summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb
Commit message (Collapse)AuthorAgeFilesLines
...
* * gc_via_tkt.c (krb5_kdcrep2creds): Set is_skey so get_creds won'tTom Yu1996-01-222-1/+7
| | | | | | | break trying to match is_skey in the ccache. This way we won't end up with many copies of user-to-user tickets. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7348 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_credentials does not take kdc_options flagsEzra Peisach1996-01-203-5/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7344 dc483132-0cff-0310-8789-dd5450dbe970
* Added checking of profile for DCE compatability options (ccache type,Theodore Tso1996-01-112-4/+25
| | | | | | and checksum type). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7300 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize addrs to 0 so that we don't try to free stack garbage on anTheodore Tso1996-01-112-2/+5
| | | | | | error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7294 dc483132-0cff-0310-8789-dd5450dbe970
* krbconfig.c, Makefile.in: Removed krbconfig.c; it contained globalTheodore Tso1996-01-117-17/+22
| | | | | | | | | | | | | | | | | | | variables which are no longer used. recvauth.c: Removed the global extern of krb5_kdc_default_options, which wasn't being used anyway. mk_req.c (krb5_mk_req): Replace use of krb5_kdc_default_options with context->kdc_default_options. gc_frm_kdc.c: Remove the global extern of krb5_kdc_req_sumtype, which wasn't being used anymore anyway. send_tgs.c (krb5_send_tgs_basic): Remove use of the global variable krb5_kdc_req_sumtype, and use the kdc_req_sumtype in the context structure instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7291 dc483132-0cff-0310-8789-dd5450dbe970
* Applied patch submitted by Doug Engbert, so that the configurableTheodore Tso1996-01-112-0/+9
| | | | | | | authentication patch takes into account the null entry at the end of the list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7289 dc483132-0cff-0310-8789-dd5450dbe970
* fwd_tgt.c (krb5_fwd_tgt_creds): New function which handles all of theTheodore Tso1996-01-106-68/+227
| | | | | | | | | | | | | | | dirty work of forwarding TGT's. rd_cred.c (krb5_rd_cred_basic): Clean up memory allocation discpline to remove memory leaks. mk_cred.c (krb5_mk_ncred_basic, krb5_mk_ncred, krb5_mk_1cred): Clean up memory allocation discpline to remove memory leaks. init_ctx.c (krb5_get_tgs_ktypes): Clean up parsing of the etype list. Don't overrun the string containing the etype list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7280 dc483132-0cff-0310-8789-dd5450dbe970
* * rd_cred.c (krb5_rd_cred_basic): When the keyblock is NULL, assumeTheodore Tso1996-01-043-25/+67
| | | | | | | | | | | | | | | | we're being called from the gssapi code, which doesn't have access to the sender or receive address information, don't check the sender address, since it won't be available. * rd_cred.c (decrypt_credencdata): When calling krb5_rd_credd(), if the keyblock is null, just copy the encoded structure from the "ciphertext" part of the structure and decode it. * mk_cred.c (encrypt_credencpart): When calling krb5_mk_cred(), if the keyblock is NULL, don't encrypt it; just encode it and leave it in the ciphertext area of the structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7264 dc483132-0cff-0310-8789-dd5450dbe970
* Change use of KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILEDTheodore Tso1995-12-212-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7245 dc483132-0cff-0310-8789-dd5450dbe970
* Missing parenthesis meant that wrong number of bytes was beingTheodore Tso1995-12-202-1/+7
| | | | | | allocated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7240 dc483132-0cff-0310-8789-dd5450dbe970
* Commit the removal or compat_recv.oEzra Peisach1995-12-061-302/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7176 dc483132-0cff-0310-8789-dd5450dbe970
* Move compat_recv.c to krb5utilEzra Peisach1995-12-062-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7175 dc483132-0cff-0310-8789-dd5450dbe970
* When searching for cached credentials, make sure we are also looking forRichard Basch1995-12-051-1/+1
| | | | | | credentials that are matching a supported application keytype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7169 dc483132-0cff-0310-8789-dd5450dbe970
* Added two new routines for multiple encryption type support:Richard Basch1995-12-051-13/+131
| | | | | | | | | | | | krb5_set_default_tgs_ktypes(context, ktypes) This routine sets the default application session key types to be used. krb5_get_tgs_ktypes(context, principal, &ktypes) This routine gets the session key types to be used with "principal". At the moment, this only uses the krb5_set_default_tgs_ktypes values or those specified in libdefaults/default_tgs_enctypes (krb5.conf). It is envisioned that this may later support per-host/per-realm lookup. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7168 dc483132-0cff-0310-8789-dd5450dbe970
* Serialize / de-serialize the context structure, which now includes bothRichard Basch1995-12-051-15/+49
| | | | | | TGT session key types and application session key types. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7166 dc483132-0cff-0310-8789-dd5450dbe970
* Instead of using the TGT session key type, use the application sessionRichard Basch1995-12-051-1/+1
| | | | | | key type. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7165 dc483132-0cff-0310-8789-dd5450dbe970
* The wrong encryption system was being initialized. The response to the mk_reqRichard Basch1995-12-051-2/+2
