summaryrefslogtreecommitdiffstats
path: root/src/lib/kadm5
Commit message (Collapse)AuthorAgeFilesLines
...
* Use macros for config parametersZhanna Tsitkov2009-02-041-38/+38
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21879 dc483132-0cff-0310-8789-dd5450dbe970
* prefer structure assignment to memcpyKen Raeburn2009-02-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21876 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-028-38/+37
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* address lib/kadm5 test suite slownessKen Raeburn2009-02-022-0/+2
| | | | | | | | | | | | In mod-principal tests for clearing the principal's policy, instead of just testing to see if the wrong string is output and timing out looking for it, check also for the new expected value. Cuts test suite run time by about two minutes for each pass (client vs server). ticket: 6357 target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21866 dc483132-0cff-0310-8789-dd5450dbe970
* Default allow_weak_crypto=true for now. Default supported_enctypes toTom Yu2009-01-311-1/+1
| | | | | | | | | exclude single-DES enctypes. ticket: 6353 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21851 dc483132-0cff-0310-8789-dd5450dbe970
* Master Key Migration ProjectWill Fiveash2009-01-304-26/+172
| | | | | | | | | | | | | | | Commit for the Master Key Migration Project. http://k5wiki.kerberos.org/wiki/Projects/Master_Key_Migration This commit provides the ability to add a new master key (with an enctype differing from the current master key) to the master key principal and stash file and then migrate the encryption of existing principals long term keys to use the new master key. In addition deletion of master keys is provided. ticket: 6354 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21844 dc483132-0cff-0310-8789-dd5450dbe970
* Changed the name match_config_pattern to krb5_match_config_pattern. Check ↵Zhanna Tsitkov2009-01-302-4/+4
| | | | | | strdup return code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21838 dc483132-0cff-0310-8789-dd5450dbe970
* Introduced match_config_pattern function to find a pattern in the config ↵Zhanna Tsitkov2009-01-292-24/+45
| | | | | | value strings git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21828 dc483132-0cff-0310-8789-dd5450dbe970
* Start to phase out krb5_xfree macro, which just casts its argument toKen Raeburn2009-01-282-19/+19
| | | | | | | | | | | char* and calls free. Replace most uses, outside of the LDAP KDB plugin, which doesn't build on my test system of the moment because of version dependencies. Add one explicit cast to make the change warning-neutral (under gcc 4.0.1 on Mac OS X 10.5.6). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21812 dc483132-0cff-0310-8789-dd5450dbe970
* "Coding practices" related fixesZhanna Tsitkov2009-01-271-534/+534
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21808 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the need for the domain_realm mapping table on the client side by ↵Zhanna Tsitkov2009-01-233-1/+83
| | | | | | implementing minimal referral support in the KDC git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21792 dc483132-0cff-0310-8789-dd5450dbe970
* Add some output parameter initializations n order to eliminate someGreg Hudson2009-01-231-1/+2
| | | | | | spurious Coverity defects. (Far from a comprehensive pass.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21782 dc483132-0cff-0310-8789-dd5450dbe970
* If USE_VALGRIND, check that source principal is defined before copying.Ken Raeburn2009-01-221-0/+8
| | | | | | Initialize magic number fields of allocated name components. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21775 dc483132-0cff-0310-8789-dd5450dbe970
* delete trailing whitespace, including insanely long 'blank' linesKen Raeburn2009-01-201-64/+62
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21764 dc483132-0cff-0310-8789-dd5450dbe970
* Use valgrind in more cases if VALGRIND is setKen Raeburn2009-01-162-9/+52
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21754 dc483132-0cff-0310-8789-dd5450dbe970
* Force tickets acquired by the kadm5 client library via passwordRuss Allbery2009-01-141-1/+5
| | | | | | | | | | | | | | | authentication to be non-forwardable and non-proxiable, overridding any [libdefaults] configuration. This may be necessary at sites that set forwardable to true by default in their krb5.conf files but disable forwardable tickets for privileged principals. Since the ticket cache acquired by the kadm5 client library is used only for kadmin operations, where forwardable is not useful or necessary, there is no reason to ever attempt to obtain forwardable or proxiable tickets here. Ticket: 6337 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21744 dc483132-0cff-0310-8789-dd5450dbe970
* include string.hKen Raeburn2009-01-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21705 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-058-432/+424
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* Include strings.h for memset prototypeEzra Peisach2009-01-052-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21695 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-039-182/+188
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Signed/unsigned fixes and remove unused variableEzra Peisach2008-12-292-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21635 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for kadm5_init_iprop. FOr the client - adds a dummy argument Ezra Peisach2008-12-162-1/+3
| | | | | | which is ignored. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21480 dc483132-0cff-0310-8789-dd5450dbe970
