summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* * pre.in (MOVEIFCHANGED): New variableKen Raeburn2007-01-201-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19090 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused fileKen Raeburn2007-01-201-50/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19089 dc483132-0cff-0310-8789-dd5450dbe970
* Remove varargs.h paths, always use stdarg.hKen Raeburn2007-01-207-43/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19088 dc483132-0cff-0310-8789-dd5450dbe970
* Include stdarg.h, and don't conditionalize declarations of functions withKen Raeburn2007-01-201-5/+1
| | | | | | va_list arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19087 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-01-202-16/+36
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19086 dc483132-0cff-0310-8789-dd5450dbe970
* Handle function names immediately preceded by "*", like "*strdup"Ken Raeburn2007-01-201-1/+1
| | | | | | in k5-int.h+krb5.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19085 dc483132-0cff-0310-8789-dd5450dbe970
* Mark as C source for Emacs mode selectionKen Raeburn2007-01-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19084 dc483132-0cff-0310-8789-dd5450dbe970
* Don't define KRB5_PRIVATE, since it's not tested any moreKen Raeburn2007-01-205-13/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19083 dc483132-0cff-0310-8789-dd5450dbe970
* Move all KRB5_PRIVATE declarations from krb5.h(in) to k5-int.h, and drop theKen Raeburn2007-01-202-376/+305
| | | | | | KRB5_PRIVATE preprocessor test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19082 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (private-and-public-decls): New target file, created fromKen Raeburn2007-01-201-3/+5
| | | | | | | | k5-int.h and krb5.h. (verify-calling-conventions-krb5): Use it instead of krb5.h. (clean-unix): Get rid of it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19081 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-int.h instead of krb5.h when 'private' functions are neededKen Raeburn2007-01-2010-10/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19080 dc483132-0cff-0310-8789-dd5450dbe970
* * pre.in (.et.h, .et.c): Use temporary files in the current directory withKen Raeburn2007-01-202-6/+11
| | | | | | | fixed names, instead of incorporating the shell pid. * post.in (clean-unix): Delete the temporary files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19079 dc483132-0cff-0310-8789-dd5450dbe970
* KFW MSI installer correctionsJeffrey Altman2007-01-203-42/+65
| | | | | | | | | | | | | Add missing registry keys and values for Network Identity Manager plug-ins. Correct short names. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19078 dc483132-0cff-0310-8789-dd5450dbe970
* NIM - Context sensitive system tray menu and moreJeffrey Altman2007-01-2024-41/+569
| | | | | | | | | | | | | | Adds context sensitive menus for renew and destroy to the system tray menu. Select either all identities or one of the identities with credentials. Increases the API to 1.1.9 and adds a new interactive callback mechanism. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19077 dc483132-0cff-0310-8789-dd5450dbe970
* Delete t_cccursor on cleanup. Add t_cc and t_cccursor to dependenciesKen Raeburn2007-01-201-1/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19076 dc483132-0cff-0310-8789-dd5450dbe970
* Add t_cccursor to UNIX testsKen Raeburn2007-01-201-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19075 dc483132-0cff-0310-8789-dd5450dbe970
* Added KDC timesyncing support to the CCAPI ccache backend for CCAPI v5 andAlexandra Ellwood2007-01-181-10/+72
| | | | | | | | | later. v5 is the first version of the CCAPI to support the kdc timesyncing API. ticket: 5403 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19071 dc483132-0cff-0310-8789-dd5450dbe970
* In addition to setting the kpasswd port afterJeffrey Altman2007-01-181-1/+3
| | | | | | | | | | searching for kadmind host addresses we must also set the socket type according to the request. ticket: 5393 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19070 dc483132-0cff-0310-8789-dd5450dbe970
* NIM Kerberos 5 Provider correctionsJeffrey Altman2007-01-183-17/+17
| | | | | | | | | | | | | | | | | | | | | | When validating a Kerberos 5 principal name, the request to the KDC should not request forwardable, renewable, or proxiable options as these may be blocked by policy and will result in the return of an error. Always treat the Kerberos 5 principal name as valid unless the KDC returns an error that clearly indicates that the principal name does not exist. Use a MEMORY: ccache for temporary storage instead of an API: ccache. Initialize pointer values with NULL instead of 0. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19069 dc483132-0cff-0310-8789-dd5450dbe970
* NIM Correct Visual Identity Expiration StatusJeffrey Altman2007-01-181-33/+34
