summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* some debugging code to track down nightly test failuresKen Raeburn2006-10-111-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18679 dc483132-0cff-0310-8789-dd5450dbe970
* skip over verbose (protocol trace) debugging outputKen Raeburn2006-10-111-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18678 dc483132-0cff-0310-8789-dd5450dbe970
* Add bounds-checking assertions before automatic array referenceKen Raeburn2006-10-111-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18677 dc483132-0cff-0310-8789-dd5450dbe970
* Keep just 10/6 version of schema filesKen Raeburn2006-10-104-1935/+429
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18674 dc483132-0cff-0310-8789-dd5450dbe970
* Memory management and Solaris porting fixes from Will FiveashKen Raeburn2006-10-102-5/+35
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18673 dc483132-0cff-0310-8789-dd5450dbe970
* Check for allocation failure. Caught by Will FiveashKen Raeburn2006-10-101-2/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18672 dc483132-0cff-0310-8789-dd5450dbe970
* Don't segfault if a preauth plugin module fails to loadKevin Coffman2006-10-101-1/+2
| | | | | | | | | | | Move the zeroing of the errinfo struct before the call to krb5int_open_plugin_dirs() to prevent segfault in the case where a plugin fails to load. (For example if there are unresolved symbols.) ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18671 dc483132-0cff-0310-8789-dd5450dbe970
* final commits for KFW 3.1 Beta 2Jeffrey Altman2006-10-0925-243/+1078
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | krb5cred.dll (1.1.2.0) - Fix the control logic so that if the password is expired for an identity, the krb5 credentials provider will initiate a change password request. Once the password is successfully changed, the new password will be used to obtain new credentials. - Fix an incorrect condition which caused the new credentials dialog to refresh custom prompts unnecessarily. - Removing an identity from the list of NetIDMgr identities now causes the corresponding principal to be removed from the LRU principals list. - Properly handle KMSG_CRED_PROCESS message when the user is cancelling out. - Add more debug output - Do not renew Kerberos tickets which are not initial tickets. - Fix whitespace in source code. - When providing identity selection controls, disable the realm selector when the user specifies the realm in the username control. - k5_ident_valiate_name() will refuse principal names with empty or unspecified realms. - When updating identity properties, the identity provider will correctly set the properties for identities that were destroyed. This fixes a problem where the values may be incorrect if an identity has two or more credential caches and one of them is destroyed. nidmgr32.dll (1.1.2.0) - Send out a separate notification if the configuration information associated with an identity is removed. - If an identity is being removed from the NetIDMgr identity list in the configuration panel, do not send out APPLY notifications to the subpanels after the configuration information has been removed. Otherwise this causes the configuration information to be reinstated and prevent the identity from being removed. - Properly initialize the new credentials blob including the UI context structure. netidmgr.exe (1.1.2.0) - When suppressing error messages, make sure that the final KMSG_CRED_END notification is sent. Otherwise the new credentials acquisition operation will not be cleaned up. - Autoinit option now checks to see if there are identity credentials for the default identity and triggers the new credentials dialog if there aren't any. - Properly synchronize the configuration node list when applying changes (e.g.: when removing or adding an identity). - Fix a handle leak when removing an identity from the NetIDMgr identity list. - Refresh the properties for the active identities before calculating the renewal and expiration timers. Otherwise the timestamps being used might be incorrect. - Add Identity dialog (in the configuration panel) now uses the identity selection controls provided by the identity provider. - Improve type safety when handling timer refreshes. - When getting the expiration times and issue times for an identity, the timer refresh code may fail over to the expiration and issue times for the credential it is currently looking at. Now the code makes sure that both the issue and expiration times come from the identity or the credential but not mixed. - Not being able to get the time of issue of a credential now does not result in the credential being skipped from the timer refresh pass. However, not having a time of issue will result in the half-life algorithm not being applied for the renew timer. - Fix a bug which caused a credential to be abandoned from the timer refresh pass if the reamining lifetime of the credential is less than the renewal threshold. - Fix a bug where the vertical scroll bars for the hypertext window would not appear when the contents of the window changed. - Trigger a refresh of the configuration nodes when adding or removing an identity. source for (1.1.2.0) - Explicitly include <prsht.h> so that the SDK can be used in build environments that define WIN32_LEAN_AND_MEAN. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18670 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize buffer before calling res_ninitRuss Allbery2006-10-081-0/+1
