summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb
Commit message (Collapse)AuthorAgeFilesLines
...
* Don't leak padata when looping for krb5_do_preauth_tryagain()Kevin Coffman2006-12-081-4/+4
| | | | | | | | | | | | | | * src/lib/krb5/krb/get_in_tkt.c: krb5_get_init_creds() Free any existing request.padata at the top of the loop calling krb5_do_preauth() and krb5_do_preauth_tryagain(). ticket: new component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18935 dc483132-0cff-0310-8789-dd5450dbe970
* build the trunk on Windows (again)Jeffrey Altman2006-12-083-10/+12
| | | | | | | | | | This revision corrects a number of missing or extraneous KRB5_CALLCONV symbols; exposes symbols for _WIN32; and avoids including headers that don't exist ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18932 dc483132-0cff-0310-8789-dd5450dbe970
* Undo revision 18930 which was not supposed to include thisJeffrey Altman2006-12-071-11/+1
| | | | | | | | file. ticket: 3642 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18931 dc483132-0cff-0310-8789-dd5450dbe970
* Modifications to support the generation and embedding Jeffrey Altman2006-12-071-1/+11
| | | | | | | | | | | | of library manifests into generated EXEs and DLLs. Manifests are required for Windows XP and above when applications are built with Microsoft Visual Studio 2005 (aka VS8) or above. ticket: 3642 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18930 dc483132-0cff-0310-8789-dd5450dbe970
* send a new request with the new padata returned by krb5_do_preauth_tryagain()Kevin Coffman2006-12-012-5/+4
| | | | | | | | | | | | | | | | | | | | | | Send another request containing the padata obtained from tryagain. * src/include/k5-int.h Update prototype * src/lib/krb5/krb/get_in_tkt.c Send pointer to the request.padata so krb5_do_preauth_tryagain() can update the request to be sent. * src/lib/krb5/krb/preauth2.c If a module returns modified padata, add it to the return_padata and return. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18896 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/vfy_increds.c (krb5_verify_init_creds): UseTom Yu2006-11-301-10/+3
| | | | | | | | | | | | | krb5_cc_new_unique(). * src/lib/gssapi/krb5/accept_sec_context.c: (rd_and_store_for_creds): Use krb5_cc_new_unique(). ticket: 4805 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18887 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/gc_via_tkt.c (check_reply_server): New functionTom Yu2006-11-301-20/+62
| | | | | | | | | | | | | | | to check server principal in reply. Ensures that the reply is self-consistent, allows rewrites if canonicalization is requested, and allows limited rewrites of TGS principals if canonicalization is not requested. (krb5_get_cred_via_tkt): Move server principal checks into check_reply_server(). ticket: 3322 target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18879 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/gc_frm_kdc.c: Also do style cleanup.Tom Yu2006-11-301-81/+124
| | | | | | | | | | | | | | | | | (krb5_get_cred_from_kdc_opt): If server principal was rewritten, fall back unless it was rewritten to a TGS principal. This fixes a bug when a MS AD rewrites the service principal into a single-component NETBIOS-style name. If we get a referral back to the immediately preceding realm, fall back to non-referral handling. This fixes the changepw failure. To prevent memory leaks, when falling back to non-referral handling, free any tgts previously obtained by the initial non-referral do_traversal() call. ticket: 4955 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18878 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_copy_data_contents shouldn't free memory it didn't allocateTom Yu2006-11-281-2/+0
| | | | | | | | | | | | * src/lib/krb5/krb/copy_data.c (krb5int_copy_data_contents): Don't free outdata on malloc failure; we didn't allocate outdata. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18865 dc483132-0cff-0310-8789-dd5450dbe970
* fix debug messagesKevin Coffman2006-11-221-7/+7
