summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Support ASN.1 encoding without the outer tagGreg Hudson2012-01-061-113/+135
| | | | | | | | | | | | | | | | In order to support implicit tagging, make it possible to ASN.1-encode a value without its outer tag, instead remembering the construction bit of the omitted tag. A cleaner design would be to have separate functions for encoding a value's contents and its tag. However, we can't do that for atype_fn or atype_opaque, and the possible indirections between types and fields mean we want to stay at the "encode everything" level for as long as possible to allow implicit tagging of the largest possible subset of types. If we can get rid of atype_fn, we may be able to switch to the cleaner design with some adjustments to atype_opaque. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25613 dc483132-0cff-0310-8789-dd5450dbe970
* Use content-only ASN.1 primitivesGreg Hudson2012-01-063-339/+245
| | | | | | | | | | | | | | | As part of implicit tag support, rework ASN.1 encoding primitives so that they encode only content, not tags. Combine primitives which become identical with this change. The new atype_primitive type invokes a primitive encoder and adds a tag. atype_fn_len is split into atype_string and atype_opaque, both of which are hardcoded to use asn1_encode_bytestring. For the encoders still using macros, create asn1_addprimitive, asn1_addinteger, and asn1_addstring macros which call the primitive encoder function and add a tag. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25612 dc483132-0cff-0310-8789-dd5450dbe970
* Make ASN.1 struct atype_info more extensibleGreg Hudson2012-01-062-115/+161
| | | | | | | | | | Instead of including all of the possible type fields in struct atype_info, use a pointer to a type-specific structure. This might save a little space, but more importantly, if we get to the point of exposing this stuff across plugin APIs, it allows ASN.1 type information to be extensible via defining new atype_type values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25611 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing test cases for ASN.1 typesGreg Hudson2012-01-0610-3/+446
| | | | | | Add test cases for ASN.1 types which didn't previously have them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25610 dc483132-0cff-0310-8789-dd5450dbe970
* Add test cases for PKINIT ASN.1 encodersGreg Hudson2012-01-068-15/+751
| | | | | | | | | | | | Do not add decode tests, because those would trip some bugs in the decoders, and we can't safely fix some of those bugs without interop testing. Encode tests are sufficient to detect when we unintentionally change the output of the encoders. Fix trval2() not to use the context shortcut on primitive context tags. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25609 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify and reformat ASN.1 test codeGreg Hudson2012-01-069-1754/+1191
| | | | | | Use abort-on-error memory allocation to reduce failure handling. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25608 dc483132-0cff-0310-8789-dd5450dbe970
* Fix asn1_encode_subject_pk_info without paramsGreg Hudson2012-01-061-2/+4
| | | | | | | | r20923 inadvertently broke asn1_encode_subject_pk_info in the case where algorithm.parameters.length == 0. Fortunately this case never happens, but fix it anyway. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25607 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused functions (older API residue) krb5_realm_iterator* and ↵Zhanna Tsitkov2012-01-047-174/+1
| | | | | | krb5_free_realm_string git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25606 dc483132-0cff-0310-8789-dd5450dbe970
* Fix implicit declaration in ksu for some buildsGreg Hudson2011-12-281-0/+1
| | | | | | | | | ksu's setenv implementation needs to include <string.h> for memcpy. Patch from basch@alum.mit.edu. ticket: 7057 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25605 dc483132-0cff-0310-8789-dd5450dbe970
* Fix an unlikely memory leak in r25591Greg Hudson2011-12-271-1/+1
| | | | | | ticket: 6936 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25604 dc483132-0cff-0310-8789-dd5450dbe970
* Updated env variable sections, formating and other correctionsZhanna Tsitkov2011-12-2210-70/+164
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25602 dc483132-0cff-0310-8789-dd5450dbe970
* Stop using krb5_typed_data structure typeGreg Hudson2011-12-2118-94/+37
| | | | | | | | | | | | Use the krb5_pa_data structure type when encoding or decoding TYPED-DATA. Leave the krb5_typed_data structure definition in krb5.h with a comment saying not to use it. Remove krb5_free_typed_data (which was never declared in krb5.h). Remove some vestigial accessor stuff related to PKINIT encoding and decoding TYPED-DATA, which was unneeded since r25483. Bump the accessor structure version to 19 accordingly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25601 dc483132-0cff-0310-8789-dd5450dbe970
