OPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak

[openafs.git] / src / kauth / kaprocs.c

diff --git a/src/kauth/kaprocs.c b/src/kauth/kaprocs.c
index 0b87230..1c6c68f 100644 (file)
--- a/src/kauth/kaprocs.c
+++ b/src/kauth/kaprocs.c
@@ -1,7 +1,7 @@
 /*
  * Copyright 2000, International Business Machines Corporation and others.
  * All Rights Reserved.
- * 
+ *
  * This software has been released under the terms of the IBM Public
  * License.  For details, see the LICENSE file in the top-level source
  * directory or online at http://www.openafs.org/dl/license10.html
@@ -9,74 +9,52 @@
 
 #include <afsconfig.h>
 #include <afs/param.h>
+#include <afs/stds.h>
 
-RCSID
-    ("$Header$");
+#include <roken.h>
+#include <afs/opr.h>
 
-#include <afs/stds.h>
-#include <errno.h>
-#include "kauth.h"
-#include <sys/types.h>
-#include <time.h>
-#ifdef AFS_NT40_ENV
-#include <afs/afsutil.h>
-#else
-#include <sys/resource.h>
-#include <sys/file.h>
+#ifdef HAVE_SYS_RESOURCE_H
+# include <sys/resource.h>
+#endif
+
+#ifdef IGNORE_SOME_GCC_WARNINGS
+# pragma GCC diagnostic warning "-Wdeprecated-declarations"
 #endif
-#include <stdio.h>
+
+#include "kauth.h"
+
+#define HC_DEPRECATED
+#include <hcrypto/des.h>
+
 #include <lock.h>
 #include <ubik.h>
 #include <lwp.h>
 #include <rx/xdr.h>
 #include <rx/rx.h>
 #include <rx/rxkad.h>
-#ifdef AFS_NT40_ENV
-#include <winsock2.h>
-#else
-#include <netinet/in.h>
-#endif
-#include <string.h>
-#include <des.h>
-#include <des_prototypes.h>
+#include <rx/rxkad_convert.h>
 #include <afs/cellconfig.h>
 #include <afs/auth.h>
 #include <afs/com_err.h>
+#include <afs/afsutil.h>
+#include <afs/audit.h>
+
 #include "kautils.h"
 #include "kaserver.h"
 #include "kalog.h"
 #include "kaport.h"
 #include "kauth_internal.h"
-#include "afs/audit.h"
+
+#include "kadatabase.h"
+#include "kaprocs.h"
 
 extern struct ubik_dbase *KA_dbase;
 struct kaheader cheader;
 Date cheaderReadTime;          /* time cheader last read in */
 extern struct afsconf_dir *KA_conf;    /* for getting cell info */
 
-afs_int32 kamCreateUser(struct rx_call *call, char *aname, char *ainstance, 
-                       EncryptionKey ainitpw);
-afs_int32 ChangePassWord(struct rx_call *call, char *aname, char *ainstance, 
-                        ka_CBS *arequest, ka_BBS *oanswer);
-afs_int32 kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
-                        afs_int32 akvno, EncryptionKey apassword);
-afs_int32 kamSetFields(struct rx_call *call, char *aname, char *ainstance,
-                      afs_int32 aflags, Date aexpiration, 
-                      afs_int32 alifetime, afs_int32 amaxAssociates,
-                      afs_uint32 misc_auth_bytes, afs_int32 spare2);
-afs_int32 kamDeleteUser(struct rx_call *call, char *aname, char *ainstance);
-afs_int32 kamGetEntry(struct rx_call *call, char *aname, char *ainstance,
-                     afs_int32 aversion, kaentryinfo *aentry);
-afs_int32 kamListEntry(struct rx_call *call, afs_int32 previous_index,
-                      afs_int32 *index, afs_int32 *count, kaident *name);
-afs_int32 kamGetStats(struct rx_call *call, afs_int32 version, 
-                     afs_int32 *admin_accounts, kasstats *statics,
-                     kadstats *dynamics);
-afs_int32 kamGetPassword(struct rx_call *call, char *name, 
-                        EncryptionKey *password);
-afs_int32 kamGetRandomKey(struct rx_call *call, EncryptionKey *key);
-afs_int32 kamDebug(struct rx_call *call, afs_int32 version,
-                  int checkDB, struct ka_debugInfo *info);
+
 
 char lrealm[MAXKTCREALMLEN];
 
