summaryrefslogtreecommitdiffstats
path: root/src/appl/bsd
Commit message (Collapse)AuthorAgeFilesLines
* Unbundle applications into separate repositoryGreg Hudson2009-11-2222-11973/+0
| | | | | | | | | | | | | | | Remove libpty, gssftp, telnet, and the bsd applications from the source tree, build system, and tests. Docs still need to be updated to remove mentions of the applications. The build system should be simplified now that we're down to one configure script and don't need some of the functionality currently in aclocal.m4. ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23305 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-3111-396/+395
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Move destest to builtin/des, because it depends on overriding someTom Yu2009-10-101-19/+23
| | | | | | | | internals. Make depend. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970
* On error getting forwarded creds, actually print out the errorKen Raeburn2009-05-251-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22384 dc483132-0cff-0310-8789-dd5450dbe970
* Unfortunately, pre-1.7 krshd fails to support keyed checksums becauseSam Hartman2009-04-031-0/+2
| | | | | | | | | | | | | | | | it uses the wrong API and wrong key usage. So, if the auth_context has an explicit checksum type set, then respect that. kcmd sets such a checksum type. Also, because other applications may have the same problem, allow the config file variable if set to override the default checksum. * kcmd.c: Force use of rsa_md5 * init_ctx.c: do not default to md5 * mk_req_ext.c: allow auth_context to override ticket: 1624 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22160 dc483132-0cff-0310-8789-dd5450dbe970
* Fix krshd and krlogind to use krb5_c_verify_checksumTom Yu2009-04-022-20/+29
| | | | | | ticket: 1624 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22159 dc483132-0cff-0310-8789-dd5450dbe970
* In krcp, check the return value when closing the output file afterGreg Hudson2009-02-201-1/+2
| | | | | | | | successfully writing it. close cannot return an error status on most local filesystems, but can on some network filesystems such as AFS or NFS. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22043 dc483132-0cff-0310-8789-dd5450dbe970
* prefer structure assignment to memcpyKen Raeburn2009-02-031-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21876 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-023-5/+5
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-052-80/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb4 support in the applications. login's ability to run aklogGreg Hudson2008-12-1517-3312/+234
| | | | | | | | | | | | has been preserved and made unconditional on krb4 support, since aklog can now do krb5 auth. The config variable is now named krb_run_aklog (as it was sometimes documented), not krb4_run_aklog as it previously was. ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21450 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-018-107/+96
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a krsh bug introduced in r21001 which could cause garbage at theGreg Hudson2008-11-101-0/+1
| | | | | | | | | beginning of the command string. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21065 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of strcpy/strcat (and sometimes sprintf) to acceptedGreg Hudson2008-11-052-34/+19
| | | | | | | | | string-handling functions. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-041-85/+66
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-245-6/+6
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* Use asprintf instead of malloc/strcpy/strcat in many placesGreg Hudson2008-10-202-10/+3
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20901 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-206-16/+8
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-181-58/+63
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* Update krb4 test to use aclocal.m4 macro and default to disabledKen Raeburn2008-08-191-9/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20676 dc483132-0cff-0310-8789-dd5450dbe970
* Fix test for accept failureKen Raeburn2008-08-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20612 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-101-6/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* After malloc/realloc/calloc failures, return ENOMEM explicitly insteadKen Raeburn2008-04-301-2/+2
| | | | | | | of reading it from errno. This may make static analysis tools less confused about when we return zero vs nonzero values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20312 dc483132-0cff-0310-8789-dd5450dbe970
* man page macro and hyphen fixesRuss Allbery2008-02-191-1/+1
| | | | | | | | | | | | | | Fix various unescaped hyphens, lines starting with . that shouldn't be macros, undefined strings, and misspelled macros in the man pages. Found via man --warnings on a current Debian unstable system. ticket: new component: krb5-doc Version_Reported: 1.6.3 Target_Version: 1.6.4 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20228 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-08-161-55/+60
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19832 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of some old SunOS 4 config stuffKen Raeburn2007-08-081-3/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19762 dc483132-0cff-0310-8789-dd5450dbe970
* Use [v]snprintf or asprintf instead of unchecked sprintf and separate ↵Ken Raeburn2007-07-121-2/+3
| | | | | | allocation size calculations git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19709 dc483132-0cff-0310-8789-dd5450dbe970
* Even though the passed string never has a %, use an explicit %s format ↵Ken Raeburn2007-06-291-1/+1
| | | | | | string in fprintf call to make analysis simpler git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19652 dc483132-0cff-0310-8789-dd5450dbe970
* * v4rcp.c (error): Use stdarg version always. Call vsnprintf instead of ↵Ken Raeburn2007-06-261-16/+5
| | | | | | | | vsprintf. (strsave): Call strdup. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19642 dc483132-0cff-0310-8789-dd5450dbe970
