summaryrefslogtreecommitdiffstats
path: root/src/lib/krb4
Commit message (Collapse)AuthorAgeFilesLines
...
* * recvauth.c (krb_recvauth): Initialize cp and tmp_buf. Check length of dataKen Raeburn2004-07-142-3/+11
| | | | | | read before evaluating the value. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16595 dc483132-0cff-0310-8789-dd5450dbe970
* Delete preprocessor tests for macintosh, __MWERKS__, applec, and THINK_C, allKen Raeburn2004-06-223-2/+7
| | | | | | | part of the pre-Mac OS X support. (Except the bits in the Yarrow code, where it was part of the upstream source.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16506 dc483132-0cff-0310-8789-dd5450dbe970
* Purge make targets and variables (and a few files) relating to the old,Ken Raeburn2004-06-172-1/+4
| | | | | | unmaintained Mac OS 9 (and earlier) support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16473 dc483132-0cff-0310-8789-dd5450dbe970
* Change all uses of LIB in UNIX makefiles to LIBBASE, for better WindowsKen Raeburn2004-06-042-1/+5
| | | | | | | | | compatibility. (Windows nmake exports make variables into the environment, and LIB is treated by the Windows linker as a search path for libraries, thus breaking the linking on Windows of anything needing libraries from the search path in directories where we build libraries on UNIX.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16411 dc483132-0cff-0310-8789-dd5450dbe970
* updated dependenciesKen Raeburn2004-04-241-17/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16269 dc483132-0cff-0310-8789-dd5450dbe970
* Add files containing the export lists used on UNIX, in each directoryKen Raeburn2004-04-222-0/+169
| | | | | | | | | | | | | | where we build a shared library, whether or not it gets installed. These should match the complete AIX export lists for a full build including krb4 support, and will eventually be used on other UNIX platforms, and cut down to just the symbols we actually want to export. We'll also have to add additional information, eventually, for versioning and such, but currently this is just a list of C symbol names. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16259 dc483132-0cff-0310-8789-dd5450dbe970
* As discussed on the krbdev mailing list, krb5_get_init_creds_password()Jeffrey Altman2004-02-272-1/+7
| | | | | | | | | | | | | | | | | | | | | | | suffered from a behavior in which it would unintentionally query a master KDC twice if in fact the KDC queried when krb5int_sendto() was called with use_master = 0 was in fact the master. This resulted in more than an additional protocol operation. There were two negative side effects. First, in the case of an incorrect password there would be two counts against the max retry attempts. Second, in the case of hardware pre-auth and an expired password, the user would be asked to enter their expired password twice before being told it was expired. This has been fixed by changing the use_master parameter into an in/out parameter and modifying krb5int_sendto() to indicate which KDC it received the response from. This allows the use_master parameter to be set to indicate whether or not the response came from a master KDC regardless of whether a master KDC was requested. ticket: new target_version: next tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16137 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1Sam Hartman2004-02-242-2/+5
| | | | | | | | | | Previously, MIT had support for a version of the des3 enctype with a 32-bit length prepended to encrypted data. Remove that support. This is non-standard and is no longer needed even at MIT. Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16122 dc483132-0cff-0310-8789-dd5450dbe970
* ignore some more generated filesKen Raeburn2004-02-241-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16119 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2003-12-151-15/+19
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15928 dc483132-0cff-0310-8789-dd5450dbe970
