summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* * configure.in: Check for sys/time.h and time.hKen Raeburn2004-02-092-0/+6
| | | | | | | ticket: 2224 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16034 dc483132-0cff-0310-8789-dd5450dbe970
* no license on k5sealv3.cKen Raeburn2004-02-081-2/+28
| | | | | | | | | | Updated copyright notice to include standard license for release. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16028 dc483132-0cff-0310-8789-dd5450dbe970
* * update usage() for gss-clientJeffrey Altman2004-02-073-1/+7
| | | | | | ticket: 2212 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16027 dc483132-0cff-0310-8789-dd5450dbe970
* Enable aes128-cts for clientSam Hartman2004-02-062-0/+5
| | | | | | | | | | | | | Currently we support aes128-cts but do not enable it by default. It looks like interoperability problems will be created by this decision. So add aes128-cts to the default list of enctypes for client configuration and for permitted_enctypes. Ticket: new Target_Version: 1.3.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16026 dc483132-0cff-0310-8789-dd5450dbe970
* Do not consider TGS options to be critical; ignore unknown optionsSam Hartman2004-02-062-6/+7
| | | | | | | Ticket: 2189 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16025 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-06 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-066-25/+80
| | | | | | | | | | | | | * Add new UI components to the gss.exe client to support the use of GSS_C_SEQUENCE_FLAG or to disable the use of either GSS_C_MUTUAL_FLAG or GSS_C_REPLAY_FLAG ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16024 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-06 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-063-14/+36
| | | | | | | | | | | * Add new command line switches to the gss-client to support the use of GSS_C_SEQUENCE_FLAG or to disable the use of either GSS_C_MUTUAL_FLAG or GSS_C_REPLAY_FLAG ticket: 2212 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16023 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-05 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-064-7/+24
| | | | | | | | | | | | | | | | | | * gssapiP_krb5.h: remove KG_IMPLFLAGS macro * init_sec_context.c (init_sec_context): Expand KG_IMPLFLAGS macro with previous macro definition * accept_sec_context.c (accept_sec_context): Replace KG_IMPLFLAGS macro with new definition. As per 1964 the INTEG and CONF flags are supposed to indicate the availability of the services in the client. By applying the previous definition of KG_IMPLFLAGS the INTEG and CONF flags are always on. This can be a problem because some clients such as Microsoft's Kerberos SSPI allow CONF and INTEG to be used independently. By forcing the flags on, we would end up with inconsist state with the client. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16022 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for specifying the credential cache to be used as wellJeffrey Altman2004-02-057-37/+160
| | | | | | | | | | as fix a few minor user interface bugs ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16021 dc483132-0cff-0310-8789-dd5450dbe970
* Remove reference to the ntstatus.h header in cc_mslsa.cJeffrey Altman2004-02-042-1/+6
| | | | | | | | | | | This header is not present in the August 2001 Platform SDK which is the current minimum SDK version. ticket: new tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16020 dc483132-0cff-0310-8789-dd5450dbe970
* update for krb5-1.3.2-beta2Tom Yu2004-02-031-8/+23
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16015 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-02 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-032-1/+22
| | | | | | | | | | | | | | | | | | * cc_msla.c: GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the value to assign to TicketRequest->TicketFlags. This field is blindly inserted into the kdc-options[0] field of the TGS_REQ. If there are bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result in an unknown TGS_OPTION being processed by the KDC. This has been fixed by mapping the Ticket Flags to KDC options. We only map Forwardable, Forwarded, Proxiable, and Renewable. The others should not be used. ticket: 2190 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16013 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c: the MSLSA code was crashing on Pismere machines whenJeffrey Altman2004-02-022-10/+36
| | | | | | | | | | | | | | | | | | | | logging on with cross realm credentials. On these machines there are 8 tickets within the LSA cache from two different realms. One of the krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe processes. The attempt to access the ticket returns a SubStatus code of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that the logon attempt was invalid due to bad authentication information. kerbtray has no problem listing this ticket. The other seven tickets in the cache including the Initial Ticket are accessible. Modified krb5_lcc_next_cred() to skip to the next ticket if an attempt to read a single ticket fails. ticket: 2184 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15997 dc483132-0cff-0310-8789-dd5450dbe970
* * Update README to describe the new PreserveInitialTicketIdentityJeffrey Altman2004-02-022-0/+41
| | | | | | | | registry key. ticket: 2139 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15996 dc483132-0cff-0310-8789-dd5450dbe970
* missing headerJeffrey Altman2004-02-011-0/+3
