summaryrefslogtreecommitdiffstats
path: root/src/include
Commit message (Collapse)AuthorAgeFilesLines
...
* Ensure consistancy between prototypes and functionsEzra Peisach2007-02-191-1/+1
| | | | | | | | | | | | I am using an older compiler that is complaining that prototypes do not match the functions they reference. The issue is that a number of prototypes are using "const int foo" while the function is "int foo". From a caller sense it makes no difference - but the compiler is correct they are different. All is now consistant. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19169 dc483132-0cff-0310-8789-dd5450dbe970
* rename krb5_server_decrypt_ticket_keyblock() toTom Yu2007-02-131-1/+1
| | | | | | | | krb5int_server_decrypt_ticket_keyblock() ticket: 5349 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19159 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_kt_default_name should take an unsized lengthEzra Peisach2007-02-051-1/+1
| | | | | | | | | | The internal code to krb5_kt_default_name was casting the length to size_t. Change prototype to take an unsigned - which makes sense in how the code uses it. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19144 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_kt_get_type should return const char *. Ezra Peisach2007-02-051-1/+1
| | | | | | | | | | | | The code returns a pointer to static structures. Just to enforce the assumption that users can not change the returned data. Change prototype of krb5_kt_get_type to return const char *. The other changes are to clean up warnings - no change in code - usage assumed const. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19143 dc483132-0cff-0310-8789-dd5450dbe970
* update def-check to look at preauth_plugin.hTom Yu2007-01-301-2/+5
| | | | | | | ticket: 5420 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19128 dc483132-0cff-0310-8789-dd5450dbe970
* get_init_creds_opt extensibilityTom Yu2007-01-303-7/+157
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r18922@cathode-dark-space: coffman | 2006-12-04 18:30:15 -0500 First cut at making the get_init_creds_opt structure extendable and adding library functions to set options for preauthentication plugins. This does *not* include a compatibility function to work like Heimdal's krb5_get_init_creds_opt_set_pkinit() function. Hopefully, the test code that doesn't belong in kinit.c is obvious. r18929@cathode-dark-space: coffman | 2006-12-07 10:01:20 -0500 Remove extra "user_id" parameter. Add function which duplicates the Heimdal interface (if we can agree on what the matching attribute names should be). r18934@cathode-dark-space: coffman | 2006-12-08 15:28:03 -0500 Update to use the simplified interface for krb5_get_init_creds_opt_set_pa() Add code in kinit to process "-X" options as preauth options and pass them along. r18936@cathode-dark-space: coffman | 2006-12-11 12:04:26 -0500 Move prototypes for get_init_creds_opt_get_pa() and krb5_get_init_creds_opt_free_pa() into the preauth_plugin.h header rather than krb5.hin. ticket: new status: open component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19127 dc483132-0cff-0310-8789-dd5450dbe970
* Microsoft Windows Visual Studio does not define ssize_tJeffrey Altman2007-01-301-0/+8
| | | | | | | | | | | | | | Microsoft defines size_t but not ssize_t. Provide a definition in win-mac.h that follows the style used by Microsoft providing a preprocessor macro SSIZE_T_DEFINED which can be used for conditional definition and testing in case Microsoft decides to add it later. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19123 dc483132-0cff-0310-8789-dd5450dbe970
* Change second argument to krb5_cc_register to take a const krb5_cc_ops *. MakesEzra Peisach2007-01-231-1/+1
| | | | | | | sense - when krb5_Xcc_ops currently defined as such - and assignment of value assumes same. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19106 dc483132-0cff-0310-8789-dd5450dbe970
* Use intermediate target to prevent parallel invocations of 'make includes' ↵Ken Raeburn2007-01-201-1/+2
| | | | | | in lib/krb4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19099 dc483132-0cff-0310-8789-dd5450dbe970
* Use move-if-changed and a timestamp file to avoid re-running commands andKen Raeburn2007-01-201-7/+10
| | | | | | updating krb5.h when there are no textual changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19098 dc483132-0cff-0310-8789-dd5450dbe970
* Build krb5.h using the _err.h files from the error_tables directory, notKen Raeburn2007-01-201-10/+9
| | | | | | additional copies of them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19095 dc483132-0cff-0310-8789-dd5450dbe970
* Mark as C source for Emacs mode selectionKen Raeburn2007-01-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19093 dc483132-0cff-0310-8789-dd5450dbe970
