summaryrefslogtreecommitdiffstats
path: root/src/kdc/Makefile.in
Commit message (Collapse)AuthorAgeFilesLines
* Move kdc log routines into a separate fileZhanna Tsitkov2013-12-201-2/+4
| | | | | Their previous location - kdc_util.c - seems to be overloaded with various helper functions. No code changes.
* KDC Audit infrastructure and plugin implementationZhanna Tsitkov2013-10-041-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per project http://k5wiki.kerberos.org/wiki/Projects/Audit The purpose of this project is to create an Audit infrastructure to monitor security related events on the KDC. The following events are targeted in the initial version: - startup and shutdown of the KDC; - AS_REQ and TGS_REQ exchanges. This includes client address and port, KDC request and request ID, KDC reply, primary and derived ticket and their ticket IDs, second ticket ID, cross-realm referral, was ticket renewed and validated, local policy violation and protocol constraints, and KDC status message. Ticket ID is introduced to allow to link tickets to their initial TGT at any stage of the Kerberos exchange. For the purpose of this project it is a private to KDC ticket ID: each successfully created ticket is hashed and recorded into audit log. The administrators can correlate the primary and derived ticket IDs after the fact. Request ID is a randomly generated alpha-numeric string. Using this ID an administrator can easily correlate multiple audit events related to a single request. It should be informative both in cases when the request is sent to multiple KDCs, or to the same KDC multiple times. For the purpose of testing and demo of the Audit, the JSON based modules are implemented: "test" and "simple" audit modules respectively. The file plugins/audit/j_dict.h is a dictionary used in this implememtations. The new Audit system is build-time enabled and run-time pluggable. [kaduk@mit.edu: remove potential KDC crashes, minor reordering] ticket: 7712 target_version: 1.12
* Reduce boilerplate in makefilesGreg Hudson2013-05-161-6/+1
| | | | | | | | | Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content.
* Remove install-oldmanBen Kaduk2012-10-171-3/+0
| | | | | | The old man pages are gone, so we can't install them anymore. Also clean up install and install-unix targets that were installing the old man pages by hand.
* Move validate_tgs_request() to a separate fileTom Yu2012-10-151-2/+4
|
* Move add_to_transited to a separate fileTom Yu2012-10-151-5/+5
| | | | | | | add_to_transited() is fairly large, and also fairly independent of the other contents of kdc_util.c. Move it into kdc_transit.c. Also simplifies the building of rtest by removing dependencies that kdc_util.c previously needed to satisfy undefined symbols.
* install sphinx-generated manpagesTom Yu2012-01-091-0/+2
| | | | | | | | | | | | | | | | | Install sphinx-generated manpages. Original nroff manpages remain for reference until proofreading is complete. Modify doc/rst_source/conf.py to better deal with shadow manpages -- sphinx will now build k5login.5 instead of .k5login.5, and kadmin.1 instead of both kadmin.1 and kadmin.local.8. Proofreaders should ensure that the original nroff manpages (and associated Makefile rules) are deleted once their reST format equivalents have been proofread. ticket: 7064 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25625 dc483132-0cff-0310-8789-dd5450dbe970
* SA-2011-007 KDC null pointer deref in TGS handling [CVE-2011-1530]Tom Yu2011-12-061-0/+1
| | | | | | | | | | | Fix a null pointer dereference condition that could cause a denial of service. ticket: 7042 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25525 dc483132-0cff-0310-8789-dd5450dbe970
* Use built-in modules for encrypted timestampGreg Hudson2011-10-071-0/+2
| | | | | | | | Break out the encrypted timestamp code from kdc_preauth.c and preauth2.c into built-in modules, allowing admins to disable it and reducing the size of the framework code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25319 dc483132-0cff-0310-8789-dd5450dbe970
* Recast encrypted challenge as linked built-insGreg Hudson2011-09-231-0/+2
| | | | | | | | Since it has no external dependencies, split up encrypted preauth into clpreauth and kdcpreauth chunks and link them directly into the consumers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25227 dc483132-0cff-0310-8789-dd5450dbe970
* Migrate net-server loop to use libvertoGreg Hudson2011-09-021-2/+2
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25132 dc483132-0cff-0310-8789-dd5450dbe970
* Remove KDC replay cacheGreg Hudson2010-10-191-6/+1
| | | | | | | | | | | | Now that SAM1 support has been removed, the KDC does not need a replay replay cache. Remove all code within USE_RCACHE and associated support. Rename --disable-kdc-replay-cache to --disable-kdc-lookaside-cache. ticket: 6804 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24464 dc483132-0cff-0310-8789-dd5450dbe970
