| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sphinx's idea of the version number appears in the man pages and
compiled PDF documents, and shows up as metadata in the generated
HTML sources.
Extract the version information from the master source (patchlevel.h)
into a form usable by Sphinx.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
| |
We recently added documentation of the Camellia enctypes; rebuild
the in-tree man page to pick them up.
ticket: 7439
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
The LDAP module doesn't support locking. There's code to ignore this
in load but not in dump. dump used to only lock for iprop dumps, but
now locks all the time after e65a16d898f3a686525e83661f4fd86c76e27bbf
(#7384), causing it to fail with LDAP.
ticket: 7445 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7439 (new)
target_version: 1.11
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Remove the potentially misleading "experimental" annotation on the
description of the Camellia encryption feature. Also update the I-D
version to match the IESG-approved version.
ticket: 7437 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7436 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7431
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
| |
Avoid using "rst_composite" as the target name for building the
rst_composite directory, since we can't give it proper dependencies.
Instead use the target name "composite", which (like "html", "clean",
etc.) doesn't correspond to the name of a file or directory created by
the build rules.
|
| |
|
|
|
|
| |
ticket: 7429 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Release the cc_config_in and cc_config_out fields of a
krb5_init_creds_context when freeing the context.
ticket: 7428 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
Add an internal json function to make it easier to detect if an object
is empty, and use it to avoid creating a ccache config entry for
preauth module config data if there isn't any to save.
ticket: 7427 (new)
target_version: 1.11
tags: pullup
|
| | |
|
| |
|
|
| |
The fencepost error was illusory.
|
| |
|
|
|
|
|
|
| |
[ghudson@mit.edu: avoid verto.h header dependency; minor fixes]
ticket: 7426 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7425 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7424 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Move where we record the selected preauth type so that we never record
an informational preauth type, only a real one.
ticket: 7422 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
| |
ticket: 7421
|
| |
|
|
|
|
| |
ticket: 7420 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
For the responder callback signature, put the closure argument just
after the context, and use KRB5_CALLCONV. These changes make the
signature consistent with most other libkrb5 callbacks.
ticket: 7419 (new)
target_version: 1.11
tags: pullup
|
| | |
|
| |
|
|
|
| |
PA_PSEUDO only has meaning for kdcpreauth modules. Don't use it in
the flags method of the pkinit clpreauth module.
|
| |
|
|
|
|
|
|
|
|
| |
Some recently added test programs under lib/krb5 didn't have their
source files added to the appropriate Makefile.in variables, and
weren't getting dependencies as a result.
ticket: 7418 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
* Avoid space-before-paren false positives on some function pointer
declarations by checking the identifier for simple type names.
* Check for space before close parenthesis.
* Check (carefully) for asymmetric spaces around binary operators.
* Handle nesting when checking for 2+ line flow control bodies.
* Check for asymmetric bracing around else statements.
|
| |
|
|
|
|
| |
ticket: 7417 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
* Save the vendor name of the token we used to create the challenge.
* If we saved the name of a token vendor previously, prune out any
tokeninfos which contain different vendor names.
ticket: 7416 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
Commit bc096a77ffdab283d77c2e0fc1fdd15b9f77eb41 altered the internal
contracts relating to salts, but neglected to adjust the sam2 preauth
code to match. Do that now.
ticket: 7415 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
| |
Now that krb5-1.11 is branched, the master branch is
krb5-1.12-prerelease.
|
| | |
|
| | |
|
| |
|
|
| |
To pick up the section/subsection correction for SYNOPSIS.
|
| |
|
|
|
| |
SYNOPSIS is a first-level section, and should use '-' like the other
sections.
|
| |
|
|
|
|
|
|
| |
* Keep track of the names of client identities when we load them.
* Store the client identity we just used when we create or retry a
client request.
* If we read a client identity from the configuration, treat it like the
KDC does: pick the "this is it, there is no other" logic branch.
|
| |
|
|
|
|
|
|
|
|
|
| |
* Read a "pa_config_data" item from an in_ccache, if provided, and add a
callback which client preauth plugins can use to retrieve a string
value from it that's keyed by a string.
* Add a callback which client preauth plugins can use to provide string
key/value pairs to be stored in the ccache.
* Moves the definition of (struct krb5_clpreauth_rock_st) from k5-int.h
to init_creds_ctx.h to try to reduce the number of files that will
need to include k5-json.h to understand k5_json_value.
|
| |
|
|
| |
To pick up the -I option.
|
| | |
|
| |
|
|
|
|
|
| |
Add the make rules to install the subfiles as man and cat pages,
missed in the previous commit.
Also correct the omission of catpages for the server binaries.
|
| |
|
|
|
| |
Add kadm5.acl, sserver, and sclient to MANSUBS so that we will install
them in the normal build process.
|
| |
|
|
|
|
| |
The old man pages are gone, so we can't install them anymore.
Also clean up install and install-unix targets that were installing
the old man pages by hand.
|
| |
|
|
|
| |
With manual postprocessing to compensate for the sphinx text output
engine mishandling line blocks.
|
| |
|
|
|
| |
The texinfo-generated NOTICE used bullets for some of the lists;
make the RST source consistent with that.
|
| |
|
|
| |
It's wasn't used and wasn't implemented.
|
| |
|
|
|
|
|
| |
In the db2 kdb module, use blocking locks for the policy DB as well as
the principal DB.
ticket: 7359
|
| |
|
|
|
|
|
|
|
| |
* Add a krb5int_build_conf_principals() function to allow our get/set
code to directly prune out duplicate config entries.
* Verify that when we specify a pa_type, it affects whether or not we
will use a particular preauth plugin.
* Verify that we correctly save the KDC's preauth type number, that we
tried to answer, to the out_ccache.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* When producing preauth data, keep track of the type of padata in the
KDC's list of acceptable types which prompted the module to produce
padata.
* After obtaining credentials, store that value as a "pa_type"
configuration item in the out_ccache.
* Read that allowed preauth type from an in_ccache, if possible.
* If we have an allowed preauth type, only call "real" modules that
handle that value when filling in responder items and producing a
client request.
ticket: 7414 (new)
|
| |
|
|
|
|
|
|
| |
Add a krb5_get_init_creds_opt_set_in_ccache() function. An input
ccache may hold configuration data which the client libraries can
use to influence their decisions.
ticket: 7413 (new)
|
| |
|
|
|
|
|
| |
Catch up to the RST content updates.
Lots of .sp vertical space macros are removed, and the output engine
spelles "restructuredText" correctly, now.
|
| |
|
|
| |
Somehow this man page was overlooked, previously.
|
| |
|
|
|
|
|
| |
We generate man pages from RST sources now; they are checked into
the tree in src/man/.
The gen-manpages directory is no longer needed.
|