| | | | | | | | | | | Change debugging messages so they print salt value correctly and clean up warnings when compiling with DEBUG. ticket: new Tags: pullup Target_Version: 1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18859 dc483132-0cff-0310-8789-dd5450dbe970
* free error message when freeing contextKevin Coffman2006-11-211-0/+2
| | | | | | | | | | | | | | | Call krb5_clear_error_message() to free any allocated error message before freeing the context. The condition that triggered this was a plugin library which fails to load because of unresolved references. It appears dlopen() on Linux leaks four bytes for each failing library in this situation. ticket: new Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18858 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_init_creds_password:Jeffrey Altman2006-11-171-8/+0
| | | | | | | | remove unintentionally committed code not meant for 1.4 branch ticket: 4802 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18842 dc483132-0cff-0310-8789-dd5450dbe970
* reset use_master flag when master_kdc cannot be found Jeffrey Altman2006-11-171-1/+11
| | | | | | | | | | | | | | krb5_get_init_creds_password: if the master_kdc cannot be identified reset the use_master flag. otherwise, the krb5_get_init_creds("kadmin/changepw") call will attempt to communicate with the master_kdc that cannot be reached. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18840 dc483132-0cff-0310-8789-dd5450dbe970
* use krb5_c_valid_enctype, not valid_enctypeKen Raeburn2006-11-171-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18839 dc483132-0cff-0310-8789-dd5450dbe970
* * rd_req_dec.c: Whitespace changes in function headers.Ken Raeburn2006-11-161-9/+53
| | | | | | | (krb5_rd_req_decoded_opt): Include more info in error text for AP_WRONG_PRINC and NOPERM_ETYPE errors. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18817 dc483132-0cff-0310-8789-dd5450dbe970
* avoid double frees in ccache manipulation around gen_newKen Raeburn2006-11-161-3/+4
| | | | | | | | | | | | * krb5/krb/vfy_increds.c (krb5_verify_init_creds): If krb5_cc_gen_new fails, don't both close and destroy the template ccache. * gssapi/krb5/accept_sec_context.c (rd_and_store_for_creds): Likewise. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18815 dc483132-0cff-0310-8789-dd5450dbe970
* correct client preauth plugin request_contextKevin Coffman2006-11-131-6/+17
| | | | | | | | | | | | Correctly share the same request_context between all modules within a single client preauth plugin. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18800 dc483132-0cff-0310-8789-dd5450dbe970
* Add "get_data" function to the client preauth plugin interfaceKevin Coffman2006-11-092-5/+81
| | | | | | | | | | | Modify the client preauth plugin interface to pass in a function pointer and data pointer so the plugin may request information otherwise unavailable. ticket: new Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18790 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_init_creds_password does not consistently prompt for password changingJeffrey Altman2006-11-061-6/+4
| | | | | | | | | | | | | | | | | | | | krb5_get_init_creds_password() previously did not consistently handle KRB5KDC_ERR_KEY_EXP errors. If there is a "master_kdc" entry for the realm and the KDC is reachable, then the function will prompt the user for a password change. Otherwise, it will return the error code to the caller. If the caller is a ticket manager, it will prompt the user for a password change with a dialog that is different from the one generated by the prompter function passed to krb5_get_init_creds_password. With this change krb5_get_init_creds_password() will always prompt the user if it would return KRB5KDC_ERR_KEY_EXP unless the function is compiled with USE_LOGIN_LIBRARY. (KFM) ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18764 dc483132-0cff-0310-8789-dd5450dbe970
* Modify the preath plugin interface so that a plugin's context isKevin Coffman2006-11-013-150/+148
