbytes):
- # Does not actually check for uniqueness.
- global next_unique
-@@ -126,6 +146,22 @@ def op_store(argbytes):
- return 0, b''
-
-
-+def op_retrieve(argbytes):
-+ name, rest = unmarshal_name(argbytes)
-+ # Ignore the flags at rest[0:4] and the header at rest[4:8].
-+ # Assume there are client and server creds in the tag and match
-+ # only against them.
-+ cprinc, rest = unmarshal_princ(rest[8:])
-+ sprinc, rest = unmarshal_princ(rest)
-+ cache = get_cache(name)
-+ for cred in (cache.creds[u] for u in cache.cred_uuids):
-+ cred_cprinc, rest = unmarshal_princ(cred)
-+ cred_sprinc, rest = unmarshal_princ(rest)
-+ if cred_cprinc == cprinc and cred_sprinc == sprinc:
-+ return 0, cred
-+ return KRB5Errors.KRB5_CC_NOTFOUND, b''
-+
-+
- def op_get_principal(argbytes):
- name, rest = unmarshal_name(argbytes)
- cache = get_cache(name)
-@@ -199,6 +235,7 @@ ophandlers = {
- KCMOpcodes.INITIALIZE : op_initialize,
- KCMOpcodes.DESTROY : op_destroy,
- KCMOpcodes.STORE : op_store,
-+ KCMOpcodes.RETRIEVE : op_retrieve,
- KCMOpcodes.GET_PRINCIPAL : op_get_principal,
- KCMOpcodes.GET_CRED_UUID_LIST : op_get_cred_uuid_list,
- KCMOpcodes.GET_CRED_BY_UUID : op_get_cred_by_uuid,
-@@ -243,10 +280,11 @@ def service_request(s):
- return True
-
- parser = optparse.OptionParser()
--parser.add_option('-c', '--credlist', action='store_true', dest='credlist',
-- default=False, help='Support KCM_OP_GET_CRED_LIST')
-+parser.add_option('-f', '--fallback', action='store_true', dest='fallback',
-+ default=False, help='Do not support RETRIEVE/GET_CRED_LIST')
- (options, args) = parser.parse_args()
--if not options.credlist:
-+if options.fallback:
-+ del ophandlers[KCMOpcodes.RETRIEVE]
- del ophandlers[KCMOpcodes.GET_CRED_LIST]
-
- server = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
-diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py
-index 90040fb7b..6ea9fb969 100755
---- a/src/tests/t_ccache.py
-+++ b/src/tests/t_ccache.py
-@@ -25,7 +25,7 @@ from k5test import *
- kcm_socket_path = os.path.join(os.getcwd(), 'testdir', 'kcm')
- conf = {'libdefaults': {'kcm_socket': kcm_socket_path,
- 'kcm_mach_service': '-'}}
--realm = K5Realm(create_host=False, krb5_conf=conf)
-+realm = K5Realm(krb5_conf=conf)
-
- keyctl = which('keyctl')
- out = realm.run([klist, '-c', 'KEYRING:process:abcd'], expected_code=1)
-@@ -71,6 +71,11 @@ def collection_test(realm, ccname):
- realm.kinit('alice', password('alice'))
- realm.run([klist], expected_msg='Default principal: alice@')
- realm.run([klist, '-A', '-s'])
-+ realm.run([kvno, realm.host_princ], expected_msg = 'kvno = 1')
-+ realm.run([kvno, realm.host_princ], expected_msg = 'kvno = 1')
-+ out = realm.run([klist])
-+ if out.count(realm.host_princ) != 1:
-+ fail('Wrong number of service tickets in cache')
- realm.run([kdestroy])
- output = realm.run([klist], expected_code=1)
- if 'No credentials cache' not in output and 'not found' not in output:
-@@ -126,14 +131,14 @@ def collection_test(realm, ccname):
-
- collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc'))
-
--# Test KCM without and with GET_CRED_LIST support.
-+# Test KCM with and without RETRIEVE and GET_CRED_LIST support.
- kcmserver_path = os.path.join(srctop, 'tests', 'kcmserver.py')
- kcmd = realm.start_server([sys.executable, kcmserver_path, kcm_socket_path],
- 'starting...')
- collection_test(realm, 'KCM:')
- stop_daemon(kcmd)
- os.remove(kcm_socket_path)
--realm.start_server([sys.executable, kcmserver_path, '-c', kcm_socket_path],
-+realm.start_server([sys.executable, kcmserver_path, '-f', kcm_socket_path],
- 'starting...')
- collection_test(realm, 'KCM:')
-
diff --git a/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch b/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch
deleted file mode 100644
index 12b4967..0000000
--- a/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch
+++ /dev/null
@@ -1,485 +0,0 @@
-From 21e3b9a4463f1d1aeb71de8a27c298f1307d186b Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Fri, 4 Oct 2019 14:49:29 -0400
-Subject: [PATCH] Use OpenSSL's KBKDF and KRB5KDF for deriving long-term keys
-
-If supported, use OpenSSL-provided KBKDF (aes-sha2 and camellia) and
-KRB5KDF (3des and aes-sha1). We already use OpenSSL's PBKDF2 where
-appropriate. OpenSSL added support for these KDFs in 3.0.
-
-OpenSSL's restrictions to use KRB5KDF in FIPS mode are bypassed in case
-AES SHA-1 HMAC encryption types are allowed by the crypto policy.
-
-(cherry picked from commit ef8d11f6fb1232201c9efd2ae2ed567023fb85d2)
-[rharwood@redhat.com: 3des removal]
----
- src/lib/crypto/krb/derive.c | 409 ++++++++++++++++++++++++++++--------
- 1 file changed, 324 insertions(+), 85 deletions(-)
-
-diff --git a/src/lib/crypto/krb/derive.c b/src/lib/crypto/krb/derive.c
-index 6707a7308..8e474b38e 100644
---- a/src/lib/crypto/krb/derive.c
-+++ b/src/lib/crypto/krb/derive.c
-@@ -27,6 +27,12 @@
-
- #include "crypto_int.h"
-
-+#ifdef HAVE_EVP_KDF_FETCH
-+#include <openssl/core_names.h>
-+#include <openssl/evp.h>
-+#include <openssl/kdf.h>
-+#endif
-+
- static krb5_key
- find_cached_dkey(struct derived_key *list, const krb5_data *constant)
- {
-@@ -77,55 +83,251 @@ cleanup:
- return ENOMEM;
- }
-
-+#ifdef HAVE_EVP_KDF_FETCH
- static krb5_error_code
--derive_random_rfc3961(const struct krb5_enc_provider *enc,
-- krb5_key inkey, krb5_data *outrnd,
-- const krb5_data *in_constant)
-+openssl_kbdkf_counter_hmac(const struct krb5_hash_provider *hash,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *label, const krb5_data *context)
- {
-- size_t blocksize, keybytes, n;
- krb5_error_code ret;
-- krb5_data block = empty_data();
-+ EVP_KDF *kdf = NULL;
-+ EVP_KDF_CTX *kctx = NULL;
-+ OSSL_PARAM params[6];
-+ size_t i = 0;
-+ char *digest;
-
-- blocksize = enc->block_size;
-- keybytes = enc->keybytes;
-+ /* On NULL hash, preserve default behavior for pbkdf2_string_to_key(). */
-+ if (hash == NULL || !strcmp(hash->hash_name, "SHA1")) {
-+ digest = "SHA1";
-+ } else if (!strcmp(hash->hash_name, "SHA-256")) {
-+ digest = "SHA256";
-+ } else if (!strcmp(hash->hash_name, "SHA-384")) {
-+ digest = "SHA384";
-+ } else {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-
-- if (blocksize == 1)
-- return KRB5_BAD_ENCTYPE;
-- if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes)
-+ kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL);
-+ if (!kdf) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ kctx = EVP_KDF_CTX_new(kdf);
-+ if (!kctx) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
-+ digest, 0);
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
-+ "HMAC", 0);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-+ inkey->keyblock.contents,
-+ inkey->keyblock.length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
-+ context->data,
-+ context->length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
-+ label->data,
-+ label->length);
-+ params[i] = OSSL_PARAM_construct_end();
-+ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length,
-+ params) <= 0) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ ret = 0;
-+done:
-+ if (ret)
-+ zap(outrnd->data, outrnd->length);
-+ EVP_KDF_free(kdf);
-+ EVP_KDF_CTX_free(kctx);
-+ return ret;
-+}
-+
-+static krb5_error_code
-+openssl_kbkdf_feedback_cmac(const struct krb5_enc_provider *enc,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *in_constant)
-+{
-+ krb5_error_code ret;
-+ EVP_KDF *kdf = NULL;
-+ EVP_KDF_CTX *kctx = NULL;
-+ OSSL_PARAM params[7];
-+ size_t i = 0;
-+ char *cipher;
-+ static unsigned char zeroes[16];
-+
-+ memset(zeroes, 0, sizeof(zeroes));
-+
-+ if (!memcmp(enc, &krb5int_enc_camellia128, sizeof(*enc))) {
-+ cipher = "CAMELLIA-128-CBC";
-+ } else if (!memcmp(enc, &krb5int_enc_camellia256, sizeof(*enc))) {
-+ cipher = "CAMELLIA-256-CBC";
-+ } else {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL);
-+ if (!kdf) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ kctx = EVP_KDF_CTX_new(kdf);
-+ if (!kctx) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
-+ "FEEDBACK", 0);
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
-+ "CMAC", 0);
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER,
-+ cipher, 0);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-+ inkey->keyblock.contents,
-+ inkey->keyblock.length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
-+ in_constant->data,
-+ in_constant->length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
-+ zeroes, sizeof(zeroes));
-+ params[i] = OSSL_PARAM_construct_end();
-+ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length,
-+ params) <= 0) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ ret = 0;
-+done:
-+ if (ret)
-+ zap(outrnd->data, outrnd->length);
-+ EVP_KDF_free(kdf);
-+ EVP_KDF_CTX_free(kctx);
-+ return ret;
-+}
-+
-+static krb5_error_code
-+openssl_krb5kdf(const struct krb5_enc_provider *enc, krb5_key inkey,
-+ krb5_data *outrnd, const krb5_data *in_constant)
-+{
-+ krb5_error_code ret;
-+ EVP_KDF *kdf = NULL;
-+ EVP_KDF_CTX *kctx = NULL;
-+ OSSL_PARAM params[4];
-+ size_t i = 0;
-+ char *cipher;
-+
-+ if (inkey->keyblock.length != enc->keylength ||
-+ outrnd->length != enc->keybytes) {
-+ return KRB5_CRYPTO_INTERNAL;
-+ }
-+
-+ if (!memcmp(enc, &krb5int_enc_aes128, sizeof(*enc))) {
-+ cipher = "AES-128-CBC";
-+ } else if (!memcmp(enc, &krb5int_enc_aes256, sizeof(*enc))) {
-+ cipher = "AES-256-CBC";
-+ } else {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ kdf = EVP_KDF_fetch(NULL, "KRB5KDF", "-fips");
-+ if (kdf == NULL) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ kctx = EVP_KDF_CTX_new(kdf);
-+ if (kctx == NULL) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER,
-+ cipher, 0);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-+ inkey->keyblock.contents,
-+ inkey->keyblock.length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT,
-+ in_constant->data,
-+ in_constant->length);
-+ params[i] = OSSL_PARAM_construct_end();
-+ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length,
-+ params) <= 0) {
-+ ret = KRB5_CRYPTO_INTERNAL;
-+ goto done;
-+ }
-+
-+ ret = 0;
-+done:
-+ if (ret)
-+ zap(outrnd->data, outrnd->length);
-+ EVP_KDF_free(kdf);
-+ EVP_KDF_CTX_free(kctx);
-+ return ret;
-+}
-+
-+#else /* HAVE_EVP_KDF_FETCH */
-+
-+/*
-+ * NIST SP800-108 KDF in counter mode (section 5.1).
-+ * Parameters:
-+ * - HMAC (with hash as the hash provider) is the PRF.
-+ * - A block counter of four bytes is used.
-+ * - Four bytes are used to encode the output length in the PRF input.
-+ *
-+ * There are no uses requiring more than a single PRF invocation.
-+ */
-+static krb5_error_code
-+builtin_sp800_108_counter_hmac(const struct krb5_hash_provider *hash,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *label,
-+ const krb5_data *context)
-+{
-+ krb5_crypto_iov iov[5];
-+ krb5_error_code ret;
-+ krb5_data prf;
-+ unsigned char ibuf[4], lbuf[4];
-+
-+ if (hash == NULL || outrnd->length > hash->hashsize)
- return KRB5_CRYPTO_INTERNAL;
-
- /* Allocate encryption data buffer. */
-- ret = alloc_data(&block, blocksize);
-+ ret = alloc_data(&prf, hash->hashsize);
- if (ret)
- return ret;
-
-- /* Initialize the input block. */
-- if (in_constant->length == blocksize) {
-- memcpy(block.data, in_constant->data, blocksize);
-- } else {
-- krb5int_nfold(in_constant->length * 8,
-- (unsigned char *) in_constant->data,
-- blocksize * 8, (unsigned char *) block.data);
-- }
-+ /* [i]2: four-byte big-endian binary string giving the block counter (1) */
-+ iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
-+ iov[0].data = make_data(ibuf, sizeof(ibuf));
-+ store_32_be(1, ibuf);
-+ /* Label */
-+ iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
-+ iov[1].data = *label;
-+ /* 0x00: separator byte */
-+ iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
-+ iov[2].data = make_data("", 1);
-+ /* Context */
-+ iov[3].flags = KRB5_CRYPTO_TYPE_DATA;
-+ iov[3].data = *context;
-+ /* [L]2: four-byte big-endian binary string giving the output length */
-+ iov[4].flags = KRB5_CRYPTO_TYPE_DATA;
-+ iov[4].data = make_data(lbuf, sizeof(lbuf));
-+ store_32_be(outrnd->length * 8, lbuf);
-
-- /* Loop encrypting the blocks until enough key bytes are generated. */
-- n = 0;
-- while (n < keybytes) {
-- ret = encrypt_block(enc, inkey, &block);
-- if (ret)
-- goto cleanup;
--
-- if ((keybytes - n) <= blocksize) {
-- memcpy(outrnd->data + n, block.data, (keybytes - n));
-- break;
-- }
--
-- memcpy(outrnd->data + n, block.data, blocksize);
-- n += blocksize;
-- }
--
--cleanup:
-- zapfree(block.data, blocksize);
-+ ret = krb5int_hmac(hash, inkey, iov, 5, &prf);
-+ if (!ret)
-+ memcpy(outrnd->data, prf.data, outrnd->length);
-+ zapfree(prf.data, prf.length);
- return ret;
- }
-
-@@ -139,9 +341,9 @@ cleanup:
- * - Four bytes are used to encode the output length in the PRF input.
- */
- static krb5_error_code
--derive_random_sp800_108_feedback_cmac(const struct krb5_enc_provider *enc,
-- krb5_key inkey, krb5_data *outrnd,
-- const krb5_data *in_constant)
-+builtin_sp800_108_feedback_cmac(const struct krb5_enc_provider *enc,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *in_constant)
- {
- size_t blocksize, keybytes, n;
- krb5_crypto_iov iov[6];
-@@ -204,56 +406,94 @@ cleanup:
- return ret;
- }
-
--/*
-- * NIST SP800-108 KDF in counter mode (section 5.1).
-- * Parameters:
-- * - HMAC (with hash as the hash provider) is the PRF.
-- * - A block counter of four bytes is used.
-- * - Four bytes are used to encode the output length in the PRF input.
-- *
-- * There are no uses requiring more than a single PRF invocation.
-- */
-+static krb5_error_code
-+builtin_derive_random_rfc3961(const struct krb5_enc_provider *enc,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *in_constant)
-+{
-+ size_t blocksize, keybytes, n;
-+ krb5_error_code ret;
-+ krb5_data block = empty_data();
-+
-+ blocksize = enc->block_size;
-+ keybytes = enc->keybytes;
-+
-+ if (blocksize == 1)
-+ return KRB5_BAD_ENCTYPE;
-+ if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes)
-+ return KRB5_CRYPTO_INTERNAL;
-+
-+ /* Allocate encryption data buffer. */
-+ ret = alloc_data(&block, blocksize);
-+ if (ret)
-+ return ret;
-+
-+ /* Initialize the input block. */
-+ if (in_constant->length == blocksize) {
-+ memcpy(block.data, in_constant->data, blocksize);
-+ } else {
-+ krb5int_nfold(in_constant->length * 8,
-+ (unsigned char *) in_constant->data,
-+ blocksize * 8, (unsigned char *) block.data);
-+ }
-+
-+ /* Loop encrypting the blocks until enough key bytes are generated. */
-+ n = 0;
-+ while (n < keybytes) {
-+ ret = encrypt_block(enc, inkey, &block);
-+ if (ret)
-+ goto cleanup;
-+
-+ if ((keybytes - n) <= blocksize) {
-+ memcpy(outrnd->data + n, block.data, (keybytes - n));
-+ break;
-+ }
-+
-+ memcpy(outrnd->data + n, block.data, blocksize);
-+ n += blocksize;
-+ }
-+
-+cleanup:
-+ zapfree(block.data, blocksize);
-+ return ret;
-+}
-+#endif /* HAVE_EVP_KDF_FETCH */
-+
- krb5_error_code
- k5_sp800_108_counter_hmac(const struct krb5_hash_provider *hash,
- krb5_key inkey, krb5_data *outrnd,
- const krb5_data *label, const krb5_data *context)
- {
-- krb5_crypto_iov iov[5];
-- krb5_error_code ret;
-- krb5_data prf;
-- unsigned char ibuf[4], lbuf[4];
-+#ifdef HAVE_EVP_KDF_FETCH
-+ return openssl_kbdkf_counter_hmac(hash, inkey, outrnd, label, context);
-+#else
-+ return builtin_sp800_108_counter_hmac(hash, inkey, outrnd, label,
-+ context);
-+#endif
-+}
-
-- if (hash == NULL || outrnd->length > hash->hashsize)
-- return KRB5_CRYPTO_INTERNAL;
-+static krb5_error_code
-+sp800_108_feedback_cmac(const struct krb5_enc_provider *enc,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *in_constant)
-+{
-+#ifdef HAVE_EVP_KDF_FETCH
-+ return openssl_kbkdf_feedback_cmac(enc, inkey, outrnd, in_constant);
-+#else
-+ return builtin_sp800_108_feedback_cmac(enc, inkey, outrnd, in_constant);
-+#endif
-+}
-
-- /* Allocate encryption data buffer. */
-- ret = alloc_data(&prf, hash->hashsize);
-- if (ret)
-- return ret;
--
-- /* [i]2: four-byte big-endian binary string giving the block counter (1) */
-- iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
-- iov[0].data = make_data(ibuf, sizeof(ibuf));
-- store_32_be(1, ibuf);
-- /* Label */
-- iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
-- iov[1].data = *label;
-- /* 0x00: separator byte */
-- iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
-- iov[2].data = make_data("", 1);
-- /* Context */
-- iov[3].flags = KRB5_CRYPTO_TYPE_DATA;
-- iov[3].data = *context;
-- /* [L]2: four-byte big-endian binary string giving the output length */
-- iov[4].flags = KRB5_CRYPTO_TYPE_DATA;
-- iov[4].data = make_data(lbuf, sizeof(lbuf));
-- store_32_be(outrnd->length * 8, lbuf);
--
-- ret = krb5int_hmac(hash, inkey, iov, 5, &prf);
-- if (!ret)
-- memcpy(outrnd->data, prf.data, outrnd->length);
-- zapfree(prf.data, prf.length);
-- return ret;
-+static krb5_error_code
-+derive_random_rfc3961(const struct krb5_enc_provider *enc,
-+ krb5_key inkey, krb5_data *outrnd,
-+ const krb5_data *in_constant)
-+{
-+#ifdef HAVE_EVP_KDF_FETCH
-+ return openssl_krb5kdf(enc, inkey, outrnd, in_constant);
-+#else
-+ return builtin_derive_random_rfc3961(enc, inkey, outrnd, in_constant);
-+#endif
- }
-
- krb5_error_code
-@@ -268,8 +508,7 @@ krb5int_derive_random(const struct krb5_enc_provider *enc,
- case DERIVE_RFC3961:
- return derive_random_rfc3961(enc, inkey, outrnd, in_constant);
- case DERIVE_SP800_108_CMAC:
-- return derive_random_sp800_108_feedback_cmac(enc, inkey, outrnd,
-- in_constant);
-+ return sp800_108_feedback_cmac(enc, inkey, outrnd, in_constant);
- case DERIVE_SP800_108_HMAC:
- return k5_sp800_108_counter_hmac(hash, inkey, outrnd, in_constant,
- &empty);
diff --git a/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch b/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch
deleted file mode 100644
index 0a9cde1..0000000
--- a/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch
+++ /dev/null
@@ -1,408 +0,0 @@
-From 8bbb492f2be1418e1e4bb2cf197414810dac9589 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Fri, 20 Sep 2019 17:20:59 -0400
-Subject: [PATCH] Use OpenSSL's SSKDF in PKINIT when available
-
-Starting in 3.0, OpenSSL implements SSKDF, which is the basis of our
-id-pkinit-kdf (RFC 8636). Factor out common setup code around
-other_info. Adjust code to comply to existing style.
-
-(cherry picked from commit 4376a22e41fb639be31daf81275a332d3f930996)
----
- .../preauth/pkinit/pkinit_crypto_openssl.c | 294 +++++++++++-------
- 1 file changed, 181 insertions(+), 113 deletions(-)
-
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index e1153344e..350c2118a 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -38,6 +38,12 @@
- #include <dirent.h>
- #include <arpa/inet.h>
-
-+#ifdef HAVE_EVP_KDF_FETCH
-+#include <openssl/core_names.h>
-+#include <openssl/kdf.h>
-+#include <openssl/params.h>
-+#endif
-+
- static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context );
- static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context );
-
-@@ -2294,15 +2300,16 @@ cleanup:
- }
-
-
--/**
-+/*
- * Given an algorithm_identifier, this function returns the hash length
- * and EVP function associated with that algorithm.
-+ *
-+ * RFC 8636 defines a SHA384 variant, but we don't use it.
- */
- static krb5_error_code
--pkinit_alg_values(krb5_context context,
-- const krb5_data *alg_id,
-- size_t *hash_bytes,
-- const EVP_MD *(**func)(void))
-+pkinit_alg_values(krb5_context context, const krb5_data *alg_id,
-+ size_t *hash_bytes, const EVP_MD *(**func)(void),
-+ char **hash_name)
- {
- *hash_bytes = 0;
- *func = NULL;
-@@ -2311,18 +2318,21 @@ pkinit_alg_values(krb5_context context,
- krb5_pkinit_sha1_oid_len))) {
- *hash_bytes = 20;
- *func = &EVP_sha1;
-+ *hash_name = strdup("SHA1");
- return 0;
- } else if ((alg_id->length == krb5_pkinit_sha256_oid_len) &&
- (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid,
- krb5_pkinit_sha256_oid_len))) {
- *hash_bytes = 32;
- *func = &EVP_sha256;
-+ *hash_name = strdup("SHA256");
- return 0;
- } else if ((alg_id->length == krb5_pkinit_sha512_oid_len) &&
- (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid,
- krb5_pkinit_sha512_oid_len))) {
- *hash_bytes = 64;
- *func = &EVP_sha512;
-+ *hash_name = strdup("SHA512");
- return 0;
- } else {
- krb5_set_error_message(context, KRB5_ERR_BAD_S2K_PARAMS,
-@@ -2331,11 +2341,60 @@ pkinit_alg_values(krb5_context context,
- }
- } /* pkinit_alg_values() */
-
-+#ifdef HAVE_EVP_KDF_FETCH
-+static krb5_error_code
-+openssl_sskdf(krb5_context context, size_t hash_bytes, krb5_data *key,
-+ krb5_data *info, char *out, size_t out_len, char *digest)
-+{
-+ krb5_error_code ret;
-+ EVP_KDF *kdf = NULL;
-+ EVP_KDF_CTX *kctx = NULL;
-+ OSSL_PARAM params[4];
-+ size_t i = 0;
-
--/* pkinit_alg_agility_kdf() --
-- * This function generates a key using the KDF described in
-- * draft_ietf_krb_wg_pkinit_alg_agility-04.txt. The algorithm is
-- * described as follows:
-+ if (digest == NULL) {
-+ ret = oerr(context, ENOMEM,
-+ _("Failed to allocate space for digest algorithm name"));
-+ goto done;
-+ }
-+
-+ kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
-+ if (kdf == NULL) {
-+ ret = oerr(context, KRB5_CRYPTO_INTERNAL, _("Failed to fetch SSKDF"));
-+ goto done;
-+ }
-+
-+ kctx = EVP_KDF_CTX_new(kdf);
-+ if (!kctx) {
-+ ret = oerr(context, KRB5_CRYPTO_INTERNAL,
-+ _("Failed to instantiate SSKDF"));
-+ goto done;
-+ }
-+
-+ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
-+ digest, 0);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-+ key->data, key->length);
-+ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
-+ info->data, info->length);
-+ params[i] = OSSL_PARAM_construct_end();
-+ if (EVP_KDF_derive(kctx, (unsigned char *)out, out_len, params) <= 0) {
-+ ret = oerr(context, KRB5_CRYPTO_INTERNAL,
-+ _("Failed to derive key using SSKDF"));
-+ goto done;
-+ }
-+
-+ ret = 0;
-+done:
-+ EVP_KDF_free(kdf);
-+ EVP_KDF_CTX_free(kctx);
-+ return ret;
-+}
-+#else
-+/*
-+ * Generate a key using the KDF described in RFC 8636, also known as SSKDF
-+ * (single-step kdf). Our caller precomputes `reps`, but otherwise the
-+ * algorithm is as follows:
- *
- * 1. reps = keydatalen (K) / hash length (H)
- *
-@@ -2349,95 +2408,16 @@ pkinit_alg_values(krb5_context context,
- *
- * 4. Set key = Hash1 || Hash2 || ... so that length of key is K bytes.
- */
--krb5_error_code
--pkinit_alg_agility_kdf(krb5_context context,
-- krb5_data *secret,
-- krb5_data *alg_oid,
-- krb5_const_principal party_u_info,
-- krb5_const_principal party_v_info,
-- krb5_enctype enctype,
-- krb5_data *as_req,
-- krb5_data *pk_as_rep,
-- krb5_keyblock *key_block)
-+static krb5_error_code
-+builtin_sskdf(krb5_context context, unsigned int reps, size_t hash_len,
-+ const EVP_MD *(*EVP_func)(void), krb5_data *secret,
-+ krb5_data *other_info, char *out, size_t out_len)
- {
-- krb5_error_code retval = 0;
-+ krb5_error_code ret = 0;
-
-- unsigned int reps = 0;
-- uint32_t counter = 1; /* Does this type work on Windows? */
-+ uint32_t counter = 1;
- size_t offset = 0;
-- size_t hash_len = 0;
-- size_t rand_len = 0;
-- size_t key_len = 0;
-- krb5_data random_data;
-- krb5_sp80056a_other_info other_info_fields;
-- krb5_pkinit_supp_pub_info supp_pub_info_fields;
-- krb5_data *other_info = NULL;
-- krb5_data *supp_pub_info = NULL;
-- krb5_algorithm_identifier alg_id;
- EVP_MD_CTX *ctx = NULL;
-- const EVP_MD *(*EVP_func)(void);
--
-- /* initialize random_data here to make clean-up safe */
-- random_data.length = 0;
-- random_data.data = NULL;
--
-- /* allocate and initialize the key block */
-- key_block->magic = 0;
-- key_block->enctype = enctype;
-- if (0 != (retval = krb5_c_keylengths(context, enctype, &rand_len,
-- &key_len)))
-- goto cleanup;
--
-- random_data.length = rand_len;
-- key_block->length = key_len;
--
-- if (NULL == (key_block->contents = malloc(key_block->length))) {
-- retval = ENOMEM;
-- goto cleanup;
-- }
--
-- memset (key_block->contents, 0, key_block->length);
--
-- /* If this is anonymous pkinit, use the anonymous principle for party_u_info */
-- if (party_u_info && krb5_principal_compare_any_realm(context, party_u_info,
-- krb5_anonymous_principal()))
-- party_u_info = (krb5_principal)krb5_anonymous_principal();
--
-- if (0 != (retval = pkinit_alg_values(context, alg_oid, &hash_len, &EVP_func)))
-- goto cleanup;
--
-- /* 1. reps = keydatalen (K) / hash length (H) */
-- reps = key_block->length/hash_len;
--
-- /* ... and round up, if necessary */
-- if (key_block->length > (reps * hash_len))
-- reps++;
--
-- /* Allocate enough space in the random data buffer to hash directly into
-- * it, even if the last hash will make it bigger than the key length. */
-- if (NULL == (random_data.data = malloc(reps * hash_len))) {
-- retval = ENOMEM;
-- goto cleanup;
-- }
--
-- /* Encode the ASN.1 octet string for "SuppPubInfo" */
-- supp_pub_info_fields.enctype = enctype;
-- supp_pub_info_fields.as_req = *as_req;
-- supp_pub_info_fields.pk_as_rep = *pk_as_rep;
-- if (0 != ((retval = encode_krb5_pkinit_supp_pub_info(&supp_pub_info_fields,
-- &supp_pub_info))))
-- goto cleanup;
--
-- /* Now encode the ASN.1 octet string for "OtherInfo" */
-- memset(&alg_id, 0, sizeof alg_id);
-- alg_id.algorithm = *alg_oid; /*alias*/
--
-- other_info_fields.algorithm_identifier = alg_id;
-- other_info_fields.party_u_info = (krb5_principal) party_u_info;
-- other_info_fields.party_v_info = (krb5_principal) party_v_info;
-- other_info_fields.supp_pub_info = *supp_pub_info;
-- if (0 != (retval = encode_krb5_sp80056a_other_info(&other_info_fields, &other_info)))
-- goto cleanup;
-
- /* 2. Initialize a 32-bit, big-endian bit string counter as 1.
- * 3. For i = 1 to reps by 1, do the following:
-@@ -2450,7 +2430,7 @@ pkinit_alg_agility_kdf(krb5_context context,
-
- ctx = EVP_MD_CTX_new();
- if (ctx == NULL) {
-- retval = KRB5_CRYPTO_INTERNAL;
-+ ret = KRB5_CRYPTO_INTERNAL;
- goto cleanup;
- }
-
-@@ -2458,7 +2438,7 @@ pkinit_alg_agility_kdf(krb5_context context,
- if (!EVP_DigestInit(ctx, EVP_func())) {
- krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL,
- "Call to OpenSSL EVP_DigestInit() returned an error.");
-- retval = KRB5_CRYPTO_INTERNAL;
-+ ret = KRB5_CRYPTO_INTERNAL;
- goto cleanup;
- }
-
-@@ -2467,15 +2447,16 @@ pkinit_alg_agility_kdf(krb5_context context,
- !EVP_DigestUpdate(ctx, other_info->data, other_info->length)) {
- krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL,
- "Call to OpenSSL EVP_DigestUpdate() returned an error.");
-- retval = KRB5_CRYPTO_INTERNAL;
-+ ret = KRB5_CRYPTO_INTERNAL;
- goto cleanup;
- }
-
-- /* 4. Set key = Hash1 || Hash2 || ... so that length of key is K bytes. */
-- if (!EVP_DigestFinal(ctx, (uint8_t *)random_data.data + offset, &s)) {
-+ /* 4. Set key = Hash1 || Hash2 || ... so that length of key is K
-+ * bytes. */
-+ if (!EVP_DigestFinal(ctx, (unsigned char *)out + offset, &s)) {
- krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL,
- "Call to OpenSSL EVP_DigestUpdate() returned an error.");
-- retval = KRB5_CRYPTO_INTERNAL;
-+ ret = KRB5_CRYPTO_INTERNAL;
- goto cleanup;
- }
- offset += s;
-@@ -2484,26 +2465,113 @@ pkinit_alg_agility_kdf(krb5_context context,
- EVP_MD_CTX_free(ctx);
- ctx = NULL;
- }
--
-- retval = krb5_c_random_to_key(context, enctype, &random_data,
-- key_block);
--
- cleanup:
- EVP_MD_CTX_free(ctx);
-+ return ret;
-+} /* builtin_sskdf() */
-+#endif /* HAVE_EVP_KDF_FETCH */
-
-- /* If this has been an error, free the allocated key_block, if any */
-- if (retval) {
-- krb5_free_keyblock_contents(context, key_block);
-+/* id-pkinit-kdf family, as specified by RFC 8636. */
-+krb5_error_code
-+pkinit_alg_agility_kdf(krb5_context context, krb5_data *secret,
-+ krb5_data *alg_oid, krb5_const_principal party_u_info,
-+ krb5_const_principal party_v_info,
-+ krb5_enctype enctype, krb5_data *as_req,
-+ krb5_data *pk_as_rep, krb5_keyblock *key_block)
-+{
-+ krb5_error_code ret;
-+ size_t hash_len = 0, rand_len = 0, key_len = 0;
-+ const EVP_MD *(*EVP_func)(void);
-+ krb5_sp80056a_other_info other_info_fields;
-+ krb5_pkinit_supp_pub_info supp_pub_info_fields;
-+ krb5_data *other_info = NULL, *supp_pub_info = NULL;
-+ krb5_data random_data = empty_data();
-+ krb5_algorithm_identifier alg_id;
-+ unsigned int reps;
-+ char *hash_name = NULL;
-+
-+ /* Allocate and initialize the key block. */
-+ key_block->magic = 0;
-+ key_block->enctype = enctype;
-+
-+ /* Use separate variables to avoid alignment restriction problems. */
-+ ret = krb5_c_keylengths(context, enctype, &rand_len, &key_len);
-+ if (ret)
-+ goto cleanup;
-+ random_data.length = rand_len;
-+ key_block->length = key_len;
-+
-+ key_block->contents = k5calloc(key_block->length, 1, &ret);
-+ if (key_block->contents == NULL)
-+ goto cleanup;
-+
-+ /* If this is anonymous pkinit, use the anonymous principle for
-+ * party_u_info. */
-+ if (party_u_info &&
-+ krb5_principal_compare_any_realm(context, party_u_info,
-+ krb5_anonymous_principal())) {
-+ party_u_info = (krb5_principal)krb5_anonymous_principal();
- }
-
-- /* free other allocated resources, either way */
-- if (random_data.data)
-- free(random_data.data);
-+ ret = pkinit_alg_values(context, alg_oid, &hash_len, &EVP_func,
-+ &hash_name);
-+ if (ret)
-+ goto cleanup;
-+
-+ /* 1. reps = keydatalen (K) / hash length (H) */
-+ reps = key_block->length / hash_len;
-+
-+ /* ... and round up, if necessary. */
-+ if (key_block->length > (reps * hash_len))
-+ reps++;
-+
-+ /* Allocate enough space in the random data buffer to hash directly into
-+ * it, even if the last hash will make it bigger than the key length. */
-+ random_data.data = k5alloc(reps * hash_len, &ret);
-+ if (random_data.data == NULL)
-+ goto cleanup;
-+
-+ /* Encode the ASN.1 octet string for "SuppPubInfo". */
-+ supp_pub_info_fields.enctype = enctype;
-+ supp_pub_info_fields.as_req = *as_req;
-+ supp_pub_info_fields.pk_as_rep = *pk_as_rep;
-+ ret = encode_krb5_pkinit_supp_pub_info(&supp_pub_info_fields,
-+ &supp_pub_info);
-+ if (ret)
-+ goto cleanup;
-+
-+ /* Now encode the ASN.1 octet string for "OtherInfo". */
-+ memset(&alg_id, 0, sizeof(alg_id));
-+ alg_id.algorithm = *alg_oid;
-+ other_info_fields.algorithm_identifier = alg_id;
-+ other_info_fields.party_u_info = (krb5_principal)party_u_info;
-+ other_info_fields.party_v_info = (krb5_principal)party_v_info;
-+ other_info_fields.supp_pub_info = *supp_pub_info;
-+ ret = encode_krb5_sp80056a_other_info(&other_info_fields, &other_info);
-+ if (ret)
-+ goto cleanup;
-+
-+#ifdef HAVE_EVP_KDF_FETCH
-+ ret = openssl_sskdf(context, hash_len, secret, other_info,
-+ random_data.data, key_block->length, hash_name);
-+#else
-+ ret = builtin_sskdf(context, reps, hash_len, EVP_func, secret,
-+ other_info, random_data.data, key_block->length);
-+#endif
-+ if (ret)
-+ goto cleanup;
-+
-+ ret = krb5_c_random_to_key(context, enctype, &random_data, key_block);
-+cleanup:
-+ if (ret)
-+ krb5_free_keyblock_contents(context, key_block);
-+
-+ free(hash_name);
-+ zapfree(random_data.data, random_data.length);
- krb5_free_data(context, other_info);
- krb5_free_data(context, supp_pub_info);
--
-- return retval;
--} /*pkinit_alg_agility_kdf() */
-+ return ret;
-+}
-
- /* Call DH_compute_key() and ensure that we left-pad short results instead of
- * leaving junk bytes at the end of the buffer. */
diff --git a/SOURCES/Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch b/SOURCES/Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch
deleted file mode 100644
index 170d58d..0000000
--- a/SOURCES/Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-From f0740c131b69f3346f07e7b7b03ebf27c50c0ccd Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Fri, 11 Mar 2022 11:33:56 +0100
-Subject: [PATCH] Use SHA-256 instead of SHA-1 for PKINIT CMS digest
-
-Various organizations including NIST have been strongly recommending to
-stop using SHA-1 for digital signatures for some years already. CMS
-digest is used to generate such signatures, hence it should be upgraded
-to use SHA-256.
----
- .../preauth/pkinit/pkinit_crypto_openssl.c | 27 ++++++++++---------
- 1 file changed, 14 insertions(+), 13 deletions(-)
-
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index 42e5c581d..2a6ef4aaa 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -1240,7 +1240,7 @@ cms_signeddata_create(krb5_context context,
- /* will not fill-out EVP_PKEY because it's on the smartcard */
-
- /* Set digest algs */
-- p7si->digest_alg->algorithm = OBJ_nid2obj(NID_sha1);
-+ p7si->digest_alg->algorithm = OBJ_nid2obj(NID_sha256);
-
- if (p7si->digest_alg->parameter != NULL)
- ASN1_TYPE_free(p7si->digest_alg->parameter);
-@@ -1251,17 +1251,17 @@ cms_signeddata_create(krb5_context context,
- /* Set sig algs */
- if (p7si->digest_enc_alg->parameter != NULL)
- ASN1_TYPE_free(p7si->digest_enc_alg->parameter);
-- p7si->digest_enc_alg->algorithm = OBJ_nid2obj(NID_sha1WithRSAEncryption);
-+ p7si->digest_enc_alg->algorithm = OBJ_nid2obj(NID_sha256WithRSAEncryption);
- if (!(p7si->digest_enc_alg->parameter = ASN1_TYPE_new()))
- goto cleanup;
- p7si->digest_enc_alg->parameter->type = V_ASN1_NULL;
-
- /* add signed attributes */
-- /* compute sha1 digest over the EncapsulatedContentInfo */
-+ /* compute sha256 digest over the EncapsulatedContentInfo */
- ctx = EVP_MD_CTX_new();
- if (ctx == NULL)
- goto cleanup;
-- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
-+ EVP_DigestInit_ex(ctx, EVP_sha256(), NULL);
- EVP_DigestUpdate(ctx, data, data_len);
- md_tmp = EVP_MD_CTX_md(ctx);
- EVP_DigestFinal_ex(ctx, md_data, &md_len);
-@@ -1289,9 +1289,10 @@ cms_signeddata_create(krb5_context context,
- goto cleanup2;
-
- #ifndef WITHOUT_PKCS11
-- /* Some tokens can only do RSAEncryption without sha1 hash */
-- /* to compute sha1WithRSAEncryption, encode the algorithm ID for the hash
-- * function and the hash value into an ASN.1 value of type DigestInfo
-+ /* Some tokens can only do RSAEncryption without sha256 hash */
-+ /* to compute sha256WithRSAEncryption, encode the algorithm ID for the
-+ * hash function and the hash value into an ASN.1 value of type
-+ * DigestInfo
- * DigestInfo::=SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING }
-@@ -1310,7 +1311,7 @@ cms_signeddata_create(krb5_context context,
- alg = X509_ALGOR_new();
- if (alg == NULL)
- goto cleanup2;
-- X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sha1), V_ASN1_NULL, NULL);
-+ X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sha256), V_ASN1_NULL, NULL);
- alg_len = i2d_X509_ALGOR(alg, NULL);
-
- digest = ASN1_OCTET_STRING_new();
-@@ -1339,7 +1340,7 @@ cms_signeddata_create(krb5_context context,
- #endif
- {
- pkiDebug("mech = %s\n",
-- id_cryptoctx->pkcs11_method == 1 ? "CKM_SHA1_RSA_PKCS" : "FS");
-+ id_cryptoctx->pkcs11_method == 1 ? "CKM_SHA256_RSA_PKCS" : "FS");
- retval = pkinit_sign_data(context, id_cryptoctx, abuf, alen,
- &sig, &sig_len);
- }
-@@ -4189,7 +4190,7 @@ create_signature(unsigned char **sig, unsigned int *sig_len,
- ctx = EVP_MD_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-- EVP_SignInit(ctx, EVP_sha1());
-+ EVP_SignInit(ctx, EVP_sha256());
- EVP_SignUpdate(ctx, data, data_len);
- *sig_len = EVP_PKEY_size(pkey);
- if ((*sig = malloc(*sig_len)) == NULL)
-@@ -4663,10 +4664,10 @@ pkinit_get_certs_pkcs11(krb5_context context,
-
- #ifndef PKINIT_USE_MECH_LIST
- /*
-- * We'd like to use CKM_SHA1_RSA_PKCS for signing if it's available, but
-+ * We'd like to use CKM_SHA256_RSA_PKCS for signing if it's available, but
- * many cards seems to be confused about whether they are capable of
- * this or not. The safe thing seems to be to ignore the mechanism list,
-- * always use CKM_RSA_PKCS and calculate the sha1 digest ourselves.
-+ * always use CKM_RSA_PKCS and calculate the sha256 digest ourselves.
- */
-
- id_cryptoctx->mech = CKM_RSA_PKCS;
-@@ -4694,7 +4695,7 @@ pkinit_get_certs_pkcs11(krb5_context context,
- if (mechp[i] == CKM_RSA_PKCS) {
- /* This seems backwards... */
- id_cryptoctx->mech =
-- (info.flags & CKF_SIGN) ? CKM_SHA1_RSA_PKCS : CKM_RSA_PKCS;
-+ (info.flags & CKF_SIGN) ? CKM_SHA256_RSA_PKCS : CKM_RSA_PKCS;
- }
- }
- free(mechp);
---
-2.35.1
-
diff --git a/SOURCES/downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch b/SOURCES/downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch
deleted file mode 100644
index 78922f6..0000000
--- a/SOURCES/downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From 790f485cf57e4de65351c29c41666db6370ef367 Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Thu, 5 May 2022 17:15:12 +0200
-Subject: [PATCH] Allow krad UDP/TCP localhost connection with FIPS
-
-libkrad allows to establish connections only to UNIX socket in FIPS
-mode, because MD5 digest is not considered safe enough to be used for
-network communication. However, FreeRadius requires connection on TCP or
-UDP ports.
-
-This commit allows TCP or UDP connections in FIPS mode if destination is
-localhost.
-
-Resolves: rhbz#2068458
----
- src/lib/krad/remote.c | 36 ++++++++++++++++++++++++++++++++++--
- 1 file changed, 34 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
-index eca432424..c8912892c 100644
---- a/src/lib/krad/remote.c
-+++ b/src/lib/krad/remote.c
-@@ -33,6 +33,7 @@
-
- #include <string.h>
- #include <unistd.h>
-+#include <stdbool.h>
-
- #include <sys/un.h>
-
-@@ -74,6 +75,36 @@ on_io(verto_ctx *ctx, verto_ev *ev);
- static void
- on_timeout(verto_ctx *ctx, verto_ev *ev);
-
-+static in_addr_t get_in_addr(struct addrinfo *info)
-+{ return ((struct sockaddr_in *)(info->ai_addr))->sin_addr.s_addr; }
-+
-+static struct in6_addr *get_in6_addr(struct addrinfo *info)
-+{ return &(((struct sockaddr_in6 *)(info->ai_addr))->sin6_addr); }
-+
-+static bool is_inet_localhost(struct addrinfo *info)
-+{
-+ struct addrinfo *p;
-+
-+ for (p = info; p; p = p->ai_next) {
-+ switch (p->ai_family) {
-+ case AF_INET:
-+ if (IN_LOOPBACKNET != (get_in_addr(p) & IN_CLASSA_NET
-+ >> IN_CLASSA_NSHIFT))
-+ return false;
-+ break;
-+ case AF_INET6:
-+ if (!IN6_IS_ADDR_LOOPBACK(get_in6_addr(p)))
-+ return false;
-+ break;
-+ default:
-+ return false;
-+ }
-+ }
-+
-+ return true;
-+}
-+
-+
- /* Iterate over the set of outstanding packets. */
- static const krad_packet *
- iterator(request **out)
-@@ -455,8 +486,9 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
- (krad_packet_iter_cb)iterator, &r, &tmp);
- if (retval != 0)
- goto error;
-- else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL &&
-- rr->info->ai_family != AF_UNIX) {
-+ else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL
-+ && rr->info->ai_family != AF_UNIX
-+ && !is_inet_localhost(rr->info)) {
- /* This would expose cleartext passwords, so abort. */
- retval = ESOCKTNOSUPPORT;
- goto error;
---
-2.35.1
-
diff --git a/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch b/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
deleted file mode 100644
index ba49d8c..0000000
--- a/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
+++ /dev/null
@@ -1,699 +0,0 @@
-From 4f8cba1780bc167c52de2a791cad6a1817508bbe Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Wed, 23 Feb 2022 17:34:33 +0100
-Subject: [PATCH] [downstream] FIPS with PRNG and RADIUS and MD4
-
-NB: Use openssl's PRNG in FIPS mode and taint within krad.
-
-A lot of the FIPS error conditions from OpenSSL are incredibly
-mysterious (at best, things return NULL unexpectedly; at worst,
-internal assertions are tripped; most of the time, you just get
-ENOMEM). In order to cope with this, we need to have some level of
-awareness of what we can and can't safely call.
-
-This will slow down some calls slightly (FIPS_mode() takes multiple
-locks), but not for any ciphers we care about - which is to say that
-AES is fine. Shame about SPAKE though.
