| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
| |
and unframed KRB-ERROR messages. Eliminate krb5int_rd_setpw_rep() and
krb5int_setpw_result_code_string() by making the chpw versions of
those functions handle RFC 3244 replies.
ticket: 6893
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24899 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
krb5_change_password() documentation, as it is not a public function.
Do not falsely claim that the result_code_string parameter is unused.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24898 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
/* in open comment.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24894 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
krb5_cc_gen_new() as deprecated
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24893 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24892 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24891 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Since there is conflicting precedent as to whether dotfile man pages
should be installed with or without the leading dot, install the
.k5login man page both ways.
ticket: 6904
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24890 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
misc.h as it is now a static function.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24889 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
where appropriate.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24888 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 6903
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24887 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dispatch() in kadmind's schpw.c could return a failure code with
an allocated response container. net-server.c does not expect this
and leaks the container in the UDP case. Free the container in
dispatch() if we are returning an error.
ticket: 6903
target_version: 1.9.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24886 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 6890
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24885 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
for the sake of static analyzers. (Also, since this is an internal
function, it can be called on a half-constructed MN; checking the type
alone would be insufficient.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24884 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
gss_accept_sec_context after r24645.
ticket: 6813
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24883 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
against libk5crypto, matching the approach used in most other library
unit tests.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24882 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
without allocating the data pointer in the response. This prevents a
later free() of an invalid pointer in kill_tcp_or_rpc_connection().
Also initialize rep->data to NULL in process_chpw_request() and clean
up *response in dispatch() as an additional precaution.
ticket: 6899
tags: pullup
target_version: 1.9.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24878 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24877 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
g_make_string_buffer test, and return GSS_S_FAILURE if it fails.
Reported by snambakam@likewise.com.
ticket: 6898
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24876 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24875 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
content-free source files and better separate IOV stuff from non-IOV
stuff.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24874 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24870 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and make gss_userok a wrapper around it matching the Gnu GSS
prototype. The SPI for gss_authorize_localname doesn't match the API
since we have no way of representing the contents of an internal name
to a mech at the moment. From r24855, r24857, r24858, r24862, r24863,
r24864, r24866, r24867, and r24868 in
users/lhoward/moonshot-mechglue-fixes.
ticket: 6891
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24869 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
name from the keytab if we can, for better compliance with GSSAPI.
ticket: 6897
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24861 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24860 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
principal name from a keytab. Used currently by vfy_increds.c (in
place of its static helper); will also be used when querying the name
of the default gss-krb5 acceptor cred.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24859 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
based on the module's usage flags. From r24794 in
users/lhoward/moonshot-mechglue-fixes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24853 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
When importing a name of type GSS_C_NT_ANONYMOUS, allow the input name
buffer to be null or empty (null is translated into empty before
mechanisms see it).
From r24820 in users/lhoward/moonshot-mechglue-fixes.
ticket: 6896
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24852 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24851 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24844 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Preserve attributes when duplicating a name, using the mechanism's
implementation of gss_duplicate_name if present, or a loop over
the attributes if not.
ticket: 6895
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24843 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a caller passes an empty mech set to gss_acquire_cred, get a cred
for all mechs instead of just the krb5 mech, as we don't know what
mechanism the cred is going to be used with (particularly in the
acceptor case). As a related fix, if a caller passes a credential to
gss_accept_sec_context and it does not contain a mech-specific cred
for the token's mech, error out instead of using the default cred with
the token's mechanism.
ticket: 6894
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24840 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
build_dynamicMech(), breaking the build (since gss_duplicate_name
isn't in gss_mechanism yet). Revert that part of the change.
ticket: 6892
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24839 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
When loading a mech's symbols individually, make sure the symbol we
got wasn't just a mechglue symbol showing through because the mech
was linked against the mechglue. From r24719 in
users/lhoward/moonshot-mechglue-fixes.
ticket: 6892
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24838 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
From r24711 in users/lhoward/moonshot-mechglue-fixes.
ticket: 6891
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24837 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resurrect gss_userok and gss_pname_to_uid in the mechglue. Add krb5
mech implementations using krb5_kuserok and krb5_aname_to_localname,
as well as mechanism-independent implementations based on name
attributes.
From r24710, r24715, r24717, r24731, r24732, r24733, r24734, r24735,
r24747, r24816, and r24819 in users/lhoward/moonshot-mechglue-fixes,
with minor edits.
ticket: 6891
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24836 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24835 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24834 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24833 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24832 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24831 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
a double argument, not %lf.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24830 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
limit is 2MB.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24829 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24828 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
committed by accident.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24827 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
prototype krb5int_nfold instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24826 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24825 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24821 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24815 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
a new function k5_privsafe_check_addrs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24806 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
renamed to k5_privsafe_check_seqnum. Declare it in int-proto.h rather
than k5-int.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24805 dc483132-0cff-0310-8789-dd5450dbe970
|