| | | | | | | | | | | | | | | | | | | | | | | | | | global to all the modules within a plugin. Also, change the client-side interface so that the preauth plugin context (once created) lives the lifetime of a krb5_context. This will allow future changes that can set plugin parameters. The client side request context lives the lifetime of a call to krb5_get_init_creds(). Make the sample preauth plugins buildable outside the source tree. Fix minor memory leak in sort_krb5_padata_sequence(). Add a prototype for krb5_do_preauth_tryagain() and change the plugin interface. Incorporates fixes from Nalin Dahyabhai <nalin@redhat.com> for leaks of the function table pointers (rt #4566) and fix KDC crash (rt #4567) ticket: 4566 ticket: 4567 ticket: 4587 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18754 dc483132-0cff-0310-8789-dd5450dbe970
* * conv_princ.c (krb5_425_conv_principal): Fix silly typo in arrays' sizes inKen Raeburn2006-10-311-2/+4
| | | | | | | | previous change. ticket: 4534 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18751 dc483132-0cff-0310-8789-dd5450dbe970
* don't confuse profile iterator in 425 princ conversionKen Raeburn2006-10-281-5/+5
| | | | | | | | | | | | | | | | The profile iterator code hangs onto and uses the list of names passed in. The krb5_425_conv_principal code reuses that array when the iterator may still be used. * conv_princ.c (krb5_425_conv_principal): Use separate name arrays for the iterator and the v4_realm lookup that may be done inside the iteration loop. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18748 dc483132-0cff-0310-8789-dd5450dbe970
* fix invalid access found by valgrindKevin Coffman2006-10-231-1/+1
| | | | | | | | | | | | Valgrind found that we were reading past the end of the preferred padata string. p is manually updated within the loop and there is no need for the increment. It was causing the null terminator to be skipped over, rather than properly terminating the loop. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18735 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid segfault in krb5_do_preauth_tryagainKevin Coffman2006-10-231-1/+1
| | | | | | | | | Check pointer is non-null before using it. Avoids segfault in krb5_do_preauth_tryagain(). ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18734 dc483132-0cff-0310-8789-dd5450dbe970
* Remove all unused variable warnings from treeEzra Peisach2006-10-152-2/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18712 dc483132-0cff-0310-8789-dd5450dbe970
* Use $(VALGRIND) when running programs using $(KRB5_RUN_ENV) orKen Raeburn2006-10-131-4/+4
| | | | | | | | | | | | | | | | | | $(RUN_SETUP). Replaces old hack with MAYBE_VALGRIND added to RUN_ENV in a way that would break in some of the tests. Set VALGRIND in site.exp in tests/dejagnu. (Not used yet.) Runs some shell scripts under valgrind, rather than changing them to run only the executables under valgrind; this is mostly okay, just creates lots of extra log data, and requires --trace-children=yes. This should work for any instrumentation program invocation that gets followed immediately by the name and argument list for the program being instrumented. For example, VALGRIND="env LD_PRELOAD=..." should work, though I haven't tested it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18699 dc483132-0cff-0310-8789-dd5450dbe970
* Patch to split client plugin from server pluginSam Hartman2006-10-131-20/+16
| | | | | | | ticket: 4377 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18693 dc483132-0cff-0310-8789-dd5450dbe970
* Use const pointers for error messages.Ken Raeburn2006-10-071-2/+40
| | | | | | Add some debugging hooks in the libkrb5 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18661 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-061-181/+249
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-034-74/+731
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* Set the canonicalize flag in TGS requests and accept cross-realm referral ↵Sam Hartman2006-09-216-34/+391