@@ -96,16 +74,14 @@ extern int npwSums;
 static afs_int32 autoCPWInterval;
 static afs_int32 autoCPWUpdates;
 
-static afs_int32 set_password(struct ubik_trans *tt, char *name, 
-                             char *instance, EncryptionKey *password, 
+static afs_int32 set_password(struct ubik_trans *tt, char *name,
+                             char *instance,
+                             struct ktc_encryptionKey *password,
                              afs_int32 kvno, afs_int32 caller);
-
-extern afs_int32 InitAuthServ(struct ubik_trans **tt, int lock,
-                             int *this_op);
-static afs_int32 impose_reuse_limits(EncryptionKey *password, 
+static afs_int32 impose_reuse_limits(EncryptionKey *password,
                                     struct kaentry *tentry);
 static int create_user(struct ubik_trans *tt, char *name, char *instance,
-                      EncryptionKey *key, afs_int32 caller, 
+                      struct ktc_encryptionKey *key, afs_int32 caller,
                       afs_int32 flags);
 
 /* This routine is called whenever an RPC interface needs the time.  It uses
@@ -136,7 +112,7 @@ get_time(Date *timeP,
     int i;
     afs_int32 to;
 
-    gettimeofday(&time, 0);
+    gettimeofday(&time, NULL);
     bit = (random_value[3] >> 31) & 1; /* get high bit of high word */
     for (i = 0; i < 4; i++) {
        nbit = random_value[i] >> 31;
@@ -172,12 +148,12 @@ get_time(Date *timeP,
        if (to) {               /* check if auto cpw is disabled */
            if (!(ntohl(tentry.flags) & KAFNOCPW)) {
                memcpy(&key, &random_value[0], sizeof(key));
-               des_fixup_key_parity(&key);
+               DES_set_odd_parity(ktc_to_cblock(&key));
                code =
                    set_password(tt, KA_ADMIN_NAME, KA_ADMIN_INST, &key, 0,
                                 0);
                if (code == 0) {
-                   des_init_random_number_generator(&key);
+                   DES_init_random_number_generator(ktc_to_cblock(&key));
                    ka_ConvertBytes(buf, sizeof(buf), (char *)&key,
                                    sizeof(key));
                    es_Report("New Admin key is %s\n", buf);
@@ -196,7 +172,7 @@ get_time(Date *timeP,
        if (to) {               /* check if auto cpw is disabled */
            if (!(ntohl(tentry.flags) & KAFNOCPW)) {
                memcpy(&key, &random_value[2], sizeof(key));
-               des_fixup_key_parity(&key);
+               DES_set_odd_parity(ktc_to_cblock(&key));
                code = set_password(tt, KA_TGS_NAME, lrealm, &key, 0, 0);
                if (code == 0) {
                    ka_ConvertBytes(buf, sizeof(buf), (char *)&key,
@@ -242,15 +218,15 @@ initialize_database(struct ubik_trans *tt)
     struct ktc_encryptionKey key;
     int code;
 
-    gettimeofday((struct timeval *)&key, 0);   /* this is just a cheap seed key */
-    des_fixup_key_parity(&key);
-    des_init_random_number_generator(&key);
-    if ((code = des_random_key(&key))
+    gettimeofday((struct timeval *)&key, NULL);        /* this is just a cheap seed key */
+    DES_set_odd_parity(ktc_to_cblock(&key));
+    DES_init_random_number_generator(ktc_to_cblock(&key));
+    if ((code = DES_new_random_key(ktc_to_cblock(&key)))
        || (code =
            create_user(tt, KA_ADMIN_NAME, KA_ADMIN_INST, &key, 0,
                        KAFNORMAL | KAFNOSEAL | KAFNOTGS)))
        return code;
-    if ((code = des_random_key(&key))
+    if ((code = DES_new_random_key(ktc_to_cblock(&key)))
        || (code =
            create_user(tt, KA_TGS_NAME, lrealm, &key, 0,
                        KAFNORMAL | KAFNOSEAL | KAFNOTGS)))
@@ -262,7 +238,7 @@ initialize_database(struct ubik_trans *tt)
    parameter passes some information about the command line arguments. */
 
