summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
Commit message (Collapse)AuthorAgeFilesLines
...
* make dependKen Raeburn2006-03-087-172/+343
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17708 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.h, which is built after util/et, which is built after the supportKen Raeburn2006-03-082-1/+5
| | | | | | | | | | | | | code. Fix: Put service location decls in k5-locate.h, pull plugin support decls out of k5-int.h into k5-plugin.h, and make it stand on its own, which includes changing the return type from krb5_error_code to int32_t. Oops: The plugin support code included k5-int.h, which includes git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17707 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from plugin branchKen Raeburn2006-03-0712-177/+442
| | | | | | | | | | | | | | | | | | | | | | | | | Add plugin support: - plugin routines in support library (may break windows build!) - plugin support in KDC location code - sample Python-based plugin for KDC location, not built without tweaking sources - changed service location interface to use an enum instead of passing profile string and DNS strings and port numbers - changed pathnames for plugin locations, including kdb back end - remove locate_service from accessor API Also, do build shared libraries for Darwin just like any other UNIX box. Not present yet: - use new plugin interface for kdb back end - Windows support - Mac bundle support (but dlopen support works) - search path for libkrb5 plugins (only one hard-coded directory for now) - sorting of plugin collections for predictable ordering See the various ChangeLogs for specifics. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17706 dc483132-0cff-0310-8789-dd5450dbe970
* Qing Dong <dongq@mit.edu> provided a set of changes to allowJeffrey Altman2006-02-272-2/+7
| | | | | | | | | | | | | krb5 to build under the Microsoft Visual Studio 8 compiler in 64-bit mode and produce file names that do not conflict with the names produced by the 32-bit build. That patch was modified to work on Unix and also include processor dependent pre-processor definitions to remove warnings. ticket: 3415 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17680 dc483132-0cff-0310-8789-dd5450dbe970
* Define new error codes for errors loading dal plugins.Sam Hartman2006-01-272-0/+8
| | | | | | Use these error codes to report plugin load errors. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17629 dc483132-0cff-0310-8789-dd5450dbe970
* update copyright datesKen Raeburn2006-01-261-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17622 dc483132-0cff-0310-8789-dd5450dbe970
* Include the support library when linking various test programs, because onKen Raeburn2006-01-182-2/+6
| | | | | | | | | Solaris, with the vendor compiler, we'll always get references to krb5int_pthread_loaded due to unused inline functions not being eliminated. (Also inclued it in dependencies, and use CC_LINK when it wasn't used before.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17592 dc483132-0cff-0310-8789-dd5450dbe970
* * gc_frm_kdc.c: Rewrite to modularize significantly. (~400-lineTom Yu2005-12-302-381/+752
| | | | | | | | | | | functions do not deserve to live.) The outer loop no longer explicitly attempts the direct path to the target; that attempt has been folded into the inner loop. Remove some redundant credential lookups present in the old code. Treat unexpected realm referrals as soft errors, in case some intermediate KDC disagrees with client regarding a transit path. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17579 dc483132-0cff-0310-8789-dd5450dbe970
* * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Cause free_tgt andTom Yu2005-12-282-12/+19
| | | | | | | | | | | | free_otgt to track the states of tgt and otgt correctly, to avoid a double-free condition which previously happened when this function returned to krb5_get_credentials(), which proceeded to free a previously freed TGT in the returned TGT list. ticket: 3313 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17578 dc483132-0cff-0310-8789-dd5450dbe970
* Increase size of PurgeRequest buffers for MSLSAJeffrey Altman2005-12-022-2/+6
| | | | | | | | | | | | | | Increase the size of the PurgeRequest buffers for MSLSA. Windows 2003 SP1 is writing beyond the end of the buffer during the Lsa call. ticket: new status: resolved component: krb5-libs target_version: 1.4.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17531 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2005-11-297-566/+385