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tickets. We do not yet accept tickets in which the server name changes. * krb5_sname_to_principal: If there is no domain realm mapping return null realm *krb5_get_cred_via_tkt: New behavior as described below 1) the referrals case: - check for TGT for initial realm - if a remote realm was specified (which must have happened via a domain_realm mapping), obtain a TGT for it the standard way and start with that. - use client realm for server if not specified - iterate through this loop: - request ticket with referrals turned on - if that fails: - if this was the first request, punt to non-referrals case - otherwise, retry once without referrals turned on then terminate either way - if it works, either use the service ticket or follow the referral path - if loop count exceeded, hardfail 2) the nonreferrals case - this is mostly the old walk_realm_tree TGT-finding (which allows limited shortcut referrals per 4120) followed by a standard tgs-req. - originally requested principal is used for this, although if we were handed something without a realm, determine a fallback realm based on DNS TXT records or a truncation of the domain name. ticket: 2652 Owner: amb git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970
* Merge Todd's TCP changepw support, with a few fixupsKen Raeburn2006-08-231-7/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * include/cm.h (state_strings, enum conn_states, struct incoming_krb5_message, struct conn_state): Moved here from lib/krb5/os/sendto_kdc.c. (stuct sendto_callback_info): New type. * lib/krb5/os/sendto_kdc.c (set_conn_state_msg_length): New function. (setup_connection): Deleted argument message_len_buf. Don't store message length; call set_conn_state_msg_length instead. (start_connection): New arguments callback_info and callback_buffer. Invoke callback function if any, and set message length on success. (maybe_send): New arguments callback_info and callback_buffer; pass them to start_connection. (krb5int_sendto): New arguments callback_info, remoteaddr, remoteaddrlen. If callback info is provided, allocate per-connection buffers, and pass them to maybe_send. On cleanup, invoke the cleanup callback function if any. (krb5_sendto_kdc): Update krb5int_sendto call. * include/k5-int.h (struct sendto_callback_info): Add forward declaration. (krb5int_sendto, struct _krb5int_access.sendto_udp): Update for new signature. * lib/krb5/os/send524 (krb5int_524_sendto_kdc): Update krb5int_sendto call. * lib/krb4/send_to_kdc.c (krb5int_send_to_kdc_addr): Update sendto_udp call. * lib/krb5/os/changepw.c (struct sendto_callback_context): New type. (krb5_locate_kpasswd): New argument useTcp, used to select socket type in krb5int_locate_server call. (kpasswd_sendto_msg_cleanup, kpasswd_sendto_msg_callback): New functions. (krb5_change_set_password): Call krb5int_sendto with callbacks, instead of managing the exchange here. On RESPONSE_TOO_BIG error, try again with TCP only. * lib/krb5/krb/chpw.c (krb5int_rd_chpw_rep): If length is wrong, check if a buggy server sent a KRB_ERROR. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18518 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache):Tom Yu2006-06-301-0/+1
| | | | | | | | | | Oops, krb5_rc_close actually does free rcache, so actually do null rcache on error from krb5_rc_recover_or_initialize. Thanks to Shawn Emery for noticing. ticket: 3962 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18286 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache): AdaptedTom Yu2006-06-301-1/+6
| | | | | | | | | | | | | | patch from Shawn Emery to set rcache = 0 in case of krb5_rc_resolve_full failure because krb5_rc_resolve_full frees but doesn't null rcache. Also restore free of rcache in cleanup code. Continue to not null rcache in failure on krb5_rc_recover_or_initialize because krb5_rc_close doesn't free rcache. ticket: 3962 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18283 dc483132-0cff-0310-8789-dd5450dbe970
* fix calling convention for krb5 error-message routines, document usage of ↵Ken Raeburn2006-06-291-5/+5
| | | | | | | | | | | | | | | krb5_get_error_message * lib/krb5/krb/kerrs.c (krb5_*_error_message): Annotate with correct calling conventions for Windows. * include/krb5/krb5.hin: Update declarations. Add comment on krb5_get_error_message usage. ticket: new target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18254 dc483132-0cff-0310-8789-dd5450dbe970