 afs_int32
-init_kaprocs(char *lclpath, int initFlags)
+init_kaprocs(const char *lclpath, int initFlags)
 {
     int code;
     struct ubik_trans *tt;
@@ -314,7 +290,7 @@ init_kaprocs(char *lclpath, int initFlags)
             code);
        return code;
     }
-    des_init_random_number_generator(&key);
+    DES_init_random_number_generator(ktc_to_cblock(&key));
 
     code = ubik_EndTrans(tt);
     if (code) {
@@ -322,7 +298,7 @@ init_kaprocs(char *lclpath, int initFlags)
        return code;
     }
 
-    kaux_opendb(lclpath);      /* aux database stores failure counters */
+    kaux_opendb((char *)lclpath);/* aux database stores failure counters */
     rebuildDatabase = 0;       /* only do this during init */
     kaprocsInited = 1;
     return 0;
@@ -395,13 +371,13 @@ check_auth(struct rx_call *call,
        noAuthenticationRequired = afsconf_GetNoAuthFlag(KA_conf);
 
     si = rx_SecurityClassOf(rx_ConnectionOf(call));
-    if (si == RX_SCINDEX_VAB) {
+    if (si == RX_SECIDX_VAB) {
        printf("No support for VAB security module yet.\n");
        return -1;
-    } else if (si == RX_SCINDEX_NULL) {
+    } else if (si == RX_SECIDX_NULL) {
        code = KANOAUTH;
        goto no_auth;
-    } else if (si != RX_SCINDEX_KAD) {
+    } else if (si != RX_SECIDX_KAD) {
        es_Report("Unknown security index %d\n", si);
        return -1;
     }
@@ -573,9 +549,10 @@ special_name(char *name, char *instance)
 
 static int
 create_user(struct ubik_trans *tt, char *name, char *instance,
-           EncryptionKey *key, afs_int32 caller, afs_int32 flags)
+           struct ktc_encryptionKey *key, afs_int32 caller,
+           afs_int32 flags)
 {
-    register int code;
+    int code;
     afs_int32 to;
     struct kaentry tentry;
     afs_int32 maxLifetime;
@@ -643,15 +620,16 @@ SKAM_CreateUser(struct rx_call *call, char *aname, char *ainstance,
 
 
 afs_int32
-kamCreateUser(struct rx_call *call, char *aname, char *ainstance, 
+kamCreateUser(struct rx_call *call, char *aname, char *ainstance,
              EncryptionKey ainitpw)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 caller;          /* Disk offset of caller's entry */
 
     COUNT_REQ(CreateUser);
-    if (!des_check_key_parity(&ainitpw) || des_is_weak_key(&ainitpw))
+    if (!DES_check_key_parity(EncryptionKey_to_cblock(&ainitpw)) ||
+       DES_is_weak_key(EncryptionKey_to_cblock(&ainitpw)))
        return KABADKEY;
     if (!name_instance_legal(aname, ainstance))
        return KABADNAME;
@@ -663,15 +641,15 @@ kamCreateUser(struct rx_call *call, char *aname, char *ainstance,
        ubik_AbortTrans(tt);
        return code;
     }
-    code = create_user(tt, aname, ainstance, &ainitpw, caller, KAFNORMAL);
+    code = create_user(tt, aname, ainstance, EncryptionKey_to_ktc(&ainitpw), caller, KAFNORMAL);
     if (code) {
        COUNT_ABO;
        ubik_AbortTrans(tt);
        return code;
     }
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
-         LOG_CRUSER);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CRUSER);
     return code;
 }
 