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17505 dc483132-0cff-0310-8789-dd5450dbe970
* This commit ensures that all files in the library includeJeffrey Altman2005-11-1510-6/+22
| | | | | | | | | | | k5-int.h before krb5.h is included either directly or indirectly. This is to allow Kerberos to use pre-processor symbols to choose configurations of C run time library headers without affecting third party applications. ticket: 3236 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17489 dc483132-0cff-0310-8789-dd5450dbe970
* * Correct function prototypes that should have been using Jeffrey Altman2005-11-154-6/+18
| | | | | | | | | | | | | | krb5_timestamp in order to prevent type conflicts if krb5_timestamp ever becomes a 64-bit value * Force the use of 32-bit time_t with Microsoft's VS 2005 compiler on 32-bit platforms * Test for inclusion of krb5.h before k5-int.h ticket: 2883 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17488 dc483132-0cff-0310-8789-dd5450dbe970
* * acquire_cred.c (acquire_init_cred):Jeffrey Altman2005-10-312-8/+14
| | | | | | | | | | | | | | If a specific principal has been requested, attempt to acquire tickets and set the ccache name in the context to the ccache containing the tickets if obtained. (KFM/KFW) * ccdefault.c: (krb5int_cc_default) - add KFW support for multiple ccaches ticket: 3223 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17468 dc483132-0cff-0310-8789-dd5450dbe970
* cc_mslsa.c: Jeffrey Altman2005-10-202-9/+16
| | | | | | | | | | | - provide defaults for client and server names in purge ticket routines - properly size the buffers used to store the names. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17440 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (t_ser): Add dl library and thread link options, since kdb5Ken Raeburn2005-10-192-1/+6
| | | | | | library is linked in and needs them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17436 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_get.c (asn1_get_tag_2): Patch from Zhihong Zhang to properlyTom Yu2005-10-032-1/+6
| | | | | | | | | | handle tag numbers >= 30. ticket: 2542 target_version: 1.4.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17400 dc483132-0cff-0310-8789-dd5450dbe970
* fix krb5_mk_rep subkey leaksTom Yu2005-09-222-0/+11
| | | | | | | | | | | | | * mk_req_ext.c (krb5int_generate_and_save_subkey): Check for and free pre-existing subkeys before clobbering the pointers. This fixes some memory leaks. ticket: new target_version: 1.4.3 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17387 dc483132-0cff-0310-8789-dd5450dbe970
* * dnsglue.c (USE_RES_NINIT): Fix braino: define to 1, not emptyTom Yu2005-09-162-1/+6
| | | | | | | | string. ticket: 3172 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17382 dc483132-0cff-0310-8789-dd5450dbe970
* Rework logic for using res_ninit() and friends to fall back toTom Yu2005-09-082-10/+28
| | | | | | | | | res_init() if res_ndestroy() isn't available. ticket: 3172 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17377 dc483132-0cff-0310-8789-dd5450dbe970
* fix more executable permissionsTom Yu2005-08-251-0/+0
| | | | | | | | | | Fix some more executable permissions missing from import. ticket: new tags: pullup target_version: 1.4.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17357 dc483132-0cff-0310-8789-dd5450dbe970
* Delete .cvsignore files; contents have already been Sam Hartman2005-08-245-22/+0
| | | | | | set on svn:ignore properties. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17353 dc483132-0cff-0310-8789-dd5450dbe970
* * t_ser.c (ser_kcontext_test): Remove statement declaring anEzra Peisach2005-08-232-1/+5
| | | | | | unused variable using a non-portable gcc extension. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17346 dc483132-0cff-0310-8789-dd5450dbe970
* All configure.in scripts: Use K5_AC_INIT instead of AC_INITKen Raeburn2005-08-202-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17342 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (krb5_get_init_creds): Free tempstr on non-errorTom Yu2005-08-162-4/+11
| | | | | | | | | returns from krb5_string_to_deltat() to avoid memory leak. ticket: 3147 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17330 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2005-003 krb5_recvauth double-freeTom Yu2005-07-122-2/+4