-
-post6 restores MD4 (and therefore keygen-only RC4).
-
-post7 restores MD5 and adds radius_md5_fips_override.
-
-post8 restores MD4/MD5 for OpenSSL 3.0
-
-Use OpenSSL 3.0 library context to access MD4 and MD5 lazily from
-legacy provider if RC4 encryption type is enabled, without affecting
-global context.
-
-Remove EVP_MD_CTX_FLAG_NON_FIPS_ALLOW flag since does not have any
-effect anymore.
-
-post9 load both default and legacy provider into library context
-
-Last-updated: krb5-1.19
----
- doc/admin/conf_files/krb5_conf.rst | 6 ++
- src/lib/crypto/krb/prng.c | 11 ++-
- .../crypto/openssl/enc_provider/camellia.c | 6 ++
- src/lib/crypto/openssl/enc_provider/rc4.c | 13 ++-
- .../crypto/openssl/hash_provider/hash_evp.c | 93 ++++++++++++++++++-
- src/lib/crypto/openssl/hmac.c | 6 +-
- src/lib/krad/attr.c | 46 ++++++---
- src/lib/krad/attrset.c | 5 +-
- src/lib/krad/internal.h | 28 +++++-
- src/lib/krad/packet.c | 22 +++--
- src/lib/krad/remote.c | 10 +-
- src/lib/krad/t_attr.c | 3 +-
- src/lib/krad/t_attrset.c | 4 +-
- src/plugins/preauth/spake/spake_client.c | 6 ++
- src/plugins/preauth/spake/spake_kdc.c | 6 ++
- 15 files changed, 230 insertions(+), 35 deletions(-)
-
-diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
-index 675175955..adba8238d 100644
---- a/doc/admin/conf_files/krb5_conf.rst
-+++ b/doc/admin/conf_files/krb5_conf.rst
-@@ -330,6 +330,12 @@ The libdefaults section may contain any of the following relations:
- qualification of shortnames, set this relation to the empty string
- with ``qualify_shortname = ""``. (New in release 1.18.)
-
-+**radius_md5_fips_override**
-+ Downstream-only option to enable use of MD5 in RADIUS
-+ communication (libkrad). This allows for local (or protected
-+ tunnel) communication with a RADIUS server that doesn't use krad
-+ (e.g., freeradius) while in FIPS mode.
-+
- **rdns**
- If this flag is true, reverse name lookup will be used in addition
- to forward name lookup to canonicalizing hostnames for use in
-diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c
-index cb9ca9b98..f0e9984ca 100644
---- a/src/lib/crypto/krb/prng.c
-+++ b/src/lib/crypto/krb/prng.c
-@@ -26,6 +26,8 @@
-
- #include "crypto_int.h"
-
-+#include <openssl/rand.h>
-+
- krb5_error_code KRB5_CALLCONV
- krb5_c_random_seed(krb5_context context, krb5_data *data)
- {
-@@ -99,9 +101,16 @@ krb5_boolean
- k5_get_os_entropy(unsigned char *buf, size_t len, int strong)
- {
- const char *device;
--#if defined(__linux__) && defined(SYS_getrandom)
- int r;
-
-+ /* A wild FIPS mode appeared! */
-+ if (FIPS_mode()) {
-+ /* The return codes on this API are not good */
-+ r = RAND_bytes(buf, len);
-+ return r == 1;
-+ }
-+
-+#if defined(__linux__) && defined(SYS_getrandom)
- while (len > 0) {
- /*
- * Pull from the /dev/urandom pool, but require it to have been seeded.
-diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c
-index 2da691329..f79679a0b 100644
---- a/src/lib/crypto/openssl/enc_provider/camellia.c
-+++ b/src/lib/crypto/openssl/enc_provider/camellia.c
-@@ -304,6 +304,9 @@ krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
- unsigned char blockY[CAMELLIA_BLOCK_SIZE], blockB[CAMELLIA_BLOCK_SIZE];
- struct iov_cursor cursor;
-
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- if (output->length < CAMELLIA_BLOCK_SIZE)
- return KRB5_BAD_MSIZE;
-
-@@ -331,6 +334,9 @@ static krb5_error_code
- krb5int_camellia_init_state (const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state)
- {
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- state->length = 16;
- state->data = (void *) malloc(16);
- if (state->data == NULL)
-diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
-index bc87c6f42..9bf407899 100644
---- a/src/lib/crypto/openssl/enc_provider/rc4.c
-+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
-@@ -66,6 +66,9 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
- EVP_CIPHER_CTX *ctx = NULL;
- struct arcfour_state *arcstate;
-
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- arcstate = (state != NULL) ? (void *)state->data : NULL;
- if (arcstate != NULL) {
- ctx = arcstate->ctx;
-@@ -113,7 +116,12 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
- static void
- k5_arcfour_free_state(krb5_data *state)
- {
-- struct arcfour_state *arcstate = (void *)state->data;
-+ struct arcfour_state *arcstate;
-+
-+ if (FIPS_mode())
-+ return;
-+
-+ arcstate = (void *) state->data;
-
- EVP_CIPHER_CTX_free(arcstate->ctx);
- free(arcstate);
-@@ -125,6 +133,9 @@ k5_arcfour_init_state(const krb5_keyblock *key,
- {
- struct arcfour_state *arcstate;
-
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- /*
- * The cipher state here is a saved pointer to a struct arcfour_state
- * object, rather than a flat byte array as in most enc providers. The
-diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
-index 1e0fb8fc3..57bca3fec 100644
---- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
-+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
-@@ -32,6 +32,46 @@
-
- #include "crypto_int.h"
- #include <openssl/evp.h>
-+#include <openssl/provider.h>
-+#include <threads.h>
-+
-+typedef struct ossl_lib_md_context {
-+ OSSL_LIB_CTX *libctx;
-+ OSSL_PROVIDER *default_provider;
-+ OSSL_PROVIDER *legacy_provider;
-+} ossl_md_context_t;
-+
-+static thread_local ossl_md_context_t *ossl_md_ctx = NULL;
-+
-+static krb5_error_code
-+init_ossl_md_ctx(ossl_md_context_t *ctx, const char *algo)
-+{
-+ ctx->libctx = OSSL_LIB_CTX_new();
-+ if (!ctx->libctx)
-+ return KRB5_CRYPTO_INTERNAL;
-+
-+ /* Load both legacy and default provider as both may be needed. */
-+ ctx->default_provider = OSSL_PROVIDER_load(ctx->libctx, "default");
-+ ctx->legacy_provider = OSSL_PROVIDER_load(ctx->libctx, "legacy");
-+
-+ if (!(ctx->default_provider && ctx->legacy_provider))
-+ return KRB5_CRYPTO_INTERNAL;
-+
-+ return 0;
-+}
-+
-+static void
-+deinit_ossl_ctx(ossl_md_context_t *ctx)
-+{
-+ if (ctx->legacy_provider)
-+ OSSL_PROVIDER_unload(ctx->legacy_provider);
-+
-+ if (ctx->default_provider)
-+ OSSL_PROVIDER_unload(ctx->default_provider);
-+
-+ if (ctx->libctx)
-+ OSSL_LIB_CTX_free(ctx->libctx);
-+}
-
- static krb5_error_code
- hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
-@@ -61,16 +101,65 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
- return ok ? 0 : KRB5_CRYPTO_INTERNAL;
- }
-
-+static krb5_error_code
-+hash_legacy_evp(const char *algo, const krb5_crypto_iov *data, size_t num_data,
-+ krb5_data *output)
-+{
-+ krb5_error_code err;
-+ EVP_MD *md = NULL;
-+
-+ if (!ossl_md_ctx) {
-+ ossl_md_ctx = malloc(sizeof(ossl_md_context_t));
-+ if (!ossl_md_ctx) {
-+ err = ENOMEM;
-+ goto end;
-+ }
-+
-+ err = init_ossl_md_ctx(ossl_md_ctx, algo);
-+ if (err) {
-+ deinit_ossl_ctx(ossl_md_ctx);
-+ free(ossl_md_ctx);
-+ ossl_md_ctx = NULL;
-+ goto end;
-+ }
-+ }
-+
-+ md = EVP_MD_fetch(ossl_md_ctx->libctx, algo, NULL);
-+ if (!md) {
-+ err = KRB5_CRYPTO_INTERNAL;
-+ goto end;
-+ }
-+
-+ err = hash_evp(md, data, num_data, output);
-+
-+end:
-+ if (md)
-+ EVP_MD_free(md);
-+
-+ return err;
-+}
-+
- static krb5_error_code
- hash_md4(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
- {
-- return hash_evp(EVP_md4(), data, num_data, output);
-+ /*
-+ * MD4 is needed in FIPS mode to perform key generation for RC4 keys used
-+ * by IPA. These keys are only used along a (separately) secured channel
-+ * for legacy reasons when performing trusts to Active Directory.
-+ */
-+ return FIPS_mode() ? hash_legacy_evp("MD4", data, num_data, output)
-+ : hash_evp(EVP_md4(), data, num_data, output);
- }
-
- static krb5_error_code
- hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
- {
-- return hash_evp(EVP_md5(), data, num_data, output);
-+ /*
-+ * MD5 is needed in FIPS mode for communication with RADIUS servers. This
-+ * is gated in libkrad by libdefaults->radius_md5_fips_override.
-+ */
-+ return FIPS_mode() ? hash_legacy_evp("MD5", data, num_data, output)
-+ : hash_evp(EVP_md5(), data, num_data, output);
- }
-
- static krb5_error_code
-diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c
-index 7dc59dcc0..769a50c00 100644
---- a/src/lib/crypto/openssl/hmac.c
-+++ b/src/lib/crypto/openssl/hmac.c
-@@ -103,7 +103,11 @@ map_digest(const struct krb5_hash_provider *hash)
- return EVP_sha256();
- else if (!strncmp(hash->hash_name, "SHA-384",7))
- return EVP_sha384();
-- else if (!strncmp(hash->hash_name, "MD5", 3))
-+
-+ if (FIPS_mode())
-+ return NULL;
-+
-+ if (!strncmp(hash->hash_name, "MD5", 3))
- return EVP_md5();
- else if (!strncmp(hash->hash_name, "MD4", 3))
- return EVP_md4();
-diff --git a/src/lib/krad/attr.c b/src/lib/krad/attr.c
-index 9c13d9d75..42d354a3b 100644
---- a/src/lib/krad/attr.c
-+++ b/src/lib/krad/attr.c
-@@ -38,7 +38,8 @@
- typedef krb5_error_code
- (*attribute_transform_fn)(krb5_context ctx, const char *secret,
- const unsigned char *auth, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *is_fips);
-
- typedef struct {
- const char *name;
-@@ -51,12 +52,14 @@ typedef struct {
- static krb5_error_code
- user_password_encode(krb5_context ctx, const char *secret,
- const unsigned char *auth, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *is_fips);
-
- static krb5_error_code
- user_password_decode(krb5_context ctx, const char *secret,
- const unsigned char *auth, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *ignored);
-
- static const attribute_record attributes[UCHAR_MAX] = {
- {"User-Name", 1, MAX_ATTRSIZE, NULL, NULL},
-@@ -128,7 +131,8 @@ static const attribute_record attributes[UCHAR_MAX] = {
- static krb5_error_code
- user_password_encode(krb5_context ctx, const char *secret,
- const unsigned char *auth, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *is_fips)
- {
- const unsigned char *indx;
- krb5_error_code retval;
-@@ -154,8 +158,15 @@ user_password_encode(krb5_context ctx, const char *secret,
- for (blck = 0, indx = auth; blck * BLOCKSIZE < len; blck++) {
- memcpy(tmp.data + seclen, indx, BLOCKSIZE);
-
-- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp,
-- &sum);
-+ if (kr_use_fips(ctx)) {
-+ /* Skip encryption here. Taint so that we won't pass it out of
-+ * the machine by accident. */
-+ *is_fips = TRUE;
-+ sum.contents = calloc(1, BLOCKSIZE);
-+ } else {
-+ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp,
-+ &sum);
-+ }
- if (retval != 0) {
- zap(tmp.data, tmp.length);
- zap(outbuf, len);
-@@ -180,7 +191,8 @@ user_password_encode(krb5_context ctx, const char *secret,
- static krb5_error_code
- user_password_decode(krb5_context ctx, const char *secret,
- const unsigned char *auth, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *is_fips)
- {
- const unsigned char *indx;
- krb5_error_code retval;
-@@ -204,8 +216,15 @@ user_password_decode(krb5_context ctx, const char *secret,
- for (blck = 0, indx = auth; blck * BLOCKSIZE < in->length; blck++) {
- memcpy(tmp.data + seclen, indx, BLOCKSIZE);
-
-- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0,
-- &tmp, &sum);
-+ if (kr_use_fips(ctx)) {
-+ /* Skip encryption here. Taint so that we won't pass it out of
-+ * the machine by accident. */
-+ *is_fips = TRUE;
-+ sum.contents = calloc(1, BLOCKSIZE);
-+ } else {
-+ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0,
-+ &tmp, &sum);
-+ }
- if (retval != 0) {
- zap(tmp.data, tmp.length);
- zap(outbuf, in->length);
-@@ -248,7 +267,7 @@ krb5_error_code
- kr_attr_encode(krb5_context ctx, const char *secret,
- const unsigned char *auth, krad_attr type,
- const krb5_data *in, unsigned char outbuf[MAX_ATTRSIZE],
-- size_t *outlen)
-+ size_t *outlen, krb5_boolean *is_fips)
- {
- krb5_error_code retval;
-
-@@ -265,7 +284,8 @@ kr_attr_encode(krb5_context ctx, const char *secret,
- return 0;
- }
-
-- return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen);
-+ return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen,
-+ is_fips);
- }
-
- krb5_error_code
-@@ -274,6 +294,7 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
- {
- krb5_error_code retval;
-+ krb5_boolean ignored;
-
- retval = kr_attr_valid(type, in);
- if (retval != 0)
-@@ -288,7 +309,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
- return 0;
- }
-
-- return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen);
-+ return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen,
-+ &ignored);
- }
-
- krad_attr
-diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c
-index 03c613716..d89982a13 100644
---- a/src/lib/krad/attrset.c
-+++ b/src/lib/krad/attrset.c
-@@ -167,7 +167,8 @@ krad_attrset_copy(const krad_attrset *set, krad_attrset **copy)
- krb5_error_code
- kr_attrset_encode(const krad_attrset *set, const char *secret,
- const unsigned char *auth,
-- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen)
-+ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
-+ krb5_boolean *is_fips)
- {
- unsigned char buffer[MAX_ATTRSIZE];
- krb5_error_code retval;
-@@ -181,7 +182,7 @@ kr_attrset_encode(const krad_attrset *set, const char *secret,
-
- K5_TAILQ_FOREACH(a, &set->list, list) {
- retval = kr_attr_encode(set->ctx, secret, auth, a->type, &a->attr,
-- buffer, &attrlen);
-+ buffer, &attrlen, is_fips);
- if (retval != 0)
- return retval;
-
-diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h
-index 0143d155a..223ffd730 100644
---- a/src/lib/krad/internal.h
-+++ b/src/lib/krad/internal.h
-@@ -39,6 +39,8 @@
- #include <sys/socket.h>
- #include <netdb.h>
-
-+#include <openssl/crypto.h>
-+
- #ifndef UCHAR_MAX
- #define UCHAR_MAX 255
- #endif
-@@ -49,6 +51,13 @@
-
- typedef struct krad_remote_st krad_remote;
-
-+struct krad_packet_st {
-+ char buffer[KRAD_PACKET_SIZE_MAX];
-+ krad_attrset *attrset;
-+ krb5_data pkt;
-+ krb5_boolean is_fips;
-+};
-+
- /* Validate constraints of an attribute. */
- krb5_error_code
- kr_attr_valid(krad_attr type, const krb5_data *data);
-@@ -57,7 +66,8 @@ kr_attr_valid(krad_attr type, const krb5_data *data);
- krb5_error_code
- kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth,
- krad_attr type, const krb5_data *in,
-- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
-+ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
-+ krb5_boolean *is_fips);
-
- /* Decode an attribute. */
- krb5_error_code
-@@ -69,7 +79,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
- krb5_error_code
- kr_attrset_encode(const krad_attrset *set, const char *secret,
- const unsigned char *auth,
-- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen);
-+ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
-+ krb5_boolean *is_fips);
-
- /* Decode attributes from a buffer. */
- krb5_error_code
-@@ -152,4 +163,17 @@ gai_error_code(int err)
- }
- }
-
-+static inline krb5_boolean
-+kr_use_fips(krb5_context ctx)
-+{
-+ int val = 0;
-+
-+ if (!FIPS_mode())
-+ return 0;
-+
-+ profile_get_boolean(ctx->profile, "libdefaults",
-+ "radius_md5_fips_override", NULL, 0, &val);
-+ return !val;
-+}
-+
- #endif /* INTERNAL_H_ */
-diff --git a/src/lib/krad/packet.c b/src/lib/krad/packet.c
-index c597174b6..fc2d24800 100644
---- a/src/lib/krad/packet.c
-+++ b/src/lib/krad/packet.c
-@@ -53,12 +53,6 @@ typedef unsigned char uchar;
- #define pkt_auth(p) ((uchar *)offset(&(p)->pkt, OFFSET_AUTH))
- #define pkt_attr(p) ((unsigned char *)offset(&(p)->pkt, OFFSET_ATTR))
-
--struct krad_packet_st {
-- char buffer[KRAD_PACKET_SIZE_MAX];
-- krad_attrset *attrset;
-- krb5_data pkt;
--};
--
- typedef struct {
- uchar x[(UCHAR_MAX + 1) / 8];
- } idmap;
-@@ -187,8 +181,14 @@ auth_generate_response(krb5_context ctx, const char *secret,
- memcpy(data.data + response->pkt.length, secret, strlen(secret));
-
- /* Hash it. */
-- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data,
-- &hash);
-+ if (kr_use_fips(ctx)) {
-+ /* This checksum does very little security-wise anyway, so don't
-+ * taint. */
-+ hash.contents = calloc(1, AUTH_FIELD_SIZE);
-+ } else {
-+ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data,
-+ &hash);
-+ }
- free(data.data);
- if (retval != 0)
- return retval;
-@@ -276,7 +276,7 @@ krad_packet_new_request(krb5_context ctx, const char *secret, krad_code code,
-
- /* Encode the attributes. */
- retval = kr_attrset_encode(set, secret, pkt_auth(pkt), pkt_attr(pkt),
-- &attrset_len);
-+ &attrset_len, &pkt->is_fips);
- if (retval != 0)
- goto error;
-
-@@ -314,7 +314,7 @@ krad_packet_new_response(krb5_context ctx, const char *secret, krad_code code,
-
- /* Encode the attributes. */
- retval = kr_attrset_encode(set, secret, pkt_auth(request), pkt_attr(pkt),
-- &attrset_len);
-+ &attrset_len, &pkt->is_fips);
- if (retval != 0)
- goto error;
-
-@@ -451,6 +451,8 @@ krad_packet_decode_response(krb5_context ctx, const char *secret,
- const krb5_data *
- krad_packet_encode(const krad_packet *pkt)
- {
-+ if (pkt->is_fips)
-+ return NULL;
- return &pkt->pkt;
- }
-
-diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
-index c96a9b4ee..eca432424 100644
---- a/src/lib/krad/remote.c
-+++ b/src/lib/krad/remote.c
-@@ -263,7 +263,7 @@ on_io_write(krad_remote *rr)
- request *r;
-
- K5_TAILQ_FOREACH(r, &rr->list, list) {
-- tmp = krad_packet_encode(r->request);
-+ tmp = &r->request->pkt;
-
- /* If the packet has already been sent, do nothing. */
- if (r->sent == tmp->length)
-@@ -359,7 +359,7 @@ on_io_read(krad_remote *rr)
- if (req != NULL) {
- K5_TAILQ_FOREACH(r, &rr->list, list) {
- if (r->request == req &&
-- r->sent == krad_packet_encode(req)->length) {
-+ r->sent == req->pkt.length) {
- request_finish(r, 0, rsp);
- break;
- }
-@@ -455,6 +455,12 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
- (krad_packet_iter_cb)iterator, &r, &tmp);
- if (retval != 0)
- goto error;
-+ else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL &&
-+ rr->info->ai_family != AF_UNIX) {
-+ /* This would expose cleartext passwords, so abort. */
-+ retval = ESOCKTNOSUPPORT;
-+ goto error;
-+ }
-
- K5_TAILQ_FOREACH(r, &rr->list, list) {
- if (r->request == tmp) {
-diff --git a/src/lib/krad/t_attr.c b/src/lib/krad/t_attr.c
-index eb2a780c8..4d285ad9d 100644
---- a/src/lib/krad/t_attr.c
-+++ b/src/lib/krad/t_attr.c
-@@ -50,6 +50,7 @@ main()
- const char *tmp;
- krb5_data in;
- size_t len;
-+ krb5_boolean is_fips = FALSE;
-
- noerror(krb5_init_context(&ctx));
-
-@@ -73,7 +74,7 @@ main()
- in = string2data((char *)decoded);
- retval = kr_attr_encode(ctx, secret, auth,
- krad_attr_name2num("User-Password"),
-- &in, outbuf, &len);
-+ &in, outbuf, &len, &is_fips);
- insist(retval == 0);
- insist(len == sizeof(encoded));
- insist(memcmp(outbuf, encoded, len) == 0);
-diff --git a/src/lib/krad/t_attrset.c b/src/lib/krad/t_attrset.c
-index 7928335ca..0f9576253 100644
---- a/src/lib/krad/t_attrset.c
-+++ b/src/lib/krad/t_attrset.c
-@@ -49,6 +49,7 @@ main()
- krb5_context ctx;
- size_t len = 0, encode_len;
- krb5_data tmp;
-+ krb5_boolean is_fips = FALSE;
-
- noerror(krb5_init_context(&ctx));
- noerror(krad_attrset_new(ctx, &set));
-@@ -62,7 +63,8 @@ main()
- noerror(krad_attrset_add(set, krad_attr_name2num("User-Password"), &tmp));
-
- /* Encode attrset. */
-- noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len));
-+ noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len,
-+ &is_fips));
- krad_attrset_free(set);
-
- /* Manually encode User-Name. */
-diff --git a/src/plugins/preauth/spake/spake_client.c b/src/plugins/preauth/spake/spake_client.c
-index 00734a13b..a3ce22b70 100644
---- a/src/plugins/preauth/spake/spake_client.c
-+++ b/src/plugins/preauth/spake/spake_client.c
-@@ -38,6 +38,8 @@
- #include "groups.h"
- #include <krb5/clpreauth_plugin.h>
-
-+#include <openssl/crypto.h>
-+
- typedef struct reqstate_st {
- krb5_pa_spake *msg; /* set in prep_questions, used in process */
- krb5_keyblock *initial_key;
-@@ -375,6 +377,10 @@ clpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver,
-
- if (maj_ver != 1)
- return KRB5_PLUGIN_VER_NOTSUPP;
-+
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- vt = (krb5_clpreauth_vtable)vtable;
- vt->name = "spake";
- vt->pa_type_list = pa_types;
-diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c
-index 88c964ce1..c7df0392f 100644
---- a/src/plugins/preauth/spake/spake_kdc.c
-+++ b/src/plugins/preauth/spake/spake_kdc.c
-@@ -41,6 +41,8 @@
-
- #include <krb5/kdcpreauth_plugin.h>
-
-+#include <openssl/crypto.h>
-+
- /*
- * The SPAKE kdcpreauth module uses a secure cookie containing the following
- * concatenated fields (all integer fields are big-endian):
-@@ -571,6 +573,10 @@ kdcpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver,
-
- if (maj_ver != 1)
- return KRB5_PLUGIN_VER_NOTSUPP;
-+
-+ if (FIPS_mode())
-+ return KRB5_CRYPTO_INTERNAL;
-+
- vt = (krb5_kdcpreauth_vtable)vtable;
- vt->name = "spake";
- vt->pa_type_list = pa_types;
---
-2.35.1
-
diff --git a/SOURCES/downstream-Remove-3des-support.patch b/SOURCES/downstream-Remove-3des-support.patch
deleted file mode 100644
index 2bc2479..0000000
--- a/SOURCES/downstream-Remove-3des-support.patch
+++ /dev/null
@@ -1,6453 +0,0 @@
-From fef4e551d3d2dcb55e58cc182304254c36aa8949 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Tue, 26 Mar 2019 18:51:10 -0400
-Subject: [PATCH] [downstream] Remove 3des support
-
-Completely remove support for all DES3 enctypes (des3-cbc-raw,
-des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation
-to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain
-their constants.
-
-Last-updated: 1.19-beta1
----
- doc/admin/advanced/retiring-des.rst | 11 +
- doc/admin/conf_files/kdc_conf.rst | 7 +-
- doc/admin/enctypes.rst | 10 +-
- doc/admin/troubleshoot.rst | 9 +-
- doc/appdev/refs/macros/index.rst | 1 -
- doc/conf.py | 2 +-
- doc/mitK5features.rst | 2 +-
- src/Makefile.in | 4 +-
- src/configure.ac | 1 -
- src/include/krb5/krb5.hin | 10 +-
- src/kadmin/testing/proto/kdc.conf.proto | 4 +-
- src/kdc/kdc_util.c | 4 -
- src/lib/crypto/Makefile.in | 8 +-
- src/lib/crypto/builtin/Makefile.in | 6 +-
- src/lib/crypto/builtin/des/ISSUES | 13 -
- src/lib/crypto/builtin/des/Makefile.in | 80 ----
- src/lib/crypto/builtin/des/d3_aead.c | 133 ------
- src/lib/crypto/builtin/des/d3_kysched.c | 51 ---
- src/lib/crypto/builtin/des/deps | 150 -------
- src/lib/crypto/builtin/des/des_int.h | 285 -------------
- src/lib/crypto/builtin/des/des_keys.c | 40 --
- src/lib/crypto/builtin/des/destest.c | 240 -----------
- src/lib/crypto/builtin/des/doc/libdes.doc | 208 ---------
- src/lib/crypto/builtin/des/f_aead.c | 173 --------
- src/lib/crypto/builtin/des/f_cbc.c | 256 ------------
- src/lib/crypto/builtin/des/f_cksum.c | 136 ------
- src/lib/crypto/builtin/des/f_parity.c | 56 ---
- src/lib/crypto/builtin/des/f_sched.c | 359 ----------------
- src/lib/crypto/builtin/des/f_tables.c | 370 ----------------
- src/lib/crypto/builtin/des/f_tables.h | 285 -------------
- src/lib/crypto/builtin/des/key_sched.c | 62 ---
- src/lib/crypto/builtin/des/keytest.data | 171 --------
- src/lib/crypto/builtin/des/t_verify.c | 395 ------------------
- src/lib/crypto/builtin/des/weak_key.c | 86 ----
- .../crypto/builtin/enc_provider/Makefile.in | 6 +-
- src/lib/crypto/builtin/enc_provider/deps | 13 -
- src/lib/crypto/builtin/enc_provider/des3.c | 105 -----
- src/lib/crypto/crypto_tests/t_cf2.expected | 1 -
- src/lib/crypto/crypto_tests/t_cf2.in | 5 -
- src/lib/crypto/crypto_tests/t_cksums.c | 10 -
- src/lib/crypto/crypto_tests/t_decrypt.c | 57 ---
- src/lib/crypto/crypto_tests/t_derive.c | 36 --
- src/lib/crypto/crypto_tests/t_encrypt.c | 1 -
- src/lib/crypto/crypto_tests/t_short.c | 1 -
- src/lib/crypto/crypto_tests/t_str2key.c | 52 ---
- src/lib/crypto/krb/Makefile.in | 3 -
- src/lib/crypto/krb/cksumtypes.c | 6 -
- src/lib/crypto/krb/crypto_int.h | 16 -
- src/lib/crypto/krb/default_state.c | 10 -
- src/lib/crypto/krb/enctype_util.c | 3 +
- src/lib/crypto/krb/etypes.c | 21 -
- src/lib/crypto/krb/prf_des.c | 47 ---
- src/lib/crypto/krb/random_to_key.c | 45 --
- src/lib/crypto/libk5crypto.exports | 1 -
- src/lib/crypto/openssl/Makefile.in | 8 +-
- src/lib/crypto/openssl/des/Makefile.in | 20 -
- src/lib/crypto/openssl/des/deps | 15 -
- src/lib/crypto/openssl/des/des_keys.c | 40 --
- .../crypto/openssl/enc_provider/Makefile.in | 3 -
- src/lib/crypto/openssl/enc_provider/deps | 11 -
- src/lib/crypto/openssl/enc_provider/des3.c | 184 --------
- src/lib/gssapi/krb5/accept_sec_context.c | 1 -
- src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +-
- src/lib/gssapi/krb5/k5seal.c | 35 +-
- src/lib/gssapi/krb5/k5sealiov.c | 27 +-
- src/lib/gssapi/krb5/k5unseal.c | 102 ++---
- src/lib/gssapi/krb5/k5unsealiov.c | 38 +-
- src/lib/gssapi/krb5/util_crypt.c | 11 -
- .../api.current/chpass-principal-v2.exp | 4 +-
- .../api.current/get-principal-v2.exp | 4 +-
- .../api.current/randkey-principal-v2.exp | 4 +-
- src/lib/krb5/krb/init_ctx.c | 3 -
- src/lib/krb5/krb/s4u_creds.c | 2 -
- src/lib/krb5/krb/t_etypes.c | 48 +--
- src/lib/krb5/os/t_trace.c | 4 +-
- src/lib/krb5/os/t_trace.ref | 2 +-
- src/plugins/preauth/pkinit/pkcs11.h | 6 +-
- src/plugins/preauth/pkinit/pkinit_clnt.c | 8 -
- src/plugins/preauth/pkinit/pkinit_crypto.h | 12 -
- .../preauth/pkinit/pkinit_crypto_openssl.c | 38 --
- src/plugins/preauth/pkinit/pkinit_kdf_test.c | 31 --
- src/plugins/preauth/spake/t_vectors.c | 25 --
- src/tests/dejagnu/config/default.exp | 78 ----
- src/tests/dejagnu/krb-standalone/kprop.exp | 2 +-
- src/tests/gssapi/t_enctypes.py | 33 +-
- src/tests/gssapi/t_invalid.c | 12 -
- src/tests/gssapi/t_pcontok.c | 16 +-
- src/tests/gssapi/t_prf.c | 7 -
- src/tests/t_authdata.py | 2 +-
- src/tests/t_etype_info.py | 18 +-
- src/tests/t_keyrollover.py | 8 +-
- src/tests/t_mkey.py | 35 --
- src/tests/t_salt.py | 5 +-
- src/util/k5test.py | 7 -
- .../leash/htmlhelp/html/Encryption_Types.htm | 13 -
- 95 files changed, 160 insertions(+), 4835 deletions(-)
- delete mode 100644 src/lib/crypto/builtin/des/ISSUES
- delete mode 100644 src/lib/crypto/builtin/des/Makefile.in
- delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c
- delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c
- delete mode 100644 src/lib/crypto/builtin/des/deps
- delete mode 100644 src/lib/crypto/builtin/des/des_int.h
- delete mode 100644 src/lib/crypto/builtin/des/des_keys.c
- delete mode 100644 src/lib/crypto/builtin/des/destest.c
- delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc
- delete mode 100644 src/lib/crypto/builtin/des/f_aead.c
- delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c
- delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c
- delete mode 100644 src/lib/crypto/builtin/des/f_parity.c
- delete mode 100644 src/lib/crypto/builtin/des/f_sched.c
- delete mode 100644 src/lib/crypto/builtin/des/f_tables.c
- delete mode 100644 src/lib/crypto/builtin/des/f_tables.h
- delete mode 100644 src/lib/crypto/builtin/des/key_sched.c
- delete mode 100644 src/lib/crypto/builtin/des/keytest.data
- delete mode 100644 src/lib/crypto/builtin/des/t_verify.c
- delete mode 100644 src/lib/crypto/builtin/des/weak_key.c
- delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c
- delete mode 100644 src/lib/crypto/krb/prf_des.c
- delete mode 100644 src/lib/crypto/openssl/des/Makefile.in
- delete mode 100644 src/lib/crypto/openssl/des/deps
- delete mode 100644 src/lib/crypto/openssl/des/des_keys.c
- delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c
-
-diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
-index 38f76d3f4..d5e3c30c0 100644
---- a/doc/admin/advanced/retiring-des.rst
-+++ b/doc/admin/advanced/retiring-des.rst
-@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit
- keyspace. As such, it is now considered insecure and should not be
- used (:rfc:`6649`).
-
-+In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types.
-+However, due to weakenings of DES and other security concerns, it is now also
-+considered insecure and should not be used (:rfc:`8429`). AES encryption
-+types were added to MIT in 2003, meaning that the number of deployments with
-+3DES as the strongest encryption type is hopefully small. The rotation
-+procedure described herein works for both DES and 3DES.
-+
- History
- -------
-
-@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a
- consequence, a release prior to 1.18 is required to perform these
- migrations.
-
-+3DES (a flagged deprecated encryption type) was also removed downstream by
-+rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required
-+to perform these migrations.
-+
- Types of keys
- -------------
-
-diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
-index 1dc958d62..3a72aabef 100644
---- a/doc/admin/conf_files/kdc_conf.rst
-+++ b/doc/admin/conf_files/kdc_conf.rst
-@@ -848,8 +848,6 @@ Encryption types marked as "weak" and "deprecated" are available for
- compatibility but not recommended for use.
-
- ==================================================== =========================================================
--des3-cbc-raw Triple DES cbc mode raw (weak)
--des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated)
- aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC
- aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC
- aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC
-@@ -858,7 +856,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat
- arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak)
- camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC
- camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC
--des3 The triple DES family: des3-cbc-sha1
- aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128
- rc4 The RC4 family: arcfour-hmac
- camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac
-@@ -870,8 +867,8 @@ from the current list by prefixing them with a minus sign ("-").
- Types or families can be prefixed with a plus sign ("+") for symmetry;
- it has the same meaning as just listing the type or family. For
- example, "``DEFAULT -rc4``" would be the default set of encryption
--types with RC4 types removed, and "``des3 DEFAULT``" would be the
--default set of encryption types with triple DES types moved to the
-+types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be
-+the default set of encryption types with aes128-sha2 moved to the
- front.
-
- While **aes128-cts** and **aes256-cts** are supported for all Kerberos
-diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst
-index 047185afb..b08d954d9 100644
---- a/doc/admin/enctypes.rst
-+++ b/doc/admin/enctypes.rst
-@@ -129,7 +129,7 @@ enctype weak? krb5 Windows
- des-cbc-crc weak <1.18 >=2000
- des-cbc-md4 weak <1.18 ?
- des-cbc-md5 weak <1.18 >=2000
--des3-cbc-sha1 deprecated >=1.1 none
-+des3-cbc-sha1 deprecated <1.18 none
- arcfour-hmac deprecated >=1.3 >=2000
- arcfour-hmac-exp weak >=1.3 >=2000
- aes128-cts-hmac-sha1-96 >=1.3 >=Vista
-@@ -148,9 +148,11 @@ default.
- krb5 releases 1.17 and later flag deprecated encryption types
- (including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and
- kadmin output. krb5 release 1.19 issues a warning during initial
--authentication if ``des3-cbc-sha1`` is used. Future releases will
--disable ``des3-cbc-sha1`` by default and eventually remove support for
--it.
-+authentication if ``des3-cbc-sha1`` is used.
-+
-+krb5 releases 1.18 and later remove single-DES and 3DES
-+(downstream-only patch) enctype support. Microsoft Windows never
-+supported 3DES.
-
-
- Migrating away from older encryption types
-diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst
-index ade5e1f87..e4dc54f7e 100644
---- a/doc/admin/troubleshoot.rst
-+++ b/doc/admin/troubleshoot.rst
-@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type
- ......................................................................
-
- This most commonly happens when trying to use a principal with only
--DES keys, in a release (MIT krb5 1.7 or later) which disables DES by
--default. DES encryption is considered weak due to its inadequate key
--size. If you cannot migrate away from its use, you can re-enable DES
--by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults`
--section of :ref:`krb5.conf(5)`.
-+DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES
-+by default. DES encryption is considered weak due to its inadequate
-+key size and has been removed upstream; 3DES is not recommended, and
-+has been removed downstream by rharwood@redhat.com.
-
-
- .. _err_cert_chain_cert_expired:
-diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
-index cebb6644c..4d51e795c 100644
---- a/doc/appdev/refs/macros/index.rst
-+++ b/doc/appdev/refs/macros/index.rst
-@@ -36,7 +36,6 @@ Public
- CKSUMTYPE_HMAC_SHA1_96_AES256.rst
- CKSUMTYPE_HMAC_SHA256_128_AES128.rst
- CKSUMTYPE_HMAC_SHA384_192_AES256.rst
-- CKSUMTYPE_HMAC_SHA1_DES3.rst
- CKSUMTYPE_MD5_HMAC_ARCFOUR.rst
- CKSUMTYPE_NIST_SHA.rst
- CKSUMTYPE_RSA_MD4.rst
-diff --git a/doc/conf.py b/doc/conf.py
-index 543202bf4..4fb6aae14 100644
---- a/doc/conf.py
-+++ b/doc/conf.py
-@@ -271,7 +271,7 @@ else:
- rst_epilog += '''
- .. |krb5conf| replace:: ``/etc/krb5.conf``
- .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
--.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
-+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
- .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
- .. |copy| unicode:: U+000A9
- '''
-diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
-index 4954bb3aa..92ce2a772 100644
---- a/doc/mitK5features.rst
-+++ b/doc/mitK5features.rst
-@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB
-
- krb4 support: Kerberos 5 release < 1.8
-
--DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
-+DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
-
- Interoperability
- ----------------
-diff --git a/src/Makefile.in b/src/Makefile.in
-index 7d2507ef8..c16715ac7 100644
---- a/src/Makefile.in
-+++ b/src/Makefile.in
-@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \
- lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \
- lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \
- lib\crypto\builtin\enc_provider\Makefile \
-- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \
-+ lib\crypto\builtin\md5\Makefile \
- lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \
- lib\crypto\builtin\hash_provider\Makefile \
- lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \
-@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \
- ##DOS## $(WCONFIG) config < $@.in > $@
- ##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP)
- ##DOS## $(WCONFIG) config < $@.in > $@
--##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP)
--##DOS## $(WCONFIG) config < $@.in > $@
- ##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP)
- ##DOS## $(WCONFIG) config < $@.in > $@
- ##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP)
-diff --git a/src/configure.ac b/src/configure.ac
-index dd2cad3ee..3e1052db7 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1480,7 +1480,6 @@ V5_AC_OUTPUT_MAKEFILE(.
- lib/crypto lib/crypto/krb lib/crypto/$CRYPTO_IMPL
- lib/crypto/$CRYPTO_IMPL/enc_provider
- lib/crypto/$CRYPTO_IMPL/hash_provider
-- lib/crypto/$CRYPTO_IMPL/des
- lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5
- lib/crypto/$CRYPTO_IMPL/sha1 lib/crypto/$CRYPTO_IMPL/sha2
- lib/crypto/$CRYPTO_IMPL/aes lib/crypto/$CRYPTO_IMPL/camellia
-diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
-index db80063eb..63e67a2ba 100644
---- a/src/include/krb5/krb5.hin
-+++ b/src/include/krb5/krb5.hin
-@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov {
- #define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */
- #define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */
- #define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */
--#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */
--#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */
-+#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */
-+#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */
- #define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */
- /* PKINIT */
- #define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */
-@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov {
- #define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */
- #define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */
- #define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */
--#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */
-+#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */
-
--#define ENCTYPE_DES3_CBC_SHA1 0x0010
-+#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */
- #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */
- #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */
- #define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */
-@@ -458,7 +458,7 @@ typedef struct _krb5_crypto_iov {
- #define CKSUMTYPE_RSA_MD5 0x0007
- #define CKSUMTYPE_RSA_MD5_DES 0x0008
- #define CKSUMTYPE_NIST_SHA 0x0009
--#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
-+#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */
- #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
- ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
- #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with
-diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
-index 8a4b87de1..d7f1d076b 100644
---- a/src/kadmin/testing/proto/kdc.conf.proto
-+++ b/src/kadmin/testing/proto/kdc.conf.proto
-@@ -11,6 +11,6 @@
- dict_file = __K5ROOT__/ovsec_adm.dict
- kadmind_port = 1751
- kpasswd_port = 1752
-- master_key_type = des3-hmac-sha1
-- supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
-+ master_key_type = aes256-cts
-+ supported_enctypes = aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
- }
-diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
-index 60f30c4f4..c65375aef 100644
---- a/src/kdc/kdc_util.c
-+++ b/src/kdc/kdc_util.c
-@@ -1017,8 +1017,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
- name = "rsaEncryption-EnvOID";
- else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV)
- name = "id-RSAES-OAEP-EnvOID";
-- else if (ktype == ENCTYPE_DES3_CBC_ENV)
-- name = "des-ede3-cbc-EnvOID";
- else
- return krb5_enctype_to_name(ktype, FALSE, buf, buflen);
-
-@@ -1605,8 +1603,6 @@ krb5_boolean
- enctype_requires_etype_info_2(krb5_enctype enctype)
- {
- switch(enctype) {
-- case ENCTYPE_DES3_CBC_SHA1:
-- case ENCTYPE_DES3_CBC_RAW:
- case ENCTYPE_ARCFOUR_HMAC:
- case ENCTYPE_ARCFOUR_HMAC_EXP :
- return 0;
-diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
-index c3fcfd7e8..890d54adf 100644
---- a/src/lib/crypto/Makefile.in
-+++ b/src/lib/crypto/Makefile.in
-@@ -13,7 +13,7 @@ STOBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
- $(CRYPTO_IMPL)/hash_provider/OBJS.ST \
- $(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
- $(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
-- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
-+ $(CRYPTO_IMPL)/aes/OBJS.ST \
- $(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
- $(CRYPTO_IMPL)/OBJS.ST
-
-@@ -21,7 +21,7 @@ SUBDIROBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
- $(CRYPTO_IMPL)/hash_provider/OBJS.ST \
- $(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
- $(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
-- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
-+ $(CRYPTO_IMPL)/aes/OBJS.ST \
- $(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
- $(CRYPTO_IMPL)/OBJS.ST
-
-@@ -34,8 +34,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
- SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
-
- ##DOS##LIBNAME=$(OUTPRE)crypto.lib
--##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
--##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
-+##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
-+##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
-
- all-unix: all-liblinks
- install-unix: install-libs
-diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
-index baf5d974f..82adf1dec 100644
---- a/src/lib/crypto/builtin/Makefile.in
-+++ b/src/lib/crypto/builtin/Makefile.in
-@@ -1,6 +1,6 @@
- mydir=lib$(S)crypto$(S)builtin
- BUILDTOP=$(REL)..$(S)..$(S)..
--SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
-+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
- LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
-
- ##DOS##BUILDTOP = ..\..\..
-@@ -22,7 +22,7 @@ SRCS=\
- $(srcdir)/init.c \
- $(srcdir)/pbkdf2.c
-
--STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
-+STOBJLISTS= md4/OBJS.ST \
- md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
- enc_provider/OBJS.ST \
- hash_provider/OBJS.ST \
-@@ -30,7 +30,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
- camellia/OBJS.ST \
- OBJS.ST
-
--SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
-+SUBDIROBJLISTS= md4/OBJS.ST \
- md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
- enc_provider/OBJS.ST \
- hash_provider/OBJS.ST \
-diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES
-deleted file mode 100644
-index 157891103..000000000
---- a/src/lib/crypto/builtin/des/ISSUES
-+++ /dev/null
-@@ -1,13 +0,0 @@
--Issues to be addressed for src/lib/crypto/des: -*- text -*-
--
--
--"const" could be used in more places
--
--
--Array types are used in calling interfaces. Under ANSI C, a value of
--type "arraytype *" cannot be assigned to a variable of type "const
--arraytype *", so we get compilation warnings.
--
--Possible fix: Rewrite internal interfaces to not use arrays this way.
--Provide external routines compatible with old API, but not using
--const?
-diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in
-deleted file mode 100644
-index 54b329d0f..000000000
---- a/src/lib/crypto/builtin/des/Makefile.in
-+++ /dev/null
-@@ -1,80 +0,0 @@
--mydir=lib$(S)crypto$(S)builtin$(S)des
--BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
--LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb
--
--##DOS##BUILDTOP = ..\..\..\..
--##DOS##PREFIXDIR = builtin\des
--##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst
--
--STLIBOBJS=\
-- d3_aead.o \
-- d3_kysched.o \
-- des_keys.o \
-- f_aead.o \
-- f_cksum.o \
-- f_parity.o \
-- f_sched.o \
-- f_tables.o \
-- key_sched.o \
-- weak_key.o
--
--OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \
-- $(OUTPRE)d3_kysched.$(OBJEXT) \
-- $(OUTPRE)des_keys.$(OBJEXT) \
-- $(OUTPRE)f_aead.$(OBJEXT) \
-- $(OUTPRE)f_cksum.$(OBJEXT) \
-- $(OUTPRE)f_parity.$(OBJEXT) \
-- $(OUTPRE)f_sched.$(OBJEXT) \
-- $(OUTPRE)f_tables.$(OBJEXT) \
-- $(OUTPRE)key_sched.$(OBJEXT) \
-- $(OUTPRE)weak_key.$(OBJEXT)
--
--SRCS= $(srcdir)/d3_aead.c \
-- $(srcdir)/d3_kysched.c \
-- $(srcdir)/des_keys.c \
-- $(srcdir)/f_aead.c \
-- $(srcdir)/f_cksum.c \
-- $(srcdir)/f_parity.c \
-- $(srcdir)/f_sched.c \
-- $(srcdir)/f_tables.c \
-- $(srcdir)/key_sched.c \
-- $(srcdir)/weak_key.c
--
--EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c
--
--##DOS##LIBOBJS = $(OBJS)
--
--TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
-- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
-- $(OUTPRE)f_cksum.$(OBJEXT)
--
--verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
-- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
-- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
-- $(COM_ERR_LIB) $(SUPPORT_LIB)
--
--destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
-- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
--
--all-unix: all-libobjs
--
--check-unix: verify destest
-- $(RUN_TEST) ./verify -z
-- $(RUN_TEST) ./verify -m
-- $(RUN_TEST) ./verify
-- $(RUN_TEST) ./destest < $(srcdir)/keytest.data
--
--includes: depend
--
--depend: $(SRCS)
--
--check-windows:
--
--clean:
-- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \
-- t_verify.$(OBJEXT) $(TOBJS)
--
--clean-unix:: clean-libobjs
--
--@libobj_frag@
--
-diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c
-deleted file mode 100644
-index bddf75a47..000000000
---- a/src/lib/crypto/builtin/des/d3_aead.c
-+++ /dev/null
-@@ -1,133 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/*
-- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
-- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
-- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
-- * in advertising or publicity pertaining to distribution of the software
-- * without specific, written prior permission. Richard P. Basch,
-- * Lehman Brothers and M.I.T. make no representations about the suitability
-- * of this software for any purpose. It is provided "as is" without
-- * express or implied warranty.