* Move osconf input file to include directory instead of keeping it in its ownKen Raeburn2007-01-202-3/+3
| | | | | | subdirectory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19092 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (osconf.h): Use move-if-changed scriptKen Raeburn2007-01-201-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19091 dc483132-0cff-0310-8789-dd5450dbe970
* Include stdarg.h, and don't conditionalize declarations of functions withKen Raeburn2007-01-201-5/+1
| | | | | | va_list arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19087 dc483132-0cff-0310-8789-dd5450dbe970
* Mark as C source for Emacs mode selectionKen Raeburn2007-01-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19084 dc483132-0cff-0310-8789-dd5450dbe970
* Don't define KRB5_PRIVATE, since it's not tested any moreKen Raeburn2007-01-201-4/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19083 dc483132-0cff-0310-8789-dd5450dbe970
* Move all KRB5_PRIVATE declarations from krb5.h(in) to k5-int.h, and drop theKen Raeburn2007-01-202-376/+305
| | | | | | KRB5_PRIVATE preprocessor test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19082 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (private-and-public-decls): New target file, created fromKen Raeburn2007-01-201-3/+5
| | | | | | | | k5-int.h and krb5.h. (verify-calling-conventions-krb5): Use it instead of krb5.h. (clean-unix): Get rid of it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19081 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo in checked-in versionKen Raeburn2007-01-161-1/+1
| | | | | | ticket: 5349 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19063 dc483132-0cff-0310-8789-dd5450dbe970
* This commit adds two new functions, krb5_server_decrypt_ticket_keyblock Jeffrey Altman2007-01-161-0/+12
| | | | | | | | | | | | | | | | | (private) and krb5_server_decrypt_ticket_keytab (public). These functions take a krb5_ticket as input and decrypt it using the provided key data. The public function is useful for higher level application protocols such a TLS-KRB5 and AFS RX-KRB5 which exchange a service but do not use the AP-REQ/AP-REP messages. This commit also adds new functionality to kvno which permits kvno when provided a keytab as input to verify whether or not the keytab contains a key that can successfully decrypt the obtains service ticket. ticket: 5349 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19062 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/krb5/krb/copy_creds.c (krb5int_copy_creds_contents): New function, splitKen Raeburn2006-12-281-0/+3
| | | | | | | | out from krb5_copy_creds. (krb5_copy_creds): Call it. * include/k5-int.h (krb5int_copy_creds_contents): Declare. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19017 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_is_referral_realm now takes a pointer to const krb5_data, since it doesn'tKen Raeburn2006-12-191-1/+1
| | | | | | | | | modify it. ticket: 5121 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18974 dc483132-0cff-0310-8789-dd5450dbe970
* (k5_mutex_lock_update_stats) [!DEBUG_THREADS_STATS && __GNUC__]: DeclareKen Raeburn2006-12-191-2/+3
| | | | | | | arguments with "unused" attribute. (k5_pthread_mutex_lock) [DEBUG_THREADS && __GNUC__]: Use __extension__. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18972 dc483132-0cff-0310-8789-dd5450dbe970
* build the trunk on Windows (again)Jeffrey Altman2006-12-082-5/+1
| | | | | | | | | | This revision corrects a number of missing or extraneous KRB5_CALLCONV symbols; exposes symbols for _WIN32; and avoids including headers that don't exist ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18932 dc483132-0cff-0310-8789-dd5450dbe970
* Modifications to support the generation and embedding Jeffrey Altman2006-12-071-2/+5
| | | | | | | | | | | | of library manifests into generated EXEs and DLLs. Manifests are required for Windows XP and above when applications are built with Microsoft Visual Studio 2005 (aka VS8) or above. ticket: 3642 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18930 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_cc_remove should work for the CCAPIAlexandra Ellwood2006-12-051-0/+5
| | | | | | | | | | | | | | Implemented a working krb5_cc_remove for the CCAPI cache type. Added a private support function krb5_creds_compare() which checks if two krb5_creds are identical. This function should be needed by implementations of krb5_cc_remove for other ccache types. ticket: new owner: tlyu target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18923 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused prototype for krb5_find_config_filesEzra Peisach2006-12-031-2/+0