* Note that krb4 expiration needs to be more conservative than krb5Sam Hartman2003-12-112-0/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15878 dc483132-0cff-0310-8789-dd5450dbe970
* krb_check_auth clears the return value for the schedule parameter with a ↵Alexandra Ellwood2003-08-152-1/+6
| | | | | | | | memset. This prevents callers from using the key schedule, which breaks code ticket: 1730 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15770 dc483132-0cff-0310-8789-dd5450dbe970
* configure.in: Don't assume all darwin boxes are powerpc. (eg: OpenDarwin/x86)Alexandra Ellwood2003-08-062-1/+6
| | | | | | ticket: 1718 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15757 dc483132-0cff-0310-8789-dd5450dbe970
* Check for NULL realm argument and n not equal to 1. Fill in realm with an ↵Alexandra Ellwood2003-07-112-0/+14
| | | | | | | | empty string on error in case the caller doesn't check the return value ticket: 1657 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15684 dc483132-0cff-0310-8789-dd5450dbe970
* RealmsConfig-glue.c: Don't fail when krb5.conf is valid and krb.conf isn't. ↵Alexandra Ellwood2003-07-112-2/+8
| | | | | | | | Also, don't assert v4 realm is in profile unless that realm is a valid v4 realm ticket: 1657 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15683 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrote krb_get_lrealm to correctly handle the v4 realms section in the ↵Alexandra Ellwood2003-07-112-66/+101
| | | | | | | | profile and to return KFAILURE in the absence of any config (instead of returning ATHENA.MIT.EDU) ticket: 1657 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15682 dc483132-0cff-0310-8789-dd5450dbe970
* This time, use the correct # of arguments for strcpyAlexandra Ellwood2003-07-081-1/+1
| | | | | | ticket: 1651 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15672 dc483132-0cff-0310-8789-dd5450dbe970
* krb_prof_get_nth() no longer assumes that its retlen argument is correct ↵Alexandra Ellwood2003-07-072-1/+9
| | | | | | | | (call strcpy instead of strncpy) because this argument is a guess for some callers (eg: krb_get_admhst()) ticket: 1651 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15671 dc483132-0cff-0310-8789-dd5450dbe970
* Darwin libkrb4/err_txt.o needs dependency on krb_err.cTom Yu2003-06-113-1/+16
| | | | | | | | | | | | | | | * Makefile.in (KRB_ERR_C): New variable; Darwin needs err_txt.o to have a dependency on krb_err.c so that krb_err.c will be generated first. * configure.in: Set KRB_ERR_C to krb_err.c on Darwin. ticket: new target_version: 1.3 tags: pullup component: krb5-build git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15610 dc483132-0cff-0310-8789-dd5450dbe970
* fix bug: would return krb.conf entries plus dns infoKen Raeburn2003-06-092-0/+9
| | | | | | | | | | * RealmsConfig-glue.c (krb_get_krbhst): Don't fall back to DNS if entries were found in krb.conf, and just not enough to fill the request. ticket: 1550 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15599 dc483132-0cff-0310-8789-dd5450dbe970
* Checkpoint some working code.Ken Raeburn2003-06-072-4/+77
| | | | | | | | | | | | | | | | | A better solution is in the works, but may or may not make the deadline for the next beta... * RealmsConfig-glue.c: Include k5-int.h. (dnscache): New variable. (DNS_CACHE_TIMEOUT): New macro. (krb_get_krbhst) [KRB5_DNS_LOOKUP]: If no krb.conf info is found, try DNS SRV records for "kerberos-iv". Cache results in case they're immediately requested again. ticket: 1550 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15598 dc483132-0cff-0310-8789-dd5450dbe970
* * g_cnffile.c (krb__get_srvtabname): Make retname be a staticTom Yu2003-06-062-7/+12
| | | | | | | | | | | | | array rather than a static pointer, to avoid callers' possible retention of free()d pointers. Yes, this may cause difficulty with making this function thread-safe. ticket: 1563 target_version: 1.3 version_fixed: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15589 dc483132-0cff-0310-8789-dd5450dbe970
* * password_to_key.c (mit_passwd_to_key, afs_passwd_to_key): DeleteTom Yu2003-06-052-2/+7