-- */
--
--#include "crypto_int.h"
--#include "des_int.h"
--#include "f_tables.h"
--
--void
--krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule ks1,
-- const mit_des_key_schedule ks2,
-- const mit_des_key_schedule ks3,
-- mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp1, *kp2, *kp3;
-- const unsigned char *ip;
-- struct iov_cursor cursor;
-- unsigned char block[MIT_DES_BLOCK_LENGTH];
--
-- /* Get key pointers here. These won't need to be reinitialized. */
-- kp1 = (const unsigned DES_INT32 *)ks1;
-- kp2 = (const unsigned DES_INT32 *)ks2;
-- kp3 = (const unsigned DES_INT32 *)ks3;
--
-- /* Initialize left and right with the contents of the initial vector. */
-- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-- left = load_32_be(ip);
-- right = load_32_be(ip + 4);
--
-- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-- while (k5_iov_cursor_get(&cursor, block)) {
-- /* xor this block with the previous ciphertext. */
-- left ^= load_32_be(block);
-- right ^= load_32_be(block + 4);
--
-- /* Encrypt what we have and store it back into block. */
-- DES_DO_ENCRYPT(left, right, kp1);
-- DES_DO_DECRYPT(left, right, kp2);
-- DES_DO_ENCRYPT(left, right, kp3);
-- store_32_be(left, block);
-- store_32_be(right, block + 4);
--
-- k5_iov_cursor_put(&cursor, block);
-- }
--
-- if (ivec != NULL) {
-- store_32_be(left, ivec);
-- store_32_be(right, ivec + 4);
-- }
--}
--
--void
--krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule ks1,
-- const mit_des_key_schedule ks2,
-- const mit_des_key_schedule ks3,
-- mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp1, *kp2, *kp3;
-- const unsigned char *ip;
-- unsigned DES_INT32 ocipherl, ocipherr;
-- unsigned DES_INT32 cipherl, cipherr;
-- struct iov_cursor cursor;
-- unsigned char block[MIT_DES_BLOCK_LENGTH];
--
-- /* Get key pointers here. These won't need to be reinitialized. */
-- kp1 = (const unsigned DES_INT32 *)ks1;
-- kp2 = (const unsigned DES_INT32 *)ks2;
-- kp3 = (const unsigned DES_INT32 *)ks3;
--
-- /*
-- * Decrypting is harder than encrypting because of
-- * the necessity of remembering a lot more things.
-- * Should think about this a little more...
-- */
--
-- /* Prime the old cipher with ivec.*/
-- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-- ocipherl = load_32_be(ip);
-- ocipherr = load_32_be(ip + 4);
--
-- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-- while (k5_iov_cursor_get(&cursor, block)) {
-- /* Split this block into left and right. */
-- cipherl = left = load_32_be(block);
-- cipherr = right = load_32_be(block + 4);
--
-- /* Decrypt and xor with the old cipher to get plain text. */
-- DES_DO_DECRYPT(left, right, kp3);
-- DES_DO_ENCRYPT(left, right, kp2);
-- DES_DO_DECRYPT(left, right, kp1);
-- left ^= ocipherl;
-- right ^= ocipherr;
--
-- /* Store the encrypted halves back into block. */
-- store_32_be(left, block);
-- store_32_be(right, block + 4);
--
-- /* Save current cipher block halves. */
-- ocipherl = cipherl;
-- ocipherr = cipherr;
--
-- k5_iov_cursor_put(&cursor, block);
-- }
--
-- if (ivec != NULL) {
-- store_32_be(ocipherl, ivec);
-- store_32_be(ocipherr, ivec + 4);
-- }
--}
-diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c
-deleted file mode 100644
-index ebd1050b1..000000000
---- a/src/lib/crypto/builtin/des/d3_kysched.c
-+++ /dev/null
-@@ -1,51 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/*
-- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
-- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
-- * in advertising or publicity pertaining to distribution of the software
-- * without specific, written prior permission. Richard P. Basch,
-- * Lehman Brothers and M.I.T. make no representations about the suitability
-- * of this software for any purpose. It is provided "as is" without
-- * express or implied warranty.
-- */
--
--#include "k5-int.h"
--#include "des_int.h"
--
--int
--mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
--{
-- mit_des_make_key_sched(k[0],schedule[0]);
-- mit_des_make_key_sched(k[1],schedule[1]);
-- mit_des_make_key_sched(k[2],schedule[2]);
--
-- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
-- return(-1);
-- if (mit_des_is_weak_key(k[0]))
-- return(-2);
--
-- if (!mit_des_check_key_parity(k[1]))
-- return(-1);
-- if (mit_des_is_weak_key(k[1]))
-- return(-2);
--
-- if (!mit_des_check_key_parity(k[2]))
-- return(-1);
-- if (mit_des_is_weak_key(k[2]))
-- return(-2);
--
-- /* if key was good, return 0 */
-- return 0;
--}
-diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps
-deleted file mode 100644
-index a1db1f36e..000000000
---- a/src/lib/crypto/builtin/des/deps
-+++ /dev/null
-@@ -1,150 +0,0 @@
--#
--# Generated makefile dependencies follow.
--#
--d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
-- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- d3_aead.c des_int.h f_tables.h
--d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- d3_kysched.c des_int.h
--des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
-- $(srcdir)/../aes/brg_types.h $(srcdir)/../crypto_mod.h \
-- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c
--f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
-- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h f_aead.c f_tables.h
--f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \
-- f_tables.h
--f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h f_parity.c
--f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c
--f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h f_tables.c f_tables.h
--key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h key_sched.c
--weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h weak_key.c
--destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des_int.h destest.c
--f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \
-- f_tables.h
--t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_int.h t_verify.c
-diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
-deleted file mode 100644
-index f8dc6b296..000000000
---- a/src/lib/crypto/builtin/des/des_int.h
-+++ /dev/null
-@@ -1,285 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/des_int.h */
--/*
-- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
-- * Technology. All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--/*
-- * Copyright (C) 1998 by the FundsXpress, INC.
-- *
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may require
-- * a specific license from the United States Government. It is the
-- * responsibility of any person or organization contemplating export to
-- * obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of FundsXpress. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. FundsXpress makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- *
-- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-- */
--
--/* Private include file for the Data Encryption Standard library. */
--
--/* only do the whole thing once */
--#ifndef DES_INTERNAL_DEFS
--#define DES_INTERNAL_DEFS
--
--#include "k5-int.h"
--/*
-- * Begin "mit-des.h"
-- */
--#ifndef KRB5_MIT_DES__
--#define KRB5_MIT_DES__
--
--#if defined(__MACH__) && defined(__APPLE__)
--#include <TargetConditionals.h>
--#include <AvailabilityMacros.h>
--#if TARGET_RT_MAC_CFM
--#error "Use KfM 4.0 SDK headers for CFM compilation."
--#endif
--#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
--#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
--#endif
--#endif /* defined(__MACH__) && defined(__APPLE__) */
--
--/* Macro to add deprecated attribute to DES types and functions */
--/* Currently only defined on macOS 10.5 and later. */
--#ifndef KRB5INT_DES_DEPRECATED
--#define KRB5INT_DES_DEPRECATED
--#endif
--
--#include <limits.h>
--
--#if UINT_MAX >= 0xFFFFFFFFUL
--#define DES_INT32 int
--#define DES_UINT32 unsigned int
--#else
--#define DES_INT32 long
--#define DES_UINT32 unsigned long
--#endif
--
--typedef unsigned char des_cblock[8] /* crypto-block size */
--KRB5INT_DES_DEPRECATED;
--
--/*
-- * Key schedule.
-- *
-- * This used to be
-- *
-- * typedef struct des_ks_struct {
-- * union { DES_INT32 pad; des_cblock _;} __;
-- * } des_key_schedule[16];
-- *
-- * but it would cause trouble if DES_INT32 were ever more than 4
-- * bytes. The reason is that all the encryption functions cast it to
-- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
-- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
-- * caller-allocated des_key_schedule will be overflowed by the key
-- * scheduling functions. We can't assume that every platform will
-- * have an exact 32-bit int, and nothing should be looking inside a
-- * des_key_schedule anyway.
-- */
--typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
--KRB5INT_DES_DEPRECATED;
--
--typedef des_cblock mit_des_cblock;
--typedef des_key_schedule mit_des_key_schedule;
--
--/* Triple-DES structures */
--typedef mit_des_cblock mit_des3_cblock[3];
--typedef mit_des_key_schedule mit_des3_key_schedule[3];
--
--#define MIT_DES_ENCRYPT 1
--#define MIT_DES_DECRYPT 0
--
--typedef struct mit_des_ran_key_seed {
-- krb5_encrypt_block eblock;
-- krb5_data sequence;
--} mit_des_random_state;
--
--/* the first byte of the key is already in the keyblock */
--
--#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
--/* This used to be 8*sizeof(krb5_octet) */
--#define MIT_DES_KEYSIZE 8
--
--#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
--
--#endif /* KRB5_MIT_DES__ */
--/*
-- * End "mit-des.h"
-- */
--
--/* afsstring2key.c */
--krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
-- const krb5_data *data,
-- const krb5_data *salt);
--char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
--
--/* f_cksum.c */
--unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
-- unsigned long, const mit_des_key_schedule,
-- const krb5_octet *);
--
--/* f_cbc.c (used by test programs) */
--int
--mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-- unsigned long length, const mit_des_key_schedule schedule,
-- const mit_des_cblock ivec, int enc);
--
--#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
--extern const mit_des_cblock mit_des_zeroblock;
--
--/* fin_rndkey.c */
--krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
-- krb5_pointer *);
--
--/* finish_key.c */
--krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
--
--/* init_rkey.c */
--krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
-- const krb5_keyblock *,
-- krb5_pointer *);
--
--/* key_parity.c */
--void mit_des_fixup_key_parity(mit_des_cblock);
--int mit_des_check_key_parity(mit_des_cblock);
--
--/* key_sched.c */
--int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
--
--/* process_ky.c */
--krb5_error_code mit_des_process_key(krb5_encrypt_block *,
-- const krb5_keyblock *);
--
--/* random_key.c */
--krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
-- krb5_pointer, krb5_keyblock **);
--
--/* string2key.c */
--krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
-- krb5_keyblock *, const krb5_data *,
-- const krb5_data *);
--krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
-- const krb5_data *);
--
--/* weak_key.c */
--int mit_des_is_weak_key(mit_des_cblock);
--
--/* cmb_keys.c */
--krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
-- const krb5_keyblock *,
-- krb5_keyblock **);
--
--/* f_pcbc.c */
--int mit_des_pcbc_encrypt();
--
--/* f_sched.c */
--int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
--
--
--/* misc.c */
--extern void swap_bits(char *);
--extern unsigned long long_swap_bits(unsigned long);
--extern unsigned long swap_six_bits_to_ansi(unsigned long);
--extern unsigned long swap_four_bits_to_ansi(unsigned long);
--extern unsigned long swap_bit_pos_1(unsigned long);
--extern unsigned long swap_bit_pos_0(unsigned long);
--extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
--extern unsigned long rev_swap_bit_pos_0(unsigned long);
--extern unsigned long swap_byte_bits(unsigned long);
--extern unsigned long swap_long_bytes_bit_number(unsigned long);
--#ifdef FILE
--/* XXX depends on FILE being a #define! */
--extern void test_set(FILE *, const char *, int, const char *, int);
--#endif
--
--void
--krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule ks1,
-- const mit_des_key_schedule ks2,
-- const mit_des_key_schedule ks3,
-- mit_des_cblock ivec);
--
--void
--krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule ks1,
-- const mit_des_key_schedule ks2,
-- const mit_des_key_schedule ks3,
-- mit_des_cblock ivec);
--
--void
--krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule,
-- mit_des_cblock ivec);
--
--void
--krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule,
-- mit_des_cblock ivec);
--
--void
--krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule, mit_des_cblock ivec,
-- mit_des_cblock out);
--
--/* d3_procky.c */
--krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
-- const krb5_keyblock *keyblock);
--
--/* d3_kysched.c */
--int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
--
--/* d3_str2ky.c */
--krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
-- krb5_keyblock *keyblock,
-- const krb5_data *data,
-- const krb5_data *salt);
--
--/* u_nfold.c */
--krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
-- krb5_octet *output, const size_t out_len);
--
--/* u_rn_key.c */
--int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
--
--void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
--
--krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
-- krb5_pointer random_state);
--
--krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
-- krb5_pointer random_state);
--#endif /*DES_INTERNAL_DEFS*/
-diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c
-deleted file mode 100644
-index 32b119aad..000000000
---- a/src/lib/crypto/builtin/des/des_keys.c
-+++ /dev/null
-@@ -1,40 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */
--/*
-- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--#include "crypto_int.h"
--#include "des_int.h"
--
--void
--k5_des_fixup_key_parity(unsigned char *keybits)
--{
-- mit_des_fixup_key_parity(keybits);
--}
--
--krb5_boolean
--k5_des_is_weak_key(unsigned char *keybits)
--{
-- return mit_des_is_weak_key(keybits);
--}
-diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
-deleted file mode 100644
-index 52114304e..000000000
---- a/src/lib/crypto/builtin/des/destest.c
-+++ /dev/null
-@@ -1,240 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/destest.c */
--/*
-- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
-- * All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--/*
-- * Copyright (C) 1998 by the FundsXpress, INC.
-- *
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may require
-- * a specific license from the United States Government. It is the
-- * responsibility of any person or organization contemplating export to
-- * obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of FundsXpress. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. FundsXpress makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- *
-- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-- */
--
--/* Test a DES implementation against known inputs & outputs. */
--
--#include "des_int.h"
--#include <ctype.h>
--#include <stdio.h>
--
--void convert (char *, unsigned char []);
--
--void des_cblock_print_file (mit_des_cblock, FILE *);
--
--krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
--
--int
--main(argc, argv)
-- int argc;
-- char *argv[];
--{
-- char block1[17], block2[17], block3[17];
-- /* Force tests of unaligned accesses. */
-- union { unsigned char c[8*4+3]; long l; } u;
-- unsigned char *ioblocks = u.c;
-- unsigned char *input = ioblocks+1;
-- unsigned char *output = ioblocks+10;
-- unsigned char *output2 = ioblocks+19;
-- unsigned char *key = ioblocks+27;
-- mit_des_key_schedule sched;
-- int num = 0;
-- int retval;
--
-- int error = 0;
--
-- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
-- convert(block1, key);
-- convert(block2, input);
-- convert(block3, output);
--
-- retval = mit_des_key_sched(key, sched);
-- if (retval) {
-- fprintf(stderr, "des test: can't process key: %d\n", retval);
-- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
-- exit(1);
-- }
-- mit_des_cbc_encrypt((const mit_des_cblock *) input,
-- (mit_des_cblock *) output2, 8,
-- sched, zeroblock, 1);
--
-- if (memcmp((char *)output2, (char *)output, 8)) {
-- fprintf(stderr,
-- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
-- block1, block2, block3,
-- output2[0],output2[1],output2[2],output2[3],
-- output2[4],output2[5],output2[6],output2[7]);
-- error++;
-- }
--
-- /*
-- * Now try decrypting....
-- */
-- mit_des_cbc_encrypt((const mit_des_cblock *) output,
-- (mit_des_cblock *) output2, 8,
-- sched, zeroblock, 0);
--
-- if (memcmp((char *)output2, (char *)input, 8)) {
-- fprintf(stderr,
-- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
-- block1, block2, block3,
-- output2[0],output2[1],output2[2],output2[3],
-- output2[4],output2[5],output2[6],output2[7]);
-- error++;
-- }
--
-- num++;
-- }
--
-- if (error)
-- printf("destest: failed to pass the test\n");
-- else
-- printf("destest: %d tests passed successfully\n", num);
--
-- exit( (error > 256 && error % 256) ? 1 : error);
--}
--
--int value[128] = {
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- 0, 1, 2, 3, 4, 5, 6, 7,
-- 8, 9, -1, -1, -1, -1, -1, -1,
-- -1, 10, 11, 12, 13, 14, 15, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
-- -1, -1, -1, -1, -1, -1, -1, -1,
--};
--
--void
--convert(text, cblock)
-- char *text;
-- unsigned char cblock[];
--{
-- int i;
-- for (i = 0; i < 8; i++) {
-- if (!isascii((unsigned char)text[i * 2]))
-- abort ();
-- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
-- printf("Bad value byte %d in %s\n", i, text);
-- exit(1);
-- }
-- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
-- }
-- return;
--}
--
--/*
-- * Fake out the DES library, for the purposes of testing.
-- */
--
--int
--mit_des_is_weak_key(key)
-- mit_des_cblock key;
--{
-- return 0; /* fake it out for testing */
--}
--
--void
--des_cblock_print_file(x, fp)
-- mit_des_cblock x;
-- FILE *fp;
--{
-- unsigned char *y = (unsigned char *) x;
-- int i = 0;
-- fprintf(fp," 0x { ");
--
-- while (i++ < 8) {
-- fprintf(fp,"%x",*y++);
-- if (i < 8)
-- fprintf(fp,", ");
-- }
-- fprintf(fp," }");
--}
--
--
--#define smask(step) ((1<<step)-1)
--#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
--#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
--
--/*
-- * des_check_key_parity: returns true iff key has the correct des parity.
-- * See des_fix_key_parity for the definition of
-- * correct des parity.
-- */
--int
--mit_des_check_key_parity(key)
-- mit_des_cblock key;
--{
-- unsigned int i;
--
-- for (i=0; i<sizeof(mit_des_cblock); i++) {
-- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
-- printf("warning: bad parity key:");
-- des_cblock_print_file(key, stdout);
-- putchar('\n');
--
-- return 1;
-- }
-- }
--
-- return(1);
--}
--
--void
--mit_des_fixup_key_parity(key)
-- mit_des_cblock key;
--{
-- unsigned int i;
-- for (i=0; i<sizeof(mit_des_cblock); i++)
-- {
-- key[i] &= 0xfe;
-- key[i] |= 1^parity_char(key[i]);
-- }
--
-- return;
--}
-diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
-deleted file mode 100644
-index 6e9431ed2..000000000
---- a/src/lib/crypto/builtin/des/doc/libdes.doc
-+++ /dev/null
-@@ -1,208 +0,0 @@
--
-- How to use the Kerberos encryption library.
--
-- Revised 10/15/85 spm
--
--1) The following include file is needed:
--
-- /projects/auth/include/des.h (VAX)
-- --------------- (PC8086)
--
--2) The encryption library that should be linked to is:
--
-- /projects/auth/lib/libdes.a (VAX)
--| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
--
--3) For each key that may be simultaneously active,
-- allocate (either compile or malloc) a "Key_schedule" struct,
-- defined in "des.h"
--
--4) Create key schedules, as needed, prior to using the encryption
-- routines, via "des_set_key()".
--
--5) Setup the input and output areas. Make sure to note the restrictions
-- on lengths being multiples of eight bytes.
--
--6) Invoke the encryption/decryption routines, "ecb_encrypt()"
-- or "cbc_encrypt()"
--
--7) To generate a cryptographic checksum, use "cbc_cksum()"
--/* ---------------------------------------------------------------- */
--
-- Routine Interfaces--
--
--/* ----------------------------------------------------------------- */
--
--int
-- des_set_key(k,schedule)
-- C_Block *k;
-- Key_schedule schedule;
--
-- Calculates a key schedule from (all) eight bytes of the input key, and
-- puts it into the indicated "Key_schedule" struct;
--
-- Make sure to pass valid eight bytes, no padding or other processing
-- it done.
--
-- The key schedule is then used in subsequent encryption/decryption
-- operations. Many key schedules may be created and cached for later
-- use.
--
-- The user is responsible to clear keys and schedules no longer needed
-- to prevent their disclosure.
--
--| Checks the parity of the key provided, to make sure it is odd per
--| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
--
--/* ---------------------------------------------------------------- */
--
--int
-- ecb_encrypt(input,output,schedule,encrypt)
-- C_Block *input; /* ptr to eight byte input value */
-- C_Block *output; /* ptr to eight byte output value */
-- int encrypt; /* 0 ==> decrypt, else encrypt */
-- Key_schedule schedule; /* addr of key schedule */
--
--This is the low level routine that encrypts or decrypts a single 8-byte
--block in electronic code book mode. Always transforms the input
--data into the output data.
--
--If encrypt is non-zero, the input (cleartext) is encrypted into the
--output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
--
--If encrypt is zero, the input (now ciphertext) is decrypted into
--the output (now cleartext).
--
--Input and output may be the same space.
--
--Does not return any meaningful value. Void is not used for compatibility
--with other compilers.
--
--/* -------------------------------------------------------------- */
--
--int
-- cbc_encrypt(input,output,length,schedule,ivec,encrypt)
--
-- C_Block *input; /* ptr to input data */
-- C_Block *output; /* ptr to output data */
-- int length; /* desired length, in bytes */
-- Key_schedule schedule; /* addr of precomputed schedule */
-- C_Block *ivec; /* pointer to 8 byte initialization
-- * vector
-- */
-- int encrypt /* 0 ==> decrypt; else encrypt*/
--
--
-- If encrypt is non-zero, the routine cipher-block-chain encrypts
-- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
-- key schedule and initialization vector. If the length is not an integral
-- multiple of eight bytes, the last block is copied to a temp and zero
-- filled (highest addresses). The output is ALWAYS an integral multiple
-- of eight bytes.
--
-- If encrypt is zero, the routine cipher-block chain decrypts the INPUT
-- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule
-- and initialization vector. Decryption ALWAYS operates on integral
-- multiples of 8 bytes, so will round the length provided up to the
-- appropriate multiple. Consequently, it will always produce the rounded-up
-- number of bytes of output cleartext. The application must determine if
-- the output cleartext was zero-padded due to cleartext lengths not integral
-- multiples of 8.
--
-- No errors or meaningful value are returned. Void is not used for
-- compatibility with other compilers.
--
--
--/* cbc checksum (MAC) only routine ---------------------------------------- */
--int
-- cbc_cksum(input,output,length,schedule,ivec)
--
-- C_Block *input; /* >= length bytes of inputtext */
-- C_Block *output; /* >= length bytes of outputtext */
-- int length; /* in bytes */
-- Key_schedule schedule; /* precomputed key schedule */
-- C_Block *ivec; /* 8 bytes of ivec */
--
--
-- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
-- encrypting the input, discarding the ciphertext output, and only retaining
-- the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
-- The input is effectively zero-padded to an integral multiple of
-- eight bytes, though the original input is not modified.
--
-- No meaningful value is returned. Void is not used for compatibility
-- with other compilers.
--
--
--/* random_key ----------------------------------------*/
--int
-- random_key(key)
--
-- C_Block *key;
--
-- The start for the random number generated is set from the current time
-- in microseconds, then the random number generator is invoked
-- to create an eight byte output key (not a schedule). The key
-- generated is set to odd parity per FIPS spec.
--
-- The caller must supply space for the output key, pointed to
-- by "*key", then after getting a new key, call the des_set_key()
-- routine when needed.
--
-- No meaningful value is returned. Void is not used for compatibility
-- with other compilers.
--
--
--/* string_to_key --------------------------------------------*/
--
--int
-- string_to_key(str,key)
-- char *str;
-- C_Block *key;
--
-- This routines converts an arbitrary length, null terminated string
-- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
--
-- The algorithm is as follows:
--
--| Take the first 8 bytes and remove the parity (leaving 56 bits).
--| Do the same for the second 8 bytes, and the third, etc. Do this for
--| as many sets of 8 bytes as necessary, filling in the remainder of the
--| last set with nulls. Fold the second set back on the first (i.e. bit
--| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
--| (bit 0 of the third set is now over bit 0 of the first set). Repeat
--| until you have done this to all sets. Xor the folded sets. Break the
--| result into 8 7 bit bytes, and generate odd parity for each byte. You
--| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
--| non parity bits.
--
--
--/* read_password -------------------------------------------*/
--
--read_password(k,prompt,verify)
-- C_Block *k;
-- char *prompt;
-- int verify;
--
--This routine issues the supplied prompt, turns off echo, if possible, and
--reads an input string. If verify is non-zero, it does it again, for use
--in applications such as changing a password. If verify is non-zero, both
--versions are compared, and the input is requested repeatedly until they
--match. Then, the input string is mapped into a valid DES key, internally
--using the string_to_key routine. The newly created key is copied to the
--area pointed to by parameter "k".
--
--No meaningful value is returned. If an error occurs trying to manipulate
--the terminal echo, the routine forces the process to exit.
--
--/* get_line ------------------------*/
--long get_line(p,max)
-- char *p;
-- long max;
--
--Reads input characters from standard input until either a newline appears or
--else the max length is reached. The characters read are stuffed into
--the string pointed to, which will always be null terminated. The newline
--is not inserted in the string. The max parameter includes the byte needed
--for the null terminator, so allocate and pass one more than the maximum
--string length desired.
-diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
-deleted file mode 100644
-index 71b8dff4d..000000000
---- a/src/lib/crypto/builtin/des/f_aead.c
-+++ /dev/null
-@@ -1,173 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/*
-- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
-- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
-- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
-- * in advertising or publicity pertaining to distribution of the software
-- * without specific, written prior permission. Richard P. Basch,
-- * Lehman Brothers and M.I.T. make no representations about the suitability
-- * of this software for any purpose. It is provided "as is" without
-- * express or implied warranty.
-- */
--
--#include "crypto_int.h"
--#include "des_int.h"
--#include "f_tables.h"
--
--const mit_des_cblock mit_des_zeroblock /* = all zero */;
--
--void
--krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule,
-- mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- struct iov_cursor cursor;
-- unsigned char block[MIT_DES_BLOCK_LENGTH];
--
-- /* Get key pointer here. This won't need to be reinitialized. */
-- kp = (const unsigned DES_INT32 *)schedule;
--
-- /* Initialize left and right with the contents of the initial vector. */
-- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-- left = load_32_be(ip);
-- right = load_32_be(ip + 4);
--
-- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-- while (k5_iov_cursor_get(&cursor, block)) {
-- /* Decompose this block and xor it with the previous ciphertext. */
-- left ^= load_32_be(block);
-- right ^= load_32_be(block + 4);
--
-- /* Encrypt what we have and put back into block. */
-- DES_DO_ENCRYPT(left, right, kp);
-- store_32_be(left, block);
-- store_32_be(right, block + 4);
--
-- k5_iov_cursor_put(&cursor, block);
-- }
--
-- if (ivec != NULL) {
-- store_32_be(left, ivec);
-- store_32_be(right, ivec + 4);
-- }
--}
--
--void
--krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule,
-- mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- unsigned DES_INT32 ocipherl, ocipherr;
-- unsigned DES_INT32 cipherl, cipherr;
-- struct iov_cursor cursor;
-- unsigned char block[MIT_DES_BLOCK_LENGTH];
--
-- /* Get key pointer here. This won't need to be reinitialized. */
-- kp = (const unsigned DES_INT32 *)schedule;
--
-- /*
-- * Decrypting is harder than encrypting because of
-- * the necessity of remembering a lot more things.
-- * Should think about this a little more...
-- */
--
-- /* Prime the old cipher with ivec. */
-- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-- ocipherl = load_32_be(ip);
-- ocipherr = load_32_be(ip + 4);
--
-- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-- while (k5_iov_cursor_get(&cursor, block)) {
-- /* Split this block into left and right. */
-- cipherl = left = load_32_be(block);
-- cipherr = right = load_32_be(block + 4);
--
-- /* Decrypt and xor with the old cipher to get plain text. */
-- DES_DO_DECRYPT(left, right, kp);
-- left ^= ocipherl;
-- right ^= ocipherr;
--
-- /* Store the encrypted halves back into block. */
-- store_32_be(left, block);
-- store_32_be(right, block + 4);
--
-- /* Save current cipher block halves. */
-- ocipherl = cipherl;
-- ocipherr = cipherr;
--
-- k5_iov_cursor_put(&cursor, block);
-- }
--
-- if (ivec != NULL) {
-- store_32_be(ocipherl, ivec);
-- store_32_be(ocipherr, ivec + 4);
-- }
--}
--
--void
--krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
-- const mit_des_key_schedule schedule, mit_des_cblock ivec,
-- mit_des_cblock out)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- struct iov_cursor cursor;
-- unsigned char block[MIT_DES_BLOCK_LENGTH];
--
-- /* Get key pointer here. This won't need to be reinitialized. */
-- kp = (const unsigned DES_INT32 *)schedule;
--
-- /* Initialize left and right with the contents of the initial vector. */
-- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-- left = load_32_be(ip);
-- right = load_32_be(ip + 4);
--
-- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE);
-- while (k5_iov_cursor_get(&cursor, block)) {
-- /* Decompose this block and xor it with the previous ciphertext. */
-- left ^= load_32_be(block);
-- right ^= load_32_be(block + 4);
--
-- /* Encrypt what we have. */
-- DES_DO_ENCRYPT(left, right, kp);
-- }
--
-- /* Output the final ciphertext block. */
-- store_32_be(left, out);
-- store_32_be(right, out + 4);
--}
--
--#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
--void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
-- unsigned DES_INT32 *right,
-- const unsigned DES_INT32 *kp)
--{
-- DES_DO_ENCRYPT_1 (*left, *right, kp);
--}
--
--void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
-- unsigned DES_INT32 *right,
-- const unsigned DES_INT32 *kp)
--{
-- DES_DO_DECRYPT_1 (*left, *right, kp);
--}
--#endif
-diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c
-deleted file mode 100644
-index 84d5382f2..000000000
---- a/src/lib/crypto/builtin/des/f_cbc.c
-+++ /dev/null
-@@ -1,256 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/f_cbc.c */
--/*
-- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/*
-- * CBC functions; used only by the test programs at this time. (krb5 uses the
-- * functions in f_aead.c instead.)
-- */
--
--/*
-- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
-- */
--#include "des_int.h"
--#include "f_tables.h"
--
--/*
-- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
-- */
--
--/*
-- * This routine performs DES cipher-block-chaining operation, either
-- * encrypting from cleartext to ciphertext, if encrypt != 0 or
-- * decrypting from ciphertext to cleartext, if encrypt == 0.
-- *
-- * The key schedule is passed as an arg, as well as the cleartext or
-- * ciphertext. The cleartext and ciphertext should be in host order.
-- *
-- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
-- * enough space was provided, your program will get trashed.
-- *
-- * For encryption, the cleartext string is null padded, at the end, to
-- * an integral multiple of eight bytes.
-- *
-- * For decryption, the ciphertext will be used in integral multiples
-- * of 8 bytes, but only the first "length" bytes returned into the
-- * cleartext.
-- */
--
--const mit_des_cblock mit_des_zeroblock /* = all zero */;
--
--static void
--des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-- unsigned long length, const mit_des_key_schedule schedule,
-- const mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- unsigned char *op;
--
-- /*
-- * Get key pointer here. This won't need to be reinitialized
-- */
-- kp = (const unsigned DES_INT32 *)schedule;
--
-- /*
-- * Initialize left and right with the contents of the initial
-- * vector.
-- */
-- ip = ivec;
-- GET_HALF_BLOCK(left, ip);
-- GET_HALF_BLOCK(right, ip);
--
-- /*
-- * Suitably initialized, now work the length down 8 bytes
-- * at a time.
-- */
-- ip = *in;
-- op = *out;
-- while (length > 0) {
-- /*
-- * Get more input, xor it in. If the length is
-- * greater than or equal to 8 this is straight
-- * forward. Otherwise we have to fart around.
-- */
-- if (length >= 8) {
-- unsigned DES_INT32 temp;
-- GET_HALF_BLOCK(temp, ip);
-- left ^= temp;
-- GET_HALF_BLOCK(temp, ip);
-- right ^= temp;
-- length -= 8;
-- } else {
-- /*
-- * Oh, shoot. We need to pad the
-- * end with zeroes. Work backwards
-- * to do this.
-- */
-- ip += (int) length;
-- switch(length) {
-- case 7:
-- right ^= (*(--ip) & FF_UINT32) << 8;
-- case 6:
-- right ^= (*(--ip) & FF_UINT32) << 16;
-- case 5:
-- right ^= (*(--ip) & FF_UINT32) << 24;
-- case 4:
-- left ^= *(--ip) & FF_UINT32;
-- case 3:
-- left ^= (*(--ip) & FF_UINT32) << 8;
-- case 2:
-- left ^= (*(--ip) & FF_UINT32) << 16;
-- case 1:
-- left ^= (*(--ip) & FF_UINT32) << 24;
-- break;
-- }
-- length = 0;
-- }
--
-- /*
-- * Encrypt what we have
-- */
-- DES_DO_ENCRYPT(left, right, kp);
--
-- /*
-- * Copy the results out
-- */
-- PUT_HALF_BLOCK(left, op);
-- PUT_HALF_BLOCK(right, op);
-- }
--}
--
--static void
--des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out,
-- unsigned long length, const mit_des_key_schedule schedule,
-- const mit_des_cblock ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- unsigned char *op;
-- unsigned DES_INT32 ocipherl, ocipherr;
-- unsigned DES_INT32 cipherl, cipherr;
--
-- /*
-- * Get key pointer here. This won't need to be reinitialized
-- */
-- kp = (const unsigned DES_INT32 *)schedule;
--
-- /*
-- * Decrypting is harder than encrypting because of
-- * the necessity of remembering a lot more things.
-- * Should think about this a little more...
-- */
--
-- if (length <= 0)
-- return;
--
-- /*
-- * Prime the old cipher with ivec.
-- */
-- ip = ivec;
-- GET_HALF_BLOCK(ocipherl, ip);
-- GET_HALF_BLOCK(ocipherr, ip);
--
-- /*
-- * Now do this in earnest until we run out of length.
-- */
-- ip = *in;
-- op = *out;
-- for (;;) { /* check done inside loop */
-- /*
-- * Read a block from the input into left and
-- * right. Save this cipher block for later.
-- */
-- GET_HALF_BLOCK(left, ip);
-- GET_HALF_BLOCK(right, ip);
-- cipherl = left;
-- cipherr = right;
--
-- /*
-- * Decrypt this.
-- */
-- DES_DO_DECRYPT(left, right, kp);
--
-- /*
-- * Xor with the old cipher to get plain
-- * text. Output 8 or less bytes of this.
-- */
-- left ^= ocipherl;
-- right ^= ocipherr;
-- if (length > 8) {
-- length -= 8;
-- PUT_HALF_BLOCK(left, op);
-- PUT_HALF_BLOCK(right, op);
-- /*
-- * Save current cipher block here
-- */
-- ocipherl = cipherl;
-- ocipherr = cipherr;
-- } else {
-- /*
-- * Trouble here. Start at end of output,
-- * work backwards.
-- */
-- op += (int) length;
-- switch(length) {
-- case 8:
-- *(--op) = (unsigned char) (right & 0xff);
-- case 7:
-- *(--op) = (unsigned char) ((right >> 8) & 0xff);
-- case 6:
-- *(--op) = (unsigned char) ((right >> 16) & 0xff);
-- case 5:
-- *(--op) = (unsigned char) ((right >> 24) & 0xff);
-- case 4:
-- *(--op) = (unsigned char) (left & 0xff);
-- case 3:
-- *(--op) = (unsigned char) ((left >> 8) & 0xff);
-- case 2:
-- *(--op) = (unsigned char) ((left >> 16) & 0xff);
-- case 1:
-- *(--op) = (unsigned char) ((left >> 24) & 0xff);
-- break;
-- }
-- break; /* we're done */
-- }
-- }
--}
--
--int
--mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-- unsigned long length, const mit_des_key_schedule schedule,
-- const mit_des_cblock ivec, int enc)
--{
-- /*
-- * Deal with encryption and decryption separately.
-- */
-- if (enc)
-- des_cbc_encrypt(in, out, length, schedule, ivec);
-- else
-- des_cbc_decrypt(in, out, length, schedule, ivec);
-- return 0;
--}
-diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c
-deleted file mode 100644
-index cb482b009..000000000
---- a/src/lib/crypto/builtin/des/f_cksum.c
-+++ /dev/null
-@@ -1,136 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/f_cksum.c */
--/*
-- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/* DES implementation donated by Dennis Ferguson */
--
--/*
-- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
-- */
--#include "des_int.h"
--#include "f_tables.h"
--
--/*
-- * This routine performs DES cipher-block-chaining checksum operation,
-- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
-- * to a single 64 bit output MAC checksum.
-- *
-- * The key schedule is passed as an arg, as well as the cleartext or
-- * ciphertext. The cleartext and ciphertext should be in host order.
-- *
-- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
-- * provided, your program will get trashed.
-- *
-- * The input is null padded, at the end (highest addr), to an integral
-- * multiple of eight bytes.
-- */
--
--unsigned long
--mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
-- unsigned long length, const mit_des_key_schedule schedule,
-- const krb5_octet *ivec)
--{
-- unsigned DES_INT32 left, right;
-- const unsigned DES_INT32 *kp;
-- const unsigned char *ip;
-- unsigned char *op;
-- DES_INT32 len;
--
-- /*
-- * Initialize left and right with the contents of the initial
-- * vector.
-- */
-- ip = ivec;
-- GET_HALF_BLOCK(left, ip);
-- GET_HALF_BLOCK(right, ip);
--
-- /*
-- * Suitably initialized, now work the length down 8 bytes
-- * at a time.
-- */
-- ip = in;
-- len = length;
-- while (len > 0) {
-- /*
-- * Get more input, xor it in. If the length is
-- * greater than or equal to 8 this is straight
-- * forward. Otherwise we have to fart around.
-- */
-- if (len >= 8) {
-- unsigned DES_INT32 temp;
-- GET_HALF_BLOCK(temp, ip);
-- left ^= temp;
-- GET_HALF_BLOCK(temp, ip);
-- right ^= temp;
-- len -= 8;
-- } else {
-- /*
-- * Oh, shoot. We need to pad the
-- * end with zeroes. Work backwards
-- * to do this.
-- */
-- ip += (int) len;
-- switch(len) {
-- case 7:
-- right ^= (*(--ip) & FF_UINT32) << 8;
-- case 6:
-- right ^= (*(--ip) & FF_UINT32) << 16;
-- case 5:
-- right ^= (*(--ip) & FF_UINT32) << 24;
-- case 4:
-- left ^= *(--ip) & FF_UINT32;
-- case 3:
-- left ^= (*(--ip) & FF_UINT32) << 8;
-- case 2:
-- left ^= (*(--ip) & FF_UINT32) << 16;
-- case 1:
-- left ^= (*(--ip) & FF_UINT32) << 24;
-- break;
-- }
-- len = 0;
-- }
--
-- /*
-- * Encrypt what we have
-- */
-- kp = (const unsigned DES_INT32 *)schedule;
-- DES_DO_ENCRYPT(left, right, kp);
-- }
--
-- /*
-- * Done. Left and right have the checksum. Put it into
-- * the output.
-- */
-- op = out;
-- PUT_HALF_BLOCK(left, op);
-- PUT_HALF_BLOCK(right, op);
--
-- /*
-- * Return right. I'll bet the MIT code returns this
-- * inconsistantly (with the low order byte of the checksum
-- * not always in the low order byte of the DES_INT32). We won't.
-- */
-- return right & 0xFFFFFFFFUL;
--}
-diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c
-deleted file mode 100644
-index 460b5061b..000000000
---- a/src/lib/crypto/builtin/des/f_parity.c
-+++ /dev/null
-@@ -1,56 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/*
-- * These routines check and fix parity of encryption keys for the DES
-- * algorithm.
-- *
-- * They are a replacement for routines in key_parity.c, that don't require
-- * the table building that they do.
-- *
-- * Mark Eichin -- Cygnus Support
-- */
--
--
--#include "des_int.h"
--
--/*
-- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
-- * 8,16,...64 in des order, implies 0, 8, 16, ...
-- * vax order.
-- */
--#define smask(step) ((1<<step)-1)
--#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
--#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
--
--void
--mit_des_fixup_key_parity(mit_des_cblock key)
--{
-- unsigned int i;
-- for (i=0; i<sizeof(mit_des_cblock); i++)
-- {
-- key[i] &= 0xfe;
-- key[i] |= 1^parity_char(key[i]);
-- }
--
-- return;
--}
--
--/*
-- * des_check_key_parity: returns true iff key has the correct des parity.
-- * See des_fix_key_parity for the definition of
-- * correct des parity.
-- */
--int
--mit_des_check_key_parity(mit_des_cblock key)
--{
-- unsigned int i;
--
-- for (i=0; i<sizeof(mit_des_cblock); i++)
-- {
-- if((key[i] & 1) == parity_char(0xfe&key[i]))
-- {
-- return 0;
-- }
-- }
--
-- return(1);
--}
-diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c
-deleted file mode 100644
-index 666a510fb..000000000
---- a/src/lib/crypto/builtin/des/f_sched.c
-+++ /dev/null
-@@ -1,359 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/f_sched.c */
--/*
-- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/* DES implementation donated by Dennis Ferguson */
--
--/*
-- * des_make_sched.c - permute a DES key, returning the resulting key schedule
-- */
--#include "k5-int.h"
--#include "des_int.h"
--
--/*
-- * Permuted choice 1 tables. These are used to extract bits
-- * from the left and right parts of the key to form Ci and Di.
-- * The code that uses these tables knows which bits from which
-- * part of each key are used to form Ci and Di.
-- */
--static const unsigned DES_INT32 PC1_CL[8] = {
-- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
-- 0x00100000, 0x00100010, 0x00101000, 0x00101010
--};
--
--static const unsigned DES_INT32 PC1_DL[16] = {
-- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
-- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
-- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
-- 0x00000011, 0x00100011, 0x00001011, 0x00101011
--};
--
--static const unsigned DES_INT32 PC1_CR[16] = {
-- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
-- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
-- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
-- 0x01010000, 0x01010001, 0x01010100, 0x01010101
--};
--
--static const unsigned DES_INT32 PC1_DR[8] = {
-- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
-- 0x00000100, 0x01000100, 0x00010100, 0x01010100
--};
--
--
--/*
-- * At the start of some iterations of the key schedule we do
-- * a circular left shift by one place, while for others we do a shift by
-- * two places. This has bits set for the iterations where we do 2 bit
-- * shifts, starting at the low order bit.
-- */
--#define TWO_BIT_SHIFTS 0x7efc
--
--/*
-- * Permuted choice 2 tables. The first actually produces the low order
-- * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces
-- * the high order 24 bits from Di. The tables are indexed by six bit
-- * segments of Ci and Di respectively. The code is handcrafted to compute
-- * the appropriate 6 bit chunks.
-- *
-- * Note that for ease of computation, the 24 bit values are produced with
-- * six bits going into each byte. Note also that the table has been byte
-- * rearranged to produce keys which match the order we will apply them
-- * in in the des code.
-- */
--static const unsigned DES_INT32 PC2_C[4][64] = {
-- {
-- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
-- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
-- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
-- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
-- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
-- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
-- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
-- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
-- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
-- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
-- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
-- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
-- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
-- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
-- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
-- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
-- },
-- {
-- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
-- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
-- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
-- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
-- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
-- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
-- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
-- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
-- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
-- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
-- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
-- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
-- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
-- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
-- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
-- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
-- },
-- {
-- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
-- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
-- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
-- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
-- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
-- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
-- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
-- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
-- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
-- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
-- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
-- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
-- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
-- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
-- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
-- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
-- },
-- {
-- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
-- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
-- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
-- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
-- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
-- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
-- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
-- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
-- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
-- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
-- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
-- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
-- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
-- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
-- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
-- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
-- },
--};
--
--static const unsigned DES_INT32 PC2_D[4][64] = {
-- {
-- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
-- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
-- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
-- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
-- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
-- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
-- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
-- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
-- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
-- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
-- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
-- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
-- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
-- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
-- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
-- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
-- },
-- {
-- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
-- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
-- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
-- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
-- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
-- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
-- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
-- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
-- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
-- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
-- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
-- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
-- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
-- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
-- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
-- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
-- },
-- {
-- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
-- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
-- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
-- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
-- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
-- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
-- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
-- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
-- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
-- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
-- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
-- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
-- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
-- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
-- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
-- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
-- },
-- {
-- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
-- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
-- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
-- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
-- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
-- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
-- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
-- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
-- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
-- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
-- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
-- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
-- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
-- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
-- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
-- 0x01080810, 0x05080810, 0x01080811, 0x05080811
-- },
--};
--
--
--
--/*
-- * Permute the key to give us our key schedule.
-- */
--int
--mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
--{
-- unsigned DES_INT32 c, d;
--
-- {
-- /*
-- * Need a pointer for the keys and a temporary DES_INT32
-- */
-- const unsigned char *k;
-- unsigned DES_INT32 tmp;
--
-- /*
-- * Fetch the key into something we can work with
-- */
-- k = key;
--
-- /*
-- * The first permutted choice gives us the 28 bits for C0 and
-- * 28 for D0. C0 gets 12 bits from the left key and 16 from
-- * the right, while D0 gets 16 from the left and 12 from the
-- * right. The code knows which bits go where.
-- */
-- tmp = load_32_be(k), k += 4;
--
-- c = PC1_CL[(tmp >> 29) & 0x7]
-- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
-- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
-- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
-- d = PC1_DL[(tmp >> 25) & 0xf]
-- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
-- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
-- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
--
-- tmp = load_32_be(k), k += 4;
--
-- c |= PC1_CR[(tmp >> 28) & 0xf]
-- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
-- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
-- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
-- d |= PC1_DR[(tmp >> 25) & 0x7]
-- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
-- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
-- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
-- }
--
-- {
-- /*
-- * Need several temporaries in here
-- */
-- unsigned DES_INT32 ltmp, rtmp;
-- unsigned DES_INT32 *k;
-- int two_bit_shifts;
-- int i;
-- /*
-- * Now iterate to compute the key schedule. Note that we
-- * record the entire set of subkeys in 6 bit chunks since
-- * they are used that way. At 6 bits/char, we need
-- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
-- * The schedule must be this big.
-- */
-- k = (unsigned DES_INT32 *)schedule;
-- two_bit_shifts = TWO_BIT_SHIFTS;
-- for (i = 16; i > 0; i--) {
-- /*
-- * Do the rotation. One bit and two bit rotations
-- * are done separately. Note C and D are 28 bits.