@@ -688,10 +666,10 @@ SKAA_ChangePassword(struct rx_call *call, char *aname, char *ainstance,
 }
 
 afs_int32
-ChangePassWord(struct rx_call *call, char *aname, char *ainstance, 
+ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
               ka_CBS *arequest, ka_BBS *oanswer)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 to;              /* offset of block */
     struct kaentry tentry;
@@ -699,7 +677,7 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     char *answer;              /* where answer is to be put */
     int answer_len;            /* length of answer packet */
     afs_int32 kvno;            /* requested key version number */
-    des_key_schedule user_schedule;    /* key schedule for user's key */
+    DES_key_schedule user_schedule;    /* key schedule for user's key */
     Date request_time;         /* time request originated */
 
     COUNT_REQ(ChangePassword);
@@ -724,16 +702,18 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     }
 
     /* decrypt request w/ user password */
-    if ((code = des_key_sched(&tentry.key, user_schedule)))
+    if ((code = DES_key_sched(ktc_to_cblock(&tentry.key), &user_schedule)))
        es_Report("In KAChangePassword: key_sched returned %d\n", code);
-    des_pcbc_encrypt(arequest->SeqBody, &request,
-                    min(arequest->SeqLen, sizeof(request)), user_schedule,
-                    &tentry.key, DECRYPT);
+    DES_pcbc_encrypt(arequest->SeqBody, &request,
+                    min(arequest->SeqLen, sizeof(request)), &user_schedule,
+                    ktc_to_cblockptr(&tentry.key), DECRYPT);
 
     /* validate the request */
     request_time = ntohl(request.time);        /* reorder date */
     kvno = ntohl(request.kvno);
-    if ((abs(request_time - time(0)) > KTC_TIME_UNCERTAINTY) || strncmp(request.label, KA_CPW_REQ_LABEL, sizeof(request.label)) || (request.spare) || (kvno > MAXKAKVNO)) {    /* these are reseved */
+    if (check_ka_skew(request_time, time(NULL), KTC_TIME_UNCERTAINTY) ||
+       strncmp(request.label, KA_CPW_REQ_LABEL, sizeof(request.label)) ||
+       request.spare || kvno > MAXKAKVNO) {    /* these are reserved */
        code = KABADREQUEST;
        goto abort;
     }
@@ -741,7 +721,7 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     /* check to see if the new password was used before, or if there has
      * not been sufficient time since the last password change
      */
-    code = impose_reuse_limits(&request.newpw, &tentry);
+    code = impose_reuse_limits(ktc_to_EncryptionKey(&request.newpw), &tentry);
     if (code) {
        goto abort;
     }
@@ -759,8 +739,8 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     answer += sizeof(Date);
     memcpy(answer, KA_CPW_ANS_LABEL, KA_LABELSIZE);
 
-    des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, answer_len,
-                    user_schedule, &tentry.key, ENCRYPT);
+    DES_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, answer_len,
+                    &user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
 
     code = set_password(tt, aname, ainstance, &request.newpw, kvno, 0);
     if (code) {
@@ -823,8 +803,8 @@ impose_reuse_limits(EncryptionKey *password, struct kaentry *tentry)
 
 
 static afs_int32
-set_password(struct ubik_trans *tt, char *name, char *instance, 
-            EncryptionKey *password, afs_int32 kvno, afs_int32 caller)
+set_password(struct ubik_trans *tt, char *name, char *instance,
+            struct ktc_encryptionKey *password, afs_int32 kvno, afs_int32 caller)
 {
     afs_int32 code;
     afs_int32 to;              /* offset of block */
@@ -882,7 +862,7 @@ set_password(struct ubik_trans *tt, char *name, char *instance,
 
     tentry.change_password_time = htonl(now);
 
-    if (code = kawrite(tt, to, &tentry, sizeof(tentry)))
+    if ((code = kawrite(tt, to, (char *) &tentry, sizeof(tentry))))
        return (KAIO);
     return (0);
 }
@@ -903,7 +883,7 @@ afs_int32
 kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
               afs_int32 akvno, EncryptionKey apassword)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 caller;          /* Disk offset of caller's entry */
     struct kaentry tentry;
@@ -911,7 +891,8 @@ kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
     COUNT_REQ(SetPassword);
     if (akvno > MAXKAKVNO)
        return KABADARGUMENT;
-    if (!des_check_key_parity(&apassword) || des_is_weak_key(&apassword))
+    if (!DES_check_key_parity(EncryptionKey_to_cblock(&apassword)) ||
+       DES_is_weak_key(EncryptionKey_to_cblock(&apassword)))
        return KABADKEY;
 