| | | | | | | | | | | | | * recvauth.c (recvauth_common): Avoid double-free on invalid version string. Thanks to Magnus Hagander. Fix for MITKRB5-SA-2005-003 [CAN-2005-1689, VU#623332]. ticket: new target_version: 1.4.2 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17299 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2005-002 KDC double-free and heap overflowTom Yu2005-07-122-0/+9
| | | | | | | | | | | | | | | Fix for MITKRB5-SA-2005-002 * KDC double-free [CAN-2005-1174, VU#259798] * krb5_unparse_name heap overflow [CAN-2005-1175, VU#885830] Thanks to Daniel Wachdorf. ticket: new flags: pullup target_version: 1.4.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17298 dc483132-0cff-0310-8789-dd5450dbe970
* * t_ser.c (ser_data): Don't initialize db serialization code that doesn't existKen Raeburn2005-06-302-13/+7
| | | | | | | any more. (ser_kcontext_test): Don't create and destroy databases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17279 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2005-06-217-383/+562
| | | | | | | | | N.B.: The version of gcc used this time ("gcc version 3.4.3 20041212 (Red Hat 3.4.3-9.EL4)") seems to emit some duplicate dependencies -- some header files get listed twice. This is annoying but shouldn't cause any harm.... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17256 dc483132-0cff-0310-8789-dd5450dbe970
* ksu keeps old ccache lockedKen Raeburn2005-06-152-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | ksu can keep the user's ccache (the old one, not the newly created one) locked while the new shell is running. It's a read lock, which prevents other processes from modifying the file (e.g., adding newly acquired tickets); they just hang until ksu exits. The problem is really a bug down in the ccache code, where the wrong data pointer is pulled out of a linked list, and used. But ksu is one of the few programs that manipulates multiple ccaches; most other programs wouldn't show the problem, and it only shows up with ksu if some other program is also being run that has to fetch new tickets. Any other programs maintaining multiple file ccaches may be affected as well. * cc_file.c (dereference): Fix test is list-walking loop. ticket: new target_version: 1.4.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17243 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (service_fds): Don't create a select_state on the stack; take anKen Raeburn2005-06-102-23/+40
| | | | | | | | | | | additional argument pointing to it. (krb5int_sendto): Don't create a select_state on the stack; instead, allocate two on the heap, passing the second as the new argument to service_fds. ticket: 3060 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17234 dc483132-0cff-0310-8789-dd5450dbe970
* Implement RFC 3961 PRFSam Hartman2005-05-204-46/+35
| | | | | | | | | | | | | | Add krb5_c_prf, a function that implements the RFC 3961 PRF. As part of this change, the krb5_init_keyblock and krb5 free routines move to libk5crypto. Public stubs remain in libkrb5, but the actual implementation is an internal interface in libk5crypto ticket: new Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17219 dc483132-0cff-0310-8789-dd5450dbe970
* updated dependencies for socket-utils.h changeKen Raeburn2005-04-281-8/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17205 dc483132-0cff-0310-8789-dd5450dbe970
* the purpose of the krb5_get_credentials call is toJeffrey Altman2005-04-252-2/+19
| | | | | | | | | | | obtain a set of credentials for the caller. the krb5_cc_store_cred() call is to optimize performance for future calls. Ignore any errors, since the credentials are still valid even if we fail to store them in the cache. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17201 dc483132-0cff-0310-8789-dd5450dbe970
* Move WSAStartup/WSACleanup from DllMain to krb5_init_ctx/krb5_free_ctxJeffrey Altman2005-04-232-4/+29
| | | | | | | | | WSAStartup/WSACleanup cannot be called from DllMain without risking a deadlock when FreeLibrary(). ticket:2980 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17200 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (BISONFLAGS): Drop -v.Ken Raeburn2005-04-133-23/+27
| | | | | | | | | ($(srcdir)/deltat.c): Change to source directory before rebuilding, so path to source tree doesn't get inserted. (deltat.c rebuilt) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17178 dc483132-0cff-0310-8789-dd5450dbe970