* autoconf 2.60 compatibilityKen Raeburn2006-06-281-1/+1
| | | | | | | | | | | Change all file substitutions so that @-patterns start at the beginning of their lines, as now required by autoconf 2.60 (released Monday). ticket: new target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18249 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5_32.def: Export krb5_copy_contextTom Yu2006-06-261-5/+11
| | | | | | | | | | | * src/lib/krb5/libkrb5.exports: Export krb5_copy_context. * src/lib/krb5/krb/init_ctx.c (krb5_copy_context): Fix malloc argument for nctx. Handle null default_ccname case. ticket: 2856 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18229 dc483132-0cff-0310-8789-dd5450dbe970
* * src/include/krb5/krb5.hin: Add prototype for krb5_copy_contextTom Yu2006-06-261-0/+81
| | | | | | | | | | | * src/lib/krb5/krb/init_ctx.c (krb5_copy_context): New function to copy/clone an existing krb5 context. (copy_ktypes): Local helper function. ticket: 2856 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18228 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache): ApplyTom Yu2006-06-221-4/+0
| | | | | | | | | | patch from Rainer Weikusat to avoid double-free when rc_resolve_full() fails due to misconfiguration. ticket: 3924 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18206 dc483132-0cff-0310-8789-dd5450dbe970
* Change a bunch of calls to ctype macros (those cited by Jeff, and aKen Raeburn2006-06-161-2/+2
| | | | | | | | few others) to cast the character values to unsigned char. ticket: 3445 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18156 dc483132-0cff-0310-8789-dd5450dbe970
* Since it appears we don't actually set the conf_tgs_ktypes field except in thisKen Raeburn2006-06-101-14/+1
| | | | | | | | | initial allocation of zero elements, it can be deleted, along with conf_tgs_ktypes_count and the associated code... ticket: 2786 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18105 dc483132-0cff-0310-8789-dd5450dbe970
* copyright noticeKen Raeburn2006-06-081-1/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18090 dc483132-0cff-0310-8789-dd5450dbe970
* Merge about 1/3 of the remaining configure scripts into the top level. ThisKen Raeburn2006-05-311-2/+2
| | | | | | still leaves out appl and tests, and static library and plugin directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18068 dc483132-0cff-0310-8789-dd5450dbe970
* Rename locate.h to locate_plugin.h. Change references, update dependenciesKen Raeburn2006-05-241-89/+89
| | | | | | ticket: 3784 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037 dc483132-0cff-0310-8789-dd5450dbe970
* install headers into include/krb5Ken Raeburn2006-05-231-455/+477
| | | | | | | | | | | Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the build tree. Stub krb5.h in main include directory just includes krb5/krb5.h. Update dependencies, and add dependencies in a couple Makefiles that didn't have them. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/kadm5/alt_prof.c (kadm5_get_config_params): Replace filename andKen Raeburn2006-05-161-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | envvar arguments with a flag indicating whether KDC config data should be used. Prototype and all callers changed. (krb5_read_realm_params): Delete config file and env var arguments. Prototype and all callers changed. * lib/kadm5/admin.h (KADM5_CONFIG_PROFILE): Commented out. (struct _kadm5_config_params): Delete field PROFILE. * lib/kadm5/alt_prof.c (kadm5_get_config_params): Don't look at it. (kadm5_free_config_params): Don't free it. * kadmin/testing/tcl/util.t: Remove profile data from config params. * kadmin/testing/util/tcl_kadm5.c (config_mask_flags): Deleted KADM5_CONFIG_PROFILE entry. (parse_config_params): Changed to require 20 parameters instead of 21. * lib/kadm5/unit-test/api.2/init-v2.exp (test100): Deleted. * lib/kadm5/alt_prof.c (krb5_aprof_init): Fetch the list of config files from the library and add the caller-indicated config file to the front of the list. * lib/kadm5/clnt/client_init.c (kadm5_init_krb5_context): New function. * lib/kadm5/clnt/libkadm5clnt.exports: Export