| | | | | | | | spurious space from prompt. ticket: 1560 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15569 dc483132-0cff-0310-8789-dd5450dbe970
* * RealmsConfig-glue.c (get_krbhst_default): Deleted.Ken Raeburn2003-06-032-19/+5
| | | | | | | | | (krb_get_krbhst): Don't call it. ticket: 1551 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15553 dc483132-0cff-0310-8789-dd5450dbe970
* Yet more double colon password promptsSam Hartman2003-06-033-3/+8
| | | | | | | | | | | More places in the code with password prompts needing fixing to not include colon. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15552 dc483132-0cff-0310-8789-dd5450dbe970
* Save a copy of the ciphertext from the kdc rather than trying toSam Hartman2003-06-032-0/+9
| | | | | | | | | decrypt the already decrypted text each time through the loop. Ticket: 1554 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15551 dc483132-0cff-0310-8789-dd5450dbe970
* * change_password.c (krb_change_password): Explicitly zero theTom Yu2003-06-033-4/+15
| | | | | | | | | | | | | | | session key. Zero the key derived from the new password. * mk_req.c (krb_mk_req): Explicitly zero the session key. (krb_mk_req_creds_prealm): Don't zero the session key, in case the caller wants to make use of it. ticket: 1546 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15543 dc483132-0cff-0310-8789-dd5450dbe970
* Big step towards integrating libkrb524 into libkrb5:Ken Raeburn2003-05-243-99/+21
| | | | | | | | | | | | | | | | | | | | | | | Move libkrb524 code, including error table, into libkrb5. Now libkrb5 initialization pulls in the krb524 error table, so krb524_init_ets is gone; all calls deleted. Move krb4 life/time conversion functions into libkrb5 under new names, using accessor hooks to get at them from libkrb4. Move declarations from krb524.h into krb5.h, k5-int.h, or krb524d.h; the last doesn't get copied into the include directory. Changed inclusions of krb524.h to the appropriate files, if any were needed. Rebuilt dependencies in Makefiles. These changes are likely to break the Windows build; I'll look into that soon. ticket: 1491 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15491 dc483132-0cff-0310-8789-dd5450dbe970
* make-depend updatesKen Raeburn2003-05-241-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15490 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Add setting of KRB_ERR on WindowsTom Yu2003-05-122-0/+5
| | | | | | ticket: 1477 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15419 dc483132-0cff-0310-8789-dd5450dbe970
* Don't #include compile_et .c filesSam Hartman2003-05-124-12/+18
| | | | | | | | | | | | | | At least the e2fsprogs compile_et produces .c files that duplicate definitions found in com_err.h and so you need to avoid including those .c files in other files. In order to do this we duplicate the string tables. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15415 dc483132-0cff-0310-8789-dd5450dbe970
* * kadm_stream.c: Fixed vts_long() and vts_short() so they return a pointer ↵Alexandra Ellwood2003-05-012-3/+15
| | | | | | to the beginning of the memory they allocate and place their data at the end of the buffer which was passed in git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15388 dc483132-0cff-0310-8789-dd5450dbe970
* * g_ad_tkt.c: Added support for login library to get_ad_tkt. Support is ↵Alexandra Ellwood2003-04-142-0/+16
| | | | | | copied from Mac Kerberos4 library and conditionalized for USE_LOGIN_LIBRARY to avoid changing get_ad_tkt's behavior for non-Kerberos Login Library builds git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15352 dc483132-0cff-0310-8789-dd5450dbe970
* * CCache-glue.c: Added prototypes for deprecated functions. Made internal ↵Alexandra Ellwood2003-03-0613-145/+94