* Delete definitions of unused macros NEED_SOCKETS and NEED_LOWLEVEL_IOKen Raeburn2005-04-1333-34/+43
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17177 dc483132-0cff-0310-8789-dd5450dbe970
* * kuserok.c (krb5_kuserok): Use k5_getpwnam_rKen Raeburn2005-03-262-13/+5
| | | | | | | ticket: 2982 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17157 dc483132-0cff-0310-8789-dd5450dbe970
* * dnsglue.h: Define ns_rr_class to ns_rr_cl if ns_rr_class doesn'tTom Yu2005-03-232-0/+14
| | | | | | | | | exist. ticket: 2906 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17145 dc483132-0cff-0310-8789-dd5450dbe970
* * x-deltat.y (wsnum): Add missing semicolon following YYERROR,Tom Yu2005-03-232-1/+5
| | | | | | | | | | | | which was preventing bison-1.75 from producing compilable C output. ticket: new version_reported: 1.4 target_version: 1.4.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17140 dc483132-0cff-0310-8789-dd5450dbe970
* * gic_keytab.c (krb5_get_init_creds_keytab): When callingTom Yu2005-03-222-1/+11
| | | | | | | | | | | | krb5_get_init_creds() for the second time (with use_master=1), also accept KRB5_REALM_UNKNOWN as a soft error, and use the result from the first call to krb5_get_init_creds(). This can happen when no master KDC is configured. ticket: 2974 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17132 dc483132-0cff-0310-8789-dd5450dbe970
* The current wconfig.c does not treat @MAINT@ as a comment. Until weJeffrey Altman2005-03-152-1/+9
| | | | | | | | have one that does, override the use of @MAINT@ on Windows. ticket: 2962 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17128 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c (krb5_sname_to_principal):Jeffrey Altman2005-03-062-20/+55
| | | | | | | | | | | conditionalize the use of reverse dns lookups. The default is to use the existing behavior. rdns can be disabled by specifying [libdefaults] rdns=false ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17120 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int instead ofKen Raeburn2005-03-042-0/+10
| | | | | | | | | | pointer, do the appropriate error checking. ticket: 2953 target_version: 1.4.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17118 dc483132-0cff-0310-8789-dd5450dbe970
* time-delta parser doesn't work on HP-UX 10Ken Raeburn2005-03-034-703/+1035
| | | | | | | | | | | | | | | | | | | | A build on Lenny's machine (built with gcc 2.7, thread support disabled, static libraries only) is failing tests because the HP header files define "WS" as a macro that expands to 2, while the delta-t grammar uses "WS" as the name of a terminal symbol (which under bison turns into a C macro). Renaming the terminal in the grammar (and custom lexer) fixes the problem. * x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts with HP-UX 10 header files. Updated all productions. (mylex): Updated. * Makefile.in ($(srcdir)/deltat.c): Enable dependencies in maintainer mode. * deltat.c: Updated. ticket: new target_version: 1.4.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17110 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message ifKen Raeburn2005-02-172-0/+7
| | | | | | SHOW_INITFINI_FUNCS is defined. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17105 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ctx.c (init_common): Delete redundant library initialization call thatKen Raeburn2005-02-162-4/+22
| | | | | | | was run only on UNIX. Test assertion that krb5_ui_8 really did get a proper 64-bit type. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17103 dc483132-0cff-0310-8789-dd5450dbe970
* * gic_pwd.c (krb5_get_init_creds_password): Fix so empty passwordTom Yu2005-02-102-1/+7
| | | | | | | | | | | string causes prompting and doesn't cause truncation of password to zero characters. ticket: 2918 target_version: 1.4.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17098 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If SHOW_INITFINI_FUNCSKen Raeburn2005-02-092-1/+14
| | | | | | is defined, print tracing messages. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17095 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (LIBINITFUNC, LIBFINIFUNC): DefineKen Raeburn2005-02-092-0/+6
| | | | | | | ticket: 2916 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17091 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-01 14:56:55 +0000