it. * lib/kadm5/srv/server_init.c: Include k5-int.h, osconf.h, gssapiP_krb5.h. (kadm5_init_krb5_context): New function. * lib/kadm5/srv/libkadm5srv.exports: Export it. * lib/kadm5/srv/Makefile.in (LOCAL_INCLUDES): Add gssapi directories. * lib/kadm5/admin.h (kadm5_init_krb5_context): Declare it. * kadmin/dbutil/kdb5_destroy.c (kdb5_destroy): Call kadm5_init_krb5_context instead of krb5_init_context. * kadmin/dbutil/dump.c (load_db): Likewise. * kadmin/dbutil/kdb5_util.c (main): Likewise. * kadmin/dbutil/kadm5_create.c (kadm5_create): Likewise. * kadmin/dbutil/kdb5_stash.c (kdb5_stash): Likewise. * kadmin/dbutil/loadv4.c (load_v4db): Likewise. * kadmin/server/ovsec_kadmd.c (main): Likewise. * kadmin/cli/kadmin.c (kadmin_startup): Likewise. * kadmin/testing/util/tcl_ovsec_kadm.c (tcl_ovsec_kadm_init): Likewise. * lib/kadm5/unit-test/lock-test.c (main): Likewise. * lib/kadm5/unit-test/handle-test.c (main): Likewise. * lib/kadm5/unit-test/randkey-test.c (main): Likewise. * lib/kadm5/unit-test/setkey-test.c (main): Likewise. * lib/kadm5/chpass_util.c (_kadm5_chpass_principal_util): Likewise. * lib/kadm5/kadm_rpc_xdr.c (xdr_krb5_principal): Likewise. * lib/krb5/os/init_os_ctx.c (add_kdc_config_file): New function. (os_init_paths): Add new argument KDC; call add_kdc_config_file if true. * lib/krb5/krb/init_ctx.c (krb5int_init_context_kdc): New function. (init_common): Add new argument KDC, passed to krb5_os_init_context. * lib/krb5/libkrb5.exports: Export krb5int_init_context_kdc. * k5-int.h (krb5_os_init_context): Update decl. * lib/kadm5/srv/server_init.c (kadm5_init): Call krb5int_init_context_kdc. * krb524/krb524d.c (main): Likewise. * lib/kadm5/unit-test/api.2/init-v2.exp: Don't run test 154 for error for $KRB5_KDC_PROFILE file not present. * lib/krb5/os/init_os_ctx.c (os_get_default_config_files): Rewrite KLL test so as not to confuse Emacs indentation support. * lib/gssapi/krb5/init_sec_context.c (kg_kdc_flag_mutex, kdc_flag): New variables. (krb5_gss_init_context, krb5_gss_use_kdc_context): New functions. * lib/gssapi/krb5/gssapiP_krb5.h (kg_kdc_flag_mutex): Declare. (krb5_gss_init_context, krb5_gss_use_kdc_context): Declare. (krb5_init_context): Define as macro to invoke krb5_gss_init_context for now. * lib/gssapi/gss_libinit.c (gssint_lib_init): Initialize the mutex. (gssint_lib_fini): Destroy it. * lib/gssapi/libgssapi_krb5.exports: Export krb5_gss_use_kdc_context. * lib/kadm5/srv/server_init.c (kadm5_init): Don't complain if the config files specify an admin server, since we now look at krb5.conf as well. * lib/kadm5/unit-test/api.2/init-v2.exp: Delete test test114 for bad server params. * plugins/kdb/db2/adb_openclose.c (osa_adb_init_db): Use krb5int_init_context_kdc instead of krb5_init_context. * kdc/rtest.c (main): Likewise. * kdc/fakeka.c (main): Likewise. * kdc/main.c (main, init_realm): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18009 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed the krb5_cc_gen_new memory ccache implementation and updatedAlexandra Ellwood2006-05-101-3/+11
| | | | | | | | | krb5_verify_init_creds() and rd_and_store_for_creds() to use the API properly (possible now that it's been fixed). ticket: 3746 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17997 dc483132-0cff-0310-8789-dd5450dbe970
* * send_tgs.c (krb5_send_tgs): Fix memory allocation size when padata isKen Raeburn2006-05-091-1/+1
| | | | | | | | provided. ticket: 3714 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17988 dc483132-0cff-0310-8789-dd5450dbe970
* Don't test HAVE_C_STRUCTURE_ASSIGNMENT.Ken Raeburn2006-04-2911-50/+2
| | | | | | Instead, just assume we do have a working C compiler. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17969 dc483132-0cff-0310-8789-dd5450dbe970
* unsigned/signed int warnings in krb5_context variablesEzra Peisach2006-04-211-1/+1
| | | | | | | | | Change in_tkt_ktype_count, tgs_ktype_count and conf_tgs_ktypes_count in context to unsigned int. Change get_profile_etype_list() to expect unsigned int as well. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17947 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 06:41:45 +0000