-- */
-- if (two_bit_shifts & 0x1) {
-- c = ((c << 2) & 0xffffffc) | (c >> 26);
-- d = ((d << 2) & 0xffffffc) | (d >> 26);
-- } else {
-- c = ((c << 1) & 0xffffffe) | (c >> 27);
-- d = ((d << 1) & 0xffffffe) | (d >> 27);
-- }
-- two_bit_shifts >>= 1;
--
-- /*
-- * Apply permutted choice 2 to C to get the first
-- * 24 bits worth of keys. Note that bits 9, 18, 22
-- * and 25 (using DES numbering) in C are unused. The
-- * shift-mask stuff is done to delete these bits from
-- * the indices, since this cuts the table size in half.
-- *
-- * The table is torqued, by the way. If the standard
-- * byte order for this (high to low order) is 1234,
-- * the table actually gives us 4132.
-- */
-- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
-- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
-- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
-- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
-- /*
-- * Apply permutted choice 2 to D to get the other half.
-- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
-- * actually turns out to be cheaper here.
-- *
-- * This table is similarly torqued. If the standard
-- * byte order is 5678, the table has the bytes permuted
-- * to give us 7685.
-- */
-- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
-- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
-- | PC2_D[2][((d >> 7) & 0x3f)]
-- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
--
-- /*
-- * Make up two words of the key schedule, with a
-- * byte order which is convenient for the DES
-- * inner loop. The high order (first) word will
-- * hold bytes 7135 (high to low order) while the
-- * second holds bytes 4682.
-- */
-- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
-- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
-- }
-- }
-- return (0);
--}
-diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c
-deleted file mode 100644
-index 6308cb0d5..000000000
---- a/src/lib/crypto/builtin/des/f_tables.c
-+++ /dev/null
-@@ -1,370 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/f_tables.c */
--/*
-- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/* DES implementation donated by Dennis Ferguson */
--
--/*
-- * des_tables.c - precomputed tables used for the DES cipher function
-- */
--
--/*
-- * Include the header file so something will complain if the
-- * declarations get out of sync
-- */
--#include "des_int.h"
--#include "f_tables.h"
--
--/*
-- * These tables may be declared const if you want. Many compilers
-- * don't support this, though.
-- */
--
--/*
-- * The DES algorithm which uses these is intended to be fairly speedy
-- * at the expense of some memory. All the standard hacks are used.
-- * The S boxes and the P permutation are precomputed into one table.
-- * The E box never actually appears explicitly since it is easy to apply
-- * this algorithmically as needed. The initial permutation and final
-- * (inverse initial) permutation are computed from tables designed to
-- * permute one byte at a time. This should run pretty fast on machines
-- * with 32 bit words and bit field/multiple bit shift instructions which
-- * are fast.
-- */
--
--/*
-- * The initial permutation array. This is used to compute both the
-- * left and the right halves of the initial permutation using bytes
-- * from words made from the following operations:
-- *
-- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half
-- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half
-- *
-- * The scheme is that we index into the table using each byte. The
-- * result from the high order byte is or'd with the result from the
-- * next byte shifted left once is or'd with the result from the next
-- * byte shifted left twice if or'd with the result from the low order
-- * byte shifted left by three. Clear?
-- */
--
--const unsigned DES_INT32 des_IP_table[256] = {
-- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
-- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
-- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
-- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
-- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
-- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
-- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
-- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
-- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
-- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
-- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
-- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
-- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
-- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
-- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
-- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
-- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
-- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
-- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
-- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
-- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
-- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
-- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
-- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
-- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
-- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
-- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
-- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
-- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
-- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
-- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
-- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
-- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
-- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
-- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
-- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
-- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
-- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
-- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
-- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
-- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
-- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
-- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
-- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
-- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
-- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
-- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
-- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
-- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
-- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
-- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
-- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
-- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
-- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
-- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
-- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
-- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
-- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
-- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
-- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
-- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
-- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
-- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
-- 0x11111100, 0x11111110, 0x11111101, 0x11111111
--};
--
--/*
-- * The final permutation array. Like the IP array, used
-- * to compute both the left and right results from the bytes
-- * of words computed from:
-- *
-- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result
-- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result
-- *
-- * The result from the high order byte is shifted left 6 bits and
-- * or'd with the result from the next byte shifted left 4 bits, which
-- * is or'd with the result from the next byte shifted left 2 bits,
-- * which is or'd with the result from the low byte.
-- */
--const unsigned DES_INT32 des_FP_table[256] = {
-- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
-- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
-- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
-- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
-- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
-- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
-- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
-- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
-- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
-- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
-- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
-- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
-- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
-- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
-- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
-- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
-- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
-- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
-- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
-- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
-- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
-- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
-- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
-- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
-- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
-- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
-- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
-- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
-- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
-- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
-- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
-- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
-- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
-- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
-- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
-- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
-- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
-- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
-- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
-- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
-- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
-- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
-- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
-- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
-- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
-- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
-- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
-- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
-- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
-- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
-- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
-- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
-- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
-- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
-- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
-- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
-- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
-- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
-- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
-- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
-- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
-- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
-- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
-- 0x01010303, 0x03010303, 0x01030303, 0x03030303
--};
--
--
--/*
-- * The SP table is actually the S boxes and the P permutation
-- * table combined. This table is actually reordered from the
-- * spec, to match the order of key application we follow.
-- */
--const unsigned DES_INT32 des_SP_table[8][64] = {
-- {
-- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
-- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
-- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
-- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
-- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
-- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
-- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
-- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
-- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
-- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
-- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
-- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
-- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
-- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
-- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
-- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
-- },
-- {
-- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
-- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
-- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
-- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
-- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
-- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
-- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
-- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
-- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
-- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
-- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
-- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
-- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
-- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
-- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
-- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
-- },
-- {
-- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
-- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
-- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
-- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
-- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
-- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
-- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
-- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
-- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
-- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
-- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
-- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
-- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
-- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
-- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
-- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
-- },
-- {
-- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
-- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
-- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
-- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
-- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
-- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
-- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
-- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
-- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
-- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
-- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
-- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
-- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
-- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
-- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
-- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
-- },
-- {
-- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
-- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
-- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
-- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
-- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
-- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
-- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
-- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
-- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
-- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
-- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
-- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
-- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
-- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
-- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
-- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
-- },
-- {
-- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
-- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
-- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
-- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
-- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
-- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
-- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
-- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
-- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
-- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
-- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
-- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
-- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
-- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
-- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
-- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
-- },
-- {
-- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
-- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
-- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
-- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
-- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
-- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
-- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
-- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
-- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
-- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
-- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
-- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
-- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
-- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
-- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
-- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
-- },
-- {
-- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
-- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
-- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
-- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
-- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
-- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
-- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
-- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
-- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
-- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
-- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
-- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
-- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
-- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
-- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
-- 0x40000000, 0x40080010, 0x40084010, 0x00084000
-- },
--};
-diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h
-deleted file mode 100644
-index fc91b566c..000000000
---- a/src/lib/crypto/builtin/des/f_tables.h
-+++ /dev/null
-@@ -1,285 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/f_tables.h */
--/*
-- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/*
-- * DES implementation donated by Dennis Ferguson
-- */
--
--/*
-- * des_tables.h - declarations to import the DES tables, used internally
-- * by some of the library routines.
-- */
--#ifndef __DES_TABLES_H__
--#define __DES_TABLES_H__ /* nothing */
--
--#include "k5-platform.h"
--/*
-- * These may be declared const if you wish. Be sure to change the
-- * declarations in des_tables.c as well.
-- */
--extern const unsigned DES_INT32 des_IP_table[256];
--extern const unsigned DES_INT32 des_FP_table[256];
--extern const unsigned DES_INT32 des_SP_table[8][64];
--
--/*
-- * Use standard shortforms to reference these to save typing
-- */
--#define IP des_IP_table
--#define FP des_FP_table
--#define SP des_SP_table
--
--#ifdef DEBUG
--#define DEB(foofraw) printf foofraw
--#else
--#define DEB(foofraw) /* nothing */
--#endif
--
--/*
-- * Code to do a DES round using the tables. Note that the E expansion
-- * is easy to compute algorithmically, especially if done out-of-order.
-- * Take a look at its form and compare it to everything involving temp
-- * below. Since SP[0-7] don't have any bits in common set it is okay
-- * to do the successive xor's.
-- *
-- * Note too that the SP table has been reordered to match the order of
-- * the keys (if the original order of SP was 12345678, the reordered
-- * table is 71354682). This is unnecessary, but was done since some
-- * compilers seem to like you going through the matrix from beginning
-- * to end.
-- *
-- * There is a difference in the best way to do this depending on whether
-- * one is encrypting or decrypting. If encrypting we move forward through
-- * the keys and hence should move forward through the table. If decrypting
-- * we go back. Part of the need for this comes from trying to emulate
-- * existing software which generates a single key schedule and uses it
-- * both for encrypting and decrypting. Generating separate encryption
-- * and decryption key schedules would allow one to use the same code
-- * for both.
-- *
-- * left, right and temp should be unsigned DES_INT32 values. left and right
-- * should be the high and low order parts of the cipher block at the
-- * current stage of processing (this makes sense if you read the spec).
-- * kp should be an unsigned DES_INT32 pointer which points at the current
-- * set of subkeys in the key schedule. It is advanced to the next set
-- * (i.e. by 8 bytes) when this is done.
-- *
-- * This occurs in the innermost loop of the DES function. The four
-- * variables should really be in registers.
-- *
-- * When using this, the inner loop of the DES function might look like:
-- *
-- * for (i = 0; i < 8; i++) {
-- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
-- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
-- * }
-- *
-- * Note the trick above. You are supposed to do 16 rounds, swapping
-- * left and right at the end of each round. By doing two rounds at
-- * a time and swapping left and right in the code we can avoid the
-- * swaps altogether.
-- */
--#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \
-- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
-- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
-- | SP[1][((temp) >> 16) & 0x3f] \
-- | SP[2][((temp) >> 8) & 0x3f] \
-- | SP[3][((temp) ) & 0x3f]; \
-- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
-- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
-- | SP[5][((temp) >> 16) & 0x3f] \
-- | SP[6][((temp) >> 8) & 0x3f] \
-- | SP[7][((temp) ) & 0x3f]; \
-- } while(0);
--
--#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \
-- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
-- (left) ^= SP[7][((temp) ) & 0x3f] \
-- | SP[6][((temp) >> 8) & 0x3f] \
-- | SP[5][((temp) >> 16) & 0x3f] \
-- | SP[4][((temp) >> 24) & 0x3f]; \
-- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
-- (left) ^= SP[3][((temp) ) & 0x3f] \
-- | SP[2][((temp) >> 8) & 0x3f] \
-- | SP[1][((temp) >> 16) & 0x3f] \
-- | SP[0][((temp) >> 24) & 0x3f]; \
-- } while (0);
--
--/*
-- * Macros to help deal with the initial permutation table. Note
-- * the IP table only deals with 32 bits at a time, allowing us to
-- * collect the bits we need to deal with each half into an unsigned
-- * DES_INT32. By carefully selecting how the bits are ordered we also
-- * take advantages of symmetries in the table so that we can use a
-- * single table to compute the permutation of all bytes. This sounds
-- * complicated, but if you go through the process of designing the
-- * table you'll find the symmetries fall right out.
-- *
-- * The follow macros compute the set of bits used to index the
-- * table for produce the left and right permuted result.
-- *
-- * The inserted cast to unsigned DES_INT32 circumvents a bug in
-- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
-- * propagates the high-order bit in the shift.
-- */
--#define DES_IP_LEFT_BITS(left, right) \
-- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
--#define DES_IP_RIGHT_BITS(left, right) \
-- (((left) & 0xaaaaaaaa) | \
-- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
--
--/*
-- * The following macro does an in-place initial permutation given
-- * the current left and right parts of the block and a single
-- * temporary. Use this more as a guide for rolling your own, though.
-- * The best way to do the IP depends on the form of the data you
-- * are dealing with. If you use this, though, try to make left,
-- * right and temp unsigned DES_INT32s.
-- */
--#define DES_INITIAL_PERM(left, right, temp) do { \
-- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
-- (right) = DES_IP_LEFT_BITS((left), (right)); \
-- (left) = IP[((right) >> 24) & 0xff] \
-- | (IP[((right) >> 16) & 0xff] << 1) \
-- | (IP[((right) >> 8) & 0xff] << 2) \
-- | (IP[(right) & 0xff] << 3); \
-- (right) = IP[((temp) >> 24) & 0xff] \
-- | (IP[((temp) >> 16) & 0xff] << 1) \
-- | (IP[((temp) >> 8) & 0xff] << 2) \
-- | (IP[(temp) & 0xff] << 3); \
-- } while(0);
--
--/*
-- * Now the final permutation stuff. The same comments apply to
-- * this as to the initial permutation, except that we use different
-- * bits and shifts.
-- *
-- * The inserted cast to unsigned DES_INT32 circumvents a bug in
-- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
-- * propagates the high-order bit in the shift.
-- */
--#define DES_FP_LEFT_BITS(left, right) \
-- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
--#define DES_FP_RIGHT_BITS(left, right) \
-- (((left) & 0xf0f0f0f0) | \
-- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
--
--
--/*
-- * Here is a sample final permutation. Note that there is a trick
-- * here. DES requires swapping the left and right parts after the
-- * last cipher round but before the final permutation. We do this
-- * swapping internally, which is why left and right are confused
-- * at the beginning.
-- */
--#define DES_FINAL_PERM(left, right, temp) do { \
-- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
-- (right) = DES_FP_LEFT_BITS((right), (left)); \
-- (left) = (FP[((right) >> 24) & 0xff] << 6) \
-- | (FP[((right) >> 16) & 0xff] << 4) \
-- | (FP[((right) >> 8) & 0xff] << 2) \
-- | FP[(right) & 0xff]; \
-- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
-- | (FP[((temp) >> 16) & 0xff] << 4) \
-- | (FP[((temp) >> 8) & 0xff] << 2) \
-- | FP[temp & 0xff]; \
-- } while(0);
--
--
--/*
-- * Finally, as a sample of how all this might be held together, the
-- * following two macros do in-place encryptions and decryptions. left
-- * and right are two unsigned DES_INT32 variables which at the beginning
-- * are expected to hold the clear (encrypted) block in host byte order
-- * (left the high order four bytes, right the low order). At the end
-- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
-- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
-- * the start of the key schedule. All these should be in registers.
-- *
-- * You can probably do better than these by rewriting for particular
-- * situations. These aren't bad, though.
-- *
-- * The DEB macros enable debugging when this code breaks (typically
-- * when a buggy compiler breaks it), by printing the intermediate values
-- * at each stage of the encryption, so that by comparing the output to
-- * a known good machine, the location of the first error can be found.
-- */
--#define DES_DO_ENCRYPT_1(left, right, kp) \
-- do { \
-- int i; \
-- unsigned DES_INT32 temp1; \
-- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
-- DES_INITIAL_PERM((left), (right), (temp1)); \
-- DEB ((" after IP %8lX %8lX\n", left, right)); \
-- for (i = 0; i < 8; i++) { \
-- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
-- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
-- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
-- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
-- } \
-- DES_FINAL_PERM((left), (right), (temp1)); \
-- (kp) -= (2 * 16); \
-- DEB ((" after FP %8lX %8lX \n", left, right)); \
-- } while (0)
--
--#define DES_DO_DECRYPT_1(left, right, kp) \
-- do { \
-- int i; \
-- unsigned DES_INT32 temp2; \
-- DES_INITIAL_PERM((left), (right), (temp2)); \
-- (kp) += (2 * 16); \
-- for (i = 0; i < 8; i++) { \
-- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
-- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
-- } \
-- DES_FINAL_PERM((left), (right), (temp2)); \
-- } while (0)
--
--#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
--extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
-- unsigned DES_INT32 *r,
-- const unsigned DES_INT32 *k);
--extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
-- unsigned DES_INT32 *r,
-- const unsigned DES_INT32 *k);
--#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
--#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
--#else
--#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
--#define DES_DO_DECRYPT DES_DO_DECRYPT_1
--#endif
--
--/*
-- * These are handy dandy utility thingies for straightening out bytes.
-- * Included here because they're used a couple of places.
-- */
--#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
--#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
--
--/* Shorthand that we'll need in several places, for creating values that
-- really can hold 32 bits regardless of the prevailing int size. */
--#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
--
--#endif /* __DES_TABLES_H__ */
-diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c
-deleted file mode 100644
-index 87f02b6a9..000000000
---- a/src/lib/crypto/builtin/des/key_sched.c
-+++ /dev/null
-@@ -1,62 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/key_sched.c */
--/*
-- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
-- * of Technology.
-- * All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/*
-- * This routine computes the DES key schedule given a key. The
-- * permutations and shifts have been done at compile time, resulting
-- * in a direct one-step mapping from the input key to the key
-- * schedule.
-- *
-- * Also checks parity and weak keys.
-- *
-- * Watch out for the subscripts -- most effectively start at 1 instead
-- * of at zero. Maybe some bugs in that area.
-- *
-- * In case the user wants to cache the computed key schedule, it is
-- * passed as an arg. Also implies that caller has explicit control
-- * over zeroing both the key schedule and the key.
-- *
-- * Originally written 6/85 by Steve Miller, MIT Project Athena.
-- */
--
--#include "k5-int.h"
--#include "des_int.h"
--
--int
--mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
--{
-- mit_des_make_key_sched(k,schedule);
--
-- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
-- return(-1);
--
-- if (mit_des_is_weak_key(k))
-- return(-2);
--
-- /* if key was good, return 0 */
-- return 0;
--}
-diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data
-deleted file mode 100644
-index 7ff34eedc..000000000
---- a/src/lib/crypto/builtin/des/keytest.data
-+++ /dev/null
-@@ -1,171 +0,0 @@
--0101010101010101 95F8A5E5DD31D900 8000000000000000
--0101010101010101 DD7F121CA5015619 4000000000000000
--0101010101010101 2E8653104F3834EA 2000000000000000
--0101010101010101 4BD388FF6CD81D4F 1000000000000000
--0101010101010101 20B9E767B2FB1456 0800000000000000
--0101010101010101 55579380D77138EF 0400000000000000
--0101010101010101 6CC5DEFAAF04512F 0200000000000000
--0101010101010101 0D9F279BA5D87260 0100000000000000
--0101010101010101 D9031B0271BD5A0A 0080000000000000
--0101010101010101 424250B37C3DD951 0040000000000000
--0101010101010101 B8061B7ECD9A21E5 0020000000000000
--0101010101010101 F15D0F286B65BD28 0010000000000000
--0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
--0101010101010101 E6D5F82752AD63D1 0004000000000000
--0101010101010101 ECBFE3BD3F591A5E 0002000000000000
--0101010101010101 F356834379D165CD 0001000000000000
--0101010101010101 2B9F982F20037FA9 0000800000000000
--0101010101010101 889DE068A16F0BE6 0000400000000000
--0101010101010101 E19E275D846A1298 0000200000000000
--0101010101010101 329A8ED523D71AEC 0000100000000000
--0101010101010101 E7FCE22557D23C97 0000080000000000
--0101010101010101 12A9F5817FF2D65D 0000040000000000
--0101010101010101 A484C3AD38DC9C19 0000020000000000
--0101010101010101 FBE00A8A1EF8AD72 0000010000000000
--0101010101010101 750D079407521363 0000008000000000
--0101010101010101 64FEED9C724C2FAF 0000004000000000
--0101010101010101 F02B263B328E2B60 0000002000000000
--0101010101010101 9D64555A9A10B852 0000001000000000
--0101010101010101 D106FF0BED5255D7 0000000800000000
--0101010101010101 E1652C6B138C64A5 0000000400000000
--0101010101010101 E428581186EC8F46 0000000200000000
--0101010101010101 AEB5F5EDE22D1A36 0000000100000000
--0101010101010101 E943D7568AEC0C5C 0000000080000000
--0101010101010101 DF98C8276F54B04B 0000000040000000
--0101010101010101 B160E4680F6C696F 0000000020000000
--0101010101010101 FA0752B07D9C4AB8 0000000010000000
--0101010101010101 CA3A2B036DBC8502 0000000008000000
--0101010101010101 5E0905517BB59BCF 0000000004000000
--0101010101010101 814EEB3B91D90726 0000000002000000
--0101010101010101 4D49DB1532919C9F 0000000001000000
--0101010101010101 25EB5FC3F8CF0621 0000000000800000
--0101010101010101 AB6A20C0620D1C6F 0000000000400000
--0101010101010101 79E90DBC98F92CCA 0000000000200000
--0101010101010101 866ECEDD8072BB0E 0000000000100000
--0101010101010101 8B54536F2F3E64A8 0000000000080000
--0101010101010101 EA51D3975595B86B 0000000000040000
--0101010101010101 CAFFC6AC4542DE31 0000000000020000
--0101010101010101 8DD45A2DDF90796C 0000000000010000
--0101010101010101 1029D55E880EC2D0 0000000000008000
--0101010101010101 5D86CB23639DBEA9 0000000000004000
--0101010101010101 1D1CA853AE7C0C5F 0000000000002000
--0101010101010101 CE332329248F3228 0000000000001000
--0101010101010101 8405D1ABE24FB942 0000000000000800
--0101010101010101 E643D78090CA4207 0000000000000400
--0101010101010101 48221B9937748A23 0000000000000200
--0101010101010101 DD7C0BBD61FAFD54 0000000000000100
--0101010101010101 2FBC291A570DB5C4 0000000000000080
--0101010101010101 E07C30D7E4E26E12 0000000000000040
--0101010101010101 0953E2258E8E90A1 0000000000000020
--0101010101010101 5B711BC4CEEBF2EE 0000000000000010
--0101010101010101 CC083F1E6D9E85F6 0000000000000008
--0101010101010101 D2FD8867D50D2DFE 0000000000000004
--0101010101010101 06E7EA22CE92708F 0000000000000002
--0101010101010101 166B40B44ABA4BD6 0000000000000001
--8001010101010101 0000000000000000 95A8D72813DAA94D
--4001010101010101 0000000000000000 0EEC1487DD8C26D5
--2001010101010101 0000000000000000 7AD16FFB79C45926
--1001010101010101 0000000000000000 D3746294CA6A6CF3
--0801010101010101 0000000000000000 809F5F873C1FD761
--0401010101010101 0000000000000000 C02FAFFEC989D1FC
--0201010101010101 0000000000000000 4615AA1D33E72F10
--0180010101010101 0000000000000000 2055123350C00858
--0140010101010101 0000000000000000 DF3B99D6577397C8
--0120010101010101 0000000000000000 31FE17369B5288C9
--0110010101010101 0000000000000000 DFDD3CC64DAE1642
--0108010101010101 0000000000000000 178C83CE2B399D94
--0104010101010101 0000000000000000 50F636324A9B7F80
--0102010101010101 0000000000000000 A8468EE3BC18F06D
--0101800101010101 0000000000000000 A2DC9E92FD3CDE92
--0101400101010101 0000000000000000 CAC09F797D031287
--0101200101010101 0000000000000000 90BA680B22AEB525
--0101100101010101 0000000000000000 CE7A24F350E280B6
--0101080101010101 0000000000000000 882BFF0AA01A0B87
--0101040101010101 0000000000000000 25610288924511C2
--0101020101010101 0000000000000000 C71516C29C75D170
--0101018001010101 0000000000000000 5199C29A52C9F059
--0101014001010101 0000000000000000 C22F0A294A71F29F
--0101012001010101 0000000000000000 EE371483714C02EA
--0101011001010101 0000000000000000 A81FBD448F9E522F
--0101010801010101 0000000000000000 4F644C92E192DFED
--0101010401010101 0000000000000000 1AFA9A66A6DF92AE
--0101010201010101 0000000000000000 B3C1CC715CB879D8
--0101010180010101 0000000000000000 19D032E64AB0BD8B
--0101010140010101 0000000000000000 3CFAA7A7DC8720DC
--0101010120010101 0000000000000000 B7265F7F447AC6F3
--0101010110010101 0000000000000000 9DB73B3C0D163F54
--0101010108010101 0000000000000000 8181B65BABF4A975
--0101010104010101 0000000000000000 93C9B64042EAA240
--0101010102010101 0000000000000000 5570530829705592
--0101010101800101 0000000000000000 8638809E878787A0
--0101010101400101 0000000000000000 41B9A79AF79AC208
--0101010101200101 0000000000000000 7A9BE42F2009A892
--0101010101100101 0000000000000000 29038D56BA6D2745
--0101010101080101 0000000000000000 5495C6ABF1E5DF51
--0101010101040101 0000000000000000 AE13DBD561488933
--0101010101020101 0000000000000000 024D1FFA8904E389
--0101010101018001 0000000000000000 D1399712F99BF02E
--0101010101014001 0000000000000000 14C1D7C1CFFEC79E
--0101010101012001 0000000000000000 1DE5279DAE3BED6F
--0101010101011001 0000000000000000 E941A33F85501303
--0101010101010801 0000000000000000 DA99DBBC9A03F379
--0101010101010401 0000000000000000 B7FC92F91D8E92E9
--0101010101010201 0000000000000000 AE8E5CAA3CA04E85
--0101010101010180 0000000000000000 9CC62DF43B6EED74
--0101010101010140 0000000000000000 D863DBB5C59A91A0
--0101010101010120 0000000000000000 A1AB2190545B91D7
--0101010101010110 0000000000000000 0875041E64C570F7
--0101010101010108 0000000000000000 5A594528BEBEF1CC
--0101010101010104 0000000000000000 FCDB3291DE21F0C0
--0101010101010102 0000000000000000 869EFD7F9F265A09
--1046913489980131 0000000000000000 88D55E54F54C97B4
--1007103489988020 0000000000000000 0C0CC00C83EA48FD
--10071034C8980120 0000000000000000 83BC8EF3A6570183
--1046103489988020 0000000000000000 DF725DCAD94EA2E9
--1086911519190101 0000000000000000 E652B53B550BE8B0
--1086911519580101 0000000000000000 AF527120C485CBB0
--5107B01519580101 0000000000000000 0F04CE393DB926D5
--1007B01519190101 0000000000000000 C9F00FFC74079067
--3107915498080101 0000000000000000 7CFD82A593252B4E
--3107919498080101 0000000000000000 CB49A2F9E91363E3
--10079115B9080140 0000000000000000 00B588BE70D23F56
--3107911598080140 0000000000000000 406A9A6AB43399AE
--1007D01589980101 0000000000000000 6CB773611DCA9ADA
--9107911589980101 0000000000000000 67FD21C17DBB5D70
--9107D01589190101 0000000000000000 9592CB4110430787
--1007D01598980120 0000000000000000 A6B7FF68A318DDD3
--1007940498190101 0000000000000000 4D102196C914CA16
--0107910491190401 0000000000000000 2DFA9F4573594965
--0107910491190101 0000000000000000 B46604816C0E0774
--0107940491190401 0000000000000000 6E7E6221A4F34E87
--19079210981A0101 0000000000000000 AA85E74643233199
--1007911998190801 0000000000000000 2E5A19DB4D1962D6
--10079119981A0801 0000000000000000 23A866A809D30894
--1007921098190101 0000000000000000 D812D961F017D320
--100791159819010B 0000000000000000 055605816E58608F
--1004801598190101 0000000000000000 ABD88E8B1B7716F1
--1004801598190102 0000000000000000 537AC95BE69DA1E1
--1004801598190108 0000000000000000 AED0F6AE3C25CDD8
--1002911598100104 0000000000000000 B3E35A5EE53E7B8D
--1002911598190104 0000000000000000 61C79C71921A2EF8
--1002911598100201 0000000000000000 E2F5728F0995013C
--1002911698100101 0000000000000000 1AEAC39A61F0A464
--7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
--0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
--07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
--3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
--04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
--0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
--0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
--43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
--07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
--04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
--37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
--1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
--584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
--025816164629B007 480D39006EE762F2 A1F9915541020B56
--49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
--4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
--49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
--018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
--1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
-diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
-deleted file mode 100644
-index 4a19933ca..000000000
---- a/src/lib/crypto/builtin/des/t_verify.c
-+++ /dev/null
-@@ -1,395 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/t_verify.c */
--/*
-- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
-- * All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--/*
-- * Copyright (C) 1998 by the FundsXpress, INC.
-- *
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may require
-- * a specific license from the United States Government. It is the
-- * responsibility of any person or organization contemplating export to
-- * obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of FundsXpress. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. FundsXpress makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- *
-- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-- */
--
--/*
-- *
-- * Program to test the correctness of the DES library
-- * implementation.
-- *
-- * exit returns 0 ==> success
-- * -1 ==> error
-- */
--
--#include "k5-int.h"
--#include "des_int.h"
--#include <stdio.h>
--#include "com_err.h"
--
--static void do_encrypt(unsigned char *, unsigned char *);
--static void do_decrypt(unsigned char *, unsigned char *);
--
--char *progname;
--int nflag = 2;
--int vflag;
--int mflag;
--int zflag;
--int pid;
--int mit_des_debug;
--
--unsigned char cipher_text[64];
--unsigned char clear_text[64] = "Now is the time for all " ;
--unsigned char clear_text2[64] = "7654321 Now is the time for ";
--unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
--unsigned char output[64];
--unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
--unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
--unsigned char *input;
--
--/* 0x0123456789abcdef */
--unsigned char default_key[8] = {
-- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
--};
--unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
--unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
--mit_des_cblock s_key;
--unsigned char default_ivec[8] = {
-- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
--};
--unsigned char *ivec;
--unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
--
--unsigned char cipher1[8] = {
-- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
--};
--unsigned char cipher2[8] = {
-- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
--};
--unsigned char cipher3[64] = {
-- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
-- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
-- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
--};
--unsigned char checksum[8] = {
-- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
--};
--
--unsigned char zresult[8] = {
-- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
--};
--
--unsigned char mresult[8] = {
-- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
--};
--
--
--/*
-- * Can also add :
-- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
-- */
--
--mit_des_key_schedule sched;
--
--int
--main(argc,argv)
-- int argc;
-- char *argv[];
--{
-- /* Local Declarations */
-- size_t in_length;
-- int retval;
-- int i, j;
--
--#ifdef WINDOWS
-- /* Set screen window buffer to infinite size -- MS default is tiny. */
-- _wsetscreenbuf (fileno (stdout), _WINBUFINF);
--#endif
-- progname=argv[0]; /* salt away invoking program */
--
-- while (--argc > 0 && (*++argv)[0] == '-')
-- for (i=1; argv[0][i] != '\0'; i++) {
-- switch (argv[0][i]) {
--
-- /* debug flag */
-- case 'd':
-- mit_des_debug=3;
-- continue;
--
-- case 'z':
-- zflag = 1;
-- continue;
--
-- case 'm':
-- mflag = 1;
-- continue;
--
-- default:
-- printf("%s: illegal flag \"%c\" ",
-- progname,argv[0][i]);
-- exit(1);
-- }
-- };
--
-- if (argc) {
-- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
-- exit(1);
-- }
--
-- /* do some initialisation */
--
-- /* use known input and key */
--
-- /* ECB zero text zero key */
-- if (zflag) {
-- input = zero_text;
-- mit_des_key_sched(zero_key, sched);
-- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
-- do_encrypt(input,cipher_text);
-- printf("\tcipher = (low to high bytes)\n\t\t");
-- for (j = 0; j<=7; j++)
-- printf("%02x ",cipher_text[j]);
-- printf("\n");
-- do_decrypt(output,cipher_text);
-- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
-- printf("verify: error in zero key test\n");
-- exit(-1);
-- }
--
-- exit(0);
-- }
--
-- if (mflag) {
-- input = msb_text;
-- mit_des_key_sched(key3, sched);
-- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
-- printf("key = 0x80 01 01 01 01 01 01 01\n");
-- printf(" cipher = 0xa380e02a6be54696\n");
-- do_encrypt(input,cipher_text);
-- printf("\tcipher = (low to high bytes)\n\t\t");
-- for (j = 0; j<=7; j++) {
-- printf("%02x ",cipher_text[j]);
-- }
-- printf("\n");
-- do_decrypt(output,cipher_text);
-- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
-- printf("verify: error in msb test\n");
-- exit(-1);
-- }
-- exit(0);
-- }
--
-- /* ECB mode Davies and Price */
-- {
-- input = zero_text;
-- mit_des_key_sched(key2, sched);
-- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
-- printf("in hex. These are the correct answers, see below for\n");
-- printf("the actual answers.\n\n");
-- printf("Examples per Davies and Price.\n\n");
-- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
-- printf("\tclear = 0\n");
-- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
-- printf("ACTUAL ECB\n");
-- printf("\tclear \"%s\"\n", input);
-- do_encrypt(input,cipher_text);
-- printf("\tcipher = (low to high bytes)\n\t\t");
-- for (j = 0; j<=7; j++)
-- printf("%02x ",cipher_text[j]);
-- printf("\n\n");
-- do_decrypt(output,cipher_text);
-- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
-- printf("verify: error in ECB encryption\n");
-- exit(-1);
-- }
-- else
-- printf("verify: ECB encryption is correct\n\n");
-- }
--
-- /* ECB mode */
-- {
-- mit_des_key_sched(default_key, sched);
-- input = clear_text;
-- ivec = default_ivec;
-- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
-- printf("\tclear = \"Now is the time for all \"\n");
-- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
-- printf("ACTUAL ECB\n\tclear \"%s\"",input);
-- do_encrypt(input,cipher_text);
-- printf("\n\tcipher = (low to high bytes)\n\t\t");
-- for (j = 0; j<=7; j++) {
-- printf("%02x ",cipher_text[j]);
-- }
-- printf("\n\n");
-- do_decrypt(output,cipher_text);
-- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
-- printf("verify: error in ECB encryption\n");
-- exit(-1);
-- }
-- else
-- printf("verify: ECB encryption is correct\n\n");
-- }
--
-- /* CBC mode */
-- printf("EXAMPLE CBC\tkey = 0123456789abcdef");
-- printf("\tiv = 1234567890abcdef\n");
-- printf("\tclear = \"Now is the time for all \"\n");
-- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
-- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
-- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
--
-- printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
-- in_length = strlen((char *)input);
-- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
-- (mit_des_cblock *) cipher_text,
-- (size_t) in_length,
-- sched,
-- ivec,
-- MIT_DES_ENCRYPT))) {
-- com_err("des verify", retval, "can't encrypt");
-- exit(-1);
-- }
-- printf("\tciphertext = (low to high bytes)\n");
-- for (i = 0; i <= 2; i++) {
-- printf("\t\t");
-- for (j = 0; j <= 7; j++) {
-- printf("%02x ",cipher_text[i*8+j]);
-- }
-- printf("\n");
-- }
-- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
-- (mit_des_cblock *) clear_text,
-- (size_t) in_length,
-- sched,
-- ivec,
-- MIT_DES_DECRYPT))) {
-- com_err("des verify", retval, "can't decrypt");
-- exit(-1);
-- }
-- printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
--
-- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
-- printf("verify: error in CBC encryption\n");
-- exit(-1);
-- }
-- else
-- printf("verify: CBC encryption is correct\n\n");
--
-- printf("EXAMPLE CBC checksum");
-- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
-- printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
-- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
-- printf("or some part thereof\n");
-- input = clear_text2;
-- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
-- sched,ivec);
-- printf("ACTUAL CBC checksum\n");
-- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
-- for (j = 0; j<=7; j++)
-- printf("%02x ",cipher_text[j]);
-- printf("\n\n");
-- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
-- printf("verify: error in CBC checksum\n");
-- exit(-1);
-- }
-- else
-- printf("verify: CBC checksum is correct\n\n");
--
-- exit(0);
--}
--
--static void
--do_encrypt(in,out)
-- unsigned char *in;
-- unsigned char *out;
--{
-- int i, j;
-- for (i =1; i<=nflag; i++) {
-- mit_des_cbc_encrypt((const mit_des_cblock *)in,
-- (mit_des_cblock *)out,
-- 8,
-- sched,
-- zero_text,
-- MIT_DES_ENCRYPT);
-- if (mit_des_debug) {
-- printf("\nclear %s\n",in);
-- for (j = 0; j<=7; j++)
-- printf("%02X ",in[j] & 0xff);
-- printf("\tcipher ");
-- for (j = 0; j<=7; j++)
-- printf("%02X ",out[j] & 0xff);
-- }
-- }
--}
--
--static void
--do_decrypt(in,out)
-- unsigned char *out;
-- unsigned char *in;
-- /* try to invert it */
--{
-- int i, j;
-- for (i =1; i<=nflag; i++) {
-- mit_des_cbc_encrypt((const mit_des_cblock *)out,
-- (mit_des_cblock *)in,
-- 8,
-- sched,
-- zero_text,
-- MIT_DES_DECRYPT);
-- if (mit_des_debug) {
-- printf("clear %s\n",in);
-- for (j = 0; j<=7; j++)
-- printf("%02X ",in[j] & 0xff);
-- printf("\tcipher ");
-- for (j = 0; j<=7; j++)
-- printf("%02X ",out[j] & 0xff);
-- }
-- }
--}
--
--/*
-- * Fake out the DES library, for the purposes of testing.
-- */
--
--int
--mit_des_is_weak_key(key)
-- mit_des_cblock key;
--{
-- return 0; /* fake it out for testing */
--}
-diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c
-deleted file mode 100644
-index eb41b267d..000000000
---- a/src/lib/crypto/builtin/des/weak_key.c
-+++ /dev/null
-@@ -1,86 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/builtin/des/weak_key.c */
--/*
-- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
-- * All Rights Reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--/*
-- * Under U.S. law, this software may not be exported outside the US
-- * without license from the U.S. Commerce department.
-- *
-- * These routines form the library interface to the DES facilities.
-- *
-- * Originally written 8/85 by Steve Miller, MIT Project Athena.
-- */
--
--#include "k5-int.h"
--#include "des_int.h"
--
--/*
-- * The following are the weak DES keys:
-- */
--static const mit_des_cblock weak[16] = {
-- /* weak keys */
-- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
-- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
-- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
--
-- /* semi-weak */
-- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
-- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
--
-- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
-- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
--
-- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
-- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
--
-- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
-- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
--
-- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
-- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
--
-- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
-- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
--};
--
--/*
-- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
-- *
-- * Requires: key has correct odd parity.
-- */
--int
--mit_des_is_weak_key(mit_des_cblock key)
--{
-- unsigned int i;
-- const mit_des_cblock *weak_p = weak;
--
-- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
-- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
-- return 1;
-- }
--
-- return 0;
--}
-diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in
-index 3459e1d0e..af6276b96 100644
---- a/src/lib/crypto/builtin/enc_provider/Makefile.in
-+++ b/src/lib/crypto/builtin/enc_provider/Makefile.in
-@@ -1,7 +1,6 @@
- mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
- BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
--LOCALINCLUDES = -I$(srcdir)/../des \
-- -I$(srcdir)/../aes \
-+LOCALINCLUDES = -I$(srcdir)/../aes \
- -I$(srcdir)/../camellia \
- -I$(srcdir)/../../krb \
- -I$(srcdir)/..
-@@ -11,19 +10,16 @@ LOCALINCLUDES = -I$(srcdir)/../des \
- ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst
-
- STLIBOBJS= \
-- des3.o \
- rc4.o \
- aes.o \
- camellia.o
-
- OBJS= \
-- $(OUTPRE)des3.$(OBJEXT) \
- $(OUTPRE)aes.$(OBJEXT) \
- $(OUTPRE)camellia.$(OBJEXT) \
- $(OUTPRE)rc4.$(OBJEXT)
-
- SRCS= \
-- $(srcdir)/des3.c \
- $(srcdir)/aes.c \
- $(srcdir)/camellia.c \
- $(srcdir)/rc4.c
-diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps
-index ea4ffecd8..061289a91 100644
---- a/src/lib/crypto/builtin/enc_provider/deps
-+++ b/src/lib/crypto/builtin/enc_provider/deps
-@@ -1,19 +1,6 @@
- #
- # Generated makefile dependencies follow.
- #
--des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-- $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \
-- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des3.c
- aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c
-deleted file mode 100644
-index 9b8244223..000000000
---- a/src/lib/crypto/builtin/enc_provider/des3.c
-+++ /dev/null
-@@ -1,105 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/*
-- * Copyright (C) 1998 by the FundsXpress, INC.