     if (!name_instance_legal(aname, ainstance))
@@ -922,7 +903,7 @@ kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
     if (code) {
        goto abort;
     }
-    if ((code = karead(tt, caller, &tentry, sizeof(tentry)))) {
+    if ((code = karead(tt, caller, (char *)&tentry, sizeof(tentry)))) {
        code = KAIO;
        goto abort;
     }
@@ -935,18 +916,18 @@ kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
            code = impose_reuse_limits(&apassword, &tentry);
            if (!code)
                code =
-                   set_password(tt, aname, ainstance, &apassword, akvno, 0);
+                   set_password(tt, aname, ainstance, EncryptionKey_to_ktc(&apassword), akvno, 0);
        }
     } else if (ntohl(tentry.flags) & KAFADMIN) {
-       code = set_password(tt, aname, ainstance, &apassword, akvno, caller);
+       code = set_password(tt, aname, ainstance, EncryptionKey_to_ktc(&apassword), akvno, caller);
     } else
        code = KANOAUTH;
     if (code)
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
-         LOG_CHPASSWD);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CHPASSWD);
     return code;
 
   abort:
@@ -1002,7 +983,7 @@ GetEndTime(Date start,             /* start time of ticket */
 static afs_int32
 PrepareTicketAnswer(ka_BBS *oanswer, afs_int32 challenge, char *ticket,
                    afs_int32 ticketLen, struct ktc_encryptionKey *sessionKey,
-                   Date start, Date end, struct kaentry *caller, 
+                   Date start, Date end, struct kaentry *caller,
                    struct kaentry *server, char *cell, char *label)
 {
     afs_int32 code;
@@ -1064,7 +1045,7 @@ PrepareTicketAnswer(ka_BBS *oanswer, afs_int32 challenge, char *ticket,
    is normally disabled for these two principals. */
 
 static afs_int32
-Authenticate(int version, struct rx_call *call, char *aname, char *ainstance, 
+Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
             Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
 {
     int code;
@@ -1083,7 +1064,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     int answer_len;            /* length of answer packet */
     Date answer_time;          /* 1+ request time in network order */
     afs_int32 temp;            /* for htonl conversions */
-    des_key_schedule user_schedule;    /* key schedule for user's key */
+    DES_key_schedule user_schedule;    /* key schedule for user's key */
     afs_int32 tgskvno;         /* key version of service key */
     struct ktc_encryptionKey tgskey;   /* service key for encrypting ticket */
     Date now;
@@ -1108,7 +1089,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     }
 #ifdef LOCKPW
     /* have to check for locked before verifying the password, otherwise all
-     * KALOCKED means is "yup, you guessed the password all right, now wait a 
+     * KALOCKED means is "yup, you guessed the password all right, now wait a
      * few minutes and we'll let you in"
      */
     if (kaux_islocked
@@ -1122,11 +1103,11 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     save_principal(authPrincipal, aname, ainstance, 0);
 
     /* decrypt request w/ user password */
-    if ((code = des_key_sched(&tentry.key, user_schedule)))
+    if ((code = DES_key_sched(ktc_to_cblock(&tentry.key), &user_schedule)))
        es_Report("In KAAuthenticate: key_sched returned %d\n", code);
-    des_pcbc_encrypt(arequest->SeqBody, &request,
-                    min(arequest->SeqLen, sizeof(request)), user_schedule,
-                    &tentry.key, DECRYPT);
+    DES_pcbc_encrypt(arequest->SeqBody, &request,
+                    min(arequest->SeqLen, sizeof(request)), &user_schedule,
+                    ktc_to_cblockptr(&tentry.key), DECRYPT);
 
     request.time = ntohl(request.time);        /* reorder date */
     tgt = !strncmp(request.label, KA_GETTGT_REQ_LABEL, sizeof(request.label));
@@ -1162,7 +1143,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     }
 #endif /* EXPIREPW */
 