| | | | | | | | | | | | | | | Per Paul Vixie: It is necessary to zero out the statbuf before calling res_ninit(), or else res_vinit() will call res_nclose() and res_ndestroy() with stack trash as a statbuf, and they will call free() with stack trash, and programs will dump core. Ticket: new Component: krb5-libs Version_Reported: 1.5.1 Target_Version: 1.5.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18669 dc483132-0cff-0310-8789-dd5450dbe970
* fix dependencies properly this timeKen Raeburn2006-10-072-56/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18668 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize accessor fields at compile time, under C99 and GCCKen Raeburn2006-10-071-30/+49
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18667 dc483132-0cff-0310-8789-dd5450dbe970
* Move ASN.1 routines for KDB LDAP plugin into main krb5 library,Ken Raeburn2006-10-0710-97/+250
| | | | | | accessed via krb5int_access. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18666 dc483132-0cff-0310-8789-dd5450dbe970
* Check for ldap_initialize and other functions that Solaris (Mozilla-based)Ken Raeburn2006-10-073-0/+64
| | | | | | | LDAP does not provide, and define versions a couple of them if needed. Based on patches from and discussions with Will Fiveash. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18665 dc483132-0cff-0310-8789-dd5450dbe970
* 10/3 patch from Savitha R, part 3, patch-manpages-schema.diffKen Raeburn2006-10-072-83/+107
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18664 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2006-10-071-27/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18663 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2006-10-071-191/+190
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18662 dc483132-0cff-0310-8789-dd5450dbe970
* Use const pointers for error messages.Ken Raeburn2006-10-074-10/+48
| | | | | | Add some debugging hooks in the libkrb5 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18661 dc483132-0cff-0310-8789-dd5450dbe970
* drop comma at end of enum listKen Raeburn2006-10-071-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18660 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate some warnings and non-gcc build problems:Ken Raeburn2006-10-076-48/+68
| | | | | | | | | | | | | - nested function - bogus pointer casts - C++-style comments - unused variables - variables of same name in nested scopes - if condition syntax - unused function - use of GNU-only strndup() function git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18659 dc483132-0cff-0310-8789-dd5450dbe970
* 10/3 patch from Savitha R, part 2, patch-krb-schema.diffKen Raeburn2006-10-061-419/+342
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18658 dc483132-0cff-0310-8789-dd5450dbe970
* 10/3 patch from Savitha R, part 1, patch-ldap-schema.diffKen Raeburn2006-10-0617-998/+1940
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18657 dc483132-0cff-0310-8789-dd5450dbe970
* schema infoKen Raeburn2006-10-062-0/+1381
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18656 dc483132-0cff-0310-8789-dd5450dbe970
* remove old changelogKen Raeburn2006-10-061-51/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18655 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/ccache/t_cccursor.c: Bugfixes from Ezra to clean upTom Yu2006-10-061-1/+32
| | | | | | | | | memory leaks. ticket: 4389 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18654 dc483132-0cff-0310-8789-dd5450dbe970
* update export listsTom Yu2006-10-062-0/+6
| | | | | | | ticket: 4389 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18653 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-0648-946/+1155
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* cursor for iterating over ccachesTom Yu2006-10-0511-3/+861
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some ccache back ends need per-type cursors implemented. * src/include/k5-int.h: Declare krb5_cc_ptcursor. Update krb5_cc_ops vector to include functions for ptcursor and some not-yet-implemented functionality. * src/include/krb5/krb5.hin: Prototype krb5_cccol_cursor_new, krb5_cccol_cursor_next, krb5_cccol_cursor_free. * src/lib/krb5/ccache/Makefile.in: Compile cccursor.c. Build t_cccursor. * src/lib/krb5/ccache/cccursor.c: Implementation of cursor for iterating over ccaches. * src/lib/krb5/ccache/ccbase.c: Add typecursor functionality for iteration over registered ccache types. * src/lib/krb5/ccache/cc_memory.c: Implmement per-type ccache cursor functionality. * src/lib/krb5/ccache/cc_mslsa.c: * src/lib/krb5/ccache/cc_file.c: * src/lib/krb5/ccache/ccapi/stdcc.c: Add place-holder ops vector entries. * src/lib/krb5/ccache/t_cccursor.c: New test of ccache cursor functionality. * src/lib/krb5/os/ccdefname.c (krb5int_cc_os_default_name): New function to return the OS-specific default ccache name. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18651 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (return_padata): Allocate a padata context if notSam Hartman2006-10-051-0/+3
| | | | | | | | | | already allocated. In the preauth_required path check will not be called to set up the context first. ticket: 4377 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18650 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Kevin Coffman:Ken Raeburn2006-10-051-44/+35
| | | | | | | | | - adds a function to get ccache keycount - uses it in two places - fixes free problem if next_cred fails - simplifies the clearcache function by using keyctl_clear git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18649 dc483132-0cff-0310-8789-dd5450dbe970