* KDC worker processes featureGreg Hudson2010-09-171-0/+3
| | | | | | | | | | Add support for a krb5kdc -w option which causes the KDC to spawn worker processes which can process requests in parallel. See also: http://k5wiki.kerberos.org/wiki/Projects/Parallel_KDC ticket: 6783 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24328 dc483132-0cff-0310-8789-dd5450dbe970
* Merge users/raeburn/branches/network-mergeKen Raeburn2010-03-171-3/+1
| | | | | | | | | | Re-integrates the forked versions of network.c in kdc and kadmin/server. Server-specific initialization and SIGHUP-reset code is moved into other source files; the more generic network-servicing code is merged and moved into apputils library already used by both programs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23811 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-221-3/+1
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* Get "make depend" to work in an unbuilt source tree, since bad depsGreg Hudson2009-08-031-1/+1
| | | | | | | | files can make it difficult to build the tree. To do this, make the depends target depend on generated header files and on header file copies or links into the main include directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22486 dc483132-0cff-0310-8789-dd5450dbe970
* Implement FAST from draft-ietf-krb-wg-preauth-frameworkSam Hartman2009-03-311-0/+2
| | | | | | | | | | | | Merge fast branch at 22146 onto trunk Implement the kerberos pre-authentication framework FAST feature per Projects/FAST on the wiki. ticket: 6436 Target_Version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22149 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-051-136/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-031-27/+33
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* In the KDC, remove krb4 request handling support and fakeka codeGreg Hudson2008-12-151-29/+7
| | | | | | | ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21448 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for fakeka.cKen Raeburn2008-11-041-14/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20965 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-041-74/+76
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-181-56/+70
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* Incorporate Apple's patchKen Raeburn2008-08-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | Add a test authorization data scheme, in both built-in and plugin forms; built-in version is #ifdef'ed out. Update configury to create the build directory for the plugin, but don't build or install it by default. Create the new (and normally empty) authorization data plugin directory at install time. Add some (normally disabled) code to log authz data from rd_req. Fix up some comments that still refer to preauth plugins. Add some details in comments on the API, and why it's private for now. Make the plugin init context support work, by not passing null pointers. ticket: 5565 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20691 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-101-17/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* Check dependencies for fakeka.cKen Raeburn2007-10-221-0/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20142 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-08-161-49/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19832 dc483132-0cff-0310-8789-dd5450dbe970
* Delete more stuff for 'clean' and 'distclean' targetsKen Raeburn2007-03-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19198 dc483132-0cff-0310-8789-dd5450dbe970
* Use $(VALGRIND) when running programs using $(KRB5_RUN_ENV) orKen Raeburn2006-10-131-1/+1
| | | | | | | | | | | | | | | | | | $(RUN_SETUP). Replaces old hack with MAYBE_VALGRIND added to RUN_ENV in a way that would break in some of the tests. Set VALGRIND in site.exp in tests/dejagnu. (Not used yet.) Runs some shell scripts under valgrind, rather than changing them to run only the executables under valgrind; this is mostly okay, just creates lots of extra log data, and requires --trace-children=yes. This should work for any instrumentation program invocation that gets followed immediately by the name and argument list for the program being instrumented. For example, VALGRIND="env LD_PRELOAD=..." should work, though I haven't tested it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18699 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-061-27/+32
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-031-1/+1
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c: Don't include kdc.h.Ken Raeburn2006-06-291-6/+6