-    if (abs(request.time - now) > KTC_TIME_UNCERTAINTY) {
+    if (check_ka_skew(request.time, now, KTC_TIME_UNCERTAINTY)) {
 #if 0
        if (oanswer->MaxSeqLen < sizeof(afs_int32))
            code = KAANSWERTOOLONG;
@@ -1188,7 +1169,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     tgskvno = ntohl(server.key_version);
     memcpy(&tgskey, &server.key, sizeof(tgskey));
 
-    code = des_random_key(&sessionKey);
+    code = DES_new_random_key(ktc_to_cblock(&sessionKey));
     if (code) {
        code = KANOKEYS;
        goto abort;
@@ -1265,24 +1246,24 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
        code = KAINTERNALERROR;
        goto abort;
     }
-    des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
-                    user_schedule, &tentry.key, ENCRYPT);
+    DES_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
+                    &user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, sname, sinst, NULL, call->conn->peer->host,
-         LOG_AUTHENTICATE);
+    KALOG(aname, ainstance, sname, sinst, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHENTICATE);
     return code;
 
   abort:
     COUNT_ABO;
     ubik_AbortTrans(tt);
-    KALOG(aname, ainstance, sname, sinst, NULL, call->conn->peer->host,
-         LOG_AUTHFAILED);
+    KALOG(aname, ainstance, sname, sinst, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHFAILED);
     return code;
 }
 
 afs_int32
 SKAA_Authenticate_old(struct rx_call *call, char *aname, char *ainstance,
-                     Date start, Date end, ka_CBS *arequest, 
+                     Date start, Date end, ka_CBS *arequest,
                      ka_BBS *oanswer)
 {
     int code;
@@ -1298,7 +1279,7 @@ SKAA_Authenticate_old(struct rx_call *call, char *aname, char *ainstance,
 }
 
 afs_int32
-SKAA_Authenticate(struct rx_call *call, char *aname, char *ainstance, 
+SKAA_Authenticate(struct rx_call *call, char *aname, char *ainstance,
                  Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
 {
     int code;
@@ -1313,7 +1294,7 @@ SKAA_Authenticate(struct rx_call *call, char *aname, char *ainstance,
 }
 
 afs_int32
-SKAA_AuthenticateV2(struct rx_call *call, char *aname, char *ainstance, 
+SKAA_AuthenticateV2(struct rx_call *call, char *aname, char *ainstance,
                    Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
 {
     int code;
@@ -1424,13 +1405,13 @@ kamSetFields(struct rx_call *call,
        tentry.max_ticket_lifetime = htonl(alifetime);
 
 #ifndef NOPWCONTROLS
-    /* 
+    /*
      * We've packed a bunch of bytes into a long for backward compatibility.
      * These include password expiration time, and some failed login limits
      * counters.  Now let's unpack them and stick them into the
      * kaentry struct.  All the bytes have values in the range
      * 1..255, else they were not specified in the interface, and are
-     * set to zero. 
+     * set to zero.
      * In the case of password expiration times, 1 means password never
      * expires (==>0), 2 means password only lives for one day (==>1),
      * and so on.
@@ -1472,13 +1453,13 @@ kamSetFields(struct rx_call *call,
 
     tentry.modification_time = htonl(now);
     tentry.modification_id = htonl(caller);
-    code = kawrite(tt, tentry_offset, &tentry, sizeof(tentry));
+    code = kawrite(tt, tentry_offset, (char *) &tentry, sizeof(tentry));
     if (code)
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
-         LOG_SETFIELDS);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_SETFIELDS);
     return code;
 
   abort:
@@ -1503,12 +1484,12 @@ SKAM_DeleteUser(struct rx_call *call, char *aname, char *ainstance)
 afs_int32
 kamDeleteUser(struct rx_call *call, char *aname, char *ainstance)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 caller;
     afs_int32 to;
     struct kaentry tentry;
-    int nfailures;
+    unsigned int nfailures;
     afs_uint32 locktime;
 
     COUNT_REQ(DeleteUser);
@@ -1550,8 +1531,8 @@ kamDeleteUser(struct rx_call *call, char *aname, char *ainstance)
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
-         LOG_DELUSER);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_DELUSER);
     return code;
 }
 
@@ -1584,7 +1565,7 @@ kamGetEntry(struct rx_call *call,
            afs_int32 aversion,         /* major version assumed by caller */
            kaentryinfo *aentry)        /* entry data copied here */
 {
-    register afs_int32 code;
+    afs_int32 code;
     struct ubik_trans *tt;
     afs_int32 callerIndex;
     struct kaentry caller;
@@ -1610,7 +1591,7 @@ kamGetEntry(struct rx_call *call,
        code = KANOENT;
        goto abort;
     } else {
-       if ((code = karead(tt, callerIndex, &caller, sizeof(caller)))) {
+       if ((code = karead(tt, callerIndex, (char *)&caller, sizeof(caller)))) {
            code = KAIO;
            goto abort;
        }
@@ -1649,17 +1630,21 @@ kamGetEntry(struct rx_call *call,
 
     temp = pack_long(tentry.misc_auth_bytes);
     aentry->misc_auth_bytes = temp;
-    /* 
+    /*
      * only return user's key if security disabled or if admin and
      * we have an encrypted connection to the user
      */
-    rxkad_GetServerInfo(call->conn, &enc_level, 0, 0, 0, 0, 0);
+    rxkad_GetServerInfo(rx_ConnectionOf(call), &enc_level, 0, 0, 0, 0, 0);
     if ((noAuthenticationRequired)
        || (callerIsAdmin && enc_level == rxkad_crypt))
        memcpy(&aentry->key, &tentry.key, sizeof(struct ktc_encryptionKey));
     else
        memset(&aentry->key, 0, sizeof(aentry->key));
+
     code = ka_KeyCheckSum((char *)&tentry.key, &aentry->keyCheckSum);
+    if (code)
+       goto abort;
+
     if (!tentry.pwsums[0] && npwSums > 1 && !tentry.pwsums[1]) {
        aentry->reserved3 = 0x12340000;
     } else {
@@ -1669,7 +1654,7 @@ kamGetEntry(struct rx_call *call,
     /* Now get entry of user who last modified this entry */
     if (ntohl(tentry.modification_id)) {
        temp = ntohl(tentry.modification_id);
-       code = karead(tt, temp, &tentry, sizeof(tentry));
+       code = karead(tt, temp, (char *)&tentry, sizeof(tentry));
        if (code) {
            code = KAIO;
            goto abort;
@@ -1710,11 +1695,12 @@ kamListEntry(struct rx_call *call,
             afs_int32 *count,          /* total entries in database */
             kaident *name)             /* name & instance of this entry */
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 caller;
     struct kaentry tentry;
 
+    memset(name, 0, sizeof(*name));
     COUNT_REQ(ListEntry);
     if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
        return code;
@@ -1761,7 +1747,7 @@ GetTicket(int version,
     int import, export;
     struct ubik_trans *tt;
     struct ktc_encryptionKey tgskey;
-    des_key_schedule schedule;
+    DES_key_schedule schedule;
     afs_int32 to;
     char name[MAXKTCNAMELEN];
     char instance[MAXKTCNAMELEN];
@@ -1822,7 +1808,7 @@ GetTicket(int version,
            code = KANOAUTH;
        goto abort;
     }
-    code = des_key_sched(&authSessionKey, schedule);
+    code = DES_key_sched(ktc_to_cblock(&authSessionKey), &schedule);
     if (code) {
        code = KANOAUTH;
        goto abort;
@@ -1840,7 +1826,7 @@ GetTicket(int version,
        goto abort;
     }
 
-    des_ecb_encrypt(atimes->SeqBody, &times, schedule, DECRYPT);
+    DES_ecb_encrypt((DES_cblock *)atimes->SeqBody, (DES_cblock *)&times, &schedule, DECRYPT);
     times.start = ntohl(times.start);
     times.end = ntohl(times.end);
     code = tkt_CheckTimes(times.start, times.end, now);
@@ -1877,7 +1863,7 @@ GetTicket(int version,
     }
     save_principal(tgsServerPrincipal, sname, sinstance, 0);
 
-    code = des_random_key(&sessionKey);
+    code = DES_new_random_key(ktc_to_cblock(&sessionKey));
     if (code) {
        code = KANOKEYS;
        goto abort;
@@ -1950,11 +1936,11 @@ GetTicket(int version,
        code = KAINTERNALERROR;
        goto abort;
     }
-    des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
-                    schedule, &authSessionKey, ENCRYPT);
+    DES_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
+                    &schedule, ktc_to_cblockptr(&authSessionKey), ENCRYPT);
     code = ubik_EndTrans(tt);
     KALOG(name, instance, sname, sinstance, (import ? authDomain : NULL),
-         call->conn->peer->host, LOG_GETTICKET);
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_GETTICKET);
     return code;
 
   abort:
@@ -2006,7 +1992,7 @@ SKAT_GetTicket(struct rx_call *call,
 }
 
 afs_int32
-SKAM_GetStats(struct rx_call *call, afs_int32 version, 
+SKAM_GetStats(struct rx_call *call, afs_int32 version,
              afs_int32 *admin_accounts, kasstats *statics,
              kadstats *dynamics)
 {
@@ -2018,7 +2004,7 @@ SKAM_GetStats(struct rx_call *call, afs_int32 version,
 }
 
 afs_int32
-kamGetStats(struct rx_call *call, afs_int32 version, 
+kamGetStats(struct rx_call *call, afs_int32 version,
            afs_int32 *admin_accounts, kasstats *statics,
            kadstats *dynamics)
 {
@@ -2105,8 +2091,7 @@ afs_int32
 kamGetPassword(struct rx_call *call, char *name, EncryptionKey *password)
 {
     int code = KANOAUTH;
-    COUNT_REQ(GetPassword);
-
+    AFS_UNUSED COUNT_REQ(GetPassword);
 #ifdef GETPASSWORD
     {
        afs_int32 to;
@@ -2164,10 +2149,10 @@ kamGetRandomKey(struct rx_call *call, EncryptionKey *key)
 {
     int code;
 
-    COUNT_REQ(GetRandomKey);
+    AFS_UNUSED COUNT_REQ(GetRandomKey);
     if ((code = AwaitInitialization()))
        return code;
-    code = des_random_key(key);
+    code = DES_new_random_key(EncryptionKey_to_cblock(key));
     if (code)
        return KANOKEYS;
     return 0;
@@ -2246,7 +2231,7 @@ kamDebug(struct rx_call *call,
     return 0;
 }
 
-/* these are auxiliary routines. They don't do any Ubik stuff.  They use 
+/* these are auxiliary routines. They don't do any Ubik stuff.  They use
  * a tacked-on-the-side data file.
  * prob'ly ought to check the noauth flag.
  */
@@ -2255,12 +2240,12 @@ afs_int32
 SKAM_Unlock(struct rx_call *call,
            char *aname,
            char *ainstance,
-           afs_int32 spare1, 
-           afs_int32 spare2, 
-           afs_int32 spare3, 
+           afs_int32 spare1,
+           afs_int32 spare2,
+           afs_int32 spare3,
            afs_int32 spare4)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 caller;
     afs_int32 to;
@@ -2281,8 +2266,8 @@ SKAM_Unlock(struct rx_call *call,
     kaux_write(to, 0, 0);      /* zero failure counters at this offset */
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
-         LOG_UNLOCK);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_UNLOCK);
     goto exit;
 
   abort:
@@ -2300,12 +2285,12 @@ SKAM_LockStatus(struct rx_call *call,
                char *aname,
                char *ainstance,
                afs_int32 *lockeduntil,
-               afs_int32 spare1, 
-               afs_int32 spare2, 
-               afs_int32 spare3, 
+               afs_int32 spare1,
+               afs_int32 spare2,
+               afs_int32 spare3,
                afs_int32 spare4)
 {
-    register int code;
+    int code;
     struct ubik_trans *tt;
     afs_int32 callerIndex;
     afs_int32 to;
@@ -2326,7 +2311,7 @@ SKAM_LockStatus(struct rx_call *call,
        goto abort;
 
     if (!noAuthenticationRequired && callerIndex) {
-       if (karead(tt, callerIndex, &caller, sizeof(caller))) {
+       if (karead(tt, callerIndex, (char *)&caller, sizeof(caller))) {
            code = KAIO;
            goto abort;
        }