| | | | | | | | | The prototype for krb5_find_config_files() no longer is necessary as the function does not exist in the source tree anymore. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18914 dc483132-0cff-0310-8789-dd5450dbe970
* send a new request with the new padata returned by krb5_do_preauth_tryagain()Kevin Coffman2006-12-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | Send another request containing the padata obtained from tryagain. * src/include/k5-int.h Update prototype * src/lib/krb5/krb/get_in_tkt.c Send pointer to the request.padata so krb5_do_preauth_tryagain() can update the request to be sent. * src/lib/krb5/krb/preauth2.c If a module returns modified padata, add it to the return_padata and return. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18896 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/ccache/ccbase.c (krb5int_cc_getops): InternalTom Yu2006-11-181-0/+6
| | | | | | | | | | | | | | | | function to fetch ops vector given ccache prefix string. (krb5_cc_new_unique): New function to generate a new unique ccache of a given type. * src/include/krb5/krb5.hin: Prototype for krb5_cc_new_unique(). * src/lib/krb5/libkrb5.exports: * src/lib/krb5_32.def: Add krb5_cc_new_unique(). ticket: 3091 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18857 dc483132-0cff-0310-8789-dd5450dbe970
* Didn't include header changes in the previous commitKevin Coffman2006-11-171-2/+7
| | | | | | | | ticket: 4799 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18837 dc483132-0cff-0310-8789-dd5450dbe970
* fix warning in preauth_plugin.h headerKen Raeburn2006-11-161-1/+1
| | | | | | | | | * preauth_plugin.h (enum krb5plugin_preauth_client_request_type): Omit trailing comma. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18814 dc483132-0cff-0310-8789-dd5450dbe970
* Add macros for __attribute__((deprecated)) for krb4 and des APIsAlexandra Ellwood2006-11-152-125/+304
| | | | | | | | | | Added KRB5INT_KRB4_DEPRECATED and KRB5INT_DES_DEPRECATED. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18811 dc483132-0cff-0310-8789-dd5450dbe970
* allow server preauth plugin verify_padata function to return e-dataKevin Coffman2006-11-131-1/+2
| | | | | | | | | | | | | | | | | Change server-side preauth plugin interface to allow the plugin's verify_padata function to return e-data to be returned to the client. (Patch from Nalin Dahyabhai <nalin@redhat.com>) Update sample plugins to return e-data to exercise the code. Fix memory leak in the wpse plugin. ticket: new Component: krb5-kdc Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18801 dc483132-0cff-0310-8789-dd5450dbe970
* correct client preauth plugin request_contextKevin Coffman2006-11-131-2/+6
| | | | | | | | | | | | Correctly share the same request_context between all modules within a single client preauth plugin. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18800 dc483132-0cff-0310-8789-dd5450dbe970
* Install gssapi.h in includedir that includes gssapi/gssapi.h so that eitherRuss Allbery2006-11-092-0/+6
| | | | | | | | | | | | form of #include will work. Provides better compatibility with Heimdal. ticket: 2240 Component: krb5-libs Version_Reported: 1.3.2 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18791 dc483132-0cff-0310-8789-dd5450dbe970
* Add "get_data" function to the client preauth plugin interfaceKevin Coffman2006-11-092-2/+41
| | | | | | | | | | | Modify the client preauth plugin interface to pass in a function pointer and data pointer so the plugin may request information otherwise unavailable. ticket: new Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18790 dc483132-0cff-0310-8789-dd5450dbe970
* Add public function to get keylenth associated with an enctypeKevin Coffman2006-11-091-0/+5
| | | | | | | | | | Add a new function, krb5_c_keylength, to libk5crypto to obtain the keylength associated with an enctype. ticket: new Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18789 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.h not C++-safe due to "struct krb5_cccol_cursor"Alexandra Ellwood2006-11-071-2/+2
| | | | | | | | | | | | | Fixed definition of "struct krb5_cccol_cursor" in krb5.h to be C++ safe. In C++ the struct name is also a type so there can't be a typedef of the same name, in this case "typedef struct krb5_cccol_cursor *krb5_cccol_cursor;". ticket: new status: open target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18765 dc483132-0cff-0310-8789-dd5450dbe970
* Modify the preath plugin interface so that a plugin's context isKevin Coffman2006-11-012-38/+131