| | | | | | | | | | (kerberos_v4, kerb_err_reply): Replace uses of S_AD_SZ with sizeof(struct sockaddr_in). (kerb_get_principal): Delete fourth argument MAXN, which was always 1. Callers updated. * Makefile.in: Updated dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18275 dc483132-0cff-0310-8789-dd5450dbe970
* Add man pages for fakeka and k524initRuss Allbery2006-06-121-0/+1
| | | | | | | Ticket: 3013 Version_Reported: 1.3.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18109 dc483132-0cff-0310-8789-dd5450dbe970
* Rename locate.h to locate_plugin.h. Change references, update dependenciesKen Raeburn2006-05-241-11/+11
| | | | | | ticket: 3784 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037 dc483132-0cff-0310-8789-dd5450dbe970
* install headers into include/krb5Ken Raeburn2006-05-231-60/+62
| | | | | | | | | | | Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the build tree. Stub krb5.h in main include directory just includes krb5/krb5.h. Update dependencies, and add dependencies in a couple Makefiles that didn't have them. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (krb5kdc, rtest): Don't explicitly add kdb5 libs to the linkKen Raeburn2006-05-151-2/+2
| | | | | | command. (And we link against libraries, not dependency lists, anyways...) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18008 dc483132-0cff-0310-8789-dd5450dbe970
* Don't include kdb.h from k5-int.h; instead, include it in the handfulKen Raeburn2006-04-131-3/+2
| | | | | | of places where it's actually needed. Update dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17898 dc483132-0cff-0310-8789-dd5450dbe970
* more DEFS=Ken Raeburn2006-04-041-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17839 dc483132-0cff-0310-8789-dd5450dbe970
* make depend, now with dependency sortingKen Raeburn2006-03-311-93/+98
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17811 dc483132-0cff-0310-8789-dd5450dbe970
* Currently logger.c is built as part of the KDC, and also built intoKen Raeburn2006-03-301-18/+1
| | | | | | | | | | and exported from libkadm5srv, which the KDC links against. Stop doing that. * Makefile.in (logger.c, logger.o, $(OUTPRE)logger.$(OBJEXT)): Targets deleted. (SRCS, OBJS, clean): Drop references to them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17797 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-03-271-42/+48
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17786 dc483132-0cff-0310-8789-dd5450dbe970
* Instead of arbitrary division of headers into include and include/krb5, withKen Raeburn2006-03-111-37/+37
| | | | | | | | | | | | include directives sometimes using krb5/foo.h and sometimes using foo.h, and -I options always given for both directories in both source and build trees, push include/krb5/* up a level and drop the krb5 directory (except, for the moment, the change log). Updated #include directives, -I options, and dependencies accordingly, and deleted one or two bits of old, unused code that was noticed in the process. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17730 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-03-081-12/+24
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17708 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2005-11-291-53/+39
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17505 dc483132-0cff-0310-8789-dd5450dbe970
* Use DL_LIB and THREAD_LINKOPTS instead of explicitly specifying the dlKen Raeburn2005-06-211-1/+1
| | | | | | and pthread libraries by name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17265 dc483132-0cff-0310-8789-dd5450dbe970
* Novell Database Abstraction Layer merge.Ken Raeburn2005-06-211-2/+3
| | | | | | Will probably break things. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17258 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2005-06-211-39/+53
| | | | | | | | | N.B.: The version of gcc used this time ("gcc version 3.4.3 20041212 (Red Hat 3.4.3-9.EL4)") seems to emit some duplicate dependencies -- some header files get listed twice. This is annoying but shouldn't cause any harm.... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17256 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2005-05-131-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17214 dc483132-0cff-0310-8789-dd5450dbe970
* run "make depend"Ken Raeburn2004-12-301-1/+0
| | | | | | | | In most library directories, this just affects where the line breaks are. In most other directories, it's just dropping a trailing blank line. One or two files really do have updated dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16987 dc483132-0cff-0310-8789-dd5450dbe970
* Rename header file foreachaddr.c to foreachaddr.h, now that it isn'tKen Raeburn2004-05-051-1/+1
| | | | | | mostly static functions to be compiled in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16314 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-06-22 17:16:37 +0000