| | | | | | | should be done using the session key and its encryption system, not the ticket's encryption system. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7161 dc483132-0cff-0310-8789-dd5450dbe970
* Moved most string-type conversion routines from libkadm to libkrb5 toRichard Basch1995-12-052-0/+670
| | | | | | | reduce the dependencies on libkadm and for better support of multiple encryption type lookup in krb5.conf. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7159 dc483132-0cff-0310-8789-dd5450dbe970
* Moved most string-type conversion routines from libkadm to libkrb5 toRichard Basch1995-12-051-0/+1
| | | | | | | reduce the dependencies on libkadm and for better support of multiple encryption type lookup in krb5.conf. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7158 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize rcache to zero, so that on cleanup we don't try to freeTheodore Tso1995-12-012-5/+6
| | | | | | stack garbage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7149 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth.c: Ultrix is broken. Prototype obtain_enc_ts_padata()Tom Yu1995-11-272-2/+41
| | | | | | | | and process_pw_salt() explicitly rather than using the typedef in k5-int.h becaus that typedef is to a function pointer now. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7123 dc483132-0cff-0310-8789-dd5450dbe970
* get_in_tkt.c (decrypt_as_reply):Theodore Tso1995-11-184-10/+22
| | | | | | | | | | | preauth.c (process_pw_salt): When fetching the key to decrypting the encrypted kdc reply, use the etype associated with the etype reply, not the etype associated with the included ticket. encode_kdc.c: Remove eblock argument from krb5_encode_kdc_rep; set the eblock type from the client_key's enctype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7117 dc483132-0cff-0310-8789-dd5450dbe970
* (krb5_get_server_rcache): Use krb5_rc_default_type instead of assumingEzra Peisach1995-11-172-1/+7
| | | | | | default rcache type is "dfl". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7110 dc483132-0cff-0310-8789-dd5450dbe970
* Added ANL changes to support configuration authentication pathsTheodore Tso1995-11-152-0/+137
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7106 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth.c (krb5_process_padata): Added generalized processing forTheodore Tso1995-11-133-76/+121
| | | | | | | | | | | | | | | preauth information which is returned by the KDC. This should be general enough to support the AFS3_SALT preauth type, the SNK4 preauth type, and the public-key mods to Kerberos. (process_pw_salt): New function for processing the KRB5_PW_SALT preauthentication type. * get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for processing the PW_SALT preauth type; that's now done in preauth.c (krb5_get_in_tkt): Call krb5_process_padata with new arguments so that the preauth code can set the decryption_key if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7102 dc483132-0cff-0310-8789-dd5450dbe970
* * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() argsChris Provenzano1995-11-092-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7082 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument fromTheodore Tso1995-11-093-7/+29
| | | | | | | | | | the call to krb5_obtain_padata. * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO preauth, if it exists, to determine which salt type to use when encrypting the preauthentication data. Remove the etype_info argument. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7071 dc483132-0cff-0310-8789-dd5450dbe970
* * krbconfig.c: Removed the krb5_clockskew variableTheodore Tso1995-11-0810-20/+23
| | | | | | | | | | | | | * srv_rcache.c (krb5_get_server_rcache): * rd_safe.c (krb5_rd_safe): * rd_req_dec.c (krb5_rd_req_decoded): * rd_priv.c (krb5_rd_priv): * rd_cred.c (krb5_rd_cred): * gc_via_tkt.c (krb5_get_cred_via_tkt): * get_in_tkt.c (verify_as_reply): Replace use of krb5_clockskew with context->clockskew. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7063 dc483132-0cff-0310-8789-dd5450dbe970
* * encrypt_tk.c (cleanup_scratch): Changed interface to no longer requireTheodore Tso1995-11-084-409/+224
| | | | | | | | | | | an eblock; we can use our own and figure out the enctype from the passed-in key. * get_in_tkt.c (krb5_get_in_tkt): Added calls to krb5_obtain_padata(). * preauth.c: Completely restructured file to support preauthentication. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7056 dc483132-0cff-0310-8789-dd5450dbe970
* Extensive reworking of the structure of this file to make it possibleTheodore Tso1995-10-282-203/+333
| | | | | | to support preauthentication. (interim checkin) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7002 dc483132-0cff-0310-8789-dd5450dbe970
* Fix to properly malloc password buffer, instead of returning a pointerTheodore Tso1995-10-252-6/+18
| | | | | | to an automatic variable(!). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6999 dc483132-0cff-0310-8789-dd5450dbe970
* rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,Ezra Peisach1995-10-233-2/+14
| | | | | | | | | | set the length after initializing string. rd_req.c (krb5_rd_req): If a new auth_context is created and then there is an error, make sure return pointer is not looking at freed memory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6981 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ##DOS!include of config/windows.in. config/windows.in is nowTheodore Tso1995-10-072-1/+5
| | | | | | included by wconfig. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6944 dc483132-0cff-0310-8789-dd5450dbe970