| | | | | | functions static. Removed unused CoreServices include. Changed TICKET_GRANTING_TICKET to new macro: KRB_TICKET_GRANTING_TICKET. * change_password.c: Added check of inputs to krb_change_password so we don't crash on bad inputs. Call des_string_to_key not mit_password_to_key on all platforms because we don't want to prompt for a password. * FSp-glue.c: Added prototypes for deprecated functions. Changed to use KfM's FSSpecToPOSIXPath which correctly handles FSSpecs where the file does not exist. * g_in_tkt.c: Added explanatory comments. Made TARGET_OS_MAC sections a little smaller and easier to read. * g_pw_in_tkt.c: Only prompt when we are not using the login library. This is so that Darwin builds do prompt but KfM builds don't. * g_svc_in_tkt.c, g_tkt_svc.c: Changed to use KRB_TICKET_GRANTING_TICKET. * kadm_net.c: Use autoconf variable krb5_sigtype instead of sigtype, which doesn't seem to be defined on Mac OS X. * krb4int.h, RealmsConfig-glue.c: Removed krb_get_stk(). * rd_req.c: Added #ifdef KRB4_USE_KEYTAB to avoid unused variable warning when KRB4_USE_KEYTAB is not defined. * sendauth.c: Fixed warnings with casts git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15254 dc483132-0cff-0310-8789-dd5450dbe970
* * password_to_key.c (mit_passwd_to_key, afs_passwd_to_key): Comment out pragmasKen Raeburn2003-03-052-0/+7
| | | | | | not recognized by gcc or cl. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15232 dc483132-0cff-0310-8789-dd5450dbe970
* Reduce local configure script's work by removing static defines and header andKen Raeburn2003-03-0518-29/+48
| | | | | | | | | | | | | | | | | function info available in krb5/autoconf.h. * gethostname.c, getst.c, kadm_net.c, klog.c, kparse.c: Include krb5/autoconf.h. * kuserok.c, log.c, memcache.c, mk_preauth.c, netread.c: Ditto. * netwrite.c, put_svc_key.c, recvauth.c, send_to_kdc.c: Ditto. * tkt_string.c: Ditto. * Makefile.in: Update dependencies. (DEFINES): Define KRB4_USE_KEYTAB. * configure.in: Don't define KRB4_USE_KEYTAB. Don't check for any headers or functions; include/configure.in already does it. Don't invoke AC_C_CONST explicitly; CONFIG_RULES does that. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15230 dc483132-0cff-0310-8789-dd5450dbe970
* * g_cnffile.c (krb__get_srvtabname): Keep strdup()ed string in aTom Yu2003-03-032-1/+11
| | | | | | | | | static variable and free it called again; this prevents a memory leak. ticket: 1357 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15215 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore krb_err_txt.cKen Raeburn2003-02-281-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15210 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (clean-unix): Remove krb_err_txt.c on clean. UpdateEzra Peisach2003-02-283-3/+15
| | | | | | | | dependencies * g_pw_in_tkt.c: Include krb4int.h for krb_get_keyprocs() prototype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15209 dc483132-0cff-0310-8789-dd5450dbe970
* * in_tkt.c: Include k5-util.h.Ken Raeburn2003-02-253-27/+11
| | | | | | | | (do_seteuid): Define as krb5_seteuid instead of testing system characteristics here. * dest_tkt.c: Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15203 dc483132-0cff-0310-8789-dd5450dbe970
* * change_password.c (krb_change_password): Use int, not KRB_INT32, for krb4Ken Raeburn2003-02-252-1/+9
| | | | | | error codes. Check for malloc failure allocating sendStream. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15202 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Update dependencies.Tom Yu2003-02-124-28/+78
| | | | | | | | | | | | | | | | | (KRB_ERR_TXT): Set by configure to be either empty (on Darwin) or krb_err_txt.c (on other platforms). This avoids building krb_err_txt.c on Darwin, as the type of krb_err_txt is a pointer there, so we don't need another copy of the array. (DEFINES): Remove. It wasn't doing anything useful and was cluttering up the compile command line. * configure.in: On Darwin, don't use krb_err_txt.c. * err_txt.c: On Darwin, actually use the array generated by compile_et, and assign it to krb_err_txt, which is a pointer, not an array, on that platform. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15183 dc483132-0cff-0310-8789-dd5450dbe970
* * CCache-glue.c: Delete in_tkt()Tom Yu2003-02-124-12/+9