| | | | | | | | | | | | | | | | | | | | | The visual status for the identities in NIM 1.1 was based upon the highest alert status of any credential that was associated with the identity. The correct behavior that is now implemented is that the identity status should be based solely upon the expiration state of the credentials obtained by the identity provider. For example, the Kerberos v5 identity provider will based the identity expiration status on the initial TGT. Service tickets with short lifetimes that expire do not prevent the acquisition of additional service tickets. Therefore, the identity should not be listed as expired. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19068 dc483132-0cff-0310-8789-dd5450dbe970
* NIM Kerberos v4 configuration dialog Jeffrey Altman2007-01-181-105/+152
| | | | | | | | | | | The Kerberos v4 options for individual identities was never wired. The controls were visible but they did not do anything. Implement them now for NIM 1.2. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19067 dc483132-0cff-0310-8789-dd5450dbe970
* NIM string tablesJeffrey Altman2007-01-187-85/+85
| | | | | | | | | | | | Update the string tables for NIM so that they are consistent. Always use "Kerberos v5" or "Kerberos v4". Refer to credentials instead of tickets. Do not abbreviate "Network Identity Manager". Etc. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19066 dc483132-0cff-0310-8789-dd5450dbe970
* sendto_kdc.c: use of a variable index into a dynamically Jeffrey Altman2007-01-181-2/+2
| | | | | | | | | | | | | | | | allocated array to determine the sizeof() an object makes it unclear what type of object is involved. It also requires a runtime check instead of a compile time replacement. Not to mention that it could lead to the evaluation of an uninitialized variable as was done in this case. Replace sizeof(array index variable) with sizeof(type). memset() the correct data structure. ticket: 5394 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19065 dc483132-0cff-0310-8789-dd5450dbe970
* * t_cccursor.c (do_chk): Reverse sense of test of do_chk_one return valueKen Raeburn2007-01-171-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19064 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo in checked-in versionKen Raeburn2007-01-161-1/+1
| | | | | | ticket: 5349 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19063 dc483132-0cff-0310-8789-dd5450dbe970
* This commit adds two new functions, krb5_server_decrypt_ticket_keyblock Jeffrey Altman2007-01-166-11/+160
| | | | | | | | | | | | | | | | | (private) and krb5_server_decrypt_ticket_keytab (public). These functions take a krb5_ticket as input and decrypt it using the provided key data. The public function is useful for higher level application protocols such a TLS-KRB5 and AFS RX-KRB5 which exchange a service but do not use the AP-REQ/AP-REP messages. This commit also adds new functionality to kvno which permits kvno when provided a keytab as input to verify whether or not the keytab contains a key that can successfully decrypt the obtains service ticket. ticket: 5349 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19062 dc483132-0cff-0310-8789-dd5450dbe970
* kfw wix installer - memory overwrite errorJeffrey Altman2007-01-141-1/+3
| | | | | | | | | | | | The custom handler allocates a buffer that is smaller than is required to hold the input. Allocate the correct sized buffer. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19061 dc483132-0cff-0310-8789-dd5450dbe970
* Update to KFW NSIS installerJeffrey Altman2007-01-131-1/+7
| | | | | | | | | | | Update copyright date, samples directory, and shortcut to NetIDMgr documentation ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19060 dc483132-0cff-0310-8789-dd5450dbe970
* updated Windows READMEJeffrey Altman2007-01-131-8/+5
| | | | | | | | | | | Revise the readme text for Windows. Remove references to old beta SDKs. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19059 dc483132-0cff-0310-8789-dd5450dbe970
* krb5-1.7-prereleaseTom Yu2007-01-111-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19056 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2006-003: mechglue argument handling too laxTom Yu2007-01-0925-277/+832
| | | | | | | | | | | | | | | Fix mechglue argument checks so that output pointers are always initialized regardless of whether the other arguments fail to validate for some reason. This avoids freeing of uninitialized pointers. Initialize the gss_buffer_descs in ovsec_kadmd.c. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2006-002: svctcp_destroy() can call uninitialized function pointerTom Yu2007-01-091-0/+5
| | | | | | | | | | | | | | | Explicitly null out xprt->xp_auth when AUTH_GSSAPI is being used, so that svctcp_destroy() will not call through an uninitialized function pointer after code in svc_auth_gssapi.c has destroyed expired state structures. We can't unconditionally null it because the RPCSEC_GSS implementation needs it to retrieve state. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19042 dc483132-0cff-0310-8789-dd5450dbe970
* create KDC database directoryKen Raeburn2007-01-081-0/+1
| | | | | | | | | | | | | The default directory for the KDC database files doesn't exist after a normal "make install". Reported by Jeff Blaine. * Makefile.in (INSTALLMKDIRS): Add var (really localstatedir) and var/krb5kdc to directories to be created at "make install" time, even though it'll be empty on most machines (since most probably aren't KDCs). ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19039 dc483132-0cff-0310-8789-dd5450dbe970