* Only check the returned starttime to make sure it matches theTheodore Tso1995-09-292-1/+8
| | | | | | requested starttime if we requested a postdated ticket. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6885 dc483132-0cff-0310-8789-dd5450dbe970
* Only convert instances which don't have a '.' in them. If they have aTheodore Tso1995-09-292-1/+7
| | | | | | '.', assume that they are fully qualified already. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6883 dc483132-0cff-0310-8789-dd5450dbe970
* Misc Mac cleanupsKeith Vetter1995-09-292-21/+41
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6881 dc483132-0cff-0310-8789-dd5450dbe970
* Removed "foo:: foo-$(WHAT)" lines from the MakefileTheodore Tso1995-09-252-8/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6860 dc483132-0cff-0310-8789-dd5450dbe970
* get_in_t.c: removed unused variable.Theodore Tso1995-09-235-5/+14
| | | | | | | | rd_cred.c: removed INTERFACE keyword. ser_auth.c: passing int32 where a size_t is wanted. ser_ctx.c: 16/32 bit int size mismatch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6826 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo error in checkinEzra Peisach1995-09-182-2/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6806 dc483132-0cff-0310-8789-dd5450dbe970
* sendauth.c (krb5_sendauth): Make sure the scratch credentialsTheodore Tso1995-09-169-25/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | structure may have possible been used be freed.. rd_safe.c (krb5_rd_safe_basic): Fall through to the cleanup code at the end, to make sure the decoded message in message is freed. rd_req_dec.c (krb5_rd_req_decoded): Use krb5_copy_keyblock to copy authent->subkey to auth_context->remote_subkey. Keeping them separate avoids aliasing problems. mk_req_ext.c (krb5_generate_authenticator): Fix memory leak. Don't bash authent->subkey with key after carefully copying it using krb5_copy_keyblock! recvauth.c (krb5_recvauth): krb5_get_server_rcache() already opens the rcache; doing it again merely causes a memory leak. gen_subkey.c (krb5_generate_subkey): Eliminate memory leak. krb5_init_random_key() does its own allocation of the keyblock. gc_via_tkt.c (krb5_kdcrep2creds): Fix memory leak. srv_rcache.c (krb5_get_server_rcache): Fix memory leak. rd_safe.c (krb5_rd_safe_basic): Fix memory leak. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6797 dc483132-0cff-0310-8789-dd5450dbe970
* Reintegrate Macintosh changesEzra Peisach1995-09-1234-309/+293
| | | | | | | | t_ser.c: Work around an optimizer bug in gcc under OSF/1 2.1. The timeofday calls were left in the stage as described in the ChangeLog git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6766 dc483132-0cff-0310-8789-dd5450dbe970
* Mac Beta 1 submissionKeith Vetter1995-09-1136-279/+323
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6749 dc483132-0cff-0310-8789-dd5450dbe970
* * auth_con.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c,Chris Provenzano1995-09-0631-123/+133
| | | | | | | | | | | * gc_frm_kdc.c, gen_seqnum.c, get_creds.c, get_in_tkt.c, * in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, * kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c, mk_req._ext.c, * preauth.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c, * send_tgs.c, sendauth.c, ser_actx.c, ser_ctx.c, ser_eblk.c, * ser_key.c, t_ser.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6727 dc483132-0cff-0310-8789-dd5450dbe970
* * decode_kdc.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c, gc_frm_kdc.cChris Provenzano1995-09-0626-194/+151
| | | | | | | | | | | * gc_via_tkt.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c * init_ctx.c, kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c * mk_req_ext.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c, * send_tgs.c, ser_ctx.c, ser_eblk.c, ser_key.c, t_ser.c: Remove krb5_enctype references, and replace with krb5_keytype where appropriate git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6687 dc483132-0cff-0310-8789-dd5450dbe970
* get_in_tkt.c (krb5_get_in_tkt): If kdc_settime is enabled, then setTheodore Tso1995-09-026-55/+77
| | | | | | | | | | | | | | | the time_offset fields from the returned ticket's authtime value. init_ctx.c (krb5_init_context): Initialize new fields in krb5_context (clockskew, kdc_req_sumtype, and kdc_default_options). gc_via_tkt.c (krb5_get_cred_via_tkt): Perform the necessary sanity checking on the KDC response to make sure we detect tampering. send_tgs.c (krb5_send_tgs): Set the expected nonce in the response structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6653 dc483132-0cff-0310-8789-dd5450dbe970
* Serialize new time offset fields in the os_contextPaul Park1995-09-012-8/+36
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6649 dc483132-0cff-0310-8789-dd5450dbe970
* Describe previous changesPaul Park1995-08-291-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6629 dc483132-0cff-0310-8789-dd5450dbe970
* New test module for serialization routinesPaul Park1995-08-291-0/+714
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6623 dc483132-0cff-0310-8789-dd5450dbe970
* Add serialization support for K5 data structuresPaul Park1995-08-2912-3/+2997
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6622 dc483132-0cff-0310-8789-dd5450dbe970
* Copy keyblock from message instead of setting a pointer to data which is ↵Paul Park1995-08-291-1/+2
| | | | | | going to be freed git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6621 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 07:25:07 +0000