* ignore generated source-tree filesKen Raeburn2006-10-050-0/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18648 dc483132-0cff-0310-8789-dd5450dbe970
* fix dependence on config.status to use correct dirKen Raeburn2006-10-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18647 dc483132-0cff-0310-8789-dd5450dbe970
* Add decode_tagged_unsigned_integer, and try to fix signed/unsigned andKen Raeburn2006-10-051-10/+69
| | | | | | | long/int/int32 mixups in ASN.1 decoding. Add comments describing encoding of key data. Don't always parenthesize safe_syncbuf arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18646 dc483132-0cff-0310-8789-dd5450dbe970
* set a more meaningful error message in asn1 decode failure caseKen Raeburn2006-10-051-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18645 dc483132-0cff-0310-8789-dd5450dbe970
* export krb5_ldap_createKen Raeburn2006-10-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18644 dc483132-0cff-0310-8789-dd5450dbe970
* array before test for pointing at entry with the principal. AvoidsEzra Peisach2006-10-041-4/+8
| | | | | | | | | | buffer overflow for end of list. Detected with a hacked up version of valgrind to handle keyring syscalls. krb5_krcc_next_cred: Move initial test if pointing past end of key git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18643 dc483132-0cff-0310-8789-dd5450dbe970
* The keyring code introduced in r18638 also included tests of the KEYRING:Ezra Peisach2006-10-041-1/+37
| | | | | | | | regardless of whether the type is registered or not in the library. Test to see if KEYRING: is registered - and if so - run the tests on it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18642 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-0330-160/+2771
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* configure: Depend on $(AUTOCONF_HEADER) so check-ac-syms will be happierKen Raeburn2006-10-021-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18640 dc483132-0cff-0310-8789-dd5450dbe970
* (AUTOCONF_HEADER): Change to match file's target nameKen Raeburn2006-10-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18639 dc483132-0cff-0310-8789-dd5450dbe970
* Merge Kevin Coffman's keyring ccache branch for Linux, with some modifications:Ken Raeburn2006-10-026-4/+2131
| | | | | | | | | | | | | | | | | | | | | aclocal.m4: Enable keyring ccache if the header and library are available; no configure-time option. No error if it's not found. ccdefname.c: Keep old default of FILE: cache, at least for now. libkrb5.exports: Don't export krb5_krcc_ops. ccbase.c: Only initialize krb5int_krcc_mutex if USE_KEYRING_CCACHE; destroy it in finalization. Define INITIAL_TYPEHEAD macro (for file vs keyring), and use it for initialization and in krb5int_cc_finalize. Re-enable freeing of additional registered-type structures. cc_keyring.c: Avoid calls to com_err from within library. cc_file.c: Punt change; generate_new is badly broken, and we expect to replace it with a new API anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18638 dc483132-0cff-0310-8789-dd5450dbe970
* Nuke old Saber-related stuffKen Raeburn2006-10-021-294/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18637 dc483132-0cff-0310-8789-dd5450dbe970
* kdc: make_toolong_error does not initialize all fields for krb5_mk_errorEzra Peisach2006-10-011-0/+2
| | | | | | | | | | | network.c: make_too_long_error() fails to set the ctime and cusec elements of the krb5_error structure. Valgrind detects errors in the asn.1 encoding handlers in reading an unitialized value. Initialize to 0. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18635 dc483132-0cff-0310-8789-dd5450dbe970
* Update expected results for krb5_get_host_realm with referral patchesKen Raeburn2006-09-301-2/+2
| | | | | | installed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18634 dc483132-0cff-0310-8789-dd5450dbe970
* (get_errmsg): Check for errcode_2_string and release_errcode_stringKen Raeburn2006-09-291-1/+4
| | | | | | being null function pointers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18633 dc483132-0cff-0310-8789-dd5450dbe970
* Fix AIX version of GET_HOST_BY_NAME to use TMP.ent for the result, notKen Raeburn2006-09-281-1/+1
| | | | | | | | the no-longer-defined my_h_ent. ticket: 4256 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18632 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Will Fiveash for "kdb5_util create" support in LDAP, modified toKen Raeburn2006-09-2516-32/+437
| | | | | | | drop separate port-number spec so it'll build with current sources. Not tested because of a bug in the recent Novell patch. :-( git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18616 dc483132-0cff-0310-8789-dd5450dbe970
* Implement renew credential functionality which was inadvertentlyJeffrey Altman2006-09-241-16/+108
| | | | | | | | left out. ticket: 4312 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18609 dc483132-0cff-0310-8789-dd5450dbe970
* Remove now-unused 'port' fieldsKen Raeburn2006-09-221-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18608 dc483132-0cff-0310-8789-dd5450dbe970
* Misc cleanup:Ken Raeburn2006-09-223-338/+334
| | | | | | | | Include header instead of duplicating public decls. Don't use C99-style "//" comments. Reformat a bit to krb5 tree normal style. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18607 dc483132-0cff-0310-8789-dd5450dbe970
* New patch from Savitha, for new principal key storage format in LDAPKen Raeburn2006-09-224-280/+494
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18606 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 03:09:57 +0000