* crash creating db2 database in non-existent directoryKen Raeburn2007-01-081-18/+15
| | | | | | | | | | | | * kdb_db2.c (krb5_db2_db_create): If the creation of the first database file fails, return the error, instead of attempting to create the second (and using a null pointer as an input string in formatting a filename). Reported by Jeff Blaine. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19038 dc483132-0cff-0310-8789-dd5450dbe970
* * lib.in (clean-libs): Delete darwin.exports and hpux10.exports.Ken Raeburn2007-01-062-3/+3
| | | | | | | * libnover.in (clean-libs): Use $(DYNOBJEXT) instead of $(SHLIBEXT) for extension on object to delete. Also delete darwin.exports and hpux10.exports. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19037 dc483132-0cff-0310-8789-dd5450dbe970
* Document what the kadmind ACL is forRuss Allbery2007-01-051-4/+6
| | | | | | | | | | | | | Add a sentence documenting the purpose of the kadmind ACL to the node explaining how to create it. Ticket: 5279 Component: krb5-doc Version_Reported: 1.5.1 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19036 dc483132-0cff-0310-8789-dd5450dbe970
* Document KDC behavior without stash fileRuss Allbery2007-01-041-0/+4
| | | | | | | | | | | | | After the discussion of the optional stash file, document the effects of not creating a stash file. ticket: new Component: krb5-doc Version_Reported: 1.5.1 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19035 dc483132-0cff-0310-8789-dd5450dbe970
* * ldap_principal.c (attributes_set): Swap first two elementsKen Raeburn2007-01-032-2/+4
| | | | | | | | | Also add comments indicating that this array and the KDB_*_ATTR macros need to be in sync. ticket: 5260 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19031 dc483132-0cff-0310-8789-dd5450dbe970
* update ldap/Makefile.in for newer autoconf substitution requirementsKen Raeburn2007-01-031-2/+2
| | | | | | | | | | | | | | | | The other makefile.in files have had the makefile-fragment substitution lines updated to not have "#" at the front, because some recent versions of autoconf require that the @-pattern start at the beginning of the line. We missed plugins/kdb/ldap/Makefile.in at the time. Patch from Michael Calmer. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19030 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (install): Install kdb5_ldap_util.M. Based on patch fromKen Raeburn2007-01-031-0/+1
| | | | | | | | | Michael Calmer. ticket: 3906 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19029 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h (CONVERT_INTO_DB, CONVERT_OUTOF_DB): Unused macros deletedKen Raeburn2007-01-021-4/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19025 dc483132-0cff-0310-8789-dd5450dbe970
* Memory leak in tests/gssapi/t_imp_name.cEzra Peisach2006-12-311-1/+3
| | | | | | | | | Memory leak by not releasing name_oid from gss_display_name(). (conditional on GSSAPI_V2 being defined). ticket:new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19024 dc483132-0cff-0310-8789-dd5450dbe970
* Repair broken links in NetIdMgr Help Jeffrey Altman2006-12-314-6/+6
| | | | | | | | | A small number of links contained the wrong root directory. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19023 dc483132-0cff-0310-8789-dd5450dbe970
* If gss_krb5int_unseal_token_v3() unwraps a message of length 0 - freeEzra Peisach2006-12-301-0/+4
| | | | | | | | | | | memory and return in message_buffer a NULL pointer for value. This is consistant with gss_release_buffer in the mechglue implementation in which memory is only freed if the buffer length != 0. ticket: 5233 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19022 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak if defective header present in gss_krb5int_unseal_token_v3Ezra Peisach2006-12-301-1/+3
| | | | | | | | | | If after unsealing the message, the TOK_ID is not 05 04, free memory before returning a defective token error. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19021 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo in user-guide.texinfoRuss Allbery2006-12-281-1/+1
| | | | | | | | | | | | Typo fix (network instead of netword). Thanks, Matt Zagrabelny. Ticket: new Component: krb5-doc Version_Reported: 1.4.4 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19020 dc483132-0cff-0310-8789-dd5450dbe970
* * copy_data.c (krb5_copy_data): Use krb5int_copy_data_contentsKen Raeburn2006-12-281-10/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19019 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_memory.c (krb5_mcc_next_cred): Use krb5int_copy_creds_contentsKen Raeburn2006-12-281-45/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19018 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/krb5/krb/copy_creds.c (krb5int_copy_creds_contents): New function, splitKen Raeburn2006-12-282-2/+24
| | | | | | | | out from krb5_copy_creds. (krb5_copy_creds): Call it. * include/k5-int.h (krb5int_copy_creds_contents): Declare. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19017 dc483132-0cff-0310-8789-dd5450dbe970
* comment the various data structuresKen Raeburn2006-12-281-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19016 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 03:36:30 +0000