* Fix from Marcus Watts for glob-to-regexp conversion bug.Ken Raeburn2008-12-041-1/+2
| | | | | | | | Tweaked test case to exercise the bug. ticket: 5667 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970
* Use profile_free_list as appropriate. Fix memory leaksKen Raeburn2008-11-241-20/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970
* Rename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be usedGreg Hudson2008-11-052-2/+2
| | | | | | | | | | | for binary data as well as C string data. The buffer will always have a null byte at krb5int_buf_len bytes regardless of whether it contains C string data. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21003 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-044-54/+59
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* Use the k5buf module instead of strcpy/strcat in several placesGreg Hudson2008-10-302-55/+25
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20941 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-243-6/+6
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-204-10/+4
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* Increase the default RPC timeout for kadmin from 25 seconds to 120Greg Hudson2008-10-021-1/+1
| | | | | | | | seconds. Code changes from a patch submitted by umich. ticket: 6120 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20810 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-184-46/+50
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* fix resource leak in USE_PASSWORD_SERVER codeKen Raeburn2008-08-281-34/+27
| | | | | | | | | Don't leak file descriptors in error cases. Remove limit from length of passwords. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20702 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceTom Yu2008-08-261-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20694 dc483132-0cff-0310-8789-dd5450dbe970
* a stash file is not a keytabWill Fiveash2008-08-154-3/+10
| | | | | | | | | Note, this is the commit for the associated Krb Consortium project: Projects/Masterkey Keytab Stash ticket: 194 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20661 dc483132-0cff-0310-8789-dd5450dbe970
* Open log file for appending only, not also readingAlexandra Ellwood2008-08-131-1/+1
| | | | | | ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20651 dc483132-0cff-0310-8789-dd5450dbe970
* Fully initialize handle data on allocationKen Raeburn2008-08-061-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20617 dc483132-0cff-0310-8789-dd5450dbe970
* Don't coerce fgetc value to char before EOF checkKen Raeburn2008-08-061-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20616 dc483132-0cff-0310-8789-dd5450dbe970
* Delete decls for nonexistent functions, and an unused typedefKen Raeburn2008-07-301-15/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20589 dc483132-0cff-0310-8789-dd5450dbe970
* fix possible uninit variable use in error pathKen Raeburn2008-07-251-0/+1
| | | | | | | | | | | Clear gss_client and gss_target before any possible branch to 'error', where they can be used. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20580 dc483132-0cff-0310-8789-dd5450dbe970
* kadm5_decrypt_key(). This patch prevents the returned keyblock's Jeffrey Altman2008-07-211-1/+2
| | | | | | | | | | enctype from being coerced to the requested 'ktype' if the requested 'ktype' == -1. A ktype of -1 is documented as meaning "to be ignored". ticket: 5840 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20558 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_string_to_keysalts()Jeffrey Altman2008-07-211-1/+1
| | | | | | | | | Fix an infinite loop in the parsing of 'kp' ticket: 5839 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20557 dc483132-0cff-0310-8789-dd5450dbe970
* Don't set LOCAL_SUBDIRS in many places and SUBDIRS in a few andKen Raeburn2008-07-201-1/+1
| | | | | | | default SUBDIRS to LOCAL_SUBDIRS via pre.in. Instead, just set SUBDIRS in each directory, and don't do anything in pre.in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20546 dc483132-0cff-0310-8789-dd5450dbe970
* Use autogenerated darwin.exports files for server frameworksAlexandra Ellwood2008-07-092-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20506 dc483132-0cff-0310-8789-dd5450dbe970
* kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvnoAlexandra Ellwood2008-06-251-0/+2
| | | | | | | | | Added lines to copy these fields. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20472 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branch sun-ipropKen Raeburn2008-06-2411-38/+204
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970
* Remove test115 for 'bad client params', no longer appropriateKen Raeburn2008-06-191-104/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20429 dc483132-0cff-0310-8789-dd5450dbe970
* Disable check for invalid client-side admin config parameters in theKen Raeburn2008-06-181-1/+5
| | | | | | | config file. Since KDC configuration parameters can now be put in krb5.conf, this doesn't make sense any more. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20411 dc483132-0cff-0310-8789-dd5450dbe970
* Factor out repeated code for looking up string, port, or deltat config paramsKen Raeburn2008-06-111-150/+144
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20395 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-102-6/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* Warn against new uses of kadm5_config_params.dbname fieldKen Raeburn2008-06-101-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20384 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 03:33:59 +0000