| | | | | | ticket: 2183 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15995 dc483132-0cff-0310-8789-dd5450dbe970
* * Do not perform ticket importing if the initial TGT is not availableJeffrey Altman2004-02-012-2/+48
| | | | | | | | | | | from the MSLSA krb5_ccache. This will be the case if the session key enctype is NULL. (AllowTGTSessionKey regkey = 0) ticket: new target: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15994 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c: optimize the get_next logic by storing a handle to theJeffrey Altman2004-02-012-18/+30
| | | | | | | | | | MS TGT in the lcc_cursor data structure ticket:new tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15993 dc483132-0cff-0310-8789-dd5450dbe970
* * gss-misc.c: Include sys/time.h or time.h, to get struct timeval declarationKen Raeburn2004-01-312-14/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15992 dc483132-0cff-0310-8789-dd5450dbe970
* Do not export tickets from the LSA if they contain NULL session keys.Jeffrey Altman2004-01-312-6/+19
| | | | | | | | | | This is primarily to prevent unusable TGTs from being imported into the MIT Credential Cache ticket: 2153 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15991 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-01-30 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-01-312-20/+98
| | | | | | | | | | | | | | | | | | | | * cc_mslsa.c: As per extensive conversations with Doug Engert we have concluded that MS is not specifying a complete set of domain information when it comes to service tickets other than the initial TGT. What happens is the client principal domain cannot be derived from the fields they export. Code has now been added to obtain the domain from the initial TGT and use that when constructing the client principals for all tickets. This behavior can be turned off by setting a registry either on a per-user or a system-wide basis: {HKCU,HKLM}\Software\MIT\Kerberos5 PreserveInitialTicketIdentity = 0x0 (DWORD) ticket: 2139 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15990 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for Addressless Ticket Checkbox. Applied patch from Doug EngertJeffrey Altman2004-01-317-4/+29
| | | | | | | | ticket: 982 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15989 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-01-30 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-01-312-2/+42
| | | | | | | | | | Update the README file to include details on the new Windows registry key necessary to access the TGT session key when importing from MSLSA. Also, include compatibility details regarding the gss sample client and the Microsoft Platform SDK distributed versions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15988 dc483132-0cff-0310-8789-dd5450dbe970
* A near complete re-write of the gss sample client on windows. Supports theJeffrey Altman2004-01-318-386/+1295
| | | | | | | | | | | | | | | | | current protocol implemented in the Unix gss sample applications as well as a new User Interface making this one neat testing tool. There are still many little kinks to get out in a future version. The sliders for the Call Count and the Message Count do not have text strings indicating their current value. They slide from 1 to 20. And the known Mechanism strings should be accessible in the drop down list. A documentation file on how to use the tool would be a good addition. ticket: 2144 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15987 dc483132-0cff-0310-8789-dd5450dbe970
* Address issues discovered while testing updated Windows gss sample client.Jeffrey Altman2004-01-303-145/+161
| | | | | | | | | | | A Missing parameter to a sign_server call in gss-server.c and the need for a select() call in read_all() to prevent blocking indefinitely. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15986 dc483132-0cff-0310-8789-dd5450dbe970
* prof-int.h should include pthread.h when USE_PTHREADS is definedAlexandra Ellwood2004-01-302-0/+11
| | | | | | ticket: 2180 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15985 dc483132-0cff-0310-8789-dd5450dbe970
* Updated for new source files in krb5Alexandra Ellwood2004-01-301-916/+962
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15984 dc483132-0cff-0310-8789-dd5450dbe970
* need more testing support for MSKen Raeburn2004-01-273-3/+43
| | | | | | | | | | | | | | | | | | This should allow use of the CFX_EXERCISE code to better check interoperability of MS and MIT code with regard to future extensibility. * init_sec_context.c (make_gss_checksum) [CFX_EXERCISE]: Don't crash on null pointer in debugging code. (new_connection): Disable CFX_EXERCISE unknown-token-id case detection. * accept_sec_context.c (krb5_gss_accept_sec_context) [CFX_EXERCISE]: Log to /tmp/gsslog whether delegation or extra option bytes were present. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15983 dc483132-0cff-0310-8789-dd5450dbe970
* update for krb5-1.3.2-beta1Tom Yu2004-01-071-5/+19
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15978 dc483132-0cff-0310-8789-dd5450dbe970
* fix typosJeffrey Altman2004-01-073-5/+5
| | | | | | | ticket: 2106 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15975 dc483132-0cff-0310-8789-dd5450dbe970
* Add stub function implementations to support krb5_cc_remove_cred() whichJeffrey Altman2004-01-066-5/+57
| | | | | | | | | | | would cause a null pointer dereference if called. The new KRB5_CC_NOSUPP error is returned to indicate the lack of implementation. ticket: 2106 target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15974 dc483132-0cff-0310-8789-dd5450dbe970