| | | | | | | | | * change_password.c: Fix incorrect filename in comment. * g_in_tkt.c (krb_get_in_tkt_preauth): Call krb_in_tkt() rather than in_tkt(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15182 dc483132-0cff-0310-8789-dd5450dbe970
* * CCache-glue.c (krb_in_tkt): Rename from in_tkt().Tom Yu2003-02-112-2/+19
| | | | | | | | (in_tkt): Implement in terms of krb_in_tkt() to match existing Unix and Windows API. This shouldn't be a problem because it appears to be considered an internal API on Mac. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15180 dc483132-0cff-0310-8789-dd5450dbe970
* * password_to_key.c (krb5_passwd_to_key): Replace snprintf() callTom Yu2003-02-113-7/+39
| | | | | | | | | | | with explicit length checking. * memcache.c (krb4int_save_credentials_addr): Renamed from krb_save_credentials(). (krb_save_credentials): Implement in terms of krb4int_save_credentials_addr(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15175 dc483132-0cff-0310-8789-dd5450dbe970
* Various fixes to Windows build of krb4 library. Fix up KRB5_CALLCONVTom Yu2003-02-113-12/+33
| | | | | | | on some new krb4 library functions. Fix up library generation to refer to des425. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15174 dc483132-0cff-0310-8789-dd5450dbe970
* Fix lots of things to compile on Unix. Fix some typosTom Yu2003-02-119-55/+144
| | | | | | | | | | By means of carrying through local addresses in many places, eliminate or reduce sections of code depending on TARGET_OS_MAC conditionals. Conditionalize some prototypes in krb.h with KRB_PRIVATE, to avoid leakage on Mac. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15173 dc483132-0cff-0310-8789-dd5450dbe970
* Note: these checkins are partial progress for Tom Yu. They probably don't ↵Alexandra Ellwood2003-02-109-142/+186
| | | | | | build; Tom is expecting that. *** CCache-glue.c: Removed copying of the string_to_key type in krb_save_credentials. Saving the string_to_key type is unnecessary and was just for display purposes. Will be removed for KfM 5.0. Updated to use KRB5_CALLCONV instead of INTERFACE and include the krb5's krb4 headers instead of the KfM ones. *** change-password.c: Removed include of CredentialsCache.h and code that switches between string to key types. This doesn't make sense for password changing because the krb4 protocol for password changing implemented here only supports mit's string to key. Bug was in KfM and got ported forward. Should the code call mit_password_to_key for all platforms? *** FSp-glue.c: Removed dependency on MoreFiles and replaced it with code to use FSRefs now that we are Carbon-only. *** g_in_tkt.c: Added loop which calls password to key functions trying each one. This technique was imported from KTH-KRB into KfM. This code still needs to have the TARGET_OS_MAC code made more Unix friendly for Darwin builds. The behavior differences (store the address or not) should be deferred until the very last moment to avoid excessive #ifdefs. *** g_pw_in_tkt.c: Added loop which calls password to key functions trying each one. This technique was imported from KTH-KRB into KfM. *** krb4int.h: Added password-to-key.c functions so they can be used by g_in_tkt.c and g_pw_in_tkt.c. *** password-to-key.c: Removed dependence on the CCAPI so this code can be used on all platforms to implement looping over the password to key functions. *** RealmsConfig-glue.c: Changed to use #ifdef USE_CCAPI like is used elsewhere in the krb5 sources. This is just for consistency in krb5 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15172 dc483132-0cff-0310-8789-dd5450dbe970
* Fix ABI divergence between Unix and Mac krb4 libraries in declarationTom Yu2003-02-074-5/+92
| | | | | | of krb_err_txt by means of a gross hack. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15165 dc483132-0cff-0310-8789-dd5450dbe970
* commentTom Yu2003-02-052-2/+11
| | | | | | | | | * decomp_tkt.c (dcmp_tkt_int): Patch from Booker Bense to use krb_get_lrealm() instead of copying KRB_REALM into prealm. ticket: 710 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15153 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-25 11:14:00 +0000