| | | | | | | | | | | | | | | | | | | | | | | | | | global to all the modules within a plugin. Also, change the client-side interface so that the preauth plugin context (once created) lives the lifetime of a krb5_context. This will allow future changes that can set plugin parameters. The client side request context lives the lifetime of a call to krb5_get_init_creds(). Make the sample preauth plugins buildable outside the source tree. Fix minor memory leak in sort_krb5_padata_sequence(). Add a prototype for krb5_do_preauth_tryagain() and change the plugin interface. Incorporates fixes from Nalin Dahyabhai <nalin@redhat.com> for leaks of the function table pointers (rt #4566) and fix KDC crash (rt #4567) ticket: 4566 ticket: 4567 ticket: 4587 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18754 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for krb5int_init_context_kdcEzra Peisach2006-10-161-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18718 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for krb5_aprof_get_booleanEzra Peisach2006-10-161-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18717 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth_plugin.h: Don't use an enum in a public apiSam Hartman2006-10-131-1/+1
| | | | | | | | | | | | | * kdc_preauth.c (get_etype_info): Rename get_entry_data to avoid shadowing (get_etype_info2): likewise (return_etype_info): likewise (return_pw_salt): likewise (get_entry_data): Update prototype not to use enum in a API ticket: 4377 tatus: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18695 dc483132-0cff-0310-8789-dd5450dbe970
* Patch to split client plugin from server pluginSam Hartman2006-10-131-73/+85
| | | | | | | ticket: 4377 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18693 dc483132-0cff-0310-8789-dd5450dbe970
* Move ASN.1 routines for KDB LDAP plugin into main krb5 library,Ken Raeburn2006-10-071-0/+26
| | | | | | accessed via krb5int_access. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18666 dc483132-0cff-0310-8789-dd5450dbe970
* Use const pointers for error messages.Ken Raeburn2006-10-072-4/+4
| | | | | | Add some debugging hooks in the libkrb5 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18661 dc483132-0cff-0310-8789-dd5450dbe970
* drop comma at end of enum listKen Raeburn2006-10-071-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18660 dc483132-0cff-0310-8789-dd5450dbe970
* cursor for iterating over ccachesTom Yu2006-10-052-0/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some ccache back ends need per-type cursors implemented. * src/include/k5-int.h: Declare krb5_cc_ptcursor. Update krb5_cc_ops vector to include functions for ptcursor and some not-yet-implemented functionality. * src/include/krb5/krb5.hin: Prototype krb5_cccol_cursor_new, krb5_cccol_cursor_next, krb5_cccol_cursor_free. * src/lib/krb5/ccache/Makefile.in: Compile cccursor.c. Build t_cccursor. * src/lib/krb5/ccache/cccursor.c: Implementation of cursor for iterating over ccaches. * src/lib/krb5/ccache/ccbase.c: Add typecursor functionality for iteration over registered ccache types. * src/lib/krb5/ccache/cc_memory.c: Implmement per-type ccache cursor functionality. * src/lib/krb5/ccache/cc_mslsa.c: * src/lib/krb5/ccache/cc_file.c: * src/lib/krb5/ccache/ccapi/stdcc.c: Add place-holder ops vector entries. * src/lib/krb5/ccache/t_cccursor.c: New test of ccache cursor functionality. * src/lib/krb5/os/ccdefname.c (krb5int_cc_os_default_name): New function to return the OS-specific default ccache name. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18651 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-034-4/+302
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* Set the canonicalize flag in TGS requests and accept cross-realm referral ↵Sam Hartman2006-09-212-2/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tickets. We do not yet accept tickets in which the server name changes. * krb5_sname_to_principal: If there is no domain realm mapping return null realm *krb5_get_cred_via_tkt: New behavior as described below 1) the referrals case: - check for TGT for initial realm - if a remote realm was specified (which must have happened via a domain_realm mapping), obtain a TGT for it the standard way and start with that. - use client realm for server if not specified - iterate through this loop: - request ticket with referrals turned on - if that fails: - if this was the first request, punt to non-referrals case - otherwise, retry once without referrals turned on then terminate either way - if it works, either use the service ticket or follow the referral path - if loop count exceeded, hardfail 2) the nonreferrals case - this is mostly the old walk_realm_tree TGT-finding (which allows limited shortcut referrals per 4120) followed by a standard tgs-req. - originally requested principal is used for this, although if we were handed something without a realm, determine a fallback realm based on DNS TXT records or a truncation of the domain name. ticket: 2652 Owner: amb git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 06:39:37 +0000