-- *
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may require
-- * a specific license from the United States Government. It is the
-- * responsibility of any person or organization contemplating export to
-- * obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of FundsXpress. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. FundsXpress makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- *
-- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-- */
--
--#include "crypto_int.h"
--#include "des_int.h"
--
--static krb5_error_code
--validate_and_schedule(krb5_key key, const krb5_data *ivec,
-- const krb5_crypto_iov *data, size_t num_data,
-- mit_des3_key_schedule *schedule)
--{
-- if (key->keyblock.length != 24)
-- return(KRB5_BAD_KEYSIZE);
-- if (iov_total_length(data, num_data, FALSE) % 8 != 0)
-- return(KRB5_BAD_MSIZE);
-- if (ivec && (ivec->length != 8))
-- return(KRB5_BAD_MSIZE);
--
-- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
-- *schedule)) {
-- case -1:
-- return(KRB5DES_BAD_KEYPAR);
-- case -2:
-- return(KRB5DES_WEAK_KEY);
-- }
-- return 0;
--}
--
--static krb5_error_code
--k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-- size_t num_data)
--{
-- mit_des3_key_schedule schedule;
-- krb5_error_code err;
--
-- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
-- if (err)
-- return err;
--
-- /* this has a return value, but the code always returns zero */
-- krb5int_des3_cbc_encrypt(data, num_data,
-- schedule[0], schedule[1], schedule[2],
-- ivec != NULL ? (unsigned char *) ivec->data :
-- NULL);
--
-- zap(schedule, sizeof(schedule));
--
-- return(0);
--}
--
--static krb5_error_code
--k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-- size_t num_data)
--{
-- mit_des3_key_schedule schedule;
-- krb5_error_code err;
--
-- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
-- if (err)
-- return err;
--
-- /* this has a return value, but the code always returns zero */
-- krb5int_des3_cbc_decrypt(data, num_data,
-- schedule[0], schedule[1], schedule[2],
-- ivec != NULL ? (unsigned char *) ivec->data :
-- NULL);
--
-- zap(schedule, sizeof(schedule));
--
-- return 0;
--}
--
--const struct krb5_enc_provider krb5int_enc_des3 = {
-- 8,
-- 21, 24,
-- k5_des3_encrypt,
-- k5_des3_decrypt,
-- NULL,
-- krb5int_des_init_state,
-- krb5int_default_free_state
--};
-diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected
-index f8251a16c..bc6aa50c8 100644
---- a/src/lib/crypto/crypto_tests/t_cf2.expected
-+++ b/src/lib/crypto/crypto_tests/t_cf2.expected
-@@ -1,6 +1,5 @@
- 97df97e4b798b29eb31ed7280287a92a
- 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
--e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
- 24d7f6b6bae4e5c00d2082c5ebab3672
- edd02a39d2dbde31611c16e610be062c
- 67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584
-diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in
-index 73e2f8fbc..c4d23b506 100644
---- a/src/lib/crypto/crypto_tests/t_cf2.in
-+++ b/src/lib/crypto/crypto_tests/t_cf2.in
-@@ -8,11 +8,6 @@ key1
- key2
- a
- b
--16
--key1
--key2
--a
--b
- 23
- key1
- key2
-diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
-index 8297fcbf5..3063d12ec 100644
---- a/src/lib/crypto/crypto_tests/t_cksums.c
-+++ b/src/lib/crypto/crypto_tests/t_cksums.c
-@@ -59,16 +59,6 @@ struct test {
- "\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
- "\xAF\xD8\x07\x09" }
- },
-- {
-- { KV5M_DATA, 9, "six seven" },
-- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
-- { KV5M_DATA, 24,
-- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
-- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
-- { KV5M_DATA, 20,
-- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
-- "\x99\x08\x2B\xB4" }
-- },
- {
- { KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" },
- CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
-diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c
-index a40a85500..716f2c337 100644
---- a/src/lib/crypto/crypto_tests/t_decrypt.c
-+++ b/src/lib/crypto/crypto_tests/t_decrypt.c
-@@ -39,62 +39,6 @@ struct test {
- krb5_data keybits;
- krb5_data ciphertext;
- } test_cases[] = {
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 0, "", }, 0,
-- { KV5M_DATA, 24,
-- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
-- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
-- { KV5M_DATA, 28,
-- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B"
-- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 1, "1", }, 1,
-- { KV5M_DATA, 24,
-- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6"
-- "\x40\x45\x23\x85\x32\x29\x62\xB6" },
-- { KV5M_DATA, 36,
-- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3"
-- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56"
-- "\x66\x09\x45\xC7" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 9, "9 bytesss", }, 2,
-- { KV5M_DATA, 24,
-- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85"
-- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" },
-- { KV5M_DATA, 44,
-- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7"
-- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44"
-- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 13, "13 bytes byte", }, 3,
-- { KV5M_DATA, 24,
-- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51"
-- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" },
-- { KV5M_DATA, 44,
-- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C"
-- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8"
-- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4,
-- { KV5M_DATA, 24,
-- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20"
-- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" },
-- { KV5M_DATA, 60,
-- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5"
-- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40"
-- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C"
-- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" }
-- },
--
- {
- ENCTYPE_ARCFOUR_HMAC,
- { KV5M_DATA, 0, "", }, 0,
-@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len)
-
- static krb5_enctype
- enctypes[] = {
-- ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC,
- ENCTYPE_ARCFOUR_HMAC_EXP,
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c
-index afbf7477f..93ce30da2 100644
---- a/src/lib/crypto/crypto_tests/t_derive.c
-+++ b/src/lib/crypto/crypto_tests/t_derive.c
-@@ -38,41 +38,6 @@ struct test {
- enum deriv_alg alg;
- krb5_data expected_key;
- } test_cases[] = {
-- /* Kc, Ke, Kei for a DES3 key */
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 24,
-- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-- { KV5M_DATA, 5, "\0\0\0\2\x99" },
-- DERIVE_RFC3961,
-- { KV5M_DATA, 24,
-- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
-- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 24,
-- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
-- DERIVE_RFC3961,
-- { KV5M_DATA, 24,
-- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
-- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- { KV5M_DATA, 24,
-- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-- { KV5M_DATA, 5, "\0\0\0\2\x55" },
-- DERIVE_RFC3961,
-- { KV5M_DATA, 24,
-- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
-- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
-- },
--
- /* Kc, Ke, Ki for an AES-128 key */
- {
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-@@ -286,7 +251,6 @@ static const struct krb5_enc_provider *
- get_enc_provider(krb5_enctype enctype)
- {
- switch (enctype) {
-- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3;
- case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128;
- case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256;
- case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128;
-diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c
-index bd9b94691..290a72e1e 100644
---- a/src/lib/crypto/crypto_tests/t_encrypt.c
-+++ b/src/lib/crypto/crypto_tests/t_encrypt.c
-@@ -37,7 +37,6 @@
-
- /* What enctypes should we test?*/
- krb5_enctype interesting_enctypes[] = {
-- ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC,
- ENCTYPE_ARCFOUR_HMAC_EXP,
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c
-index d4c2b97df..4466b7115 100644
---- a/src/lib/crypto/crypto_tests/t_short.c
-+++ b/src/lib/crypto/crypto_tests/t_short.c
-@@ -34,7 +34,6 @@
- #include "k5-int.h"
-
- krb5_enctype interesting_enctypes[] = {
-- ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC,
- ENCTYPE_ARCFOUR_HMAC_EXP,
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
-index cdb1acc6d..ef4c4a7d3 100644
---- a/src/lib/crypto/crypto_tests/t_str2key.c
-+++ b/src/lib/crypto/crypto_tests/t_str2key.c
-@@ -35,58 +35,6 @@ struct test {
- krb5_error_code expected_err;
- krb5_boolean allow_weak;
- } test_cases[] = {
-- /* Test vectors from RFC 3961 appendix A.4. */
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- "password",
-- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" },
-- { KV5M_DATA, 0, NULL },
-- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
-- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-- 0,
-- FALSE
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- "potatoe",
-- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" },
-- { KV5M_DATA, 0, NULL },
-- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
-- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
-- 0,
-- FALSE
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- "penny",
-- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" },
-- { KV5M_DATA, 0, NULL },
-- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
-- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
-- 0,
-- FALSE
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- "\xC3\x9F",
-- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" },
-- { KV5M_DATA, 0, NULL },
-- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
-- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
-- 0,
-- FALSE
-- },
-- {
-- ENCTYPE_DES3_CBC_SHA1,
-- "\xF0\x9D\x84\x9E",
-- { KV5M_DATA, 18, "EXAMPLE.COMpianist" },
-- { KV5M_DATA, 0, NULL },
-- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
-- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
-- 0,
-- FALSE
-- },
--
- /* Test vectors from RFC 3962 appendix B. */
- {
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
-index b74e6f7cc..2b0c4163d 100644
---- a/src/lib/crypto/krb/Makefile.in
-+++ b/src/lib/crypto/krb/Makefile.in
-@@ -50,7 +50,6 @@ STLIBOBJS=\
- prf.o \
- prf_aes2.o \
- prf_cmac.o \
-- prf_des.o \
- prf_dk.o \
- prf_rc4.o \
- prng.o \
-@@ -109,7 +108,6 @@ OBJS=\
- $(OUTPRE)prf.$(OBJEXT) \
- $(OUTPRE)prf_aes2.$(OBJEXT) \
- $(OUTPRE)prf_cmac.$(OBJEXT) \
-- $(OUTPRE)prf_des.$(OBJEXT) \
- $(OUTPRE)prf_dk.$(OBJEXT) \
- $(OUTPRE)prf_rc4.$(OBJEXT) \
- $(OUTPRE)prng.$(OBJEXT) \
-@@ -168,7 +166,6 @@ SRCS=\
- $(srcdir)/prf.c \
- $(srcdir)/prf_aes2.c \
- $(srcdir)/prf_cmac.c \
-- $(srcdir)/prf_des.c \
- $(srcdir)/prf_dk.c \
- $(srcdir)/prf_rc4.c \
- $(srcdir)/prng.c \
-diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c
-index ecc2e08c9..f5fbe8a2a 100644
---- a/src/lib/crypto/krb/cksumtypes.c
-+++ b/src/lib/crypto/krb/cksumtypes.c
-@@ -46,12 +46,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
- krb5int_unkeyed_checksum, NULL,
- 20, 20, CKSUM_UNKEYED },
-
-- { CKSUMTYPE_HMAC_SHA1_DES3,
-- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
-- &krb5int_enc_des3, &krb5int_hash_sha1,
-- krb5int_dk_checksum, NULL,
-- 20, 20, 0 },
--
- { CKSUMTYPE_HMAC_MD5_ARCFOUR,
- "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
- "Microsoft HMAC MD5",
-diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
-index 19f808749..4bc430c7a 100644
---- a/src/lib/crypto/krb/crypto_int.h
-+++ b/src/lib/crypto/krb/crypto_int.h
-@@ -276,10 +276,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc,
- /* Random to key */
- krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
- krb5_keyblock *keyblock);
--krb5_error_code k5_rand2key_des(const krb5_data *randombits,
-- krb5_keyblock *keyblock);
--krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
-- krb5_keyblock *keyblock);
-
- /* Pseudo-random function */
- krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
-@@ -368,11 +364,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
- /* Ensure library initialization has occurred. */
- int krb5int_crypto_init(void);
-
--/* DES default state initialization handler (used by module enc providers). */
--krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
-- krb5_keyusage keyusage,
-- krb5_data *state_out);
--
- /* Default state cleanup handler (used by module enc providers). */
- void krb5int_default_free_state(krb5_data *state);
-
-@@ -425,7 +416,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block);
- /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */
-
- /* Modules must implement the following enc_providers and hash_providers: */
--extern const struct krb5_enc_provider krb5int_enc_des3;
- extern const struct krb5_enc_provider krb5int_enc_arcfour;
- extern const struct krb5_enc_provider krb5int_enc_aes128;
- extern const struct krb5_enc_provider krb5int_enc_aes256;
-@@ -442,12 +432,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384;
-
- /* Modules must implement the following functions. */
-
--/* Set the parity bits to the correct values in keybits. */
--void k5_des_fixup_key_parity(unsigned char *keybits);
--
--/* Return true if keybits is a weak or semi-weak DES key. */
--krb5_boolean k5_des_is_weak_key(unsigned char *keybits);
--
- /* Compute an HMAC using the provided hash function, key, and data, storing the
- * result into output (caller-allocated). */
- krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
-diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c
-index 0757c8b02..f89dc7902 100644
---- a/src/lib/crypto/krb/default_state.c
-+++ b/src/lib/crypto/krb/default_state.c
-@@ -32,16 +32,6 @@
-
- #include "crypto_int.h"
-
--krb5_error_code
--krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage,
-- krb5_data *state_out)
--{
-- if (alloc_data(state_out, 8))
-- return ENOMEM;
--
-- return 0;
--}
--
- void
- krb5int_default_free_state(krb5_data *state)
- {
-diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
-index 1542d4062..a0037912a 100644
---- a/src/lib/crypto/krb/enctype_util.c
-+++ b/src/lib/crypto/krb/enctype_util.c
-@@ -45,6 +45,9 @@ struct {
- { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" },
- { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" },
- { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" },
-+ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" },
-+ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" },
-+ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" },
- { ENCTYPE_NULL, NULL }
- };
-
-diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
-index fc278783b..7635393a4 100644
---- a/src/lib/crypto/krb/etypes.c
-+++ b/src/lib/crypto/krb/etypes.c
-@@ -35,27 +35,6 @@
-
- /* Deprecations come from RFC 6649 and RFC 8249. */
- const struct krb5_keytypes krb5int_enctypes_list[] = {
-- { ENCTYPE_DES3_CBC_RAW,
-- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
-- &krb5int_enc_des3, NULL,
-- 16,
-- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt,
-- krb5int_dk_string_to_key, k5_rand2key_des3,
-- NULL, /*PRF*/
-- 0,
-- ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
--
-- { ENCTYPE_DES3_CBC_SHA1,
-- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
-- "Triple DES cbc mode with HMAC/sha1",
-- &krb5int_enc_des3, &krb5int_hash_sha1,
-- 16,
-- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt,
-- krb5int_dk_string_to_key, k5_rand2key_des3,
-- krb5int_dk_prf,
-- CKSUMTYPE_HMAC_SHA1_DES3,
-- ETYPE_DEPRECATED, 112 },
--
- /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
- * consider its strength degraded and assign it an SSF value of 64. */
- { ENCTYPE_ARCFOUR_HMAC,
-diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c
-deleted file mode 100644
-index 7a2d719c5..000000000
---- a/src/lib/crypto/krb/prf_des.c
-+++ /dev/null
-@@ -1,47 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */
--/*
-- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--#include "crypto_int.h"
--
--krb5_error_code
--krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
-- const krb5_data *in, krb5_data *out)
--{
-- const struct krb5_hash_provider *hash = &krb5int_hash_md5;
-- krb5_crypto_iov iov;
-- krb5_error_code ret;
--
-- /* Compute a hash of the input, storing into the output buffer. */
-- iov.flags = KRB5_CRYPTO_TYPE_DATA;
-- iov.data = *in;
-- ret = hash->hash(&iov, 1, out);
-- if (ret != 0)
-- return ret;
--
-- /* Encrypt the hash in place. */
-- iov.data = *out;
-- return ktp->enc->encrypt(key, NULL, &iov, 1);
--}
-diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c
-index 157462526..863090beb 100644
---- a/src/lib/crypto/krb/random_to_key.c
-+++ b/src/lib/crypto/krb/random_to_key.c
-@@ -71,48 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
- memcpy(keyblock->contents, randombits->data, randombits->length);
- return 0;
- }
--
--static inline void
--eighth_byte(unsigned char *b)
--{
-- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
-- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
-- ((b[6] & 1) << 7));
--}
--
--krb5_error_code
--k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock)
--{
-- if (randombits->length != 7)
-- return(KRB5_CRYPTO_INTERNAL);
--
-- keyblock->magic = KV5M_KEYBLOCK;
--
-- /* Take the seven bytes, move them around into the top 7 bits of the
-- * 8 key bytes, then compute the parity bits. */
-- memcpy(keyblock->contents, randombits->data, randombits->length);
-- eighth_byte(keyblock->contents);
-- k5_des_fixup_key_parity(keyblock->contents);
--
-- return 0;
--}
--
--krb5_error_code
--k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
--{
-- int i;
--
-- if (randombits->length != 21)
-- return KRB5_CRYPTO_INTERNAL;
--
-- keyblock->magic = KV5M_KEYBLOCK;
--
-- /* Take the seven bytes, move them around into the top 7 bits of the
-- * 8 key bytes, then compute the parity bits. Do this three times. */
-- for (i = 0; i < 3; i++) {
-- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
-- eighth_byte(&keyblock->contents[i * 8]);
-- k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
-- }
-- return 0;
--}
-diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
-index d6cc1b423..f44cb9170 100644
---- a/src/lib/crypto/libk5crypto.exports
-+++ b/src/lib/crypto/libk5crypto.exports
-@@ -86,7 +86,6 @@ krb5_k_verify_checksum
- krb5_k_verify_checksum_iov
- krb5int_aes_encrypt
- krb5int_aes_decrypt
--krb5int_enc_des3
- krb5int_arcfour_gsscrypt
- krb5int_camellia_cbc_mac
- krb5int_cmac_checksum
-diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in
-index aa434b168..234fc0e76 100644
---- a/src/lib/crypto/openssl/Makefile.in
-+++ b/src/lib/crypto/openssl/Makefile.in
-@@ -1,6 +1,6 @@
- mydir=lib$(S)crypto$(S)openssl
- BUILDTOP=$(REL)..$(S)..$(S)..
--SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
-+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
- LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
-
- STLIBOBJS=\
-@@ -24,14 +24,14 @@ SRCS=\
- $(srcdir)/sha256.c \
- $(srcdir)/stubs.c
-
--STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
-+STOBJLISTS= md4/OBJS.ST \
- md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
- enc_provider/OBJS.ST \
- hash_provider/OBJS.ST \
- aes/OBJS.ST \
- OBJS.ST
-
--SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
-+SUBDIROBJLISTS= md4/OBJS.ST \
- md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
- enc_provider/OBJS.ST \
- hash_provider/OBJS.ST \
-@@ -42,7 +42,7 @@ includes: depend
-
- depend: $(SRCS)
-
--clean-unix:: clean-libobjs
-+clean-unix:: clean-libobjsn
-
- @lib_frag@
- @libobj_frag@
-diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in
-deleted file mode 100644
-index 4392fb8ea..000000000
---- a/src/lib/crypto/openssl/des/Makefile.in
-+++ /dev/null
-@@ -1,20 +0,0 @@
--mydir=lib$(S)crypto$(S)openssl$(S)des
--BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
--LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
--
--STLIBOBJS= des_keys.o
--
--OBJS= $(OUTPRE)des_keys.$(OBJEXT)
--
--SRCS= $(srcdir)/des_keys.c
--
--all-unix: all-libobjs
--
--includes: depend
--
--depend: $(SRCS)
--
--clean-unix:: clean-libobjs
--
--@libobj_frag@
--
-diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps
-deleted file mode 100644
-index 21b904f89..000000000
---- a/src/lib/crypto/openssl/des/deps
-+++ /dev/null
-@@ -1,15 +0,0 @@
--#
--# Generated makefile dependencies follow.
--#
--des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
-- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
-- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-- des_keys.c
-diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c
-deleted file mode 100644
-index 51d9db216..000000000
---- a/src/lib/crypto/openssl/des/des_keys.c
-+++ /dev/null
-@@ -1,40 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */
--/*
-- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--
--#include "crypto_int.h"
--#include <openssl/des.h>
--
--void
--k5_des_fixup_key_parity(unsigned char *keybits)
--{
-- DES_set_odd_parity((DES_cblock *)keybits);
--}
--
--krb5_boolean
--k5_des_is_weak_key(unsigned char *keybits)
--{
-- return DES_is_weak_key((DES_cblock *)keybits);
--}
-diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
-index a9069d22d..2b32c3ac4 100644
---- a/src/lib/crypto/openssl/enc_provider/Makefile.in
-+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
-@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
- LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
-
- STLIBOBJS= \
-- des3.o \
- rc4.o \
- aes.o \
- camellia.o
-
- OBJS= \
-- $(OUTPRE)des3.$(OBJEXT) \
- $(OUTPRE)aes.$(OBJEXT) \
- $(OUTPRE)camellia.$(OBJEXT) \
- $(OUTPRE)rc4.$(OBJEXT)
-
- SRCS= \
-- $(srcdir)/des3.c \
- $(srcdir)/aes.c \
- $(srcdir)/camellia.c \
- $(srcdir)/rc4.c
-diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
-index 1c28cc842..91ba48234 100644
---- a/src/lib/crypto/openssl/enc_provider/deps
-+++ b/src/lib/crypto/openssl/enc_provider/deps
-@@ -1,17 +1,6 @@
- #
- # Generated makefile dependencies follow.
- #
--des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-- $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
-- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-- $(top_srcdir)/include/socket-utils.h des3.c
- aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
-deleted file mode 100644
-index 1c439c2cd..000000000
---- a/src/lib/crypto/openssl/enc_provider/des3.c
-+++ /dev/null
-@@ -1,184 +0,0 @@
--/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* lib/crypto/openssl/enc_provider/des3.c */
--/*
-- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may
-- * require a specific license from the United States Government.
-- * It is the responsibility of any person or organization contemplating
-- * export to obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of M.I.T. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. Furthermore if you modify this software you must label
-- * your software as modified software and not distribute it in such a
-- * fashion that it might be confused with the original M.I.T. software.
-- * M.I.T. makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- */
--/*
-- * Copyright (C) 1998 by the FundsXpress, INC.
-- *
-- * All rights reserved.
-- *
-- * Export of this software from the United States of America may require
-- * a specific license from the United States Government. It is the
-- * responsibility of any person or organization contemplating export to
-- * obtain such a license before exporting.
-- *
-- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-- * distribute this software and its documentation for any purpose and
-- * without fee is hereby granted, provided that the above copyright
-- * notice appear in all copies and that both that copyright notice and
-- * this permission notice appear in supporting documentation, and that
-- * the name of FundsXpress. not be used in advertising or publicity pertaining
-- * to distribution of the software without specific, written prior
-- * permission. FundsXpress makes no representations about the suitability of
-- * this software for any purpose. It is provided "as is" without express
-- * or implied warranty.
-- *
-- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-- */
--
--#include "crypto_int.h"
--#include <openssl/evp.h>
--
--
--#define DES3_BLOCK_SIZE 8
--#define DES3_KEY_SIZE 24
--#define DES3_KEY_BYTES 21
--
--static krb5_error_code
--validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
-- size_t num_data, krb5_boolean *empty)
--{
-- size_t input_length = iov_total_length(data, num_data, FALSE);
--
-- if (key->keyblock.length != DES3_KEY_SIZE)
-- return(KRB5_BAD_KEYSIZE);
-- if ((input_length%DES3_BLOCK_SIZE) != 0)
-- return(KRB5_BAD_MSIZE);
-- if (ivec && (ivec->length != 8))
-- return(KRB5_BAD_MSIZE);
--
-- *empty = (input_length == 0);
-- return 0;
--}
--
--static krb5_error_code
--k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-- size_t num_data)
--{
-- int ret, olen = DES3_BLOCK_SIZE;
-- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
-- struct iov_cursor cursor;
-- EVP_CIPHER_CTX *ctx;
-- krb5_boolean empty;
--
-- ret = validate(key, ivec, data, num_data, &empty);
-- if (ret != 0 || empty)
-- return ret;
--
-- ctx = EVP_CIPHER_CTX_new();
-- if (ctx == NULL)
-- return ENOMEM;
--
-- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
-- key->keyblock.contents,
-- (ivec) ? (unsigned char*)ivec->data : NULL);
-- if (!ret) {
-- EVP_CIPHER_CTX_free(ctx);
-- return KRB5_CRYPTO_INTERNAL;
-- }
--
-- EVP_CIPHER_CTX_set_padding(ctx,0);
--
-- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
-- while (k5_iov_cursor_get(&cursor, iblock)) {
-- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE);
-- if (!ret)
-- break;
-- k5_iov_cursor_put(&cursor, oblock);
-- }
--
-- if (ivec != NULL)
-- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
--
-- EVP_CIPHER_CTX_free(ctx);
--
-- zap(iblock, sizeof(iblock));
-- zap(oblock, sizeof(oblock));
--
-- if (ret != 1)
-- return KRB5_CRYPTO_INTERNAL;
-- return 0;
--}
--
--static krb5_error_code
--k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-- size_t num_data)
--{
-- int ret, olen = DES3_BLOCK_SIZE;
-- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
-- struct iov_cursor cursor;
-- EVP_CIPHER_CTX *ctx;
-- krb5_boolean empty;
--
-- ret = validate(key, ivec, data, num_data, &empty);
-- if (ret != 0 || empty)
-- return ret;
--
-- ctx = EVP_CIPHER_CTX_new();
-- if (ctx == NULL)
-- return ENOMEM;
--
-- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
-- key->keyblock.contents,
-- (ivec) ? (unsigned char*)ivec->data : NULL);
-- if (!ret) {
-- EVP_CIPHER_CTX_free(ctx);
-- return KRB5_CRYPTO_INTERNAL;
-- }
--
-- EVP_CIPHER_CTX_set_padding(ctx,0);
--
-- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
-- while (k5_iov_cursor_get(&cursor, iblock)) {
-- ret = EVP_DecryptUpdate(ctx, oblock, &olen,
-- (unsigned char *)iblock, DES3_BLOCK_SIZE);
-- if (!ret)
-- break;
-- k5_iov_cursor_put(&cursor, oblock);
-- }
--
-- if (ivec != NULL)
-- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
--
-- EVP_CIPHER_CTX_free(ctx);
--
-- zap(iblock, sizeof(iblock));
-- zap(oblock, sizeof(oblock));
--
-- if (ret != 1)
-- return KRB5_CRYPTO_INTERNAL;
-- return 0;
--}
--
--const struct krb5_enc_provider krb5int_enc_des3 = {
-- DES3_BLOCK_SIZE,
-- DES3_KEY_BYTES, DES3_KEY_SIZE,
-- k5_des3_encrypt,
-- k5_des3_decrypt,
-- NULL,
-- krb5int_des_init_state,
-- krb5int_default_free_state
--};
-diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
-index 75f071c3e..fcf2c2152 100644
---- a/src/lib/gssapi/krb5/accept_sec_context.c
-+++ b/src/lib/gssapi/krb5/accept_sec_context.c
-@@ -1039,7 +1039,6 @@ kg_accept_krb5(minor_status, context_handle,
- }
-
- switch (negotiated_etype) {
-- case ENCTYPE_DES3_CBC_SHA1:
- case ENCTYPE_ARCFOUR_HMAC:
- case ENCTYPE_ARCFOUR_HMAC_EXP:
- /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer"
-diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
-index a7e0e63ec..3bacdcd35 100644
---- a/src/lib/gssapi/krb5/gssapiP_krb5.h
-+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
-@@ -125,14 +125,14 @@ enum sgn_alg {
- /* SGN_ALG_DES_MAC = 0x0002, */
- /* SGN_ALG_3 = 0x0003, /\* not published *\/ */
- SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */
-- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004
-+ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */
- };
- enum seal_alg {
- SEAL_ALG_NONE = 0xffff,
- /* SEAL_ALG_DES = 0x0000, */
- /* SEAL_ALG_1 = 0x0001, /\* not published *\/ */
- SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */
-- SEAL_ALG_DES3KD = 0x0002
-+ /* SEAL_ALG_DES3KD = 0x0002 */
- };
-
- /* for 3DES */
-@@ -153,7 +153,7 @@ enum qop {
- GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004,
- GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff,
- /* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */
-- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200,
-+ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */
- GSS_KRB5_CONF_C_QOP_MASK = 0xff00
- };
-
-diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
-index d1cdce486..7f7146a0a 100644
---- a/src/lib/gssapi/krb5/k5seal.c
-+++ b/src/lib/gssapi/krb5/k5seal.c
-@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context,
-
- /* pad the plaintext, encrypt if needed, and stick it in the token */
-
-- /* initialize the the checksum */
-- switch (signalg) {
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-- break;
-- case SGN_ALG_HMAC_MD5:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-- if (toktype != KG_TOK_SEAL_MSG)
-- sign_usage = 15;
-- break;
-- default:
-- abort ();
-- }
-+ if (signalg != SGN_ALG_HMAC_MD5)
-+ abort();
-+
-+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-+ if (toktype != KG_TOK_SEAL_MSG)
-+ sign_usage = 15;
-
- code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
- if (code) {
-@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context,
- gssalloc_free(t);
- return(code);
- }
-- switch(signalg) {
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- /*
-- * Using key derivation, the call to krb5_c_make_checksum
-- * already dealt with encrypting.
-- */
-- if (md5cksum.length != cksum_size)
-- abort ();
-- memcpy (ptr+14, md5cksum.contents, md5cksum.length);
-- break;
-- case SGN_ALG_HMAC_MD5:
-- memcpy (ptr+14, md5cksum.contents, cksum_size);
-- break;
-- }
-+
-+ memcpy (ptr+14, md5cksum.contents, cksum_size);
-
- krb5_free_checksum_contents(context, &md5cksum);
-
-diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
-index 9bb2ee109..9147bb2c7 100644
---- a/src/lib/gssapi/krb5/k5sealiov.c
-+++ b/src/lib/gssapi/krb5/k5sealiov.c
-@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context,
- /* pad the plaintext, encrypt if needed, and stick it in the token */
-
- /* initialize the checksum */
-- switch (ctx->signalg) {
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-- break;
-- case SGN_ALG_HMAC_MD5:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-- if (toktype != KG_TOK_WRAP_MSG)
-- sign_usage = 15;
-- break;
-- default:
-- abort ();
-- }
-+ if (ctx->signalg != SGN_ALG_HMAC_MD5)
-+ abort();
-+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-+ if (toktype != KG_TOK_WRAP_MSG)
-+ sign_usage = 15;
-
- code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
- if (code != 0)
-@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context,
- if (code != 0)
- goto cleanup;
-
-- switch (ctx->signalg) {
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- assert(md5cksum.length == ctx->cksum_size);
-- memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
-- break;
-- case SGN_ALG_HMAC_MD5:
-- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
-- break;
-- }
-+ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
-
- /* create the seq_num */
- code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
-diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c
-index 9b183bc33..f0cc4a680 100644
---- a/src/lib/gssapi/krb5/k5unseal.c
-+++ b/src/lib/gssapi/krb5/k5unseal.c
-@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
- but few enough that we can try them all. */
-
- if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
-- (ctx->sealalg == SEAL_ALG_DES3KD &&
-- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
- (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
- signalg != SGN_ALG_HMAC_MD5)) {
- *minor_status = 0;
- return GSS_S_DEFECTIVE_TOKEN;
- }
-
-- switch (signalg) {
-- case SGN_ALG_HMAC_MD5:
-- cksum_len = 8;
-- if (toktype != KG_TOK_SEAL_MSG)
-- sign_usage = 15;
-- break;
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- cksum_len = 20;
-- break;
-- default:
-+ if (signalg != SGN_ALG_HMAC_MD5) {
- *minor_status = 0;
- return GSS_S_DEFECTIVE_TOKEN;
- }
-
-+ cksum_len = 8;
-+ if (toktype != KG_TOK_SEAL_MSG)
-+ sign_usage = 15;
-+
- if ((size_t)bodysize < 14 + cksum_len) {
- *minor_status = 0;
- return GSS_S_DEFECTIVE_TOKEN;
-@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
- /* compute the checksum of the message */
-
- /* initialize the the cksum */
-- switch (signalg) {
-- case SGN_ALG_HMAC_MD5:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-- break;
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-- break;
-- default:
-- abort ();
-- }
-+ if (signalg != SGN_ALG_HMAC_MD5)
-+ abort();
-+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-
- code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
- if (code)
- return(code);
- md5cksum.length = sumlen;
-
-- switch (signalg) {
-- default:
-+ if (signalg != SGN_ALG_HMAC_MD5) {
- *minor_status = 0;
- return(GSS_S_DEFECTIVE_TOKEN);
--
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- case SGN_ALG_HMAC_MD5:
-- /* compute the checksum of the message */
--
-- /* 8 = bytes of token body to be checksummed according to spec */
--
-- if (! (data_ptr = xmalloc(8 + plainlen))) {
-- if (sealalg != 0xffff)
-- xfree(plain);
-- if (toktype == KG_TOK_SEAL_MSG)
-- gssalloc_free(token.value);
-- *minor_status = ENOMEM;
-- return(GSS_S_FAILURE);
-- }
--
-- (void) memcpy(data_ptr, ptr-2, 8);
--
-- (void) memcpy(data_ptr+8, plain, plainlen);
--
-- plaind.length = 8 + plainlen;
-- plaind.data = data_ptr;
-- code = krb5_k_make_checksum(context, md5cksum.checksum_type,
-- ctx->seq, sign_usage,
-- &plaind, &md5cksum);
-- xfree(data_ptr);
--
-- if (code) {
-- if (toktype == KG_TOK_SEAL_MSG)
-- gssalloc_free(token.value);
-- *minor_status = code;
-- return(GSS_S_FAILURE);
-- }
--
-- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
-- break;
- }
-
-+ /* compute the checksum of the message */
-+
-+ /* 8 = bytes of token body to be checksummed according to spec */
-+
-+ if (! (data_ptr = xmalloc(8 + plainlen))) {
-+ if (sealalg != 0xffff)
-+ xfree(plain);
-+ if (toktype == KG_TOK_SEAL_MSG)
-+ gssalloc_free(token.value);
-+ *minor_status = ENOMEM;
-+ return(GSS_S_FAILURE);
-+ }
-+
-+ (void) memcpy(data_ptr, ptr-2, 8);
-+
-+ (void) memcpy(data_ptr+8, plain, plainlen);
-+
-+ plaind.length = 8 + plainlen;
-+ plaind.data = data_ptr;
-+ code = krb5_k_make_checksum(context, md5cksum.checksum_type,
-+ ctx->seq, sign_usage,
-+ &plaind, &md5cksum);
-+ xfree(data_ptr);
-+
-+ if (code) {
-+ if (toktype == KG_TOK_SEAL_MSG)
-+ gssalloc_free(token.value);
-+ *minor_status = code;
-+ return(GSS_S_FAILURE);
-+ }
-+
-+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
-+
- krb5_free_checksum_contents(context, &md5cksum);
- if (sealalg != 0xffff)
- xfree(plain);
-diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
-index 85a9574f3..3ce2a90ce 100644
---- a/src/lib/gssapi/krb5/k5unsealiov.c
-+++ b/src/lib/gssapi/krb5/k5unsealiov.c
-@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context,
- }
-
- if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
-- (ctx->sealalg == SEAL_ALG_DES3KD &&
-- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
- (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
- signalg != SGN_ALG_HMAC_MD5)) {
- *minor_status = 0;
- return GSS_S_DEFECTIVE_TOKEN;
- }
-
-- switch (signalg) {
-- case SGN_ALG_HMAC_MD5:
-- cksum_len = 8;
-- if (toktype != KG_TOK_WRAP_MSG)
-- sign_usage = 15;
-- break;
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- cksum_len = 20;
-- break;
-- default:
-+ if (signalg != SGN_ALG_HMAC_MD5) {
- *minor_status = 0;
- return GSS_S_DEFECTIVE_TOKEN;
- }
-
-+ cksum_len = 8;
-+ if (toktype != KG_TOK_WRAP_MSG)
-+ sign_usage = 15;
-+
- /* get the token parameters */
- code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
- &seqnum);
-@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context,
-
- /* initialize the checksum */
-
-- switch (signalg) {
-- case SGN_ALG_HMAC_MD5:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-- break;
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-- break;
-- default:
-+ if (signalg != SGN_ALG_HMAC_MD5)
- abort();
-- }
-+
-+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-
- code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
- if (code != 0) {
-@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context,
- goto cleanup;
- }
-
-- switch (signalg) {
-- case SGN_ALG_HMAC_SHA1_DES3_KD:
-- case SGN_ALG_HMAC_MD5:
-- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
-- break;
-- default:
-+ if (signalg != SGN_ALG_HMAC_MD5) {
- code = 0;
- retval = GSS_S_DEFECTIVE_TOKEN;
- goto cleanup;
-- break;
- }
-
-+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
- if (code != 0) {
- code = 0;
- retval = GSS_S_BAD_SIG;
-diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
-index 84f194988..32150f5e3 100644
---- a/src/lib/gssapi/krb5/util_crypt.c
-+++ b/src/lib/gssapi/krb5/util_crypt.c
-@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
- return code;
-
- switch (subkey->keyblock.enctype) {
-- case ENCTYPE_DES3_CBC_SHA1:
-- code = kg_copy_keys(context, ctx, subkey);
-- if (code != 0)
-- return code;
--
-- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
-- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
-- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
-- ctx->cksum_size = 20;
-- ctx->sealalg = SEAL_ALG_DES3KD;
-- break;
- case ENCTYPE_ARCFOUR_HMAC:
- case ENCTYPE_ARCFOUR_HMAC_EXP:
- /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype,
-diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
-index 740425c69..6b45f5f72 100644
---- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
-+++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
-@@ -53,10 +53,10 @@ proc test200 {} {
- }
-
- # XXX Perhaps I should actually check the key type returned.
-- if {$num_keys == 5} {
-+ if {$num_keys == 4} {
- pass "$test"
- } else {
-- fail "$test: $num_keys keys, should be 5"
-+ fail "$test: $num_keys keys, should be 4"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
-diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
-index 3ea1ba29b..d2c6d1afa 100644
---- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
-+++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
-@@ -143,8 +143,8 @@ proc test101_102 {rpc} {
- }
-
- set failed 0
-- if {$num_keys != 5} {
-- fail "$test: num_keys $num_keys should be 5"
-+ if {$num_keys != 4} {
-+ fail "$test: num_keys $num_keys should be 4"
- set failed 1
- }
- for {set i 0} {$i < $num_keys} {incr i} {
-diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
-index 2925c1c43..2f76c8b43 100644
---- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
-+++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
-@@ -46,10 +46,10 @@ proc test100 {} {
- }
-
- # XXX Perhaps I should actually check the key type returned.
-- if {$num_keys == 5} {
-+ if {$num_keys == 4} {
- pass "$test"
- } else {
-- fail "$test: $num_keys keys, should be 5"
-+ fail "$test: $num_keys keys, should be 4"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
-diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
-index aa35baa3c..bfa99d9eb 100644
---- a/src/lib/krb5/krb/init_ctx.c
-+++ b/src/lib/krb5/krb/init_ctx.c
-@@ -59,7 +59,6 @@
- static krb5_enctype default_enctype_list[] = {
- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-- ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC,
- ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
- 0
-@@ -467,8 +466,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey,
- /* Set all enctypes in the default list. */
- for (i = 0; default_list[i]; i++)
- mod_list(default_list[i], sel, weak, &list);
-- } else if (strcasecmp(token, "des3") == 0) {
-- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list);
- } else if (strcasecmp(token, "aes") == 0) {
- mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list);
- mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
-diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
-index 44d113e7c..966278578 100644
---- a/src/lib/krb5/krb/s4u_creds.c
-+++ b/src/lib/krb5/krb/s4u_creds.c
-@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context,
- assert(req_s4u_user != NULL);
-
- switch (subkey->enctype) {
-- case ENCTYPE_DES3_CBC_SHA1:
-- case ENCTYPE_DES3_CBC_RAW:
- case ENCTYPE_ARCFOUR_HMAC:
- case ENCTYPE_ARCFOUR_HMAC_EXP :
- not_newer = TRUE;
-diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c
-index 90c9f626c..935aca12f 100644
---- a/src/lib/krb5/krb/t_etypes.c
-+++ b/src/lib/krb5/krb/t_etypes.c
-@@ -50,17 +50,6 @@ static struct {
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
- 0, 0
- },
-- /* Family followed by enctype */
-- { "aes des3-cbc-sha1-kd",
-- { 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-- ENCTYPE_DES3_CBC_SHA1, 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-- ENCTYPE_DES3_CBC_SHA1, 0 },
-- 0, 0
-- },
- /* Family with enctype removed */
- { "camellia -camellia256-cts-cmac",
- { 0 },
-@@ -69,46 +58,15 @@ static struct {
- },
- /* Default set with family added and enctype removed */
- { "DEFAULT +aes -arcfour-hmac-md5",
-- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 },
-- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-+ { ENCTYPE_ARCFOUR_HMAC, 0 },
-+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
- ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
- ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 },
-- { ENCTYPE_DES3_CBC_SHA1,
-- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
- 0 },
- 0, 0
- },
-- /* Default set with families removed and enctypes added (one redundant) */
-- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp",
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_ARCFOUR_HMAC, 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 },
-- 0, 0
-- },
-- /* Default set with family moved to front */
-- { "des3 +DEFAULT",
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-- ENCTYPE_DES3_CBC_SHA1, 0 },
-- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
-- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
-- 0, 0
-- },
-- /* Two families with default set removed (exotic case), enctype added */
-- { "aes +rc4 -DEFaulT des3-hmac-sha1",
-- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1,
-- ENCTYPE_ARCFOUR_HMAC, 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
-- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
-- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
-- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
-- 0, 0
-- },
- /* Test krb5_set_default_in_tkt_ktypes */
- { NULL,
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
-diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c
-index 10ba8d0ac..24064ffcf 100644
---- a/src/lib/krb5/os/t_trace.c
-+++ b/src/lib/krb5/os/t_trace.c
-@@ -65,8 +65,8 @@ main (int argc, char *argv[])
- krb5_principal princ = &principal_data;
- krb5_pa_data padata, padata2, **padatap;
- krb5_enctype enctypes[4] = {
-- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN,
-- ENCTYPE_NULL};
-+ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP,
-+ ENCTYPE_UNKNOWN, ENCTYPE_NULL};
- krb5_ccache ccache;
- krb5_keytab keytab;
- krb5_creds creds;
-diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref
-index 044a66999..98fb14f3f 100644
---- a/src/lib/krb5/os/t_trace.ref
-+++ b/src/lib/krb5/os/t_trace.ref
-@@ -41,7 +41,7 @@ int, krb5_principal type: ?
- krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0
- krb5_pa_data **, display list of padata type numbers: (empty)
- krb5_enctype, display shortest name of enctype: aes128-cts
--krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511
-+krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511
- krb5_enctype *, display list of enctypes: (empty)
- krb5_ccache, display type:name: FILE:/path/to/ccache
- krb5_keytab, display name: FILE:/etc/krb5.keytab
-diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h
-index e3d284631..586661bb7 100644
---- a/src/plugins/preauth/pkinit/pkcs11.h
-+++ b/src/plugins/preauth/pkinit/pkcs11.h
-@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t;
- #define CKK_GENERIC_SECRET (0x10)
- #define CKK_RC2 (0x11)
- #define CKK_RC4 (0x12)
--#define CKK_DES (0x13)
--#define CKK_DES2 (0x14)
--#define CKK_DES3 (0x15)
-+/* #define CKK_DES (0x13) */
-+/* #define CKK_DES2 (0x14) */
-+/* #define CKK_DES3 (0x15) */
- #define CKK_CAST (0x16)
- #define CKK_CAST3 (0x17)
- #define CKK_CAST128 (0x18)
-diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
-index 2817cc213..a385da7c3 100644
---- a/src/plugins/preauth/pkinit/pkinit_clnt.c
-+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
-@@ -212,14 +212,6 @@ pkinit_as_req_create(krb5_context context,
- auth_pack.clientPublicValue = &info;
- auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids;
-
-- /* add List of CMS algorithms */
-- retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
-- reqctx->cryptoctx,
-- reqctx->idctx, &cmstypes);
-- auth_pack.supportedCMSTypes = cmstypes;
-- if (retval)
-- goto cleanup;
--
- switch(protocol) {
- case DH_PROTOCOL:
- TRACE_PKINIT_CLIENT_REQ_DH(context);
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
-index 77d5c61fe..1f9868351 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto.h
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
-@@ -380,18 +380,6 @@ krb5_error_code server_process_dh
- unsigned int *server_key_len_out); /* OUT
- receives length of DH secret key */
-
--/*
-- * this functions takes in crypto specific representation of
-- * supportedCMSTypes and creates a list of
-- * krb5_algorithm_identifier
-- */
--krb5_error_code create_krb5_supportedCMSTypes
-- (krb5_context context, /* IN */
-- pkinit_plg_crypto_context plg_cryptoctx, /* IN */
-- pkinit_req_crypto_context req_cryptoctx, /* IN */
-- pkinit_identity_crypto_context id_cryptoctx, /* IN */
-- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
--
- /*
- * this functions takes in crypto specific representation of
- * trustedCertifiers and creates a list of
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index e5940a513..e1153344e 100644
---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -5486,44 +5486,6 @@ cleanup:
- return retval;
- }
-
--krb5_error_code
--create_krb5_supportedCMSTypes(krb5_context context,
-- pkinit_plg_crypto_context plg_cryptoctx,
-- pkinit_req_crypto_context req_cryptoctx,
-- pkinit_identity_crypto_context id_cryptoctx,
-- krb5_algorithm_identifier ***oids)
--{
--
-- krb5_error_code retval = ENOMEM;
-- krb5_algorithm_identifier **loids = NULL;
-- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };
--
-- *oids = NULL;
-- loids = malloc(2 * sizeof(krb5_algorithm_identifier *));
-- if (loids == NULL)
-- goto cleanup;
-- loids[1] = NULL;
-- loids[0] = malloc(sizeof(krb5_algorithm_identifier));
-- if (loids[0] == NULL) {
-- free(loids);
-- goto cleanup;
-- }
-- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid);
-- if (retval) {
-- free(loids[0]);
-- free(loids);
-- goto cleanup;
-- }
-- loids[0]->parameters.length = 0;
-- loids[0]->parameters.data = NULL;
--
-- *oids = loids;
-- retval = 0;
--cleanup:
--
-- return retval;
--}
--
- krb5_error_code
- create_krb5_trustedCertifiers(krb5_context context,
- pkinit_plg_crypto_context plg_cryptoctx,
-diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
-index 7acbd0d28..cd998a29a 100644
---- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c
-+++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
-@@ -49,7 +49,6 @@ char eighteen_bs[9];
- char party_u_name[] = "lha@SU.SE";
- char party_v_name[] = "krbtgt/SU.SE@SU.SE";
- int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
--int enctype_des3 = ENCTYPE_DES3_CBC_SHA1;
- const krb5_data lha_data = DATA_FROM_STRING("lha");
-
- krb5_octet key1_hex[] =
-@@ -185,36 +184,6 @@ main(int argc, char **argv)
- goto cleanup;
- }
-
-- /* TEST 3: SHA-512/DES3 */
-- /* set up algorithm id */
-- alg_id.algorithm.data = (char *)krb5_pkinit_sha512_oid;
-- alg_id.algorithm.length = krb5_pkinit_sha512_oid_len;
--
-- enctype = enctype_des3;
--
-- /* call pkinit_alg_agility_kdf() with test vector values*/
-- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
-- &alg_id.algorithm,
-- u_principal, v_principal,
-- enctype, &as_req, &pk_as_rep,
-- &key_block))) {
-- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d",
-- retval);
-- goto cleanup;
-- }
--
-- /* compare key to expected key value */
--
-- if ((key_block.length == sizeof(key3_hex)) &&
-- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) {
-- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n");
-- retval = 0;
-- } else {
-- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n");
-- retval = 1;
-- goto cleanup;
-- }
--
- cleanup:
- /* release all allocated resources, whether good or bad return */
- free(secret.data);
-diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c
-index 2279202d3..96b0307d7 100644
---- a/src/plugins/preauth/spake/t_vectors.c
-+++ b/src/plugins/preauth/spake/t_vectors.c
-@@ -56,31 +56,6 @@ struct test {
- const char *K2;
- const char *K3;
- } tests[] = {
-- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519,
-- /* initial key, w, x, y, T, S, K */
-- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E",
-- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37",
-- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723",
-- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25",
-- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362",
-- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7",
-- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292",
-- /* support, challenge, thash, body */
-- "A0093007A0053003020101",
-- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389"
-- "102E6BF610C1BFBED4616C8362A20930073005A003020101",
-- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B",
-- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572"
-- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018"
-- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730"
-- "303130313030303030305AA703020100A8053003020110",
-- /* K'[0], K'[1], K'[2], K'[3] */
-- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD",
-- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520",
-- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D",
-- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4",
-- },
--
- { ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519,
- /* initial key, w, x, y, T, S, K */
- "8846F7EAEE8FB117AD06BDD830B7586C",
-diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp
-index 85bbf478a..302dee74c 100644
---- a/src/tests/dejagnu/config/default.exp
-+++ b/src/tests/dejagnu/config/default.exp
-@@ -15,8 +15,6 @@ set timeout 100
- set stty_init {erase \^h kill \^u}
- set env(TERM) dumb
-
--set des3_krbtgt 0
--
- if { [string length $VALGRIND] } {
- rename spawn valgrind_aux_spawn
- proc spawn { args } {
-@@ -105,17 +103,9 @@ if { $PRIOCNTL_HACK } {
- # particularly with regards to encryption types.
-
- set passes {
-- {
-- des3
-- mode=udp
-- des3_krbtgt=1
-- {supported_enctypes=des3-cbc-sha1:normal}
-- {dummy=[verbose -log "DES3 TGT, DES3 enctype"]}
-- }
- {
- aes-only
- mode=udp
-- des3_krbtgt=0
- {supported_enctypes=aes256-cts-hmac-sha1-96:normal}
- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96}
- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96}
-@@ -130,7 +120,6 @@ set passes {
- {
- aes-sha2-only
- mode=udp
-- des3_krbtgt=0
- {supported_enctypes=aes256-sha2:normal}
- {permitted_enctypes(kdc)=aes256-sha2}
- {permitted_enctypes(replica)=aes256-sha2}
-@@ -146,7 +135,6 @@ set passes {
- {
- camellia-only
- mode=udp
-- des3_krbtgt=0
- {supported_enctypes=camellia256-cts:normal}
- {permitted_enctypes(kdc)=camellia256-cts}
- {permitted_enctypes(replica)=camellia256-cts}
-@@ -159,32 +147,9 @@ set passes {
- {master_key_type=camellia256-cts}
- {dummy=[verbose -log "Camellia-256 enctype"]}
- }
-- {
-- aes-des3
-- mode=udp
-- des3_krbtgt=0
-- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
-- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {master_key_type=aes256-cts-hmac-sha1-96}
-- {dummy=[verbose -log "AES + DES3 + DES enctypes"]}
-- }
-- {
-- aes-des3tgt
-- mode=udp
-- des3_krbtgt=1
-- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
-- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-- {master_key_type=aes256-cts-hmac-sha1-96}
-- {dummy=[verbose -log "AES enctypes, DES3 TGT"]}
-- }
- {
- all-enctypes
- mode=udp
-- des3_krbtgt=0
- {allow_weak_crypto(kdc)=false}
- {allow_weak_crypto(replica)=false}
- {allow_weak_crypto(client)=false}
-@@ -946,7 +911,6 @@ proc setup_kerberos_db { standalone } {
- global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY
- global tmppwd hostname
- global spawn_id
-- global des3_krbtgt
- global multipass_name last_passname_db
-
- set failall 0
-@@ -1143,48 +1107,6 @@ proc setup_kerberos_db { standalone } {
- }
- }
-
-- if $des3_krbtgt {
-- # Set the TGT key to DES3.
-- set test "kadmin.local TGT to DES3"
-- set body {
-- if $failall {
-- break
-- }
-- spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal
-- verbose "starting $test"
-- expect_after $def_exp_after
--
-- expect "kadmin.local: "
-- send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
-- # It echos...
-- expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
-- expect {
-- "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { }
-- }
-- expect "kadmin.local: "
-- send "quit\r"
-- expect eof
-- catch expect_after
-- if ![check_exit_status kadmin_local] {
-- break
-- }
-- }
-- set ret [catch $body]
-- catch "expect eof"
-- catch expect_after
-- if $ret {
-- set failall 1
-- if $standalone {
-- fail $test
-- } else {
-- delete_db
-- }
-- } else {
-- if $standalone {
-- pass $test
-- }
-- }
-- }
- envstack_pop
-
- # create the admin database lock file
-diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp
-index 661e3fd9a..2b8f60045 100644
---- a/src/tests/dejagnu/krb-standalone/kprop.exp
-+++ b/src/tests/dejagnu/krb-standalone/kprop.exp
-@@ -54,7 +54,7 @@ proc doit { } {
- global REALMNAME KEY
- global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id
- global hostname tmppwd spawn_id timeout
-- global KRBIV supported_enctypes portbase mode ulog des3_krbtgt
-+ global KRBIV supported_enctypes portbase mode ulog
-
- # Delete any db, ulog files
- delete_db
-diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
-index 7494d7fcd..2f95d8996 100755
---- a/src/tests/gssapi/t_enctypes.py
-+++ b/src/tests/gssapi/t_enctypes.py
-@@ -1,24 +1,17 @@
- from k5test import *
-
--# Define some convenience abbreviations for enctypes we will see in
--# test program output. For background, aes256 and aes128 are "CFX
--# enctypes", meaning that they imply support for RFC 4121, while des3
--# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in
--# t_enctypes output because that's how GSSAPI does raw triple-DES
--# encryption without the RFC3961 framing.
-+# Define some convenience abbreviations for enctypes we will see in test
-+# program output. For background, aes256 and aes128 are "CFX enctypes",
-+# meaning that they imply support for RFC 4121, while rc4 does not.
- aes256 = 'aes256-cts-hmac-sha1-96'
- aes128 = 'aes128-cts-hmac-sha1-96'
--des3 = 'des3-cbc-sha1'
--d_des3 = 'DEPRECATED:des3-cbc-sha1'
--des3raw = 'des3-cbc-raw'
--d_des3raw = 'DEPRECATED:des3-cbc-raw'
- rc4 = 'arcfour-hmac'
- d_rc4 = 'DEPRECATED:arcfour-hmac'
-
- # These tests make assumptions about the default enctype lists, so set
- # them explicitly rather than relying on the library defaults.
--supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal'
--conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'},
-+supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal'
-+conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'},
- 'realms': {'$realm': {'supported_enctypes': supp}}}
- realm = K5Realm(krb5_conf=conf)
- shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save'))
-@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts',
- test_err('acc aes128', None, 'aes128-cts',
- 'Encryption type aes256-cts-hmac-sha1-96 not permitted')
-
--# If the initiator constrains the permitted session enctypes to des3,
--# no acceptor subkey will be generated because we can't upgrade to a
--# CFX enctype.
--test('init des3', 'des3', None,
-- tktenc=aes256, tktsession=d_des3,
-- proto='rfc1964', isubkey=des3raw, asubkey=None)
--
- # Force the ticket session key to be rc4, so we can test some subkey
- # upgrade cases. The ticket encryption key remains aes256.
- realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
-
- # With no arguments, the initiator should send an upgrade list of
--# [aes256 aes128 des3] and the acceptor should upgrade to an aes256
-+# [aes256 aes128] and the acceptor should upgrade to an aes256
- # subkey.
- test('upgrade noargs', None, None,
- tktenc=aes256, tktsession=d_rc4,
-@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
- tktenc=aes256, tktsession=d_rc4,
- proto='cfx', isubkey=rc4, asubkey=aes128)
-
--# If the initiator permits rc4 but prefers des3, it will send an
--# upgrade list of [des3], but the acceptor won't generate a subkey
--# because des3 isn't a CFX enctype.
--test('upgrade init des3+rc4', 'des3 rc4', None,
-- tktenc=aes256, tktsession=d_rc4,
-- proto='rfc1964', isubkey=rc4, asubkey=None)
--
- # If the acceptor permits only aes128, subkey negotiation will fail
- # because the ticket session key and initiator subkey are
- # non-permitted. (This is unfortunate if the acceptor's restriction
-diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c
-index 9876a11e6..fb8fe5511 100644
---- a/src/tests/gssapi/t_invalid.c
-+++ b/src/tests/gssapi/t_invalid.c
-@@ -84,18 +84,6 @@ struct test {
- size_t toklen;
- const char *token;
- } tests[] = {
-- {
-- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW,
-- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20,
-- 24,
-- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7"
-- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D",
-- 65,
-- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04"
-- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8"
-- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10"
-- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4"
-- },
- {
- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC,
- SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8,
-diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c
-index 7368f752f..bf22bd3da 100644
---- a/src/tests/gssapi/t_pcontok.c
-+++ b/src/tests/gssapi/t_pcontok.c
-@@ -43,7 +43,6 @@
- #include "k5-int.h"
- #include "common.h"
-
--#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04
- #define SGN_ALG_HMAC_MD5 0x11
-
- /*
-@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out)
- ret = krb5_k_create_key(context, &seqkb, &seq);
- check_k5err(context, "krb5_k_create_key", ret);
-
-- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) {
-- cktype = CKSUMTYPE_HMAC_SHA1_DES3;
-- cksize = 20;
-- ckusage = 23;
-- } else if (signalg == SGN_ALG_HMAC_MD5) {
-- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-- cksize = 8;
-- ckusage = 15;
-- } else {
-+ if (signalg != SGN_ALG_HMAC_MD5)
- abort();
-- }
-+
-+ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-+ cksize = 8;
-+ ckusage = 15;
-
- tlen = 20 + mech_krb5.length + cksize;
- token = malloc(tlen);
-diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
-index f71774cdc..d1857c433 100644
---- a/src/tests/gssapi/t_prf.c
-+++ b/src/tests/gssapi/t_prf.c
-@@ -41,13 +41,6 @@ static struct {
- const char *key2;
- const char *out2;
- } tests[] = {
-- { ENCTYPE_DES3_CBC_SHA1,
-- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2",
-- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9"
-- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB",
-- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E",
-- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190"
-- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" },
- { ENCTYPE_ARCFOUR_HMAC,
- "3BB3AE288C12B3B9D06B208A4151B3B6",
- "9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28"
-diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
-index 3fa957ad2..2e01f46bc 100644
---- a/src/tests/t_authdata.py
-+++ b/src/tests/t_authdata.py
-@@ -174,7 +174,7 @@ realm.run([kvno, 'restricted'])
- # preferred krbtgt enctype changes.
- mark('#8139 regression test')
- realm.kinit(realm.user_princ, password('user'), ['-f'])
--realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1',
-+realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2',
- realm.krbtgt_princ])
- realm.run(['./forward'])
- realm.run([kvno, realm.host_princ])
-diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py
-index c982508d8..96e90a69d 100644
---- a/src/tests/t_etype_info.py
-+++ b/src/tests/t_etype_info.py
-@@ -1,6 +1,6 @@
- from k5test import *
-
--supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac'
-+supported_enctypes = 'aes128-cts rc4-hmac'
- conf = {'libdefaults': {'allow_weak_crypto': 'true'},
- 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}}
- realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf)
-@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines):
- # With no newer enctypes in the request, PA-ETYPE-INFO2,
- # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one
- # key for the most preferred matching enctype.
--test_etinfo('user', 'rc4-hmac-exp des3 rc4',
-- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser',
-- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser',
-+test_etinfo('user', 'rc4-hmac-exp rc4',
-+ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser',
-+ 'asrep etype_info rc4-hmac KRBTEST.COMuser',
- 'asrep pw_salt KRBTEST.COMuser'])
-
- # With a newer enctype in the request (even if it is not the most
-@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts',
-
- # In preauth-required errors, PA-PW-SALT does not appear, but the same
- # etype-info2 values are expected.
--test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4',
-- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser',
-- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser'])
-+test_etinfo('preauthuser', 'rc4-hmac-exp rc4',
-+ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser',
-+ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser'])
- test_etinfo('preauthuser', 'rc4 aes256-cts',
- ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser'])
-
-@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts',
- # (to allow for preauth mechs which don't depend on long-term keys).
- # An AS-REP cannot be generated without preauth as there is no reply
- # key.
--test_etinfo('rc4user', 'des3', [])
--test_etinfo('nokeyuser', 'des3', [])
-+test_etinfo('rc4user', 'aes128-cts', [])
-+test_etinfo('nokeyuser', 'aes128-cts', [])
-
- # Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED
- # error if the client does optimistic preauth.
-diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
-index 2c825a692..f29e0d550 100755
---- a/src/tests/t_keyrollover.py
-+++ b/src/tests/t_keyrollover.py
-@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg)
-
- # Test that the KDC only accepts the first enctype for a kvno, for a
- # local-realm TGS request. To set this up, we abuse an edge-case
--# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at
-+# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at
- # kvno 1 and cache a krbtgt ticket.
--realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1',
-+realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128',
- realm.krbtgt_princ])
- realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
- realm.kinit(realm.user_princ, password('user'))
-@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
- realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
- out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
- if 'vno 1, aes256-cts' not in out or \
-- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
-+ 'vno 1, aes128-cts-hmac-sha256-128' not in out:
- fail('keyrollover: setup for TGS enctype test failed')
--# Now present the DES3 ticket to the KDC and make sure it's rejected.
-+# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected.
- realm.run([kvno, realm.host_princ], expected_code=1)
-
- realm.stop()
-diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
-index 32f4070bc..da0ed1831 100755
---- a/src/tests/t_mkey.py
-+++ b/src/tests/t_mkey.py
-@@ -7,7 +7,6 @@ import struct
- # default enctype for master keys.
- aes256 = 'aes256-cts-hmac-sha1-96'
- aes128 = 'aes128-cts-hmac-sha1-96'
--des3 = 'des3-cbc-sha1'
- defetype = aes256
-
- realm = K5Realm(create_host=False, start_kadmind=True)
-@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out:
-
- realm.stop()
-
--# Load a dump file created with krb5 1.6, before the master key
--# rollover changes were introduced. Write out an old-format stash
--# file consistent with the dump's master password ("footes"). The K/M
--# entry in this database will not have actkvno tl-data because it was
--# created prior to master key rollover support. Verify that:
--# 1. We can access the database using the old-format stash file.
--# 2. list_mkeys displays the same list as for a post-1.7 KDB.
--mark('pre-1.7 stash file')
--dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16')
--os.remove(stash_file)
--f = open(stash_file, 'wb')
--f.write(struct.pack('=HL24s', 16, 24,
-- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0'
-- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86'))
--f.close()
--realm.run([kdb5_util, 'load', dumpfile])
--nprincs = len(realm.run([kadminl, 'listprincs']).splitlines())
--check_mkvno('K/M', 1)
--check_mkey_list((1, des3, True, True))
--
--# Create a new master key and verify that, without actkvkno tl-data:
--# 1. list_mkeys displays the same as for a post-1.7 KDB.
--# 2. update_princ_encryption still targets mkvno 1.
--# 3. libkadm5 still uses mkvno 1 for key changes.
--# 4. use_mkey creates the same list as for a post-1.7 KDB.
--mark('rollover from pre-1.7 KDB')
--add_mkey([])
--check_mkey_list((2, defetype, False, False), (1, des3, True, True))
--update_princ_encryption(False, 1, 0, nprincs - 1)
--realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ])
--check_mkvno(realm.user_princ, 1)
--realm.run([kdb5_util, 'use_mkey', '2', 'now-1day'])
--check_mkey_list((2, defetype, True, True), (1, des3, True, False))
--
- # Regression test for #8395. Purge the master key and verify that a
- # master key fetch does not segfault.
- mark('#8395 regression test')
-diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py
-index 65084bbf3..55ca89745 100755
---- a/src/tests/t_salt.py
-+++ b/src/tests/t_salt.py
-@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2):
-
- # Enctype/salt pairs chosen with non-default salt types.
- # The enctypes are mostly arbitrary.
--salts = [('des3-cbc-sha1', 'norealm'),
-+salts = [('aes128-cts-hmac-sha1-96', 'norealm'),
- ('arcfour-hmac', 'onlyrealm'),
- ('aes128-cts-hmac-sha1-96', 'special')]
- # These enctypes are chosen to cover the different string-to-key routines.
- # Omit ":normal" from aes256 to check that salttype defaulting works.
--second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal',
-- 'des3-cbc-sha1:normal']
-+second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal']
-
- # Test using different salt types in a principal's key list.
- # Parameters from one key in the list must not leak over to later ones.
-diff --git a/src/util/k5test.py b/src/util/k5test.py
-index 6afe4b92c..789b0f4b9 100644
---- a/src/util/k5test.py
-+++ b/src/util/k5test.py
-@@ -1278,13 +1278,6 @@ _passes = [
- # No special settings; exercises AES256.
- ('default', None, None, None),
-
-- # Exercise the DES3 enctype.
-- ('des3', None,
-- {'libdefaults': {'permitted_enctypes': 'des3'}},
-- {'realms': {'$realm': {
-- 'supported_enctypes': 'des3-cbc-sha1:normal',
-- 'master_key_type': 'des3-cbc-sha1'}}}),
--
- # Exercise the arcfour enctype.
- ('arcfour', None,
- {'libdefaults': {'permitted_enctypes': 'rc4'}},
-diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
-index 1aebdd0b4..c38eefd2b 100644
---- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm
-+++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
-@@ -79,19 +79,6 @@ will have an entry in the Encryption type column. <br>
- <th>Description</th>
- </tr>
- <tr>
--<th id="th2"> des3- </th>
-- <td> The triple DES family improves on
--the original DES (Data Encryption Standard) by using 3 separate 56-bit
--keys. Some modes of 3DES are considered weak while others are strong
--(if slow). <ul id="helpul">
--<li> des3-cbc-sha1</li>
--<li> des3-cbc-raw (<b>weak</b>) </li>
--<li>des3-hmac-sha1 </li>
--<li>des3-cbc-sha1-kd </li>
--</ul>
--</td>
-- </tr>
--<tr>
- <th id="th2"> aes </th>
- <td>The AES Advanced Encryption Standard
- family, like 3DES, is a symmetric block cipher and was designed
diff --git a/SOURCES/downstream-SELinux-integration.patch b/SOURCES/downstream-SELinux-integration.patch
deleted file mode 100644
index 0ba8b6c..0000000
--- a/SOURCES/downstream-SELinux-integration.patch
+++ /dev/null
@@ -1,1034 +0,0 @@
-From e787771b618a344d45ac515927e914602f48946f Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Tue, 23 Aug 2016 16:30:53 -0400
-Subject: [PATCH] [downstream] SELinux integration
-
-SELinux bases access to files on the domain of the requesting process,
-the operation being performed, and the context applied to the file.
-
-In many cases, applications needn't be SELinux aware to work properly,
-because SELinux can apply a default label to a file based on the label
-of the directory in which it's created.
-
-In the case of files such as /etc/krb5.keytab, however, this isn't
-sufficient, as /etc/krb5.keytab will almost always need to be given a
-label which differs from that of /etc/issue or /etc/resolv.conf. The
-the kdb stash file needs a different label than the database for which
-it's holding a master key, even though both typically live in the same
-directory.
-
-To give the file the correct label, we can either force a "restorecon"
-call to fix a file's label after it's created, or create the file with
-the right label, as we attempt to do here. We lean on THREEPARAMOPEN
-and define a similar macro named WRITABLEFOPEN with which we replace
-several uses of fopen().
-
-The file creation context that we're manipulating here is a process-wide
-attribute. While for the most part, applications which need to label
-files when they're created have tended to be single-threaded, there's
-not much we can do to avoid interfering with an application that
-manipulates the creation context directly. Right now we're mediating
-access using a library-local mutex, but that can only work for consumers
-that are part of this package -- an unsuspecting application will still
-stomp all over us.
-
-The selabel APIs for looking up the context should be thread-safe (per
-Red Hat #273081), so switching to using them instead of matchpathcon(),
-which we used earlier, is some improvement.
-
-Last-updated: krb5-1.18-beta1
----
- src/aclocal.m4 | 48 +++
- src/build-tools/krb5-config.in | 3 +-
- src/config/pre.in | 3 +-
- src/configure.ac | 2 +
- src/include/k5-int.h | 1 +
- src/include/k5-label.h | 32 ++
- src/include/krb5/krb5.hin | 6 +
- src/kadmin/dbutil/dump.c | 11 +-
- src/kdc/main.c | 2 +-
- src/kprop/kpropd.c | 9 +
- src/lib/kadm5/logger.c | 4 +-
- src/lib/kdb/kdb_log.c | 2 +-
- src/lib/krb5/ccache/cc_dir.c | 26 +-
- src/lib/krb5/keytab/kt_file.c | 4 +-
- src/lib/krb5/os/trace.c | 2 +-
- src/plugins/kdb/db2/adb_openclose.c | 2 +-
- src/plugins/kdb/db2/kdb_db2.c | 4 +-
- src/plugins/kdb/db2/libdb2/btree/bt_open.c | 3 +-
- src/plugins/kdb/db2/libdb2/hash/hash.c | 3 +-
- src/plugins/kdb/db2/libdb2/recno/rec_open.c | 4 +-
- .../kdb/ldap/ldap_util/kdb5_ldap_services.c | 11 +-
- src/util/profile/prof_file.c | 3 +-
- src/util/support/Makefile.in | 3 +-
- src/util/support/selinux.c | 406 ++++++++++++++++++
- 24 files changed, 573 insertions(+), 21 deletions(-)
- create mode 100644 src/include/k5-label.h
- create mode 100644 src/util/support/selinux.c
-
-diff --git a/src/aclocal.m4 b/src/aclocal.m4
-index ca9fcf664..5afb96e58 100644
---- a/src/aclocal.m4
-+++ b/src/aclocal.m4
-@@ -85,6 +85,7 @@ AC_SUBST_FILE(libnodeps_frag)
- dnl
- KRB5_AC_PRAGMA_WEAK_REF
- WITH_LDAP
-+KRB5_WITH_SELINUX
- KRB5_LIB_PARAMS
- KRB5_AC_INITFINI
- KRB5_AC_ENABLE_THREADS
-@@ -1745,4 +1746,51 @@ AC_SUBST(PAM_LIBS)
- AC_SUBST(PAM_MAN)
- AC_SUBST(NON_PAM_MAN)
- ])dnl
-+dnl
-+dnl Use libselinux to set file contexts on newly-created files.
-+dnl
-+AC_DEFUN(KRB5_WITH_SELINUX,[
-+AC_ARG_WITH(selinux,[AC_HELP_STRING(--with-selinux,[compile with SELinux labeling support])],
-+ withselinux="$withval",withselinux=auto)
-+old_LIBS="$LIBS"
-+if test "$withselinux" != no ; then
-+ AC_MSG_RESULT([checking for libselinux...])
-+ SELINUX_LIBS=
-+ AC_CHECK_HEADERS(selinux/selinux.h selinux/label.h)
-+ if test "x$ac_cv_header_selinux_selinux_h" != xyes ; then
-+ if test "$withselinux" = auto ; then
-+ AC_MSG_RESULT([Unable to locate selinux/selinux.h.])
-+ withselinux=no
-+ else
-+ AC_MSG_ERROR([Unable to locate selinux/selinux.h.])
-+ fi
-+ fi
-
-+ LIBS=
-+ unset ac_cv_func_setfscreatecon
-+ AC_CHECK_FUNCS(setfscreatecon selabel_open)
-+ if test "x$ac_cv_func_setfscreatecon" = xno ; then
-+ AC_CHECK_LIB(selinux,setfscreatecon)
-+ unset ac_cv_func_setfscreatecon
-+ AC_CHECK_FUNCS(setfscreatecon selabel_open)
-+ if test "x$ac_cv_func_setfscreatecon" = xyes ; then
-+ SELINUX_LIBS="$LIBS"
-+ else
-+ if test "$withselinux" = auto ; then
-+ AC_MSG_RESULT([Unable to locate libselinux.])
-+ withselinux=no
-+ else
-+ AC_MSG_ERROR([Unable to locate libselinux.])
-+ fi
-+ fi
-+ fi
-+ if test "$withselinux" != no ; then
-+ AC_MSG_NOTICE([building with SELinux labeling support])
-+ AC_DEFINE(USE_SELINUX,1,[Define if Kerberos-aware tools should set SELinux file contexts when creating files.])
-+ SELINUX_LIBS="$LIBS"
-+ EXTRA_SUPPORT_SYMS="$EXTRA_SUPPORT_SYMS krb5int_labeled_open krb5int_labeled_fopen krb5int_push_fscreatecon_for krb5int_pop_fscreatecon"
-+ fi
-+fi
-+LIBS="$old_LIBS"
-+AC_SUBST(SELINUX_LIBS)
-+])dnl
-diff --git a/src/build-tools/krb5-config.in b/src/build-tools/krb5-config.in
-index dead0dddc..fef3e054f 100755
---- a/src/build-tools/krb5-config.in
-+++ b/src/build-tools/krb5-config.in
-@@ -41,6 +41,7 @@ DL_LIB='@DL_LIB@'
- DEFCCNAME='@DEFCCNAME@'
- DEFKTNAME='@DEFKTNAME@'
- DEFCKTNAME='@DEFCKTNAME@'
-+SELINUX_LIBS='@SELINUX_LIBS@'
-
- LIBS='@LIBS@'
- GEN_LIB=@GEN_LIB@
-@@ -254,7 +255,7 @@ if test -n "$do_libs"; then
- fi
-
- # If we ever support a flag to generate output suitable for static
-- # linking, we would output "-lkrb5support $GEN_LIB $LIBS $DL_LIB"
-+ # linking, we would output "-lkrb5support $GEN_LIB $LIBS $SELINUX_LIBS $DL_LIB"
- # here.
-
- echo $lib_flags
-diff --git a/src/config/pre.in b/src/config/pre.in
-index 3752174c7..0d2068575 100644
---- a/src/config/pre.in
-+++ b/src/config/pre.in
-@@ -177,6 +177,7 @@ LD = $(PURE) @LD@
- KRB_INCLUDES = -I$(BUILDTOP)/include -I$(top_srcdir)/include
- LDFLAGS = @LDFLAGS@
- LIBS = @LIBS@
-+SELINUX_LIBS=@SELINUX_LIBS@
-
- INSTALL=@INSTALL@
- INSTALL_STRIP=
-@@ -403,7 +404,7 @@ SUPPORT_LIB = -l$(SUPPORT_LIBNAME)
- # HESIOD_LIBS is -lhesiod...
- HESIOD_LIBS = @HESIOD_LIBS@
-
--KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(DL_LIB)
-+KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(SELINUX_LIBS) $(DL_LIB)
- KDB5_LIBS = $(KDB5_LIB) $(GSSRPC_LIBS)
- GSS_LIBS = $(GSS_KRB5_LIB)
- # needs fixing if ever used on macOS!
-diff --git a/src/configure.ac b/src/configure.ac
-index 693f76a81..dd2cad3ee 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1391,6 +1391,8 @@ AC_PATH_PROG(GROFF, groff)
-
- KRB5_WITH_PAM
-
-+KRB5_WITH_SELINUX
-+
- # Make localedir work in autoconf 2.5x.
- if test "${localedir+set}" != set; then
- localedir='$(datadir)/locale'
-diff --git a/src/include/k5-int.h b/src/include/k5-int.h
-index cf524252f..efb523689 100644
---- a/src/include/k5-int.h
-+++ b/src/include/k5-int.h
-@@ -128,6 +128,7 @@ typedef unsigned char u_char;
-
-
- #include "k5-platform.h"
-+#include "k5-label.h"
-
- #define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */
- #define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */
-diff --git a/src/include/k5-label.h b/src/include/k5-label.h
-new file mode 100644
-index 000000000..dfaaa847c
---- /dev/null
-+++ b/src/include/k5-label.h
-@@ -0,0 +1,32 @@
-+#ifndef _KRB5_LABEL_H
-+#define _KRB5_LABEL_H
-+
-+#ifdef THREEPARAMOPEN
-+#undef THREEPARAMOPEN
-+#endif
-+#ifdef WRITABLEFOPEN
-+#undef WRITABLEFOPEN
-+#endif
-+
-+/* Wrapper functions which help us create files and directories with the right
-+ * context labels. */
-+#ifdef USE_SELINUX
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <stdio.h>
-+#include <unistd.h>
-+FILE *krb5int_labeled_fopen(const char *path, const char *mode);
-+int krb5int_labeled_creat(const char *path, mode_t mode);
-+int krb5int_labeled_open(const char *path, int flags, ...);
-+int krb5int_labeled_mkdir(const char *path, mode_t mode);
-+int krb5int_labeled_mknod(const char *path, mode_t mode, dev_t device);
-+#define THREEPARAMOPEN(x,y,z) krb5int_labeled_open(x,y,z)
-+#define WRITABLEFOPEN(x,y) krb5int_labeled_fopen(x,y)
-+void *krb5int_push_fscreatecon_for(const char *pathname);
-+void krb5int_pop_fscreatecon(void *previous);
-+#else
-+#define WRITABLEFOPEN(x,y) fopen(x,y)
-+#define THREEPARAMOPEN(x,y,z) open(x,y,z)
-+#endif
-+#endif
-diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
-index 045334a08..db80063eb 100644
---- a/src/include/krb5/krb5.hin
-+++ b/src/include/krb5/krb5.hin
-@@ -87,6 +87,12 @@
- #define THREEPARAMOPEN(x,y,z) open(x,y,z)
- #endif
-
-+#if KRB5_PRIVATE
-+#ifndef WRITABLEFOPEN
-+#define WRITABLEFOPEN(x,y) fopen(x,y)
-+#endif
-+#endif
-+
- #define KRB5_OLD_CRYPTO
-
- #include <stdlib.h>
-diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
-index 634ba4a8b..cea7939f4 100644
---- a/src/kadmin/dbutil/dump.c
-+++ b/src/kadmin/dbutil/dump.c
-@@ -148,12 +148,21 @@ create_ofile(char *ofile, char **tmpname)
- {
- int fd = -1;
- FILE *f;
-+#ifdef USE_SELINUX
-+ void *selabel;
-+#endif
-
- *tmpname = NULL;
- if (asprintf(tmpname, "%s-XXXXXX", ofile) < 0)
- goto error;
-
-+#ifdef USE_SELINUX
-+ selabel = krb5int_push_fscreatecon_for(ofile);
-+#endif
- fd = mkstemp(*tmpname);
-+#ifdef USE_SELINUX
-+ krb5int_pop_fscreatecon(selabel);
-+#endif
- if (fd == -1)
- goto error;
-
-@@ -197,7 +206,7 @@ prep_ok_file(krb5_context context, char *file_name, int *fd_out)
- goto cleanup;
- }
-
-- fd = open(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600);
-+ fd = THREEPARAMOPEN(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600);
- if (fd == -1) {
- com_err(progname, errno, _("while creating 'ok' file, '%s'"), file_ok);
- goto cleanup;
-diff --git a/src/kdc/main.c b/src/kdc/main.c
-index 3be6dcb07..24d441e16 100644
---- a/src/kdc/main.c
-+++ b/src/kdc/main.c
-@@ -872,7 +872,7 @@ write_pid_file(const char *path)
- FILE *file;
- unsigned long pid;
-
-- file = fopen(path, "w");
-+ file = WRITABLEFOPEN(path, "w");
- if (file == NULL)
- return errno;
- pid = (unsigned long) getpid();
-diff --git a/src/kprop/kpropd.c b/src/kprop/kpropd.c
-index 498ca599a..c6b8efc28 100644
---- a/src/kprop/kpropd.c
-+++ b/src/kprop/kpropd.c
-@@ -487,6 +487,9 @@ doit(int fd)
- krb5_enctype etype;
- int database_fd;
- char host[INET6_ADDRSTRLEN + 1];
-+#ifdef USE_SELINUX
-+ void *selabel;
-+#endif
-
- signal_wrapper(SIGALRM, alarm_handler);
- alarm(params.iprop_resync_timeout);
-@@ -542,9 +545,15 @@ doit(int fd)
- free(name);
- exit(1);
- }
-+#ifdef USE_SELINUX
-+ selabel = krb5int_push_fscreatecon_for(file);
-+#endif
- omask = umask(077);
- lock_fd = open(temp_file_name, O_RDWR | O_CREAT, 0600);
- (void)umask(omask);
-+#ifdef USE_SELINUX
-+ krb5int_pop_fscreatecon(selabel);
-+#endif
- retval = krb5_lock_file(kpropd_context, lock_fd,
- KRB5_LOCKMODE_EXCLUSIVE | KRB5_LOCKMODE_DONTBLOCK);
- if (retval) {
-diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
-index c6885edf2..9aec3c05e 100644
---- a/src/lib/kadm5/logger.c
-+++ b/src/lib/kadm5/logger.c
-@@ -309,7 +309,7 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
- */
- append = (cp[4] == ':') ? O_APPEND : 0;
- if (append || cp[4] == '=') {
-- fd = open(&cp[5], O_CREAT | O_WRONLY | append,
-+ fd = THREEPARAMOPEN(&cp[5], O_CREAT | O_WRONLY | append,
- S_IRUSR | S_IWUSR | S_IRGRP);
- if (fd != -1)
- f = fdopen(fd, append ? "a" : "w");
-@@ -776,7 +776,7 @@ krb5_klog_reopen(krb5_context kcontext)
- * In case the old logfile did not get moved out of the
- * way, open for append to prevent squashing the old logs.
- */
-- f = fopen(log_control.log_entries[lindex].lfu_fname, "a+");
-+ f = WRITABLEFOPEN(log_control.log_entries[lindex].lfu_fname, "a+");
- if (f) {
- set_cloexec_file(f);
- log_control.log_entries[lindex].lfu_filep = f;
-diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c
-index 2659a2501..e9b95fce5 100644
---- a/src/lib/kdb/kdb_log.c
-+++ b/src/lib/kdb/kdb_log.c
-@@ -480,7 +480,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries)
- return ENOMEM;
-
- if (stat(logname, &st) == -1) {
-- log_ctx->ulogfd = open(logname, O_RDWR | O_CREAT, 0600);
-+ log_ctx->ulogfd = THREEPARAMOPEN(logname, O_RDWR | O_CREAT, 0600);
- if (log_ctx->ulogfd == -1) {
- retval = errno;
- goto cleanup;
-diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c
-index 7b100a0ec..5683a0433 100644
---- a/src/lib/krb5/ccache/cc_dir.c
-+++ b/src/lib/krb5/ccache/cc_dir.c
-@@ -183,10 +183,19 @@ write_primary_file(const char *primary_path, const char *contents)
- char *newpath = NULL;
- FILE *fp = NULL;
- int fd = -1, status;
-+#ifdef USE_SELINUX
-+ void *selabel;
-+#endif
-
- if (asprintf(&newpath, "%s.XXXXXX", primary_path) < 0)
- return ENOMEM;
-+#ifdef USE_SELINUX
-+ selabel = krb5int_push_fscreatecon_for(primary_path);
-+#endif
- fd = mkstemp(newpath);
-+#ifdef USE_SELINUX
-+ krb5int_pop_fscreatecon(selabel);
-+#endif
- if (fd < 0)
- goto cleanup;
- #ifdef HAVE_CHMOD
-@@ -221,10 +230,23 @@ static krb5_error_code
- verify_dir(krb5_context context, const char *dirname)
- {
- struct stat st;
-+ int status;
-+#ifdef USE_SELINUX
-+ void *selabel;
-+#endif
-
- if (stat(dirname, &st) < 0) {
-- if (errno == ENOENT && mkdir(dirname, S_IRWXU) == 0)
-- return 0;
-+ if (errno == ENOENT) {
-+#ifdef USE_SELINUX
-+ selabel = krb5int_push_fscreatecon_for(dirname);
-+#endif
-+ status = mkdir(dirname, S_IRWXU);
-+#ifdef USE_SELINUX
-+ krb5int_pop_fscreatecon(selabel);
-+#endif
-+ if (status == 0)
-+ return 0;
-+ }
- k5_setmsg(context, KRB5_FCC_NOFILE,
- _("Credential cache directory %s does not exist"),
- dirname);
-diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c
-index e510211fc..f3ea28c8e 100644
---- a/src/lib/krb5/keytab/kt_file.c
-+++ b/src/lib/krb5/keytab/kt_file.c
-@@ -735,14 +735,14 @@ krb5_ktfileint_open(krb5_context context, krb5_keytab id, int mode)
-
- KTCHECKLOCK(id);
- errno = 0;
-- KTFILEP(id) = fopen(KTFILENAME(id),
-+ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id),
- (mode == KRB5_LOCKMODE_EXCLUSIVE) ? "rb+" : "rb");
- if (!KTFILEP(id)) {
- if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) {
- /* try making it first time around */
- k5_create_secure_file(context, KTFILENAME(id));
- errno = 0;
-- KTFILEP(id) = fopen(KTFILENAME(id), "rb+");
-+ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id), "rb+");
- if (!KTFILEP(id))
- goto report_errno;
- writevno = 1;
-diff --git a/src/lib/krb5/os/trace.c b/src/lib/krb5/os/trace.c
-index 7073459f0..e9b99f4ca 100644
---- a/src/lib/krb5/os/trace.c
-+++ b/src/lib/krb5/os/trace.c
-@@ -458,7 +458,7 @@ krb5_set_trace_filename(krb5_context context, const char *filename)
- fd = malloc(sizeof(*fd));
- if (fd == NULL)
- return ENOMEM;
-- *fd = open(filename, O_WRONLY|O_CREAT|O_APPEND, 0600);
-+ *fd = THREEPARAMOPEN(filename, O_WRONLY|O_CREAT|O_APPEND, 0600);
- if (*fd == -1) {
- free(fd);
- return errno;
-diff --git a/src/plugins/kdb/db2/adb_openclose.c b/src/plugins/kdb/db2/adb_openclose.c
-index 7db30a33b..2b9d01921 100644
---- a/src/plugins/kdb/db2/adb_openclose.c
-+++ b/src/plugins/kdb/db2/adb_openclose.c
-@@ -152,7 +152,7 @@ osa_adb_init_db(osa_adb_db_t *dbp, char *filename, char *lockfilename,
- * needs be open read/write so that write locking can work with
- * POSIX systems
- */
-- if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) {
-+ if ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "r+")) == NULL) {
- /*
- * maybe someone took away write permission so we could only
- * get shared locks?
-diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c
-index 1a476b586..b40bb2240 100644
---- a/src/plugins/kdb/db2/kdb_db2.c
-+++ b/src/plugins/kdb/db2/kdb_db2.c
-@@ -694,8 +694,8 @@ ctx_create_db(krb5_context context, krb5_db2_context *dbc)
- if (retval)
- return retval;
-
-- dbc->db_lf_file = open(dbc->db_lf_name, O_CREAT | O_RDWR | O_TRUNC,
-- 0600);
-+ dbc->db_lf_file = THREEPARAMOPEN(dbc->db_lf_name,
-+ O_CREAT | O_RDWR | O_TRUNC, 0600);
- if (dbc->db_lf_file < 0) {
- retval = errno;
- goto cleanup;
-diff --git a/src/plugins/kdb/db2/libdb2/btree/bt_open.c b/src/plugins/kdb/db2/libdb2/btree/bt_open.c
-index 2977b17f3..d5809a5a9 100644
---- a/src/plugins/kdb/db2/libdb2/btree/bt_open.c
-+++ b/src/plugins/kdb/db2/libdb2/btree/bt_open.c
-@@ -60,6 +60,7 @@ static char sccsid[] = "@(#)bt_open.c 8.11 (Berkeley) 11/2/95";
- #include <string.h>
- #include <unistd.h>
-
-+#include "k5-int.h"
- #include "db-int.h"
- #include "btree.h"
-
-@@ -203,7 +204,7 @@ __bt_open(fname, flags, mode, openinfo, dflags)
- goto einval;
- }
-
-- if ((t->bt_fd = open(fname, flags | O_BINARY, mode)) < 0)
-+ if ((t->bt_fd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0)
- goto err;
-
- } else {
-diff --git a/src/plugins/kdb/db2/libdb2/hash/hash.c b/src/plugins/kdb/db2/libdb2/hash/hash.c
-index 862dbb164..686a960c9 100644
---- a/src/plugins/kdb/db2/libdb2/hash/hash.c
-+++ b/src/plugins/kdb/db2/libdb2/hash/hash.c
-@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)hash.c 8.12 (Berkeley) 11/7/95";
- #include <assert.h>
- #endif
-
-+#include "k5-int.h"
- #include "db-int.h"
- #include "hash.h"
- #include "page.h"
-@@ -129,7 +130,7 @@ __kdb2_hash_open(file, flags, mode, info, dflags)
- new_table = 1;
- }
- if (file) {
-- if ((hashp->fp = open(file, flags|O_BINARY, mode)) == -1)
-+ if ((hashp->fp = THREEPARAMOPEN(file, flags|O_BINARY, mode)) == -1)
- RETURN_ERROR(errno, error0);
- (void)fcntl(hashp->fp, F_SETFD, 1);
- }
-diff --git a/src/plugins/kdb/db2/libdb2/recno/rec_open.c b/src/plugins/kdb/db2/libdb2/recno/rec_open.c
-index d8b26e701..b0daa7c02 100644
---- a/src/plugins/kdb/db2/libdb2/recno/rec_open.c
-+++ b/src/plugins/kdb/db2/libdb2/recno/rec_open.c
-@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)rec_open.c 8.12 (Berkeley) 11/18/94";
- #include <stdio.h>
- #include <unistd.h>
-
-+#include "k5-int.h"
- #include "db-int.h"
- #include "recno.h"
-
-@@ -68,7 +69,8 @@ __rec_open(fname, flags, mode, openinfo, dflags)
- int rfd = -1, sverrno;
-
- /* Open the user's file -- if this fails, we're done. */
-- if (fname != NULL && (rfd = open(fname, flags | O_BINARY, mode)) < 0)
-+ if (fname != NULL &&
-+ (rfd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0)
- return (NULL);
-
- if (fname != NULL && fcntl(rfd, F_SETFD, 1) == -1) {
-diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
-index e87688d66..30f7c00ab 100644
---- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
-+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
-@@ -190,7 +190,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
-
- /* set password in the file */
- old_mode = umask(0177);
-- pfile = fopen(file_name, "a+");
-+ pfile = WRITABLEFOPEN(file_name, "a+");
- if (pfile == NULL) {
- com_err(me, errno, _("Failed to open file %s: %s"), file_name,
- strerror (errno));
-@@ -231,6 +231,9 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
- * Delete the existing entry and add the new entry
- */
- FILE *newfile;
-+#ifdef USE_SELINUX
-+ void *selabel;
-+#endif
-
- mode_t omask;
-
-@@ -242,7 +245,13 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
- }
-
- omask = umask(077);
-+#ifdef USE_SELINUX
-+ selabel = krb5int_push_fscreatecon_for(file_name);
-+#endif
- newfile = fopen(tmp_file, "w");
-+#ifdef USE_SELINUX
-+ krb5int_pop_fscreatecon(selabel);
-+#endif
- umask (omask);
- if (newfile == NULL) {
- com_err(me, errno, _("Error creating file %s"), tmp_file);
-diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c
-index aa951df05..79f9500f6 100644
---- a/src/util/profile/prof_file.c
-+++ b/src/util/profile/prof_file.c
-@@ -33,6 +33,7 @@
- #endif
-
- #include "k5-platform.h"
-+#include "k5-label.h"
-
- struct global_shared_profile_data {
- /* This is the head of the global list of shared trees */
-@@ -391,7 +392,7 @@ static errcode_t write_data_to_file(prf_data_t data, const char *outfile,
-
- errno = 0;
-
-- f = fopen(new_file, "w");
-+ f = WRITABLEFOPEN(new_file, "w");
- if (!f) {
- retval = errno;
- if (retval == 0)
-diff --git a/src/util/support/Makefile.in b/src/util/support/Makefile.in
-index 86d5a950a..1052d53a1 100644
---- a/src/util/support/Makefile.in
-+++ b/src/util/support/Makefile.in
-@@ -74,6 +74,7 @@ IPC_SYMS= \
-
- STLIBOBJS= \
- threads.o \
-+ selinux.o \
- init-addrinfo.o \
- plugins.o \
- errors.o \
-@@ -168,7 +169,7 @@ SRCS=\
-
- SHLIB_EXPDEPS =
- # Add -lm if dumping thread stats, for sqrt.
--SHLIB_EXPLIBS= $(LIBS) $(DL_LIB)
-+SHLIB_EXPLIBS= $(LIBS) $(SELINUX_LIBS) $(DL_LIB)
-
- DEPLIBS=
-
-diff --git a/src/util/support/selinux.c b/src/util/support/selinux.c
-new file mode 100644
-index 000000000..6d41f3244
---- /dev/null
-+++ b/src/util/support/selinux.c
-@@ -0,0 +1,406 @@
-+/*
-+ * Copyright 2007,2008,2009,2011,2012,2013,2016 Red Hat, Inc. All Rights Reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions are met:
-+ *
-+ * Redistributions of source code must retain the above copyright notice, this
-+ * list of conditions and the following disclaimer.
-+ *
-+ * Redistributions in binary form must reproduce the above copyright notice,
-+ * this list of conditions and the following disclaimer in the documentation
-+ * and/or other materials provided with the distribution.
-+ *
-+ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
-+ * used to endorse or promote products derived from this software without
-+ * specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-+ * POSSIBILITY OF SUCH DAMAGE.
-+ *
-+ * File-opening wrappers for creating correctly-labeled files. So far, we can
-+ * assume that this is Linux-specific, so we make many simplifying assumptions.
-+ */
-+
-+#include "../../include/autoconf.h"
-+
-+#ifdef USE_SELINUX
-+
-+#include <k5-label.h>
-+#include <k5-platform.h>
-+
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+
-+#include <errno.h>
-+#include <fcntl.h>
-+#include <limits.h>
-+#include <pthread.h>
-+#include <stdarg.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <unistd.h>
-+
-+#include <selinux/selinux.h>
-+#include <selinux/context.h>
-+#include <selinux/label.h>
-+
-+/* #define DEBUG 1 */
-+static void
-+debug_log(const char *fmt, ...)
-+{
-+#ifdef DEBUG
-+ va_list ap;
-+ va_start(ap, fmt);
-+ if (isatty(fileno(stderr))) {
-+ vfprintf(stderr, fmt, ap);
-+ }
-+ va_end(ap);
-+#endif
-+
-+ return;
-+}
-+
-+/* Mutex used to serialize use of the process-global file creation context. */
-+k5_mutex_t labeled_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
-+
-+/* Make sure we finish initializing that mutex before attempting to use it. */
-+k5_once_t labeled_once = K5_ONCE_INIT;
-+static void
-+label_mutex_init(void)
-+{
-+ k5_mutex_finish_init(&labeled_mutex);
-+}
-+
-+static struct selabel_handle *selabel_ctx;
-+static time_t selabel_last_changed;
-+
-+MAKE_FINI_FUNCTION(cleanup_fscreatecon);
-+
-+static void
-+cleanup_fscreatecon(void)
-+{
-+ if (selabel_ctx != NULL) {
-+ selabel_close(selabel_ctx);
-+ selabel_ctx = NULL;
-+ }
-+}
-+
-+static security_context_t
-+push_fscreatecon(const char *pathname, mode_t mode)
-+{
-+ security_context_t previous, configuredsc, currentsc, derivedsc;
-+ context_t current, derived;
-+ const char *fullpath, *currentuser;
-+ char *genpath;
-+
-+ previous = configuredsc = currentsc = derivedsc = NULL;
-+ current = derived = NULL;
-+ genpath = NULL;
-+
-+ fullpath = pathname;
-+
-+ if (!is_selinux_enabled()) {
-+ goto fail;
-+ }
-+
-+ if (getfscreatecon(&previous) != 0) {
-+ goto fail;
-+ }
-+
-+ /* Canonicalize pathname */
-+ if (pathname[0] != '/') {
-+ char *wd;
-+ size_t len;
-+ len = 0;
-+
-+ wd = getcwd(NULL, len);
-+ if (wd == NULL) {
-+ goto fail;
-+ }
-+
-+ len = strlen(wd) + 1 + strlen(pathname) + 1;
-+ genpath = malloc(len);
-+ if (genpath == NULL) {
-+ free(wd);
-+ goto fail;
-+ }
-+
-+ sprintf(genpath, "%s/%s", wd, pathname);
-+ free(wd);
-+ fullpath = genpath;
-+ }
-+
-+ debug_log("Looking up context for \"%s\"(%05o).\n", fullpath, mode);
-+
-+ /* Check whether context file has changed under us */
-+ if (selabel_ctx != NULL || selabel_last_changed == 0) {
-+ const char *cpath;
-+ struct stat st;
-+ int i = -1;
-+
-+ cpath = selinux_file_context_path();
-+ if (cpath == NULL || (i = stat(cpath, &st)) != 0 ||
-+ st.st_mtime != selabel_last_changed) {
-+ cleanup_fscreatecon();
-+
-+ selabel_last_changed = i ? time(NULL) : st.st_mtime;
-+ }
-+ }
-+
-+ if (selabel_ctx == NULL) {
-+ selabel_ctx = selabel_open(SELABEL_CTX_FILE, NULL, 0);
-+ }
-+
-+ if (selabel_ctx != NULL &&
-+ selabel_lookup(selabel_ctx, &configuredsc, fullpath, mode) != 0) {
-+ goto fail;
-+ }
-+
-+ if (genpath != NULL) {
-+ free(genpath);
-+ genpath = NULL;
-+ }
-+
-+ if (configuredsc == NULL) {
-+ goto fail;
-+ }
-+
-+ getcon(¤tsc);
-+
-+ /* AAAAAAAA */
-+ if (currentsc != NULL) {
-+ derived = context_new(configuredsc);
-+
-+ if (derived != NULL) {
-+ current = context_new(currentsc);
-+
-+ if (current != NULL) {
-+ currentuser = context_user_get(current);
-+
-+ if (currentuser != NULL) {
-+ if (context_user_set(derived,
-+ currentuser) == 0) {
-+ derivedsc = context_str(derived);
-+
-+ if (derivedsc != NULL) {
-+ freecon(configuredsc);
-+ configuredsc = strdup(derivedsc);
-+ }
-+ }
-+ }
-+
-+ context_free(current);
-+ }
-+
-+ context_free(derived);
-+ }
-+
-+ freecon(currentsc);
-+ }
-+
-+ debug_log("Setting file creation context to \"%s\".\n", configuredsc);
-+ if (setfscreatecon(configuredsc) != 0) {
-+ debug_log("Unable to determine current context.\n");
-+ goto fail;
-+ }
-+
-+ freecon(configuredsc);
-+ return previous;
-+
-+fail:
-+ if (previous != NULL) {
-+ freecon(previous);
-+ }
-+ if (genpath != NULL) {
-+ free(genpath);
-+ }
-+ if (configuredsc != NULL) {
-+ freecon(configuredsc);
-+ }
-+
-+ cleanup_fscreatecon();
-+ return NULL;
-+}
-+
-+static void
-+pop_fscreatecon(security_context_t previous)
-+{
-+ if (!is_selinux_enabled()) {
-+ return;
-+ }
-+
-+ if (previous != NULL) {
-+ debug_log("Resetting file creation context to \"%s\".\n", previous);
-+ } else {
-+ debug_log("Resetting file creation context to default.\n");
-+ }
-+
-+ /* NULL resets to default */
-+ setfscreatecon(previous);
-+
-+ if (previous != NULL) {
-+ freecon(previous);
-+ }
-+
-+ /* Need to clean this up here otherwise it leaks */
-+ cleanup_fscreatecon();
-+}
-+
-+void *
-+krb5int_push_fscreatecon_for(const char *pathname)
-+{
-+ struct stat st;
-+ void *retval;
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+
-+ if (stat(pathname, &st) != 0) {
-+ st.st_mode = S_IRUSR | S_IWUSR;
-+ }
-+
-+ retval = push_fscreatecon(pathname, st.st_mode);
-+ return retval ? retval : (void *) -1;
-+}
-+
-+void
-+krb5int_pop_fscreatecon(void *con)
-+{
-+ if (con != NULL) {
-+ pop_fscreatecon((con == (void *) -1) ? NULL : con);
-+ k5_mutex_unlock(&labeled_mutex);
-+ }
-+}
-+
-+FILE *
-+krb5int_labeled_fopen(const char *path, const char *mode)
-+{
-+ FILE *fp;
-+ int errno_save;
-+ security_context_t ctx;
-+
-+ if ((strcmp(mode, "r") == 0) ||
-+ (strcmp(mode, "rb") == 0)) {
-+ return fopen(path, mode);
-+ }
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+ ctx = push_fscreatecon(path, 0);
-+
-+ fp = fopen(path, mode);
-+ errno_save = errno;
-+
-+ pop_fscreatecon(ctx);
-+ k5_mutex_unlock(&labeled_mutex);
-+
-+ errno = errno_save;
-+ return fp;
-+}
-+
-+int
-+krb5int_labeled_creat(const char *path, mode_t mode)
-+{
-+ int fd;
-+ int errno_save;
-+ security_context_t ctx;
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+ ctx = push_fscreatecon(path, 0);
-+
-+ fd = creat(path, mode);
-+ errno_save = errno;
-+
-+ pop_fscreatecon(ctx);
-+ k5_mutex_unlock(&labeled_mutex);
-+
-+ errno = errno_save;
-+ return fd;
-+}
-+
-+int
-+krb5int_labeled_mknod(const char *path, mode_t mode, dev_t dev)
-+{
-+ int ret;
-+ int errno_save;
-+ security_context_t ctx;
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+ ctx = push_fscreatecon(path, mode);
-+
-+ ret = mknod(path, mode, dev);
-+ errno_save = errno;
-+
-+ pop_fscreatecon(ctx);
-+ k5_mutex_unlock(&labeled_mutex);
-+
-+ errno = errno_save;
-+ return ret;
-+}
-+
-+int
-+krb5int_labeled_mkdir(const char *path, mode_t mode)
-+{
-+ int ret;
-+ int errno_save;
-+ security_context_t ctx;
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+ ctx = push_fscreatecon(path, S_IFDIR);
-+
-+ ret = mkdir(path, mode);
-+ errno_save = errno;
-+
-+ pop_fscreatecon(ctx);
-+ k5_mutex_unlock(&labeled_mutex);
-+
-+ errno = errno_save;
-+ return ret;
-+}
-+
-+int
-+krb5int_labeled_open(const char *path, int flags, ...)