* Stop using krb5_octet_dataGreg Hudson2011-12-2118-214/+242
| | | | | | | | For consistency with the rest of the code base, make PKINIT use krb5_data as a pointer/length container. Leave krb5_octet_data and krb5_free_octet_data behind for API compatibility. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25600 dc483132-0cff-0310-8789-dd5450dbe970
* Remove MITKC logo from the treeZhanna Tsitkov2011-12-202-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25599 dc483132-0cff-0310-8789-dd5450dbe970
* Table of Contents.hhc -> Table_of_Contents.hhcGreg Hudson2011-12-202-2/+2
| | | | | | | | | Avoid using spaces in filenames as it makes searching the source tree less convenient on Unix. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25598 dc483132-0cff-0310-8789-dd5450dbe970
* Correct typos and formatingZhanna Tsitkov2011-12-192-43/+46
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25594 dc483132-0cff-0310-8789-dd5450dbe970
* Fix make depend in unbuilt build treeGreg Hudson2011-12-173-0/+17
| | | | | | | Add dependency rules so that "make depend" succeeds from a fresh build tree. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25593 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid using itertools.permutations in k5testGreg Hudson2011-12-171-2/+2
| | | | | | | | | | k5test is only supposed to require Python 2.4, but cross_realms uses itertools.permutations which is new in 2.6. Use a list display instead. ticket: 7054 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25592 dc483132-0cff-0310-8789-dd5450dbe970
* Do mech fallback for first SPNEGO context tokenGreg Hudson2011-12-161-8/+37
| | | | | | | | | | | | | | | | When producing the first SPNEGO security context token, if the first mechanism's init_sec_context fails, fall back to a later mechanism. This fixes a regression in 1.10 for SPNEGO initiators using non-krb5 credentials. The identity selection work causes errors to be deferred from krb5's acquire_cred in some cases, which means SPNEGO doesn't see an error until it tries the krb5 init_sec_context. ticket: 6936 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25591 dc483132-0cff-0310-8789-dd5450dbe970
* Verify acceptor's mech in SPNEGO initiatorGreg Hudson2011-12-162-78/+44
| | | | | | | | | | | | | | In spnego_gss_ctx_id_rec, store the set of negotiable mechanisms as well as the currently selected internal_mech, which becomes an alias into mech_set. In init_ctx_reselect, locate the acceptor's counter- proposal in sc->mech_set and consider the token defective if it is not found. ticket: 7053 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25590 dc483132-0cff-0310-8789-dd5450dbe970
* FormatingZhanna Tsitkov2011-12-151-21/+51
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25589 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_server_decrypt_ticket_keytab wrongly succeedsGreg Hudson2011-12-131-2/+1
| | | | | | | | | | | | If krb5_server_decrypt_ticket_keytab doesn't find a key of the appropriate enctype in an iterable keytab, it returns 0 (without decrypting the ticket) due to a misplaced initialization of retval. This bug causes kinit -k to claim "keytab entry valid" when it shouldn't. Reported by mark@mproehl.net. ticket: 7051 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25584 dc483132-0cff-0310-8789-dd5450dbe970
* kfw leash: fix bad data in get tickets dialog when -autoinit specifiedTom Yu2011-12-121-5/+5
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25583 dc483132-0cff-0310-8789-dd5450dbe970
* kfw leash help: fix/add aliases for command helpTom Yu2011-12-122-2/+8
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25582 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: remove line breaks from html to fix table of contents generationTom Yu2011-12-1219-104/+52
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25581 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: install leash help file (leash.chm)Tom Yu2011-12-122-11/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25580 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: "make install" installs htmlhelp (leash.chm)Tom Yu2011-12-121-0/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25579 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: use html help in leashTom Yu2011-12-122-10/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25578 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: leash htmlhelp file sourceTom Yu2011-12-12114-1/+4534
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25577 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: add site-local.wxiTom Yu2011-12-121-0/+106
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25576 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: leash32.pdb->leash.pdbTom Yu2011-12-121-2/+1
| | | | | | ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25575 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: "make install" also installs pdbsTom Yu2011-12-121-0/+19
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25574 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: install krb5.ini to CommonAppDataFolder, not WindowsFolderTom Yu2011-12-122-12/+16
| | | | | | | | | | ...but only if there isn't already a krb5.ini in the WindowsFolder. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25573 dc483132-0cff-0310-8789-dd5450dbe970
* kfw leash: bracket krb.con code with #ifndef NO_KRB4Tom Yu2011-12-121-1/+2
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25572 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: use _WIN64 names where appropriateTom Yu2011-12-122-3/+7
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25571 dc483132-0cff-0310-8789-dd5450dbe970
* kfw leash: add -console option to create console for debug outputTom Yu2011-12-124-0/+172
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25570 dc483132-0cff-0310-8789-dd5450dbe970
* Split cci_thread_init into per-process and per-thread portionsTom Yu2011-12-129-72/+101
| | | | | | | | | | | | | | | | | Call the per-thread code on thread attach and per-process once per process. Previously, while the function was named 'thread', it was only actually called once per process. Currently, the per-thread code does nothing on non-windows platforms and is not even actually invoked. Fixes a windows bug when multiple non-main threads try to use ccapi at the same time. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25569 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: rename leash32/64.exe to simply leash.exeTom Yu2011-12-126-20/+13
| | | | | | | | Also install leash.exe in 64 bit installer. ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25568 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: purge bufferoverflowu from custom.dllTom Yu2011-12-121-3/+0
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25567 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: fix 'K5_ORIGINAL_NAME' for 64 bit dllsTom Yu2011-12-121-14/+14
| | | | | | | | | | ...still need to actually to define _WIN64 for rc.exe though Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25566 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: generate leash shortcuts (desktop and start menu)Tom Yu2011-12-121-5/+10
| | | | | | | | | | ...also install xpprof64 Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25565 dc483132-0cff-0310-8789-dd5450dbe970
* kfw: generate manifestsTom Yu2011-12-121-1/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25564 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fixes: ccapiserver only quits after all clients detachTom Yu2011-12-123-6/+14
| | | | | | | | | | Not sure if this is really a good idea or not... Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25563 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fixes: fix _snprintf usage; use full error code in leash_error_messageTom Yu2011-12-121-2/+3
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25562 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fix: restructure low ticket warning popup code to workaround mfc bugTom Yu2011-12-122-4/+32
| | | | | | | | | | | | | | | mfc bug causes assertions when dialog is generated from within PreTranslateMessages() (MSG input param points to a global variable which is corrupted in the dialog message loop). So we need to instead PostMessage() to cause the popup later. Also fixed logic to cause warning dialog to actually be modal as intended when the leash window is not minimized. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25561 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fix: int -> size_t to fix warning in krb5routines.cTom Yu2011-12-121-1/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25560 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fixes: krb5_get_init_creds_opt_init->krb5_get_init_creds_opt_allocTom Yu2011-12-124-20/+54
| | | | | | | | | | Should enable leash to generate config credentials (needs verification!) Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25559 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fixes: define USE_MESSAGE_BOX in leashdll code for user feedbackTom Yu2011-12-121-1/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25558 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fix: Add custom "Password incorrect" message to Leash_int_kinit_ex()Tom Yu2011-12-121-3/+3
| | | | | | | | | | Overrides obscure KRB5KRB_AP_ERR_BAD_INTEGRITY message. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25557 dc483132-0cff-0310-8789-dd5450dbe970
* kfw fix: make Leash_kdestroy() actually destroy k5 ticketsTom Yu2011-12-121-0/+3
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25556 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 04:11:50 +0000