* * v4rcp.c (kstream_write): Allocate buffer space if it hasn't beenKen Raeburn2007-06-261-9/+4
| | | | | | | | | | | | | | allocated, in the encrypting case, even if outlen is zero. While I don't believe this can ever happen, it requires careful examination of lots of code paths to figure it out. This change doesn't fix a serious bug, but makes the analysis simple. Also, don't bother with separate code paths for malloc vs realloc depending on the previous values; we can just use realloc always. Thanks to Domagoj Babic for pointing out the (false but understandable) null-pointer problem. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19641 dc483132-0cff-0310-8789-dd5450dbe970
* Check malloc return for null in kstream_create_* instead ofKen Raeburn2007-06-261-0/+12
| | | | | | | unconditionally dereferencing. Thanks to Domagoj Babic for finding the bug. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19640 dc483132-0cff-0310-8789-dd5450dbe970
* Define and use some inline helper functions for comparing data and authdata ↵Ken Raeburn2007-05-101-8/+3
| | | | | | | | structures, instead of open-coding checks of multiple fields everywhere. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19544 dc483132-0cff-0310-8789-dd5450dbe970
* Remove varargs.h paths, always use stdarg.hKen Raeburn2007-01-203-13/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19088 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-01-201-13/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19086 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-int.h instead of krb5.h when 'private' functions are neededKen Raeburn2007-01-205-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19080 dc483132-0cff-0310-8789-dd5450dbe970
* Fix logic bug in string allocationKen Raeburn2006-10-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18704 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-061-7/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilitiesTom Yu2006-08-084-9/+32
| | | | | | | | | | | | | | | | | | | * src/appl/gssftp/ftpd/ftpd.c (getdatasock, passive): * src/appl/bsd/v4rcp.c (main): * src/appl/bsd/krcp.c (main): * src/appl/bsd/krshd.c (doit): * src/appl/bsd/login.c (main): * src/clients/ksu/main.c (sweep_up): * src/lib/krb4/kuserok.c (kuserok): Check return values from setuid() and related functions to avoid privilege escalation vulnerabilities. Fixes MITKRB5-SA-2006-001. [CVE-2006-3083, VU#580124, CVE-2006-3084, VU#401660] ticket: new target_version: 1.5.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18420 dc483132-0cff-0310-8789-dd5450dbe970
* In verify_krb_v4_tgt, use an unsigned KRB4_32 to store an address ratherRuss Allbery2006-06-201-1/+1
| | | | | | | | | | | | than an unsigned long to avoid memcpying past the end of a structure on 64-bit platforms. Ticket: 581 Version_Reported: 1.0.5 Target_Version: 1.5 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18175 dc483132-0cff-0310-8789-dd5450dbe970
* Pass in the correct value for the first argument of select (one largerRuss Allbery2006-06-194-5/+29
| | | | | | | | | | | | | | than the largest file number in the select set) rather than some multiple of sizeof some struct. The latter is large enough accidentally work, but breaks on AIX. Map IPv4-mapped IPv6 addresses back to IPv4 in krshd for the purposes of connecting back to the remote system on AIX, since on AIX getnameinfo returns such addresses but connect won't accept them. Ticket: 3122 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18166 dc483132-0cff-0310-8789-dd5450dbe970
* Change man page cross-reference to kerberos(1) from kerberos(3)Russ Allbery2006-06-131-1/+1
| | | | | | | | Ticket: 3008 Version_Reported: 1.3.6 Component: krb5-appl git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18122 dc483132-0cff-0310-8789-dd5450dbe970
* Document the authorization logic used in the absence of .k5login files.Russ Allbery2006-06-122-18/+18
| | | | | | | | | | Remove all remaining references to .rhosts authentication; the code to implement this was already removed. Ticket: 2577 Version_Reported: 1.3.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18112 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor nroff man page problems (stray space, bad cross reference)Russ Allbery2006-06-121-1/+1
| | | | | | | Ticket: 3010 Version_Reported: 1.4.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18107 dc483132-0cff-0310-8789-dd5450dbe970
* Rename locate.h to locate_plugin.h. Change references, update dependenciesKen Raeburn2006-05-241-3/+3
| | | | | | ticket: 3784 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037 dc483132-0cff-0310-8789-dd5450dbe970
* install headers into include/krb5Ken Raeburn2006-05-231-40/+44
| | | | | | | | | | | Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the build tree. Stub krb5.h in main include directory just includes krb5/krb5.h. Update dependencies, and add dependencies in a couple Makefiles that didn't have them. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030 dc483132-0cff-0310-8789-dd5450dbe970
* Don't include kdb.h from k5-int.h; instead, include it in the handfulKen Raeburn2006-04-131-9/+8
| | | | | | of places where it's actually needed. Update dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17898 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ChangeLog files from the source tree. From now on, theSam Hartman2006-04-111-3064/+0
| | | | | | | subversion commit log entry needs to include information that would have been in the changelog. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17893 dc483132-0cff-0310-8789-dd5450dbe970
* Remove .Sanitize and .rconf files, no longer usedKen Raeburn2006-04-111-56/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17888 dc483132-0cff-0310-8789-dd5450dbe970
* make depend, now with dependency sortingKen Raeburn2006-03-311-74/+71
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17811 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Supply comment template in AC_DEFINE callsKen Raeburn2006-03-282-8/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17789 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-06-14 15:51:05 +0000