-+{
-+ int fd;
-+ int errno_save;
-+ security_context_t ctx;
-+ mode_t mode;
-+ va_list ap;
-+
-+ if ((flags & O_CREAT) == 0) {
-+ return open(path, flags);
-+ }
-+
-+ k5_once(&labeled_once, label_mutex_init);
-+ k5_mutex_lock(&labeled_mutex);
-+ ctx = push_fscreatecon(path, 0);
-+
-+ va_start(ap, flags);
-+ mode = va_arg(ap, mode_t);
-+ fd = open(path, flags, mode);
-+ va_end(ap);
-+
-+ errno_save = errno;
-+
-+ pop_fscreatecon(ctx);
-+ k5_mutex_unlock(&labeled_mutex);
-+
-+ errno = errno_save;
-+ return fd;
-+}
-+
-+#endif /* USE_SELINUX */
diff --git a/SOURCES/downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch b/SOURCES/downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch
deleted file mode 100644
index bdb22f9..0000000
--- a/SOURCES/downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch
+++ /dev/null
@@ -1,727 +0,0 @@
-From 20cbbd0b273af56c6d527c8e6b9d96eef49926f2 Mon Sep 17 00:00:00 2001
-From: Julien Rische <jrische@redhat.com>
-Date: Thu, 31 Mar 2022 18:24:39 +0200
-Subject: [PATCH] Use newly enforced dejagnu path naming convention
-
-Since version 1.6.3, dejagnu started to enforce a naming convention that
-was already in place, but not mandatory: dejagnu test directories have
-to be named "testsuite". If they don't implicit relative sub-paths
-resolution (e.g. "lib", "config") is not forking.
-
-This commit renames kadm5 library's unit tests and global tests
-directories to match this requirement.
-
-Resolves: rhbz#2053133
-
-Signed-off-by: Julien Rische <jrische@redhat.com>
----
- src/configure.ac | 4 +--
- src/lib/kadm5/Makefile.in | 2 +-
- .../{unit-test => testsuite}/Makefile.in | 28 +++++++++---------
- .../api.2/crte-policy.exp | 0
- .../api.2/get-policy.exp | 0
- .../api.2/mod-policy.exp | 0
- .../api.current/chpass-principal-v2.exp | 0
- .../api.current/chpass-principal.exp | 0
- .../api.current/crte-policy.exp | 0
- .../api.current/crte-principal.exp | 0
- .../api.current/destroy.exp | 0
- .../api.current/dlte-policy.exp | 0
- .../api.current/dlte-principal.exp | 0
- .../api.current/get-policy.exp | 0
- .../api.current/get-principal-v2.exp | 0
- .../api.current/get-principal.exp | 0
- .../api.current/init-v2.exp | 0
- .../api.current/init.exp | 0
- .../api.current/mod-policy.exp | 0
- .../api.current/mod-principal-v2.exp | 0
- .../api.current/mod-principal.exp | 0
- .../api.current/randkey-principal-v2.exp | 0
- .../api.current/randkey-principal.exp | 0
- .../{unit-test => testsuite}/config/unix.exp | 0
- src/lib/kadm5/{unit-test => testsuite}/deps | 0
- .../{unit-test => testsuite}/destroy-test.c | 0
- .../diff-files/destroy-1 | 0
- .../diff-files/no-diffs | 0
- .../{unit-test => testsuite}/handle-test.c | 0
- .../{unit-test => testsuite}/init-test.c | 0
- .../{unit-test => testsuite}/iter-test.c | 0
- .../kadm5/{unit-test => testsuite}/lib/lib.t | 2 +-
- .../{unit-test => testsuite}/lock-test.c | 0
- .../{unit-test => testsuite}/randkey-test.c | 0
- .../{unit-test => testsuite}/setkey-test.c | 0
- .../kadm5/{unit-test => testsuite}/site.exp | 0
- src/tests/Makefile.in | 2 +-
- src/tests/t_authdata.py | 2 +-
- src/tests/t_certauth.py | 2 +-
- src/tests/t_pkinit.py | 2 +-
- src/tests/t_proxy.py | 12 ++++----
- src/tests/{dejagnu => testsuite}/Makefile.in | 4 +--
- .../{dejagnu => testsuite}/config/default.exp | 2 +-
- src/tests/{dejagnu => testsuite}/deps | 0
- .../krb-standalone/gssapi.exp | 2 +-
- .../krb-standalone/kprop.exp | 0
- .../krb-standalone/princexpire.exp | 0
- .../krb-standalone/sample.exp | 2 +-
- .../krb-standalone/simple.exp | 2 +-
- .../krb-standalone/standalone.exp | 0
- .../krb-standalone/tcp.exp | 0
- .../pkinit-certs/ca.pem | 0
- .../pkinit-certs/generic.p12 | Bin
- .../pkinit-certs/generic.pem | 0
- .../pkinit-certs/kdc.pem | 0
- .../pkinit-certs/make-certs.sh | 0
- .../pkinit-certs/privkey-enc.pem | 0
- .../pkinit-certs/privkey.pem | 0
- .../pkinit-certs/user-enc.p12 | Bin
- .../pkinit-certs/user-upn.p12 | Bin
- .../pkinit-certs/user-upn.pem | 0
- .../pkinit-certs/user-upn2.p12 | Bin
- .../pkinit-certs/user-upn2.pem | 0
- .../pkinit-certs/user-upn3.p12 | Bin
- .../pkinit-certs/user-upn3.pem | 0
- .../pkinit-certs/user.p12 | Bin
- .../pkinit-certs/user.pem | 0
- .../{dejagnu => testsuite}/proxy-certs/ca.pem | 0
- .../proxy-certs/make-certs.sh | 0
- .../proxy-certs/proxy-badsig.pem | 0
- .../proxy-certs/proxy-ideal.pem | 0
- .../proxy-certs/proxy-no-match.pem | 0
- .../proxy-certs/proxy-san.pem | 0
- .../proxy-certs/proxy-subject.pem | 0
- src/tests/{dejagnu => testsuite}/t_inetd.c | 2 +-
- src/util/k5test.py | 2 +-
- 76 files changed, 36 insertions(+), 36 deletions(-)
- rename src/lib/kadm5/{unit-test => testsuite}/Makefile.in (86%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.2/crte-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.2/get-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.2/mod-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/chpass-principal-v2.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/chpass-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/crte-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/crte-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/destroy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/dlte-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/dlte-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/get-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/get-principal-v2.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/get-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/init-v2.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/init.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/mod-policy.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/mod-principal-v2.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/mod-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/randkey-principal-v2.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/api.current/randkey-principal.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/config/unix.exp (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/deps (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/destroy-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/diff-files/destroy-1 (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/diff-files/no-diffs (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/handle-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/init-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/iter-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/lib/lib.t (99%)
- rename src/lib/kadm5/{unit-test => testsuite}/lock-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/randkey-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/setkey-test.c (100%)
- rename src/lib/kadm5/{unit-test => testsuite}/site.exp (100%)
- rename src/tests/{dejagnu => testsuite}/Makefile.in (92%)
- rename src/tests/{dejagnu => testsuite}/config/default.exp (99%)
- rename src/tests/{dejagnu => testsuite}/deps (100%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/gssapi.exp (98%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/kprop.exp (100%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/princexpire.exp (100%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/sample.exp (98%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/simple.exp (98%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/standalone.exp (100%)
- rename src/tests/{dejagnu => testsuite}/krb-standalone/tcp.exp (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/ca.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/generic.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/generic.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/kdc.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/make-certs.sh (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/privkey-enc.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/privkey.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-enc.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn2.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn2.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn3.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user-upn3.pem (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user.p12 (100%)
- rename src/tests/{dejagnu => testsuite}/pkinit-certs/user.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/ca.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/make-certs.sh (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/proxy-badsig.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/proxy-ideal.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/proxy-no-match.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/proxy-san.pem (100%)
- rename src/tests/{dejagnu => testsuite}/proxy-certs/proxy-subject.pem (100%)
- rename src/tests/{dejagnu => testsuite}/t_inetd.c (99%)
-
-diff --git a/src/configure.ac b/src/configure.ac
-index 20066918b..363d5d62d 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1500,7 +1500,7 @@ V5_AC_OUTPUT_MAKEFILE(.
-
- lib/rpc lib/rpc/unit-test
-
-- lib/kadm5 lib/kadm5/clnt lib/kadm5/srv lib/kadm5/unit-test
-+ lib/kadm5 lib/kadm5/clnt lib/kadm5/srv lib/kadm5/testsuite
- lib/krad
- lib/apputils
-
-@@ -1544,5 +1544,5 @@ V5_AC_OUTPUT_MAKEFILE(.
- appl/gss-sample appl/user_user
-
- tests tests/asn.1 tests/create tests/hammer tests/verify tests/gssapi
-- tests/dejagnu tests/threads tests/shlib tests/gss-threads tests/misc
-+ tests/testsuite tests/threads tests/shlib tests/gss-threads tests/misc
- )
-diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in
-index c4eaad38d..76fc4b548 100644
---- a/src/lib/kadm5/Makefile.in
-+++ b/src/lib/kadm5/Makefile.in
-@@ -1,6 +1,6 @@
- mydir=lib$(S)kadm5
- BUILDTOP=$(REL)..$(S)..
--SUBDIRS = clnt srv unit-test
-+SUBDIRS = clnt srv testsuite
-
- ##DOSBUILDTOP = ..\..
-
-diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/testsuite/Makefile.in
-similarity index 86%
-rename from src/lib/kadm5/unit-test/Makefile.in
-rename to src/lib/kadm5/testsuite/Makefile.in
-index 68fa097ff..5a55b786b 100644
---- a/src/lib/kadm5/unit-test/Makefile.in
-+++ b/src/lib/kadm5/testsuite/Makefile.in
-@@ -1,4 +1,4 @@
--mydir=lib$(S)kadm5$(S)unit-test
-+mydir=lib$(S)kadm5$(S)testsuite
- BUILDTOP=$(REL)..$(S)..$(S)..
- KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS)
-
-@@ -61,7 +61,7 @@ runenv.exp: Makefile
- eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
-
- #
--# The unit-test targets
-+# The testsuite targets
- #
-
- check: check-@DO_TEST@
-@@ -72,13 +72,13 @@ check-:
- @echo "+++ Either tcl, runtest, or Perl is unavailable."
- @echo "+++"
-
--check-ok unit-test: unit-test-client unit-test-server
-+check-ok testsuite: testsuite-client testsuite-server
-
--unit-test-client: unit-test-client-setup unit-test-client-body \
-- unit-test-client-cleanup
-+testsuite-client: testsuite-client-setup testsuite-client-body \
-+ testsuite-client-cleanup
-
--unit-test-server: unit-test-server-setup unit-test-server-body \
-- unit-test-server-cleanup
-+testsuite-server: testsuite-server-setup testsuite-server-body \
-+ testsuite-server-cleanup
-
- test-randkey: randkey-test
- $(ENV_SETUP) $(VALGRIND) ./randkey-test
-@@ -98,19 +98,19 @@ test-destroy: destroy-test
- test-setkey-client: client-setkey-test
- $(ENV_SETUP) $(VALGRIND) ./client-setkey-test testkeys admin admin
-
--unit-test-client-setup: runenv.sh
-+testsuite-client-setup: runenv.sh
- $(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
-
--unit-test-client-cleanup:
-+testsuite-client-cleanup:
- $(ENV_SETUP) $(STOP_SERVERS)
-
--unit-test-server-setup: runenv.sh
-+testsuite-server-setup: runenv.sh
- $(ENV_SETUP) $(VALGRIND) $(START_SERVERS_LOCAL)
-
--unit-test-server-cleanup:
-+testsuite-server-cleanup:
- $(ENV_SETUP) $(STOP_SERVERS_LOCAL)
-
--unit-test-client-body: site.exp test-noauth test-destroy test-handle-client \
-+testsuite-client-body: site.exp test-noauth test-destroy test-handle-client \
- test-setkey-client runenv.exp
- $(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \
- KINIT=$(BUILDTOP)/clients/kinit/kinit \
-@@ -121,7 +121,7 @@ unit-test-client-body: site.exp test-noauth test-destroy test-handle-client \
- -mv api.log capi.log
- -mv api.sum capi.sum
-
--unit-test-server-body: site.exp test-handle-server lock-test
-+testsuite-server-body: site.exp test-handle-server lock-test
- $(ENV_SETUP) $(RUNTEST) --tool api RPC=0 API=$(SRVTCL) \
- LOCKTEST=./lock-test \
- KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local \
-@@ -140,4 +140,4 @@ clean:
- $(RM) lock-test lock-test.o
- $(RM) server-iter-test iter-test.o
- $(RM) server-setkey-test client-setkey-test setkey-test.o
-- $(RM) *.log *.plog *.sum *.psum unit-test-log.* runenv.exp
-+ $(RM) *.log *.plog *.sum *.psum testsuite-log.* runenv.exp
-diff --git a/src/lib/kadm5/unit-test/api.2/crte-policy.exp b/src/lib/kadm5/testsuite/api.2/crte-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.2/crte-policy.exp
-rename to src/lib/kadm5/testsuite/api.2/crte-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.2/get-policy.exp b/src/lib/kadm5/testsuite/api.2/get-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.2/get-policy.exp
-rename to src/lib/kadm5/testsuite/api.2/get-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.2/mod-policy.exp b/src/lib/kadm5/testsuite/api.2/mod-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.2/mod-policy.exp
-rename to src/lib/kadm5/testsuite/api.2/mod-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/testsuite/api.current/chpass-principal-v2.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
-rename to src/lib/kadm5/testsuite/api.current/chpass-principal-v2.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp b/src/lib/kadm5/testsuite/api.current/chpass-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/chpass-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/chpass-principal.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/crte-policy.exp b/src/lib/kadm5/testsuite/api.current/crte-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/crte-policy.exp
-rename to src/lib/kadm5/testsuite/api.current/crte-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/crte-principal.exp b/src/lib/kadm5/testsuite/api.current/crte-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/crte-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/crte-principal.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/destroy.exp b/src/lib/kadm5/testsuite/api.current/destroy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/destroy.exp
-rename to src/lib/kadm5/testsuite/api.current/destroy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp b/src/lib/kadm5/testsuite/api.current/dlte-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/dlte-policy.exp
-rename to src/lib/kadm5/testsuite/api.current/dlte-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/dlte-principal.exp b/src/lib/kadm5/testsuite/api.current/dlte-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/dlte-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/dlte-principal.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/get-policy.exp b/src/lib/kadm5/testsuite/api.current/get-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/get-policy.exp
-rename to src/lib/kadm5/testsuite/api.current/get-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/testsuite/api.current/get-principal-v2.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
-rename to src/lib/kadm5/testsuite/api.current/get-principal-v2.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/get-principal.exp b/src/lib/kadm5/testsuite/api.current/get-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/get-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/get-principal.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/init-v2.exp b/src/lib/kadm5/testsuite/api.current/init-v2.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/init-v2.exp
-rename to src/lib/kadm5/testsuite/api.current/init-v2.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/init.exp b/src/lib/kadm5/testsuite/api.current/init.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/init.exp
-rename to src/lib/kadm5/testsuite/api.current/init.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/mod-policy.exp b/src/lib/kadm5/testsuite/api.current/mod-policy.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/mod-policy.exp
-rename to src/lib/kadm5/testsuite/api.current/mod-policy.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp b/src/lib/kadm5/testsuite/api.current/mod-principal-v2.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp
-rename to src/lib/kadm5/testsuite/api.current/mod-principal-v2.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal.exp b/src/lib/kadm5/testsuite/api.current/mod-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/mod-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/mod-principal.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/testsuite/api.current/randkey-principal-v2.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
-rename to src/lib/kadm5/testsuite/api.current/randkey-principal-v2.exp
-diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal.exp b/src/lib/kadm5/testsuite/api.current/randkey-principal.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/api.current/randkey-principal.exp
-rename to src/lib/kadm5/testsuite/api.current/randkey-principal.exp
-diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/testsuite/config/unix.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/config/unix.exp
-rename to src/lib/kadm5/testsuite/config/unix.exp
-diff --git a/src/lib/kadm5/unit-test/deps b/src/lib/kadm5/testsuite/deps
-similarity index 100%
-rename from src/lib/kadm5/unit-test/deps
-rename to src/lib/kadm5/testsuite/deps
-diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/testsuite/destroy-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/destroy-test.c
-rename to src/lib/kadm5/testsuite/destroy-test.c
-diff --git a/src/lib/kadm5/unit-test/diff-files/destroy-1 b/src/lib/kadm5/testsuite/diff-files/destroy-1
-similarity index 100%
-rename from src/lib/kadm5/unit-test/diff-files/destroy-1
-rename to src/lib/kadm5/testsuite/diff-files/destroy-1
-diff --git a/src/lib/kadm5/unit-test/diff-files/no-diffs b/src/lib/kadm5/testsuite/diff-files/no-diffs
-similarity index 100%
-rename from src/lib/kadm5/unit-test/diff-files/no-diffs
-rename to src/lib/kadm5/testsuite/diff-files/no-diffs
-diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/testsuite/handle-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/handle-test.c
-rename to src/lib/kadm5/testsuite/handle-test.c
-diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/testsuite/init-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/init-test.c
-rename to src/lib/kadm5/testsuite/init-test.c
-diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/testsuite/iter-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/iter-test.c
-rename to src/lib/kadm5/testsuite/iter-test.c
-diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/testsuite/lib/lib.t
-similarity index 99%
-rename from src/lib/kadm5/unit-test/lib/lib.t
-rename to src/lib/kadm5/testsuite/lib/lib.t
-index 3444775cf..327946849 100644
---- a/src/lib/kadm5/unit-test/lib/lib.t
-+++ b/src/lib/kadm5/testsuite/lib/lib.t
-@@ -226,7 +226,7 @@ proc end_dump_compare {name} {
- global RPC
-
- if { ! $RPC } {
--# set file $TOP/admin/lib/unit-test/diff-files/$name
-+# set file $TOP/admin/lib/testsuite/diff-files/$name
- # exec $env(SIMPLE_DUMP) > /tmp/dump.after
- # exec $env(COMPARE_DUMP) /tmp/dump.before /tmp/dump.after $file
- }
-diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/testsuite/lock-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/lock-test.c
-rename to src/lib/kadm5/testsuite/lock-test.c
-diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/testsuite/randkey-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/randkey-test.c
-rename to src/lib/kadm5/testsuite/randkey-test.c
-diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/testsuite/setkey-test.c
-similarity index 100%
-rename from src/lib/kadm5/unit-test/setkey-test.c
-rename to src/lib/kadm5/testsuite/setkey-test.c
-diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/testsuite/site.exp
-similarity index 100%
-rename from src/lib/kadm5/unit-test/site.exp
-rename to src/lib/kadm5/testsuite/site.exp
-diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
-index 20f27d748..1198dca0c 100644
---- a/src/tests/Makefile.in
-+++ b/src/tests/Makefile.in
-@@ -1,6 +1,6 @@
- mydir=tests
- BUILDTOP=$(REL)..
--SUBDIRS = asn.1 create hammer verify gssapi dejagnu shlib gss-threads misc \
-+SUBDIRS = asn.1 create hammer verify gssapi testsuite shlib gss-threads misc \
- threads softpkcs11
-
- RUN_DB_TEST = $(RUN_SETUP) KRB5_KDC_PROFILE=kdc.conf KRB5_CONFIG=krb5.conf \
-diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
-index 2e01f46bc..e5135f435 100644
---- a/src/tests/t_authdata.py
-+++ b/src/tests/t_authdata.py
-@@ -57,7 +57,7 @@ if not os.path.exists(os.path.join(plugins, 'preauth', 'pkinit.so')):
- skipped('anonymous ticket authdata tests', 'PKINIT not built')
- else:
- # Set up a realm with PKINIT support and get anonymous tickets.
-- certs = os.path.join(srctop, 'tests', 'dejagnu', 'pkinit-certs')
-+ certs = os.path.join(srctop, 'tests', 'testsuite', 'pkinit-certs')
- ca_pem = os.path.join(certs, 'ca.pem')
- kdc_pem = os.path.join(certs, 'kdc.pem')
- privkey_pem = os.path.join(certs, 'privkey.pem')
-diff --git a/src/tests/t_certauth.py b/src/tests/t_certauth.py
-index 0fe0fdb4a..bfa5bfc96 100644
---- a/src/tests/t_certauth.py
-+++ b/src/tests/t_certauth.py
-@@ -4,7 +4,7 @@ from k5test import *
- if not os.path.exists(os.path.join(plugins, 'preauth', 'pkinit.so')):
- skip_rest('certauth tests', 'PKINIT module not built')
-
--certs = os.path.join(srctop, 'tests', 'dejagnu', 'pkinit-certs')
-+certs = os.path.join(srctop, 'tests', 'testsuite', 'pkinit-certs')
- ca_pem = os.path.join(certs, 'ca.pem')
- kdc_pem = os.path.join(certs, 'kdc.pem')
- privkey_pem = os.path.join(certs, 'privkey.pem')
-diff --git a/src/tests/t_pkinit.py b/src/tests/t_pkinit.py
-index aee4da2b1..8763ce484 100755
---- a/src/tests/t_pkinit.py
-+++ b/src/tests/t_pkinit.py
-@@ -7,7 +7,7 @@ if not os.path.exists(os.path.join(plugins, 'preauth', 'pkinit.so')):
- soft_pkcs11 = os.path.join(buildtop, 'tests', 'softpkcs11', 'softpkcs11.so')
-
- # Construct a krb5.conf fragment configuring pkinit.
--certs = os.path.join(srctop, 'tests', 'dejagnu', 'pkinit-certs')
-+certs = os.path.join(srctop, 'tests', 'testsuite', 'pkinit-certs')
- ca_pem = os.path.join(certs, 'ca.pem')
- kdc_pem = os.path.join(certs, 'kdc.pem')
- user_pem = os.path.join(certs, 'user.pem')
-diff --git a/src/tests/t_proxy.py b/src/tests/t_proxy.py
-index 3069eaa8f..6ae5c8c8e 100755
---- a/src/tests/t_proxy.py
-+++ b/src/tests/t_proxy.py
-@@ -10,17 +10,17 @@ except:
-
- # Construct a krb5.conf fragment configuring the client to use a local proxy
- # server.
--proxysubjectpem = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs',
-+proxysubjectpem = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs',
- 'proxy-subject.pem')
--proxysanpem = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs',
-+proxysanpem = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs',
- 'proxy-san.pem')
--proxyidealpem = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs',
-+proxyidealpem = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs',
- 'proxy-ideal.pem')
--proxywrongpem = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs',
-+proxywrongpem = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs',
- 'proxy-no-match.pem')
--proxybadpem = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs',
-+proxybadpem = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs',
- 'proxy-badsig.pem')
--proxyca = os.path.join(srctop, 'tests', 'dejagnu', 'proxy-certs', 'ca.pem')
-+proxyca = os.path.join(srctop, 'tests', 'testsuite', 'proxy-certs', 'ca.pem')
- proxyurl = 'https://localhost:$port5/KdcProxy'
- proxyurlupcase = 'https://LocalHost:$port5/KdcProxy'
- proxyurl4 = 'https://127.0.0.1:$port5/KdcProxy'
-diff --git a/src/tests/dejagnu/Makefile.in b/src/tests/testsuite/Makefile.in
-similarity index 92%
-rename from src/tests/dejagnu/Makefile.in
-rename to src/tests/testsuite/Makefile.in
-index e78e270ed..d3efe3606 100644
---- a/src/tests/dejagnu/Makefile.in
-+++ b/src/tests/testsuite/Makefile.in
-@@ -1,4 +1,4 @@
--mydir=tests$(S)dejagnu
-+mydir=tests$(S)testsuite
- BUILDTOP=$(REL)..$(S)..
- RUNTEST = @RUNTEST@ $(DEJAFLAGS)
- RUNTESTFLAGS =
-@@ -13,7 +13,7 @@ check: check-runtest-@HAVE_RUNTEST@
-
- check-runtest-no:
- @echo "+++"
-- @echo "+++ WARNING: tests/dejagnu tests not run."
-+ @echo "+++ WARNING: tests/testsuite tests not run."
- @echo "+++ runtest is unavailable."
- @echo "+++"
- @echo 'Skipped dejagnu tests: runtest not found' >> $(SKIPTESTS)
-diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/testsuite/config/default.exp
-similarity index 99%
-rename from src/tests/dejagnu/config/default.exp
-rename to src/tests/testsuite/config/default.exp
-index 302dee74c..1492fac32 100644
---- a/src/tests/dejagnu/config/default.exp
-+++ b/src/tests/testsuite/config/default.exp
-@@ -256,7 +256,7 @@ verbose "Test realm is $REALMNAME"
-
- # Find some programs we need. We use the binaries from the build tree
- # if they exist. If they do not, then they must be in PATH. We
--# expect $objdir to be ...tests/dejagnu.
-+# expect $objdir to be ...tests/testsuite.
-
- foreach i {
- {KDB5_UTIL $objdir/../../kadmin/dbutil/kdb5_util}
-diff --git a/src/tests/dejagnu/deps b/src/tests/testsuite/deps
-similarity index 100%
-rename from src/tests/dejagnu/deps
-rename to src/tests/testsuite/deps
-diff --git a/src/tests/dejagnu/krb-standalone/gssapi.exp b/src/tests/testsuite/krb-standalone/gssapi.exp
-similarity index 98%
-rename from src/tests/dejagnu/krb-standalone/gssapi.exp
-rename to src/tests/testsuite/krb-standalone/gssapi.exp
-index e3357e769..d176e210c 100644
---- a/src/tests/dejagnu/krb-standalone/gssapi.exp
-+++ b/src/tests/testsuite/krb-standalone/gssapi.exp
-@@ -2,7 +2,7 @@
- # This is a DejaGnu test script.
- # This script tests that the GSS-API tester functions correctly.
-
--# This mostly just calls procedures in test/dejagnu/config/default.exp.
-+# This mostly just calls procedures in test/testsuite/config/default.exp.
-
- if ![info exists KDESTROY] {
- set KDESTROY [findfile $objdir/../../clients/kdestroy/kdestroy]
-diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/testsuite/krb-standalone/kprop.exp
-similarity index 100%
-rename from src/tests/dejagnu/krb-standalone/kprop.exp
-rename to src/tests/testsuite/krb-standalone/kprop.exp
-diff --git a/src/tests/dejagnu/krb-standalone/princexpire.exp b/src/tests/testsuite/krb-standalone/princexpire.exp
-similarity index 100%
-rename from src/tests/dejagnu/krb-standalone/princexpire.exp
-rename to src/tests/testsuite/krb-standalone/princexpire.exp
-diff --git a/src/tests/dejagnu/krb-standalone/sample.exp b/src/tests/testsuite/krb-standalone/sample.exp
-similarity index 98%
-rename from src/tests/dejagnu/krb-standalone/sample.exp
-rename to src/tests/testsuite/krb-standalone/sample.exp
-index 93a75f1d0..009de5ddb 100644
---- a/src/tests/dejagnu/krb-standalone/sample.exp
-+++ b/src/tests/testsuite/krb-standalone/sample.exp
-@@ -2,7 +2,7 @@
- # This is a DejaGnu test script.
- # This script tests that sample user-user communication works.
-
--# This mostly just calls procedures in test/dejagnu/config/default.exp.
-+# This mostly just calls procedures in test/testsuite/config/default.exp.
-
- if ![info exists KLIST] {
- set KLIST [findfile $objdir/../../clients/klist/klist]
-diff --git a/src/tests/dejagnu/krb-standalone/simple.exp b/src/tests/testsuite/krb-standalone/simple.exp
-similarity index 98%
-rename from src/tests/dejagnu/krb-standalone/simple.exp
-rename to src/tests/testsuite/krb-standalone/simple.exp
-index d8b218248..92b33066e 100644
---- a/src/tests/dejagnu/krb-standalone/simple.exp
-+++ b/src/tests/testsuite/krb-standalone/simple.exp
-@@ -2,7 +2,7 @@
- # This is a DejaGnu test script.
- # This script tests that krb-safe and krb-priv messages work.
-
--# This mostly just calls procedures in test/dejagnu/config/default.exp.
-+# This mostly just calls procedures in test/testsuite/config/default.exp.
-
- if ![info exists KLIST] {
- set KLIST [findfile $objdir/../../clients/klist/klist]
-diff --git a/src/tests/dejagnu/krb-standalone/standalone.exp b/src/tests/testsuite/krb-standalone/standalone.exp
-similarity index 100%
-rename from src/tests/dejagnu/krb-standalone/standalone.exp
-rename to src/tests/testsuite/krb-standalone/standalone.exp
-diff --git a/src/tests/dejagnu/krb-standalone/tcp.exp b/src/tests/testsuite/krb-standalone/tcp.exp
-similarity index 100%
-rename from src/tests/dejagnu/krb-standalone/tcp.exp
-rename to src/tests/testsuite/krb-standalone/tcp.exp
-diff --git a/src/tests/dejagnu/pkinit-certs/ca.pem b/src/tests/testsuite/pkinit-certs/ca.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/ca.pem
-rename to src/tests/testsuite/pkinit-certs/ca.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/generic.p12 b/src/tests/testsuite/pkinit-certs/generic.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/generic.p12
-rename to src/tests/testsuite/pkinit-certs/generic.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/generic.pem b/src/tests/testsuite/pkinit-certs/generic.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/generic.pem
-rename to src/tests/testsuite/pkinit-certs/generic.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/kdc.pem b/src/tests/testsuite/pkinit-certs/kdc.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/kdc.pem
-rename to src/tests/testsuite/pkinit-certs/kdc.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/make-certs.sh b/src/tests/testsuite/pkinit-certs/make-certs.sh
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/make-certs.sh
-rename to src/tests/testsuite/pkinit-certs/make-certs.sh
-diff --git a/src/tests/dejagnu/pkinit-certs/privkey-enc.pem b/src/tests/testsuite/pkinit-certs/privkey-enc.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/privkey-enc.pem
-rename to src/tests/testsuite/pkinit-certs/privkey-enc.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/privkey.pem b/src/tests/testsuite/pkinit-certs/privkey.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/privkey.pem
-rename to src/tests/testsuite/pkinit-certs/privkey.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/user-enc.p12 b/src/tests/testsuite/pkinit-certs/user-enc.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-enc.p12
-rename to src/tests/testsuite/pkinit-certs/user-enc.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn.p12 b/src/tests/testsuite/pkinit-certs/user-upn.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn.p12
-rename to src/tests/testsuite/pkinit-certs/user-upn.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn.pem b/src/tests/testsuite/pkinit-certs/user-upn.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn.pem
-rename to src/tests/testsuite/pkinit-certs/user-upn.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn2.p12 b/src/tests/testsuite/pkinit-certs/user-upn2.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn2.p12
-rename to src/tests/testsuite/pkinit-certs/user-upn2.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn2.pem b/src/tests/testsuite/pkinit-certs/user-upn2.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn2.pem
-rename to src/tests/testsuite/pkinit-certs/user-upn2.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn3.p12 b/src/tests/testsuite/pkinit-certs/user-upn3.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn3.p12
-rename to src/tests/testsuite/pkinit-certs/user-upn3.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/user-upn3.pem b/src/tests/testsuite/pkinit-certs/user-upn3.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user-upn3.pem
-rename to src/tests/testsuite/pkinit-certs/user-upn3.pem
-diff --git a/src/tests/dejagnu/pkinit-certs/user.p12 b/src/tests/testsuite/pkinit-certs/user.p12
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user.p12
-rename to src/tests/testsuite/pkinit-certs/user.p12
-diff --git a/src/tests/dejagnu/pkinit-certs/user.pem b/src/tests/testsuite/pkinit-certs/user.pem
-similarity index 100%
-rename from src/tests/dejagnu/pkinit-certs/user.pem
-rename to src/tests/testsuite/pkinit-certs/user.pem
-diff --git a/src/tests/dejagnu/proxy-certs/ca.pem b/src/tests/testsuite/proxy-certs/ca.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/ca.pem
-rename to src/tests/testsuite/proxy-certs/ca.pem
-diff --git a/src/tests/dejagnu/proxy-certs/make-certs.sh b/src/tests/testsuite/proxy-certs/make-certs.sh
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/make-certs.sh
-rename to src/tests/testsuite/proxy-certs/make-certs.sh
-diff --git a/src/tests/dejagnu/proxy-certs/proxy-badsig.pem b/src/tests/testsuite/proxy-certs/proxy-badsig.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/proxy-badsig.pem
-rename to src/tests/testsuite/proxy-certs/proxy-badsig.pem
-diff --git a/src/tests/dejagnu/proxy-certs/proxy-ideal.pem b/src/tests/testsuite/proxy-certs/proxy-ideal.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/proxy-ideal.pem
-rename to src/tests/testsuite/proxy-certs/proxy-ideal.pem
-diff --git a/src/tests/dejagnu/proxy-certs/proxy-no-match.pem b/src/tests/testsuite/proxy-certs/proxy-no-match.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/proxy-no-match.pem
-rename to src/tests/testsuite/proxy-certs/proxy-no-match.pem
-diff --git a/src/tests/dejagnu/proxy-certs/proxy-san.pem b/src/tests/testsuite/proxy-certs/proxy-san.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/proxy-san.pem
-rename to src/tests/testsuite/proxy-certs/proxy-san.pem
-diff --git a/src/tests/dejagnu/proxy-certs/proxy-subject.pem b/src/tests/testsuite/proxy-certs/proxy-subject.pem
-similarity index 100%
-rename from src/tests/dejagnu/proxy-certs/proxy-subject.pem
-rename to src/tests/testsuite/proxy-certs/proxy-subject.pem
-diff --git a/src/tests/dejagnu/t_inetd.c b/src/tests/testsuite/t_inetd.c
-similarity index 99%
-rename from src/tests/dejagnu/t_inetd.c
-rename to src/tests/testsuite/t_inetd.c
-index abcde50fa..2bad2cf65 100644
---- a/src/tests/dejagnu/t_inetd.c
-+++ b/src/tests/testsuite/t_inetd.c
-@@ -1,5 +1,5 @@
- /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
--/* tests/dejagnu/t_inetd.c */
-+/* tests/testsuite/t_inetd.c */
- /*
- * Copyright 1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
-diff --git a/src/util/k5test.py b/src/util/k5test.py
-index 251d11a9d..908a1495c 100644
---- a/src/util/k5test.py
-+++ b/src/util/k5test.py
-@@ -1383,7 +1383,7 @@ kswitch = os.path.join(buildtop, 'clients', 'kswitch', 'kswitch')
- kvno = os.path.join(buildtop, 'clients', 'kvno', 'kvno')
- kdestroy = os.path.join(buildtop, 'clients', 'kdestroy', 'kdestroy')
- kpasswd = os.path.join(buildtop, 'clients', 'kpasswd', 'kpasswd')
--t_inetd = os.path.join(buildtop, 'tests', 'dejagnu', 't_inetd')
-+t_inetd = os.path.join(buildtop, 'tests', 'testsuite', 't_inetd')
- kproplog = os.path.join(buildtop, 'kprop', 'kproplog')
- kpropd = os.path.join(buildtop, 'kprop', 'kpropd')
- kprop = os.path.join(buildtop, 'kprop', 'kprop')
---
-2.35.1
-
diff --git a/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch b/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch
deleted file mode 100644
index 172a093..0000000
--- a/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From d5ea86ef491feb38f12e6aa53b7579ac02675df6 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Tue, 23 Aug 2016 16:49:25 -0400
-Subject: [PATCH] [downstream] fix debuginfo with y.tab.c
-
-We want to keep these y.tab.c files around because the debuginfo points to
-them. It would be more elegant at the end to use symbolic links, but that
-could mess up people working in the tree on other things.
-
-Last-updated: krb5-1.9
----
- src/kadmin/cli/Makefile.in | 5 +++++
- src/plugins/kdb/ldap/ldap_util/Makefile.in | 2 +-
- 2 files changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/src/kadmin/cli/Makefile.in b/src/kadmin/cli/Makefile.in
-index adfea6e2b..d1327e400 100644
---- a/src/kadmin/cli/Makefile.in
-+++ b/src/kadmin/cli/Makefile.in
-@@ -37,3 +37,8 @@ clean-unix::
- # CC_LINK is not meant for compilation and this use may break in the future.
- datetest: getdate.c
- $(CC_LINK) $(ALL_CFLAGS) -DTEST -o datetest getdate.c
-+
-+%.c: %.y
-+ $(RM) y.tab.c $@
-+ $(YACC.y) $<
-+ $(CP) y.tab.c $@
-diff --git a/src/plugins/kdb/ldap/ldap_util/Makefile.in b/src/plugins/kdb/ldap/ldap_util/Makefile.in
-index 8669c2436..a22f23c02 100644
---- a/src/plugins/kdb/ldap/ldap_util/Makefile.in
-+++ b/src/plugins/kdb/ldap/ldap_util/Makefile.in
-@@ -20,7 +20,7 @@ $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIB) $(GETDATE)
- getdate.c: $(GETDATE)
- $(RM) getdate.c y.tab.c
- $(YACC) $(GETDATE)
-- $(MV) y.tab.c getdate.c
-+ $(CP) y.tab.c getdate.c
-
- install:
- $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
diff --git a/SOURCES/downstream-ksu-pam-integration.patch b/SOURCES/downstream-ksu-pam-integration.patch
deleted file mode 100644
index 7490bf2..0000000
--- a/SOURCES/downstream-ksu-pam-integration.patch
+++ /dev/null
@@ -1,774 +0,0 @@
-From 90ba715be48c2e1b6c7ca53cb1d75f3af2c388d6 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Tue, 23 Aug 2016 16:29:58 -0400
-Subject: [PATCH] [downstream] ksu pam integration
-
-Modify ksu so that it performs account and session management on behalf of
-the target user account, mimicking the action of regular su. The default
-service name is "ksu", because on Fedora at least the configuration used
-is determined by whether or not a login shell is being opened, and so
-this may need to vary, too. At run-time, ksu's behavior can be reset to
-the earlier, non-PAM behavior by setting "use_pam" to false in the [ksu]
-section of /etc/krb5.conf.
-
-When enabled, ksu gains a dependency on libpam.
-
-Originally RT#5939, though it's changed since then to perform the account
-and session management before dropping privileges, and to apply on top of
-changes we're proposing for how it handles cache collections.
-
-Last-updated: krb5-1.18-beta1
----
- src/aclocal.m4 | 69 +++++++
- src/clients/ksu/Makefile.in | 8 +-
- src/clients/ksu/main.c | 88 +++++++-
- src/clients/ksu/pam.c | 389 ++++++++++++++++++++++++++++++++++++
- src/clients/ksu/pam.h | 57 ++++++
- src/configure.ac | 2 +
- 6 files changed, 610 insertions(+), 3 deletions(-)
- create mode 100644 src/clients/ksu/pam.c
- create mode 100644 src/clients/ksu/pam.h
-
-diff --git a/src/aclocal.m4 b/src/aclocal.m4
-index 024d6370c..ca9fcf664 100644
---- a/src/aclocal.m4
-+++ b/src/aclocal.m4
-@@ -1677,3 +1677,72 @@ if test "$with_ldap" = yes; then
- OPENLDAP_PLUGIN=yes
- fi
- ])dnl
-+dnl
-+dnl
-+dnl Use PAM instead of local crypt() compare for checking local passwords,
-+dnl and perform PAM account, session management, and password-changing where
-+dnl appropriate.
-+dnl
-+AC_DEFUN(KRB5_WITH_PAM,[
-+AC_ARG_WITH(pam,[AC_HELP_STRING(--with-pam,[compile with PAM support])],
-+ withpam="$withval",withpam=auto)
-+AC_ARG_WITH(pam-ksu-service,[AC_HELP_STRING(--with-ksu-service,[PAM service name for ksu ["ksu"]])],
-+ withksupamservice="$withval",withksupamservice=ksu)
-+old_LIBS="$LIBS"
-+if test "$withpam" != no ; then
-+ AC_MSG_RESULT([checking for PAM...])
-+ PAM_LIBS=
-+
-+ AC_CHECK_HEADERS(security/pam_appl.h)
-+ if test "x$ac_cv_header_security_pam_appl_h" != xyes ; then
-+ if test "$withpam" = auto ; then
-+ AC_MSG_RESULT([Unable to locate security/pam_appl.h.])
-+ withpam=no
-+ else
-+ AC_MSG_ERROR([Unable to locate security/pam_appl.h.])
-+ fi
-+ fi
-+
-+ LIBS=
-+ unset ac_cv_func_pam_start
-+ AC_CHECK_FUNCS(putenv pam_start)
-+ if test "x$ac_cv_func_pam_start" = xno ; then
-+ unset ac_cv_func_pam_start
-+ AC_CHECK_LIB(dl,dlopen)
-+ AC_CHECK_FUNCS(pam_start)
-+ if test "x$ac_cv_func_pam_start" = xno ; then
-+ AC_CHECK_LIB(pam,pam_start)
-+ unset ac_cv_func_pam_start
-+ unset ac_cv_func_pam_getenvlist
-+ AC_CHECK_FUNCS(pam_start pam_getenvlist)
-+ if test "x$ac_cv_func_pam_start" = xyes ; then
-+ PAM_LIBS="$LIBS"
-+ else
-+ if test "$withpam" = auto ; then
-+ AC_MSG_RESULT([Unable to locate libpam.])
-+ withpam=no
-+ else
-+ AC_MSG_ERROR([Unable to locate libpam.])
-+ fi
-+ fi
-+ fi
-+ fi
-+ if test "$withpam" != no ; then
-+ AC_MSG_NOTICE([building with PAM support])
-+ AC_DEFINE(USE_PAM,1,[Define if Kerberos-aware tools should support PAM])
-+ AC_DEFINE_UNQUOTED(KSU_PAM_SERVICE,"$withksupamservice",
-+ [Define to the name of the PAM service name to be used by ksu.])
-+ PAM_LIBS="$LIBS"
-+ NON_PAM_MAN=".\\\" "
-+ PAM_MAN=
-+ else
-+ PAM_MAN=".\\\" "
-+ NON_PAM_MAN=
-+ fi
-+fi
-+LIBS="$old_LIBS"
-+AC_SUBST(PAM_LIBS)
-+AC_SUBST(PAM_MAN)
-+AC_SUBST(NON_PAM_MAN)
-+])dnl
-+
-diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in
-index 8b4edce4d..9d58f29b5 100644
---- a/src/clients/ksu/Makefile.in
-+++ b/src/clients/ksu/Makefile.in
-@@ -3,12 +3,14 @@ BUILDTOP=$(REL)..$(S)..
- DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/local/sbin /usr/local/bin /sbin /bin /usr/sbin /usr/bin"'
-
- KSU_LIBS=@KSU_LIBS@
-+PAM_LIBS=@PAM_LIBS@
-
- SRCS = \
- $(srcdir)/krb_auth_su.c \
- $(srcdir)/ccache.c \
- $(srcdir)/authorization.c \
- $(srcdir)/main.c \
-+ $(srcdir)/pam.c \
- $(srcdir)/heuristic.c \
- $(srcdir)/xmalloc.c \
- $(srcdir)/setenv.c
-@@ -17,13 +19,17 @@ OBJS = \
- ccache.o \
- authorization.o \
- main.o \
-+ pam.o \
- heuristic.o \
- xmalloc.o @SETENVOBJ@
-
- all: ksu
-
- ksu: $(OBJS) $(KRB5_BASE_DEPLIBS)
-- $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS)
-+ $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS) $(PAM_LIBS)
-+
-+pam.o: pam.c
-+ $(CC) $(ALL_CFLAGS) -c $<
-
- clean:
- $(RM) ksu
-diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
-index af1286172..931f05404 100644
---- a/src/clients/ksu/main.c
-+++ b/src/clients/ksu/main.c
-@@ -26,6 +26,7 @@
- * KSU was written by: Ari Medvinsky, ari@isi.edu
- */
-
-+#include "autoconf.h"
- #include "ksu.h"
- #include "adm_proto.h"
- #include <sys/types.h>
-@@ -33,6 +34,10 @@
- #include <signal.h>
- #include <grp.h>
-
-+#ifdef USE_PAM
-+#include "pam.h"
-+#endif
-+
- /* globals */
- char * prog_name;
- int auth_debug =0;
-@@ -40,6 +45,7 @@ char k5login_path[MAXPATHLEN];
- char k5users_path[MAXPATHLEN];
- char * gb_err = NULL;
- int quiet = 0;
-+int force_fork = 0;
- /***********/
-
- #define KS_TEMPORARY_CACHE "MEMORY:_ksu"
-@@ -536,6 +542,23 @@ main (argc, argv)
- prog_name,target_user,client_name,
- source_user,ontty());
-
-+#ifdef USE_PAM
-+ if (appl_pam_enabled(ksu_context, "ksu")) {
-+ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
-+ NULL, source_user,
-+ ttyname(STDERR_FILENO)) != 0) {
-+ fprintf(stderr, "Access denied for %s.\n", target_user);
-+ exit(1);
-+ }
-+ if (appl_pam_requires_chauthtok()) {
-+ fprintf(stderr, "Password change required for %s.\n",
-+ target_user);
-+ exit(1);
-+ }
-+ force_fork++;
-+ }
-+#endif
-+
- /* Run authorization as target.*/
- if (krb5_seteuid(target_uid)) {
- com_err(prog_name, errno, _("while switching to target for "
-@@ -596,6 +619,24 @@ main (argc, argv)
-
- exit(1);
- }
-+#ifdef USE_PAM
-+ } else {
-+ /* we always do PAM account management, even for root */
-+ if (appl_pam_enabled(ksu_context, "ksu")) {
-+ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
-+ NULL, source_user,
-+ ttyname(STDERR_FILENO)) != 0) {
-+ fprintf(stderr, "Access denied for %s.\n", target_user);
-+ exit(1);
-+ }
-+ if (appl_pam_requires_chauthtok()) {
-+ fprintf(stderr, "Password change required for %s.\n",
-+ target_user);
-+ exit(1);
-+ }
-+ force_fork++;
-+ }
-+#endif
- }
-
- if( some_rest_copy){
-@@ -653,6 +694,30 @@ main (argc, argv)
- exit(1);
- }
-
-+#ifdef USE_PAM
-+ if (appl_pam_enabled(ksu_context, "ksu")) {
-+ if (appl_pam_session_open() != 0) {
-+ fprintf(stderr, "Error opening session for %s.\n", target_user);
-+ exit(1);
-+ }
-+#ifdef DEBUG
-+ if (auth_debug){
-+ printf(" Opened PAM session.\n");
-+ }
-+#endif
-+ if (appl_pam_cred_init()) {
-+ fprintf(stderr, "Error initializing credentials for %s.\n",
-+ target_user);
-+ exit(1);
-+ }
-+#ifdef DEBUG
-+ if (auth_debug){
-+ printf(" Initialized PAM credentials.\n");
-+ }
-+#endif
-+ }
-+#endif
-+
- /* set permissions */
- if (setgid(target_pwd->pw_gid) < 0) {
- perror("ksu: setgid");
-@@ -750,7 +815,7 @@ main (argc, argv)
- fprintf(stderr, "program to be execed %s\n",params[0]);
- }
-
-- if( keep_target_cache ) {
-+ if( keep_target_cache && !force_fork ) {
- execv(params[0], params);
- com_err(prog_name, errno, _("while trying to execv %s"), params[0]);
- sweep_up(ksu_context, cc_target);
-@@ -780,16 +845,35 @@ main (argc, argv)
- if (ret_pid == -1) {
- com_err(prog_name, errno, _("while calling waitpid"));
- }
-- sweep_up(ksu_context, cc_target);
-+ if( !keep_target_cache ) {
-+ sweep_up(ksu_context, cc_target);
-+ }
- exit (statusp);
- case -1:
- com_err(prog_name, errno, _("while trying to fork."));
- sweep_up(ksu_context, cc_target);
- exit (1);
- case 0:
-+#ifdef USE_PAM
-+ if (appl_pam_enabled(ksu_context, "ksu")) {
-+ if (appl_pam_setenv() != 0) {
-+ fprintf(stderr, "Error setting up environment for %s.\n",
-+ target_user);
-+ exit (1);
-+ }
-+#ifdef DEBUG
-+ if (auth_debug){
-+ printf(" Set up PAM environment.\n");
-+ }
-+#endif
-+ }
-+#endif
- execv(params[0], params);
- com_err(prog_name, errno, _("while trying to execv %s"),
- params[0]);
-+ if( keep_target_cache ) {
-+ sweep_up(ksu_context, cc_target);
-+ }
- exit (1);
- }
- }
-diff --git a/src/clients/ksu/pam.c b/src/clients/ksu/pam.c
-new file mode 100644
-index 000000000..cbfe48704
---- /dev/null
-+++ b/src/clients/ksu/pam.c
-@@ -0,0 +1,389 @@
-+/*
-+ * src/clients/ksu/pam.c
-+ *
-+ * Copyright 2007,2009,2010 Red Hat, Inc.
-+ *
-+ * All Rights Reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions are met:
-+ *
-+ * Redistributions of source code must retain the above copyright notice, this
-+ * list of conditions and the following disclaimer.
-+ *
-+ * Redistributions in binary form must reproduce the above copyright notice,
-+ * this list of conditions and the following disclaimer in the documentation
-+ * and/or other materials provided with the distribution.
-+ *
-+ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
-+ * used to endorse or promote products derived from this software without
-+ * specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-+ * POSSIBILITY OF SUCH DAMAGE.
-+ *
-+ * Convenience wrappers for using PAM.
-+ */
-+
-+#include "autoconf.h"
-+#ifdef USE_PAM
-+#include <sys/types.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <unistd.h>
-+#include "k5-int.h"
-+#include "pam.h"
-+
-+#ifndef MAXPWSIZE
-+#define MAXPWSIZE 128
-+#endif
-+
-+static int appl_pam_started;
-+static pid_t appl_pam_starter = -1;
-+static int appl_pam_session_opened;
-+static int appl_pam_creds_initialized;
-+static int appl_pam_pwchange_required;
-+static pam_handle_t *appl_pamh;
-+static struct pam_conv appl_pam_conv;
-+static char *appl_pam_user;
-+struct appl_pam_non_interactive_args {
-+ const char *user;
-+ const char *password;
-+};
-+
-+int
-+appl_pam_enabled(krb5_context context, const char *section)
-+{
-+ int enabled = 1;
-+ if ((context != NULL) && (context->profile != NULL)) {
-+ if (profile_get_boolean(context->profile,
-+ section,
-+ USE_PAM_CONFIGURATION_KEYWORD,
-+ NULL,
-+ enabled, &enabled) != 0) {
-+ enabled = 1;
-+ }
-+ }
-+ return enabled;
-+}
-+
-+void
-+appl_pam_cleanup(void)
-+{
-+ if (getpid() != appl_pam_starter) {
-+ return;
-+ }
-+#ifdef DEBUG
-+ printf("Called to clean up PAM.\n");
-+#endif
-+ if (appl_pam_creds_initialized) {
-+#ifdef DEBUG
-+ printf("Deleting PAM credentials.\n");
-+#endif
-+ pam_setcred(appl_pamh, PAM_DELETE_CRED);
-+ appl_pam_creds_initialized = 0;
-+ }
-+ if (appl_pam_session_opened) {
-+#ifdef DEBUG
-+ printf("Closing PAM session.\n");
-+#endif
-+ pam_close_session(appl_pamh, 0);
-+ appl_pam_session_opened = 0;
-+ }
-+ appl_pam_pwchange_required = 0;
-+ if (appl_pam_started) {
-+#ifdef DEBUG
-+ printf("Shutting down PAM.\n");
-+#endif
-+ pam_end(appl_pamh, 0);
-+ appl_pam_started = 0;
-+ appl_pam_starter = -1;
-+ free(appl_pam_user);
-+ appl_pam_user = NULL;
-+ }
-+}
-+static int
-+appl_pam_interactive_converse(int num_msg, const struct pam_message **msg,
-+ struct pam_response **presp, void *appdata_ptr)
-+{
-+ const struct pam_message *message;
-+ struct pam_response *resp;
-+ int i, code;
-+ char *pwstring, pwbuf[MAXPWSIZE];
-+ unsigned int pwsize;
-+ resp = malloc(sizeof(struct pam_response) * num_msg);
-+ if (resp == NULL) {
-+ return PAM_BUF_ERR;
-+ }
-+ memset(resp, 0, sizeof(struct pam_response) * num_msg);
-+ code = PAM_SUCCESS;
-+ for (i = 0; i < num_msg; i++) {
-+ message = &(msg[0][i]); /* XXX */
-+ message = msg[i]; /* XXX */
-+ pwstring = NULL;
-+ switch (message->msg_style) {
-+ case PAM_TEXT_INFO:
-+ case PAM_ERROR_MSG:
-+ printf("[%s]\n", message->msg ? message->msg : "");
-+ fflush(stdout);
-+ resp[i].resp = NULL;
-+ resp[i].resp_retcode = PAM_SUCCESS;
-+ break;
-+ case PAM_PROMPT_ECHO_ON:
-+ case PAM_PROMPT_ECHO_OFF:
-+ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
-+ if (fgets(pwbuf, sizeof(pwbuf),
-+ stdin) != NULL) {
-+ pwbuf[strcspn(pwbuf, "\r\n")] = '\0';
-+ pwstring = pwbuf;
-+ }
-+ } else {
-+ pwstring = getpass(message->msg ?
-+ message->msg :
-+ "");
-+ }
-+ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
-+ pwsize = strlen(pwstring);
-+ resp[i].resp = malloc(pwsize + 1);
-+ if (resp[i].resp == NULL) {
-+ resp[i].resp_retcode = PAM_BUF_ERR;
-+ } else {
-+ memcpy(resp[i].resp, pwstring, pwsize);
-+ resp[i].resp[pwsize] = '\0';
-+ resp[i].resp_retcode = PAM_SUCCESS;
-+ }
-+ } else {
-+ resp[i].resp_retcode = PAM_CONV_ERR;
-+ code = PAM_CONV_ERR;
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+ }
-+ *presp = resp;
-+ return code;
-+}
-+static int
-+appl_pam_non_interactive_converse(int num_msg,
-+ const struct pam_message **msg,
-+ struct pam_response **presp,
-+ void *appdata_ptr)
-+{
-+ const struct pam_message *message;
-+ struct pam_response *resp;
-+ int i, code;
-+ unsigned int pwsize;
-+ struct appl_pam_non_interactive_args *args;
-+ const char *pwstring;
-+ resp = malloc(sizeof(struct pam_response) * num_msg);
-+ if (resp == NULL) {
-+ return PAM_BUF_ERR;
-+ }
-+ args = appdata_ptr;
-+ memset(resp, 0, sizeof(struct pam_response) * num_msg);
-+ code = PAM_SUCCESS;
-+ for (i = 0; i < num_msg; i++) {
-+ message = &((*msg)[i]);
-+ message = msg[i];
-+ pwstring = NULL;
-+ switch (message->msg_style) {
-+ case PAM_TEXT_INFO:
-+ case PAM_ERROR_MSG:
-+ break;
-+ case PAM_PROMPT_ECHO_ON:
-+ case PAM_PROMPT_ECHO_OFF:
-+ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
-+ /* assume "user" */
-+ pwstring = args->user;
-+ } else {
-+ /* assume "password" */
-+ pwstring = args->password;
-+ }
-+ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
-+ pwsize = strlen(pwstring);
-+ resp[i].resp = malloc(pwsize + 1);
-+ if (resp[i].resp == NULL) {
-+ resp[i].resp_retcode = PAM_BUF_ERR;
-+ } else {
-+ memcpy(resp[i].resp, pwstring, pwsize);
-+ resp[i].resp[pwsize] = '\0';
-+ resp[i].resp_retcode = PAM_SUCCESS;
-+ }
-+ } else {
-+ resp[i].resp_retcode = PAM_CONV_ERR;
-+ code = PAM_CONV_ERR;
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+ }
-+ *presp = resp;
-+ return code;
-+}
-+static int
-+appl_pam_start(const char *service, int interactive,
-+ const char *login_username,
-+ const char *non_interactive_password,
-+ const char *hostname,
-+ const char *ruser,
-+ const char *tty)
-+{
-+ static int exit_handler_registered;
-+ static struct appl_pam_non_interactive_args args;
-+ int ret = 0;
-+ if (appl_pam_started &&
-+ (strcmp(login_username, appl_pam_user) != 0)) {
-+ appl_pam_cleanup();
-+ appl_pam_user = NULL;
-+ }
-+ if (!appl_pam_started) {
-+#ifdef DEBUG
-+ printf("Starting PAM up (service=\"%s\",user=\"%s\").\n",
-+ service, login_username);
-+#endif
-+ memset(&appl_pam_conv, 0, sizeof(appl_pam_conv));
-+ appl_pam_conv.conv = interactive ?
-+ &appl_pam_interactive_converse :
-+ &appl_pam_non_interactive_converse;
-+ memset(&args, 0, sizeof(args));
-+ args.user = strdup(login_username);
-+ args.password = non_interactive_password ?
-+ strdup(non_interactive_password) :
-+ NULL;
-+ appl_pam_conv.appdata_ptr = &args;
-+ ret = pam_start(service, login_username,
-+ &appl_pam_conv, &appl_pamh);
-+ if (ret == 0) {
-+ if (hostname != NULL) {
-+#ifdef DEBUG
-+ printf("Setting PAM_RHOST to \"%s\".\n", hostname);
-+#endif
-+ pam_set_item(appl_pamh, PAM_RHOST, hostname);
-+ }
-+ if (ruser != NULL) {
-+#ifdef DEBUG
-+ printf("Setting PAM_RUSER to \"%s\".\n", ruser);
-+#endif
-+ pam_set_item(appl_pamh, PAM_RUSER, ruser);
-+ }
-+ if (tty != NULL) {
-+#ifdef DEBUG
-+ printf("Setting PAM_TTY to \"%s\".\n", tty);
-+#endif
-+ pam_set_item(appl_pamh, PAM_TTY, tty);
-+ }
-+ if (!exit_handler_registered &&
-+ (atexit(appl_pam_cleanup) != 0)) {
-+ pam_end(appl_pamh, 0);
-+ appl_pamh = NULL;
-+ ret = -1;
-+ } else {
-+ appl_pam_started = 1;
-+ appl_pam_starter = getpid();
-+ appl_pam_user = strdup(login_username);
-+ exit_handler_registered = 1;
-+ }
-+ }
-+ }
-+ return ret;
-+}
-+int
-+appl_pam_acct_mgmt(const char *service, int interactive,
-+ const char *login_username,
-+ const char *non_interactive_password,
-+ const char *hostname,
-+ const char *ruser,
-+ const char *tty)
-+{
-+ int ret;
-+ appl_pam_pwchange_required = 0;
-+ ret = appl_pam_start(service, interactive, login_username,
-+ non_interactive_password, hostname, ruser, tty);
-+ if (ret == 0) {
-+#ifdef DEBUG
-+ printf("Calling pam_acct_mgmt().\n");
-+#endif
-+ ret = pam_acct_mgmt(appl_pamh, 0);
-+ switch (ret) {
-+ case PAM_IGNORE:
-+ ret = 0;
-+ break;
-+ case PAM_NEW_AUTHTOK_REQD:
-+ appl_pam_pwchange_required = 1;
-+ ret = 0;
-+ break;
-+ default:
-+ break;
-+ }
-+ }
-+ return ret;
-+}
-+int
-+appl_pam_requires_chauthtok(void)
-+{
-+ return appl_pam_pwchange_required;
-+}
-+int
-+appl_pam_session_open(void)
-+{
-+ int ret = 0;
-+ if (appl_pam_started) {
-+#ifdef DEBUG
-+ printf("Opening PAM session.\n");
-+#endif
-+ ret = pam_open_session(appl_pamh, 0);
-+ if (ret == 0) {
-+ appl_pam_session_opened = 1;
-+ }
-+ }
-+ return ret;
-+}
-+int
-+appl_pam_setenv(void)
-+{
-+ int ret = 0;
-+#ifdef HAVE_PAM_GETENVLIST
-+#ifdef HAVE_PUTENV
-+ int i;
-+ char **list;
-+ if (appl_pam_started) {
-+ list = pam_getenvlist(appl_pamh);
-+ for (i = 0; ((list != NULL) && (list[i] != NULL)); i++) {
-+#ifdef DEBUG
-+ printf("Setting \"%s\" in environment.\n", list[i]);
-+#endif
-+ putenv(list[i]);
-+ }
-+ }
-+#endif
-+#endif
-+ return ret;
-+}
-+int
-+appl_pam_cred_init(void)
-+{
-+ int ret = 0;
-+ if (appl_pam_started) {
-+#ifdef DEBUG
-+ printf("Initializing PAM credentials.\n");
-+#endif
-+ ret = pam_setcred(appl_pamh, PAM_ESTABLISH_CRED);
-+ if (ret == 0) {
-+ appl_pam_creds_initialized = 1;
-+ }
-+ }
-+ return ret;
-+}
-+#endif
-diff --git a/src/clients/ksu/pam.h b/src/clients/ksu/pam.h
-new file mode 100644
-index 000000000..0ab76569c
---- /dev/null
-+++ b/src/clients/ksu/pam.h
-@@ -0,0 +1,57 @@
-+/*
-+ * src/clients/ksu/pam.h
-+ *
-+ * Copyright 2007,2009,2010 Red Hat, Inc.
-+ *
-+ * All Rights Reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions are met:
-+ *
-+ * Redistributions of source code must retain the above copyright notice, this
-+ * list of conditions and the following disclaimer.
-+ *
-+ * Redistributions in binary form must reproduce the above copyright notice,
-+ * this list of conditions and the following disclaimer in the documentation
-+ * and/or other materials provided with the distribution.
-+ *
-+ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
-+ * used to endorse or promote products derived from this software without
-+ * specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-+ * POSSIBILITY OF SUCH DAMAGE.
-+ *
-+ * Convenience wrappers for using PAM.
-+ */
-+
-+#include <krb5.h>
-+#ifdef HAVE_SECURITY_PAM_APPL_H
-+#include <security/pam_appl.h>
-+#endif
-+
-+#define USE_PAM_CONFIGURATION_KEYWORD "use_pam"
-+
-+#ifdef USE_PAM
-+int appl_pam_enabled(krb5_context context, const char *section);
-+int appl_pam_acct_mgmt(const char *service, int interactive,
-+ const char *local_username,
-+ const char *non_interactive_password,
-+ const char *hostname,
-+ const char *ruser,
-+ const char *tty);
-+int appl_pam_requires_chauthtok(void);
-+int appl_pam_session_open(void);
-+int appl_pam_setenv(void);
-+int appl_pam_cred_init(void);
-+void appl_pam_cleanup(void);
-+#endif
-diff --git a/src/configure.ac b/src/configure.ac
-index 4eb080784..693f76a81 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -1389,6 +1389,8 @@ AC_SUBST([VERTO_VERSION])
-
- AC_PATH_PROG(GROFF, groff)
-
-+KRB5_WITH_PAM
-+
- # Make localedir work in autoconf 2.5x.
- if test "${localedir+set}" != set; then
- localedir='$(datadir)/locale'
diff --git a/SOURCES/downstream-netlib-and-dns.patch b/SOURCES/downstream-netlib-and-dns.patch
deleted file mode 100644
index de4f9bf..0000000
--- a/SOURCES/downstream-netlib-and-dns.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From ad123366e5fb2694cf6d9f4f292a001a761b78fa Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Tue, 23 Aug 2016 16:46:21 -0400
-Subject: [PATCH] [downstream] netlib and dns
-
-We want to be able to use --with-netlib and --enable-dns at the same time.
-
-Last-updated: krb5-1.3.1
----
- src/aclocal.m4 | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/aclocal.m4 b/src/aclocal.m4
-index 5afb96e58..4a4d460e3 100644
---- a/src/aclocal.m4
-+++ b/src/aclocal.m4
-@@ -718,6 +718,7 @@ AC_HELP_STRING([--with-netlib=LIBS], use user defined resolver library),
- LIBS="$LIBS $withval"
- AC_MSG_RESULT("netlib will use \'$withval\'")
- fi
-+ KRB5_AC_ENABLE_DNS
- ],dnl
- [AC_LIBRARY_NET]
- )])dnl
diff --git a/SOURCES/kdc.conf b/SOURCES/kdc.conf
index 5d1571d..c504e58 100644
--- a/SOURCES/kdc.conf
+++ b/SOURCES/kdc.conf
@@ -5,10 +5,12 @@
[realms]
EXAMPLE.COM = {
- #master_key_type = aes256-cts
+ master_key_type = aes256-cts-hmac-sha384-192
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
default_principal_flags = +preauth
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
- supported_enctypes = aes256-cts:normal aes128-cts:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal
+ supported_enctypes = aes256-cts-hmac-sha384-192:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal camellia256-cts-cmac:normal camellia128-cts-cmac:normal arcfour-hmac-md5:normal
+ # Supported encryption types for FIPS mode:
+ #supported_enctypes = aes256-cts-hmac-sha384-192:normal aes128-cts-hmac-sha256-128:normal
}
diff --git a/SOURCES/krb5-1.19.1.tar.gz.asc b/SOURCES/krb5-1.19.1.tar.gz.asc
deleted file mode 100644
index dbd55f2..0000000
--- a/SOURCES/krb5-1.19.1.tar.gz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmAuntAACgkQDLoIV1+D
-ct8TIhAArFittFBcz4ZfMxqhHVGdK6kOeQXrrV27d3FW6y28BvS7yHJ8CkyK+I3g
-4rsaaf7srkH8jaiCjmjHC2rWJIuceOwkD4GRqXtb2CiqKxXI9eZ+g9ipB7DGKixg
-+1nki7mOhd3oaeUkCRFXgyiOqSE/ird7/itLYzEoAroLpTazNp6Kk4gXmhJIENlq
-dj1God+JxhuwzzWZRdsy2SyvMQPQMOTIilsXRboObZFvPrhZKkJmgNm+RzU/YRSg
-/1Po7takBXq8qhgnwPHTnTPb+BYRdrqQc/a2WcmEdgbzeMpijNmkFsgAFeKDijSz
-1nmFO4SQd/rAfgUovkDd+GMAYZ6DCLFqoI/WeKOgCrRMxJMMRbLlr48bTvMwjuIl
-xE5gy8h2Iju/UP1lxz8KheCm/FyNzNw4pe74zbGgK5fdiEQ8xNlKZOs9LRrtvyfL
-j1G+IX6cK+5yTo/NceYjnHVAatbuW6C6xJmsIQ1GYdMPvto7Wctq/4/BmwxqgFAJ
-HCPuQgAGi875JpPYvi/c3tioRiIPwOz54CXCrcFyKELvgHi6lGN6MRNSzAP4QdA0
-HlXZQ4/4NFOJxjLGu9ZXKUbYPaGizhI+ayzg5/RJLHPIgW7yLvwFqkBIa1xs26bA
-xiP5JKuDC4mqDPwVjwpufkUBH6SoBFnbiIWEYSKVPLJFw+Dbhv0=
-=PP6r
------END PGP SIGNATURE-----
diff --git a/SOURCES/krb5-1.20.1.tar.gz.asc b/SOURCES/krb5-1.20.1.tar.gz.asc
new file mode 100644
index 0000000..b928cb8
--- /dev/null
+++ b/SOURCES/krb5-1.20.1.tar.gz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmNvED8ACgkQDLoIV1+D
+ct9uKw/8C5GS8mdh335lB+bkfjYYCZLD+oQToDAAbdCddrIcuLftvnTfXJ8cMtMc
+UT2hsp8u7ZupjJRevdhaH7fFwomc0V8iSES5J2cQHTNd9aK93j/W6NaMoqWLrQWg
+jx99oqLn7orvp8N5RufEQcNMNWhFIX4XSfrA3vPfHbbffA2vkjJzOGno4UHi8zUn
+6nye7jbrBpiQIeFIJSS3VPsvGrKdRgb9BqGTUsqPIuFvr3Qvo42lKr5X8CWYSXjK
+0aKlOpfbWdkteEe2o84/wyMpuGvmYkmOgaMB5xQ3jfEuvPNAWX2CWHNDamiqwBT/
+YxwhZimNa1B9r3P1yDHvpUu8cJaRzw2UDRi2f3Kztrmn2jlqzmoZ31WBALJA7lmL
+SrVFdXi7AcWwppMp1kbe9SvurCXID8/Q4n+qAdzSvqrXbeWerVUkdYFvtxQ1bMJR
+jnqN11iZFYaoCaaR2lFEhjoMdR80jUa2m6vdF7a7xhH1UvuPHDnzLT9X/TiPvx0R
+Itrp5MMIrUQHcZUL9hM5hrg3nxEsGsSCnjB0zWDmgXdLGwd4CvcOF4HPQR3BBlEH
+CLtAa27bBXMJTYVvmmKt06hw+U3ALDfUlFrV6ZNLr9ug69l29n7JoChAbZ97Hx1m
+twPwJpKd8AiUz+j3KCfgGU21qMbHNP3jEn3q9tkq0qcs/z7RCmU=
+=1WIq
+-----END PGP SIGNATURE-----
diff --git a/SOURCES/krb5-krad-larger-attrs.patch b/SOURCES/krb5-krad-larger-attrs.patch
deleted file mode 100644
index ff9a2ad..0000000
--- a/SOURCES/krb5-krad-larger-attrs.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 0ac0fd2d349e4d5ef7379182f4d7ce480edd8d2b Mon Sep 17 00:00:00 2001
-From: Sumit Bose <sbose@redhat.com>
-Date: Mon, 8 Nov 2021 17:48:50 +0100
-Subject: [PATCH 2/2] Support larger RADIUS attributes in libkrad
-
-In kr_attrset_decode(), explicitly treat the length byte as unsigned.
-Otherwise attributes longer than 125 characters will be rejected with
-EBADMSG.
-
-Add a 253-character-long NAS-Identifier attribute to the tests to make
-sure that attributes with the maximal number of characters are working
-as expected.
-
-[ghudson@mit.edu: used uint8_t cast per current practices; edited
-commit message]
-
-ticket: 9036 (new)
----
- src/lib/krad/attrset.c | 2 +-
- src/lib/krad/t_packet.c | 13 +++++++++++++
- 2 files changed, 14 insertions(+), 1 deletion(-)
-
-diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c
-index d89982a13..6ec031e32 100644
---- a/src/lib/krad/attrset.c
-+++ b/src/lib/krad/attrset.c
-@@ -218,7 +218,7 @@ kr_attrset_decode(krb5_context ctx, const krb5_data *in, const char *secret,
-
- for (i = 0; i + 2 < in->length; ) {
- type = in->data[i++];
-- tmp = make_data(&in->data[i + 1], in->data[i] - 2);
-+ tmp = make_data(&in->data[i + 1], (uint8_t)in->data[i] - 2);
- i += tmp.length + 1;
-
- retval = (in->length < i) ? EBADMSG : 0;
-diff --git a/src/lib/krad/t_packet.c b/src/lib/krad/t_packet.c
-index 0a92e9cc2..c22489144 100644
---- a/src/lib/krad/t_packet.c
-+++ b/src/lib/krad/t_packet.c
-@@ -57,6 +57,14 @@ make_packet(krb5_context ctx, const krb5_data *username,
- krb5_error_code retval;
- const krb5_data *data;
- int i = 0;
-+ krb5_data nas_id;
-+
-+ nas_id = string2data("12345678901234567890123456789012345678901234567890"
-+ "12345678901234567890123456789012345678901234567890"
-+ "12345678901234567890123456789012345678901234567890"
-+ "12345678901234567890123456789012345678901234567890"
-+ "12345678901234567890123456789012345678901234567890"
-+ "123");
-
- retval = krad_attrset_new(ctx, &set);
- if (retval != 0)
-@@ -71,6 +79,11 @@ make_packet(krb5_context ctx, const krb5_data *username,
- if (retval != 0)
- goto out;
-
-+ retval = krad_attrset_add(set, krad_attr_name2num("NAS-Identifier"),
-+ &nas_id);
-+ if (retval != 0)
-+ goto out;
-+
- retval = krad_packet_new_request(ctx, "foo",
- krad_code_name2num("Access-Request"),
- set, iterator, &i, &tmp);
---
-2.35.3
-
diff --git a/SOURCES/krb5-krad-remote.patch b/SOURCES/krb5-krad-remote.patch
deleted file mode 100644
index b5b071f..0000000
--- a/SOURCES/krb5-krad-remote.patch
+++ /dev/null
@@ -1,171 +0,0 @@
-From a8551b609fd50458ca3c06a9dd345b6cdf18689b Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Tue, 9 Nov 2021 13:00:43 -0500
-Subject: [PATCH 1/2] Avoid use after free during libkrad cleanup
-
-libkrad client requests contain a list of references to remotes, with
-no back-references or reference counts. To prevent accesses to
-dangling references during cleanup, cancel all requests on all remotes
-before freeing any remotes.
-
-Remove the code for aging out unused servers. This code was fairly
-safe as all requests referencing a remote should have completed or
-timed out during an hour of disuse, but in the current design we have
-no way to guarantee or check that. The set of addresses we send
-RADIUS requests to will generally be small, so aging out servers is
-unnecessary.
-
-ticket: 9035 (new)
----
- src/lib/krad/client.c | 42 ++++++++++++++---------------------------
- src/lib/krad/internal.h | 4 ++++
- src/lib/krad/remote.c | 11 ++++++++---
- 3 files changed, 26 insertions(+), 31 deletions(-)
-
-diff --git a/src/lib/krad/client.c b/src/lib/krad/client.c
-index 6365dd1c6..810940afc 100644
---- a/src/lib/krad/client.c
-+++ b/src/lib/krad/client.c
-@@ -64,7 +64,6 @@ struct request_st {
-
- struct server_st {
- krad_remote *serv;
-- time_t last;
- K5_LIST_ENTRY(server_st) list;
- };
-
-@@ -81,15 +80,10 @@ get_server(krad_client *rc, const struct addrinfo *ai, const char *secret,
- krad_remote **out)
- {
- krb5_error_code retval;
-- time_t currtime;
- server *srv;
-
-- if (time(&currtime) == (time_t)-1)
-- return errno;
--
- K5_LIST_FOREACH(srv, &rc->servers, list) {
- if (kr_remote_equals(srv->serv, ai, secret)) {
-- srv->last = currtime;
- *out = srv->serv;
- return 0;
- }
-@@ -98,7 +92,6 @@ get_server(krad_client *rc, const struct addrinfo *ai, const char *secret,
- srv = calloc(1, sizeof(server));
- if (srv == NULL)
- return ENOMEM;
-- srv->last = currtime;
-
- retval = kr_remote_new(rc->kctx, rc->vctx, ai, secret, &srv->serv);
- if (retval != 0) {
-@@ -173,28 +166,12 @@ request_new(krad_client *rc, krad_code code, const krad_attrset *attrs,
- return 0;
- }
-
--/* Close remotes that haven't been used in a while. */
--static void
--age(struct server_head *head, time_t currtime)
--{
-- server *srv, *tmp;
--
-- K5_LIST_FOREACH_SAFE(srv, head, list, tmp) {
-- if (currtime == (time_t)-1 || currtime - srv->last > 60 * 60) {
-- K5_LIST_REMOVE(srv, list);
-- kr_remote_free(srv->serv);
-- free(srv);
-- }
-- }
--}
--
- /* Handle a response from a server (or related errors). */
- static void
- on_response(krb5_error_code retval, const krad_packet *reqp,
- const krad_packet *rspp, void *data)
- {
- request *req = data;
-- time_t currtime;
- size_t i;
-
- /* Do nothing if we are already completed. */
-@@ -221,10 +198,6 @@ on_response(krb5_error_code retval, const krad_packet *reqp,
- for (i = 0; req->remotes[i].remote != NULL; i++)
- kr_remote_cancel(req->remotes[i].remote, req->remotes[i].packet);
-
-- /* Age out servers that haven't been used in a while. */
-- if (time(&currtime) != (time_t)-1)
-- age(&req->rc->servers, currtime);
--
- request_free(req);
- }
-
-@@ -247,10 +220,23 @@ krad_client_new(krb5_context kctx, verto_ctx *vctx, krad_client **out)
- void
- krad_client_free(krad_client *rc)
- {
-+ server *srv;
-+
- if (rc == NULL)
- return;
-
-- age(&rc->servers, -1);
-+ /* Cancel all requests before freeing any remotes, since each request's
-+ * callback data may contain references to multiple remotes. */
-+ K5_LIST_FOREACH(srv, &rc->servers, list)
-+ kr_remote_cancel_all(srv->serv);
-+
-+ while (!K5_LIST_EMPTY(&rc->servers)) {
-+ srv = K5_LIST_FIRST(&rc->servers);
-+ K5_LIST_REMOVE(srv, list);
-+ kr_remote_free(srv->serv);
-+ free(srv);
-+ }
-+
- free(rc);
- }
-
-diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h
-index 223ffd730..fa012db78 100644
---- a/src/lib/krad/internal.h
-+++ b/src/lib/krad/internal.h
-@@ -120,6 +120,10 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
- void
- kr_remote_cancel(krad_remote *rr, const krad_packet *pkt);
-
-+/* Cancel all requests awaiting responses. */
-+void
-+kr_remote_cancel_all(krad_remote *rr);
-+
- /* Determine if this remote object refers to the remote resource identified
- * by the addrinfo struct and the secret. */
- krb5_boolean
-diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
-index c8912892c..01a5fd2a4 100644
---- a/src/lib/krad/remote.c
-+++ b/src/lib/krad/remote.c
-@@ -452,15 +452,20 @@ error:
- return retval;
- }
-
-+void
-+kr_remote_cancel_all(krad_remote *rr)
-+{
-+ while (!K5_TAILQ_EMPTY(&rr->list))
-+ request_finish(K5_TAILQ_FIRST(&rr->list), ECANCELED, NULL);
-+}
-+
- void
- kr_remote_free(krad_remote *rr)
- {
- if (rr == NULL)
- return;
-
-- while (!K5_TAILQ_EMPTY(&rr->list))
-- request_finish(K5_TAILQ_FIRST(&rr->list), ECANCELED, NULL);
--
-+ kr_remote_cancel_all(rr);
- free(rr->secret);
- if (rr->info != NULL)
- free(rr->info->ai_addr);
---
-2.35.3
-
diff --git a/SPECS/krb5.spec b/SPECS/krb5.spec
index ee8f670..7ac7935 100644
--- a/SPECS/krb5.spec
+++ b/SPECS/krb5.spec
@@ -30,74 +30,77 @@
%global configure_default_ccache_name 1
%global configured_default_ccache_name KEYRING:persistent:%%{uid}
-# for prereleases, % global prerelease beta1
-%if %{defined prerelease}
-%global dashpre -%{prerelease}
-%global zdpd 0.%{prerelease}.
+# Use baserelease to set the release number!
+#
+# baserelease is what we have standardized across Fedora and what
+# rpmdev-bumpspec knows how to handle.
+%global baserelease 8
+
+# This should be e.g. beta1 or %%nil
+%global pre_release %nil
+
+%global krb5_release %{baserelease}
+%if "x%{?pre_release}" != "x"
+%global krb5_release 0.%{baserelease}.%{pre_release}
+%global krb5_pre_release -%{pre_release}
+%endif
+
+%global krb5_version_major 1
+%global krb5_version_minor 20
+# For a release without a patch number set to %%nil
+%global krb5_version_patch 1
+
+%global krb5_version_major_minor %{krb5_version_major}.%{krb5_version_minor}
+%global krb5_version %{krb5_version_major_minor}
+%if "x%{?krb5_version_patch}" != "x"
+%global krb5_version %{krb5_version_major_minor}.%{krb5_version_patch}
%endif
# Should be in form 5.0, 6.1, etc.
-%global kdbversion 8.0
+%global kdbversion 9.0
Summary: The Kerberos network authentication system
Name: krb5
-Version: 1.19.1
-Release: %{?zdpd}22%{?dist}
+Version: %{krb5_version}
+Release: %{krb5_release}%{?dist}
# rharwood has trust path to signing key and verifies on check-in
-Source0: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz
-Source1: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz.asc
+Source0: https://web.mit.edu/kerberos/dist/krb5/%{krb5_version_major_minor}/krb5-%{krb5_version}%{?krb5_pre_release}.tar.gz
+Source1: https://web.mit.edu/kerberos/dist/krb5/%{krb5_version_major_minor}/krb5-%{krb5_version}%{?krb5_pre_release}.tar.gz.asc
# Numbering is a relic of old init systems etc. It's easiest to just leave.
Source2: kprop.service
-Source4: kadmin.service
-Source5: krb5kdc.service
-Source6: krb5.conf
-Source10: kdc.conf
-Source11: kadm5.acl
-Source19: krb5kdc.sysconfig
-Source20: kadmin.sysconfig
-Source21: kprop.sysconfig
-Source29: ksu.pamd
-Source33: krb5kdc.logrotate
-Source34: kadmind.logrotate
-Source39: krb5-krb5kdc.conf
-
-Patch0: downstream-ksu-pam-integration.patch
-Patch1: downstream-SELinux-integration.patch
-Patch3: downstream-netlib-and-dns.patch
-Patch4: downstream-fix-debuginfo-with-y.tab.c.patch
-Patch5: downstream-Remove-3des-support.patch
-Patch7: downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
-Patch8: Add-APIs-for-marshalling-credentials.patch
-Patch9: Add-hostname-canonicalization-helper-to-k5test.py.patch
-Patch10: Support-host-based-GSS-initiator-names.patch
-Patch11: Fix-softpkcs11-build-issues-with-openssl-3.0.patch
-Patch12: Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch
-Patch13: Fix-k5tls-module-for-OpenSSL-3.patch
-Patch14: Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch
-Patch15: Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch
-Patch16: Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch
-Patch17: Handle-OpenSSL-3-s-providers.patch
-Patch18: Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch
-Patch19: Fix-KCM-flag-transmission-for-remove_cred.patch
-Patch20: Make-KCM-iteration-fallback-work-with-sssd-kcm.patch
-Patch21: Use-KCM_OP_RETRIEVE-in-KCM-client.patch
-Patch22: Fix-KCM-retrieval-support-for-sssd.patch
-Patch23: Move-some-dejagnu-kadmin-tests-to-Python-tests.patch
-Patch24: Fix-some-principal-realm-canonicalization-cases.patch
-Patch25: Allow-kinit-with-keytab-to-defer-canonicalization.patch
-Patch26: Fix-kadmin-k-with-fallback-or-referral-realm.patch
-Patch27: Fix-KDC-null-deref-on-bad-encrypted-challenge.patch
-Patch28: Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
-Patch29: Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch
-Patch30: downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch
-Patch31: Try-harder-to-avoid-password-change-replay-errors.patch
-Patch32: Add-configure-variable-for-default-PKCS-11-module.patch
-Patch33: downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch
-Patch34: krb5-krad-remote.patch
-Patch35: krb5-krad-larger-attrs.patch
-Patch36: Set-reasonable-supportedCMSTypes-in-PKINIT.patch
+Source3: kadmin.service
+Source4: krb5kdc.service
+Source5: krb5.conf
+Source6: kdc.conf
+Source7: kadm5.acl
+Source8: krb5kdc.sysconfig
+Source9: kadmin.sysconfig
+Source10: kprop.sysconfig
+Source11: ksu.pamd
+Source12: krb5kdc.logrotate
+Source13: kadmind.logrotate
+Source14: krb5-krb5kdc.conf
+
+Patch01: 0001-downstream-ksu-pam-integration.patch
+Patch02: 0002-downstream-SELinux-integration.patch
+Patch03: 0003-downstream-fix-debuginfo-with-y.tab.c.patch
+Patch04: 0004-downstream-Remove-3des-support.patch
+Patch05: 0005-downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
+Patch06: 0006-downstream-Allow-krad-UDP-TCP-localhost-connection-w.patch
+Patch07: 0007-Add-configure-variable-for-default-PKCS-11-module.patch
+Patch08: 0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch
+Patch09: 0009-Simplify-plugin-loading-code.patch
+Patch10: 0010-Update-error-checking-for-OpenSSL-CMS_verify.patch
+Patch11: 0011-downstream-Catch-SHA-1-digest-disallowed-error-for-P.patch
+Patch12: 0012-Add-and-use-ts_interval-helper.patch
+Patch13: 0013-downstream-Make-tests-compatible-with-sssd_krb5_loca.patch
+Patch14: 0014-downstream-Do-not-set-root-as-ksu-file-owner.patch
+Patch15: 0015-downstream-Allow-KRB5KDF-MD5-and-MD4-in-FIPS-mode.patch
+Patch16: 0016-Add-PAC-full-checksums.patch
+Patch17: 0017-Fix-possible-double-free-during-KDB-creation.patch
+Patch18: 0018-Fix-meridian-type-in-kadmin-datetime-parser.patch
License: MIT
URL: https://web.mit.edu/kerberos/www/
@@ -255,10 +258,7 @@ popd
# Mess with some of the default ports that we use for testing, so that multiple
# builds going on the same host don't step on each other.
-cfg="src/kadmin/testing/proto/kdc.conf.proto \
- src/kadmin/testing/proto/krb5.conf.proto \
- src/lib/kadm5/testsuite/api.current/init-v2.exp \
- src/util/k5test.py"
+cfg="src/util/k5test.py"
LONG_BIT=`getconf LONG_BIT`
PORT=`expr 61000 + $LONG_BIT - 48`
sed -i -e s,61000,`expr "$PORT" + 0`,g $cfg
@@ -274,6 +274,12 @@ PORT=`expr 7777 + $LONG_BIT - 48`
sed -i -e s,7777,`expr "$PORT" + 0`,g $cfg
sed -i -e s,7778,`expr "$PORT" + 1`,g $cfg
+# Fix kadmind port hard-coded in tests
+PORT=`expr 61000 + $LONG_BIT - 48`
+sed -i -e \
+ "s,params.kadmind_port = 61001;,params.kadmind_port = $((PORT + 1));," \
+ src/lib/kadm5/t_kadm5.c
+
%build
# Go ahead and supply tcl info, because configure doesn't know how to find it.
source %{_libdir}/tclConfig.sh
@@ -299,7 +305,6 @@ CPPFLAGS="`echo $DEFINES $INCLUDES`"
--without-krb5-config \
--with-system-et \
--with-system-ss \
- --with-netlib=-lresolv \
--with-tcl \
--enable-dns-for-realm \
--with-ldap \
@@ -314,6 +319,11 @@ CPPFLAGS="`echo $DEFINES $INCLUDES`"
--with-lmdb \
|| (cat config.log; exit 1)
+# Check we have required features enabled
+for x in DNS_LOOKUP DNS_LOOKUP_REALM; do
+ grep -q "#define KRB5_${x} 1" include/autoconf.h
+done
+
# Sanity check the KDC_RUN_DIR.
pushd include
make osconf.h
@@ -353,15 +363,15 @@ popd
# Sample KDC config files (bundled kdc.conf and kadm5.acl).
mkdir -p $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc
-install -pm 600 %{SOURCE10} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
-install -pm 600 %{SOURCE11} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
+install -pm 600 %{SOURCE6} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
+install -pm 600 %{SOURCE7} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
# Where per-user keytabs live by default.
mkdir -p $RPM_BUILD_ROOT%{_var}/kerberos/krb5/user
# Default configuration file for everything.
mkdir -p $RPM_BUILD_ROOT/etc
-install -pm 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf
+install -pm 644 %{SOURCE5} $RPM_BUILD_ROOT/etc/krb5.conf
# Default include on this directory
mkdir -p $RPM_BUILD_ROOT/etc/krb5.conf.d
@@ -381,16 +391,16 @@ mkdir -m 755 -p $RPM_BUILD_ROOT/etc/gss/mech.d
export DEFCCNAME="%{configured_default_ccache_name}"
awk '{print}
/^# default_realm/{print " default_ccache_name =", ENVIRON["DEFCCNAME"]}' \
- %{SOURCE6} > $RPM_BUILD_ROOT/etc/krb5.conf
-touch -r %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf
+ %{SOURCE5} > $RPM_BUILD_ROOT/etc/krb5.conf
+touch -r %{SOURCE5} $RPM_BUILD_ROOT/etc/krb5.conf
grep default_ccache_name $RPM_BUILD_ROOT/etc/krb5.conf
%endif
# Server init scripts (krb5kdc,kadmind,kpropd) and their sysconfig files.
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
for unit in \
- %{SOURCE5}\
- %{SOURCE4} \
+ %{SOURCE4}\
+ %{SOURCE3} \
%{SOURCE2} ; do
# In the past, the init script was supposed to be named after the service
# that the started daemon provided. Changing their names is an
@@ -398,11 +408,11 @@ for unit in \
install -pm 644 ${unit} $RPM_BUILD_ROOT%{_unitdir}
done
mkdir -p $RPM_BUILD_ROOT/%{_tmpfilesdir}
-install -pm 644 %{SOURCE39} $RPM_BUILD_ROOT/%{_tmpfilesdir}/
+install -pm 644 %{SOURCE14} $RPM_BUILD_ROOT/%{_tmpfilesdir}/
mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/krb5kdc
mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
-for sysconfig in %{SOURCE19} %{SOURCE20} %{SOURCE21} ; do
+for sysconfig in %{SOURCE8} %{SOURCE9} %{SOURCE10} ; do
install -pm 644 ${sysconfig} \
$RPM_BUILD_ROOT/etc/sysconfig/`basename ${sysconfig} .sysconfig`
done
@@ -410,15 +420,15 @@ done
# logrotate configuration files
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d/
for logrotate in \
- %{SOURCE33} \
- %{SOURCE34} ; do
+ %{SOURCE12} \
+ %{SOURCE13} ; do
install -pm 644 ${logrotate} \
$RPM_BUILD_ROOT/etc/logrotate.d/`basename ${logrotate} .logrotate`
done
# PAM configuration files.
mkdir -p $RPM_BUILD_ROOT/etc/pam.d/
-for pam in %{SOURCE29} ; do
+for pam in %{SOURCE11} ; do
install -pm 644 ${pam} \
$RPM_BUILD_ROOT/etc/pam.d/`basename ${pam} .pamd`
done
@@ -655,6 +665,48 @@ exit 0
%{_libdir}/libkadm5srv_mit.so.*
%changelog
+* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
+- Fix datetime parsing in kadmin on s390x
+- Resolves: rhbz#2169985
+
+* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
+- Fix double free on kdb5_util key creation failure
+- Resolves: rhbz#2166603
+
+* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
+- Add support for MS-PAC extended KDC signature (CVE-2022-37967)
+- Resolves: rhbz#2165827
+
+* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
+- Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
+- Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
+- Resolves: rhbz#2162461
+
+* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
+- Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
+- Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
+- Resolves: rhbz#2068535
+
+* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
+- Strip debugging data from ksu executable file
+- Resolves: rhbz#2159643
+
+* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
+- Make tests compatible with sssd-client
+- Resolves: rhbz#2151513
+- Remove invalid password expiry warning
+- Resolves: rhbz#2121099
+- Update error checking for OpenSSL CMS_verify
+- Resolves: rhbz#2063838
+- New upstream version (1.20.1)
+- Resolves: rhbz#2016312
+- Fix integer overflows in PAC parsing (CVE-2022-42898)
+- Resolves: rhbz#2140971
+
+* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
+- Fix kprop for propagating dump files larger than 4GB
+- Resolves: rhbz#2133014
+
* Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
- Restore "supportedCMSTypes" attribute in PKINIT preauth requests
- Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms