is this krb5 file infected for things like fishing?
/*
* This file is auto generated. Please do not edit it. */
- ifndef __KERBEROS5__
- define __KERBEROS5__
/* This file is generated, please don't edit it directly. */
- ifndef KRB5_KRB5_H_INCLUDED
- define KRB5_KRB5_H_INCLUDED
/* -*- c -*-
* include/krb5.h * * Copyright 1989,1990,1995,2001, 2003, 2007 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * * * General definitions for Kerberos version 5. */
/*
* Copyright (C) 1998 by the FundsXpress, INC. * * All rights reserved. * * Export of this software from the United States of America may require * a specific license from the United States Government. It is the * responsibility of any person or organization contemplating export to * obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of FundsXpress. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. FundsXpress makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * * THIS SOFTWARE IS PROVIDED ``AS IS AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */
- ifndef KRB5_GENERAL__
- define KRB5_GENERAL__
/* By default, do not expose deprecated interfaces. */
- ifndef KRB5_DEPRECATED
- define KRB5_DEPRECATED 0
- endif
- if defined(__MACH__) && defined(__APPLE__)
- include <TargetConditionals.h>
- if TARGET_RT_MAC_CFM
- error "Use KfM 4.0 SDK headers for CFM compilation."
- endif
- endif
- if defined(_MSDOS) || defined(_WIN32)
- include <win-mac.h>
- endif
- ifndef KRB5_CONFIG__
- ifndef KRB5_CALLCONV
- define KRB5_CALLCONV
- define KRB5_CALLCONV_C
- endif /* !KRB5_CALLCONV */
- endif /* !KRB5_CONFIG__ */
- ifndef KRB5_CALLCONV_WRONG
- define KRB5_CALLCONV_WRONG
- endif
- ifndef THREEPARAMOPEN
- define THREEPARAMOPEN(x,y,z) open(x,y,z)
- endif
- define KRB5_OLD_CRYPTO
- include <stdlib.h>
- include <limits.h> /* for *_MAX */
- include <stdarg.h>
- ifndef KRB5INT_BEGIN_DECLS
- if defined(__cplusplus)
- define KRB5INT_BEGIN_DECLS extern "C" {
- define KRB5INT_END_DECLS }
- else
- define KRB5INT_BEGIN_DECLS
- define KRB5INT_END_DECLS
- endif
- endif
KRB5INT_BEGIN_DECLS
- if TARGET_OS_MAC
- pragma pack(push,2)
- endif
- if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= 30203
- define KRB5_ATTR_DEPRECATED __attribute__((deprecated))
- elif defined _WIN32
- define KRB5_ATTR_DEPRECATED __declspec(deprecated)
- else
- define KRB5_ATTR_DEPRECATED
- endif
/* from profile.h */ struct _profile_t; /* typedef struct _profile_t *profile_t; */
/*
* begin wordsize.h */
/*
* Word-size related definition. */
typedef unsigned char krb5_octet;
- if INT_MAX == 0x7fff
typedef int krb5_int16; typedef unsigned int krb5_ui_2;
- elif SHRT_MAX == 0x7fff
typedef short krb5_int16; typedef unsigned short krb5_ui_2;
- else
- error undefined 16 bit type
- endif
- if INT_MAX == 0x7fffffffL
typedef int krb5_int32; typedef unsigned int krb5_ui_4;
- elif LONG_MAX == 0x7fffffffL
typedef long krb5_int32; typedef unsigned long krb5_ui_4;
- elif SHRT_MAX == 0x7fffffffL
typedef short krb5_int32; typedef unsigned short krb5_ui_4;
- else
- error: undefined 32 bit type
- endif
- define VALID_INT_BITS INT_MAX
- define VALID_UINT_BITS UINT_MAX
- define KRB5_INT32_MAX 2147483647
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
- define KRB5_INT32_MIN (-KRB5_INT32_MAX-1)
- define KRB5_INT16_MAX 65535
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
- define KRB5_INT16_MIN (-KRB5_INT16_MAX-1)
/*
* end wordsize.h */
/*
* begin "base-defs.h" */
/*
* Basic definitions for Kerberos V5 library */
- ifndef FALSE
- define FALSE 0
- endif
- ifndef TRUE
- define TRUE 1
- endif
typedef unsigned int krb5_boolean; typedef unsigned int krb5_msgtype; typedef unsigned int krb5_kvno;
typedef krb5_int32 krb5_addrtype; typedef krb5_int32 krb5_enctype; typedef krb5_int32 krb5_cksumtype; typedef krb5_int32 krb5_authdatatype; typedef krb5_int32 krb5_keyusage;
typedef krb5_int32 krb5_preauthtype; /* This may change, later on */ typedef krb5_int32 krb5_flags; typedef krb5_int32 krb5_timestamp; typedef krb5_int32 krb5_error_code; typedef krb5_int32 krb5_deltat;
typedef krb5_error_code krb5_magic;
typedef struct _krb5_data { krb5_magic magic; unsigned int length; char *data; } krb5_data;
typedef struct _krb5_octet_data { krb5_magic magic; unsigned int length; krb5_octet *data; } krb5_octet_data;
/*
* Hack length for crypto library to use the afs_string_to_key It is * equivalent to -1 without possible sign extension * We also overload for an unset salt type length - which is also -1, but * hey, why not....
- /
- define SALT_TYPE_AFS_LENGTH UINT_MAX
- define SALT_TYPE_NO_LENGTH UINT_MAX
typedef void * krb5_pointer; typedef void const * krb5_const_pointer;
typedef struct krb5_principal_data {
krb5_magic magic; krb5_data realm; krb5_data *data; /* An array of strings */ krb5_int32 length; krb5_int32 type;
} krb5_principal_data;
typedef krb5_principal_data * krb5_principal;
/*
* Per V5 spec on definition of principal types */
/* Name type not known */
- define KRB5_NT_UNKNOWN 0
/* Just the name of the principal as in DCE, or for users */
- define KRB5_NT_PRINCIPAL 1
/* Service and other unique instance (krbtgt) */
- define KRB5_NT_SRV_INST 2
/* Service with host name as instance (telnet, rcommands) */
- define KRB5_NT_SRV_HST 3
/* Service with host as remaining components */
- define KRB5_NT_SRV_XHST 4
/* Unique ID */
- define KRB5_NT_UID 5
/* PKINIT */
- define KRB5_NT_X500_PRINCIPAL 6
/* Name in form of SMTP email name */
- define KRB5_NT_SMTP_NAME 7
/* Windows 2000 UPN */
- define KRB5_NT_ENTERPRISE_PRINCIPAL 10
/* Windows 2000 UPN and SID */
- define KRB5_NT_MS_PRINCIPAL -128
/* NT 4 style name */
- define KRB5_NT_MS_PRINCIPAL_AND_ID -129
/* NT 4 style name and SID */
- define KRB5_NT_ENT_PRINCIPAL_AND_ID -130
/* constant version thereof: */ typedef const krb5_principal_data *krb5_const_principal;
- define krb5_princ_realm(context, princ) (&(princ)->realm)
- define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value))
- define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value)
- define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value)
- define krb5_princ_size(context, princ) (princ)->length
- define krb5_princ_type(context, princ) (princ)->type
- define krb5_princ_name(context, princ) (princ)->data
- define krb5_princ_component(context, princ,i) \
(((i) < krb5_princ_size(context, princ)) \ ? (princ)->data + (i) \ : NULL)
/*
* Constants for realm referrals. */
- define KRB5_REFERRAL_REALM ""
/*
* Referral-specific functions. */
krb5_boolean KRB5_CALLCONV krb5_is_referral_realm(const krb5_data *);
/*
* end "base-defs.h" */
/*
* begin "hostaddr.h" */
All Replies (5)
It doesn't look like it, but I do not know the system like you would your own computer. Does it look different from before?
Also do you mean phising?
I made a comparison of this file with the one that you get on the internet as an open-source-product. there is one little difference: the last written line of the open source is like that:
- endif /* __KERBEROS5__ */
and the last line of my computers version is slightly changed:
- endif \* __KERBEROS5__ */
somebody told me, that the open source line is correct, the line of my computer would be incorrect. but this wouldnt change much, the first would be a commentary , and the second just ....nothing special...
so I asked myself: when I need this file and I get it from the internet, why would I change JUST THAT TINY BIT ?
Rachel may get back to you next week. Meanwhile I will add some comments.
Firstly even if I understood the code I do not see anywhere in your original post any of the following
#endif \* __KERBEROS5__ */ endif \* __KER
endif \*
\*
#endif /* __KERBEROS5__ */
endif /* __KER
So I am unable to see what you are trying to point out.
- You may need to post a correction for one of your posts ?
Secondly such discussions would normally be outside the scope of the forum and so it maybe worth asking on some malware or security related forum such as:
- http://www.bleepingcomputer.com/forums/
- http://www.malwarebytes.org/forums/
- http://www.spywarewarrior.com/index.php
- http://www.spywareinfoforum.com/
Or ask on a Mac related site. Surely your OS provides security anyhow. *Why are you needing to try to obtain such a file from the internet ?
As a general uneducated observation. If I see something like that I may wonder
- Is the software I have that generates that file kosher ?
- Could it be obfuscated code ?
Or indications that malicious obfuscated code is present somewhere ?- I am guessing
/*any text */ is a remark and not actioned
\* that the * will act as a delimeter on a single line
The latter possibly harmless in in a config file but setting alarm bells off that something may be wrong.
- I am guessing
As you have asked the question it would be interesting to know the answer you get.
Background info
hello plus99 thank you for your thoughts: the difference between the two files can be found at the end of the two files. you didnt find it, because the whole file is to big . with the search function you will find the the whole programm on the internet. but i hav anoter question : are there files on a computer which admin is not allowed to read or ....
thenks for all
There are files that will not necessarily make sense to read, and data that exists in memory rather than as files on disk.
I do not understand Macs but it is quite possible the OS will try to protect certain files even from Administrators actions but it would seem reasonable to expect an Admin to be able to take ownership of and read any file. A quick web search throws up this article that could be relevant (You appear to be using OS X 10.6)
- Mac OS X 10.6: Setting permissions
http://support.apple.com/kb/PH6732
Details of malware, security and encryption are however beyond my knowledge, and not normally topics to be discussed here. I suggest you try the fora I linked to in my previous post upthread. There is not really anything I can usefully add.