* Only backdate the ticket that is created. The KDC reply must containSam Hartman2004-01-052-5/+10
| | | | | | | | | | | the time from the client's request or the client will fail its clockskew check if the request is backdated too far. Ticket: 2058 Target_Version: 1.3.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15965 dc483132-0cff-0310-8789-dd5450dbe970
* * init_sec_context.c: Include auth_con.h if CFX_EXERCISE is defined.Ken Raeburn2004-01-053-15/+48
| | | | | | | | | | | | | | | (make_gss_checksum) [CFX_EXERCISE]: If the key enctype is aes256, insert some stuff after the delegation slot. (new_connection) [CFX_EXERCISE]: Don't send messages with bogus token ids. * accept_sec_context.c (krb5_gss_accept_sec_context): Don't discard the delegation flag; only look for a delegation if the flag is set, and only look for delegation, not other options. Ignore any other data there. ticket: 2079 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15964 dc483132-0cff-0310-8789-dd5450dbe970
* * win-mac.h: conditionally define strcasecmp/strncasecmp macrosJeffrey Altman2004-01-052-0/+9
| | | | | | | | | | only if they do not already exist. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15963 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Use AC_HELP_STRING for kdc-replay-cache option infoKen Raeburn2003-12-282-4/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15962 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (LOCAL_SUBDIRS): Fix typo in last (undocumented) changeKen Raeburn2003-12-282-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15961 dc483132-0cff-0310-8789-dd5450dbe970
* move some basic header and function checks from lib/krb5 to includeKen Raeburn2003-12-244-5/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15960 dc483132-0cff-0310-8789-dd5450dbe970
* * README: update requirements for compilation tools, DNS supportJeffrey Altman2003-12-222-23/+119
| | | | | | | | | | | and describe new MSLSA: credential cache and how to configure Windows to use it. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15959 dc483132-0cff-0310-8789-dd5450dbe970
* * dnssrv.c: wrap the entire module in #ifdef KRB5_DNS_LOOKUP to preventJeffrey Altman2003-12-222-0/+7
| | | | | | | | | | | the dependency on the resolver library when DNS functionality is not being compiled into the krb5 library. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15958 dc483132-0cff-0310-8789-dd5450dbe970
* * fake-addrinfo.h: Include stdio.hKen Raeburn2003-12-202-0/+6
| | | | | | ticket: 2016 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15957 dc483132-0cff-0310-8789-dd5450dbe970
* * util_crypt.c (kg_encrypt, kg_decrypt): Input pointer now points to const.Ken Raeburn2003-12-204-5/+12
| | | | | | | * gssapiP_krb5.h: Declarations updated. * util_seed.c (zeros): Now const. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15956 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapi_generic.c (const_oids): Renamed from oids, and now const.Ken Raeburn2003-12-202-1/+8
| | | | | | (oids): New macro, casts const_oids to non-const pointer for use in initializers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15955 dc483132-0cff-0310-8789-dd5450dbe970
* * realm_iter.c (krb5_realm_iterator_create): Array NAMES is now constKen Raeburn2003-12-202-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15954 dc483132-0cff-0310-8789-dd5450dbe970
* * prof_get.c (profile_iterator_create): NAMES argument points to const pointers.Ken Raeburn2003-12-203-2/+8
| | | | | | * profile.hin (profile_iterator_create): Declaration updated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15953 dc483132-0cff-0310-8789-dd5450dbe970
* * prompter.c (catch_signals, restore_signals): Take pointer to old signalKen Raeburn2003-12-202-28/+37
| | | | | | | | | | | | handler info as new argument. (osiginfo): New typedef. (setup_tty, restore_tty): Take pointer to old signal handler info and old termios settings as new arguments. (krb5_prompter_posix): Pass the extra arguments, addresses of new automatic variables. (osigint, saveparm): Variables deleted. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15952 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (STLIBOBJS, OBJS, SRCS): Don't build promptusr.cKen Raeburn2003-12-202-8/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15951 dc483132-0cff-0310-8789-dd5450dbe970
* oops. actually do the #undef DEBUGKen Raeburn2003-12-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15950 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (default_debug_handler, put, putstr): Define only if DEBUG isKen Raeburn2003-12-202-1/+11
| | | | | | | | defined. (DEBUG): Don't define. (krb5int_sendtokdc_debug_handler): Initialize to null if DEBUG is not defined. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15949 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (get_in_tkt_enctypes): Now constKen Raeburn2003-12-202-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15948 dc483132-0cff-0310-8789-dd5450dbe970
* * arcfour.c (l40): Now constKen Raeburn2003-12-202-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15947 dc483132-0cff-0310-8789-dd5450dbe970
* * arcfour.c (arcfour_weakkey1, arcfour_weakkey2, arcfour_weakkeys): Now constKen Raeburn2003-12-202-7/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15946 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-11-13 07:06:27 +0000