summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Use load_32_be processing length in TCP replyKen Raeburn2009-08-211-5/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22570 dc483132-0cff-0310-8789-dd5450dbe970
* Use {load,store}_{16,32}_be for big-endian integersKen Raeburn2009-08-211-17/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22568 dc483132-0cff-0310-8789-dd5450dbe970
* Bump sonames of libkadm5 libraries, since r22527 changed their ABIsGreg Hudson2009-08-172-2/+2
| | | | | | ticket: 6547 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22528 dc483132-0cff-0310-8789-dd5450dbe970
* Modify kadm5 initializers to accept krb5 contextsGreg Hudson2009-08-179-54/+65
| | | | | | | | | | Add krb5_context parameters to all kadm5 initialization functions. This allows extended error information to be retrieved by the caller when an error is returned. ticket: 6547 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22527 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused variables resulting from r22521, and also remove theGreg Hudson2009-08-173-38/+0
| | | | | | | | unused file svr_misc_free.c. ticket: 6544 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22523 dc483132-0cff-0310-8789-dd5450dbe970
* Remove kadmin v1 API supportGreg Hudson2009-08-1343-9418/+276
| | | | | | | | | | | | | | | The kadmin v1 API and the even older ovsec_kadm_* API were legacy when kadmin was first incorporated in 1996, and compatibility with them is no longer believed to be necessary. The uninstalled kadmin/passwd has been removed (since it used the ovsec API). The test suite has been updated to use the v2 API where appropriate, and the parts specifically designed to test the old API have been excised. ticket: 6544 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22521 dc483132-0cff-0310-8789-dd5450dbe970
* Fix lib/crypto/krb/dk/Makefile.in mydir valueGreg Hudson2009-08-131-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22520 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the t_nfold build rules again. We don't have a simple way ofGreg Hudson2009-08-101-1/+4
| | | | | | | | plucking object files from other directories (we don't know for sure what extension to use), so build an nfold.o in this directory from the nfold.c in the ../krb source directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22517 dc483132-0cff-0310-8789-dd5450dbe970
* Convert all uses of strtok() in libraries to strtok_r() for threadGreg Hudson2009-08-101-3/+4
| | | | | | safety. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22513 dc483132-0cff-0310-8789-dd5450dbe970
* In crypto_tests: for t_nfold, link against an nfold object file in theGreg Hudson2009-08-031-3/+3
| | | | | | | | build directory, not the source directory. Remove the nfold object from the t_encrypt dependency list since we don't directly use it in the linking rule. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22489 dc483132-0cff-0310-8789-dd5450dbe970
* Be a little more verbose about errors from mit_des_key_sched(), andTom Yu2009-08-031-1/+2
| | | | | | remember to print newlines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22488 dc483132-0cff-0310-8789-dd5450dbe970
* Fix deplibs for t_crcTom Yu2009-08-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22487 dc483132-0cff-0310-8789-dd5450dbe970
* Get "make depend" to work in an unbuilt source tree, since bad depsGreg Hudson2009-08-036-2/+10
| | | | | | | | files can make it difficult to build the tree. To do this, make the depends target depend on generated header files and on header file copies or links into the main include directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22486 dc483132-0cff-0310-8789-dd5450dbe970
* Re-run make depend. (I am not certain why the dependencies fromGreg Hudson2009-08-0317-697/+654
| | | | | | r22477 didn't work for me.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22482 dc483132-0cff-0310-8789-dd5450dbe970
* In the crypto-tests check target, refer to t_cf2.expected in theGreg Hudson2009-08-031-1/+1
| | | | | | source tree (where it lives) instead of the cwd. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22481 dc483132-0cff-0310-8789-dd5450dbe970
* Crypto modularity proj: Separate files under crypto directory based on their ↵Zhanna Tsitkov2009-08-03242-1737/+1839
| | | | | | | | functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder. bigredbutton: whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22477 dc483132-0cff-0310-8789-dd5450dbe970
* Fix of the test cleanup Zhanna Tsitkov2009-08-011-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22476 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak in k5_pac_verify_server_checksumEzra Peisach2009-07-302-1/+5
| | | | | | | | | | k5_pac_verify_server_checksum was leaking memory when the checksum was valid. t_pac.c: Fix memory leak by forgetting to release memory. ticket: 6541 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22474 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in test code t_authdataEzra Peisach2009-07-301-0/+1
| | | | | | | | Free the krb5_context at the end to release memory. ticket: 6540 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22473 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak by release context at end of test codeEzra Peisach2009-07-301-0/+3
| | | | | | ticket: 6539 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22470 dc483132-0cff-0310-8789-dd5450dbe970
* Enctype list configuration enhancementsGreg Hudson2009-07-293-78/+334
| | | | | | | | | | | In the processing code for enctype lists, add support for "DEFAULT" to indicate the default list, for families (des/des3/aes/rc4), and for removing entries from the current list (-foo). Also add unit tests and document. ticket: 6539 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22469 dc483132-0cff-0310-8789-dd5450dbe970
* Use zero-terminated enctype lists in the context structure instead ofGreg Hudson2009-07-273-169/+148
| | | | | | counted lists, to reduce impedance mismatches. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22456 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_copy_error_message, pass correct pointer toGreg Hudson2009-06-271-1/+1
| | | | | | | | | | krb5int_clear_error. ticket: 6519 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22424 dc483132-0cff-0310-8789-dd5450dbe970
* Update comments to reflect reality and the fact that this is not a file basedEzra Peisach2009-06-211-20/+28
| | | | | | cache. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22419 dc483132-0cff-0310-8789-dd5450dbe970
* minor memory leak in 'none' replay cache typeKen Raeburn2009-06-181-2/+8
| | | | | | | | | | | | | | | | The replay cache type implementations are responsible for freeing the main rcache structure when the cache handle is closed. The 'none' rcache type wasn't doing this, resulting in a small memory leak each time such a cache was opened and closed. Not a big deal for a server process servicing a single client, but it could accumulate (very very slowly) for a long-running server. ticket: 6514 tags: pullup target_version: 1.7.1 version_reported: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22417 dc483132-0cff-0310-8789-dd5450dbe970
* In the previous patch - I neglected a potential NULL deref in the callEzra Peisach2009-06-171-1/+3
| | | | | | | | to krb5int_yarrow_cipher_final. Trivial fix. ticket: 6512 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22413 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_yarrow_final could deref NULL if out of memoryEzra Peisach2009-06-111-1/+2
| | | | | | | | | | | krb5int_yarrow_final tests if the Yarrow_CTX* is valid (not NULL) - and if not - signals and error for return - but still invokes mem_zero (memset) with it as an argument. This will only happen in an out-of-memory situation. ticket: 6512 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22410 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_rd_chpw_rep could call krb5_free_error with random valueEzra Peisach2009-06-101-1/+1
| | | | | | | | | | clang picked up on a path in which krberror is not set and passed as an argument to krb5_free_error(). Essentially if the clearresult length < 2 but everything decodes - you can hit this path... ticket: 6511 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22409 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up and simplify kdb5.c; no functional changesGreg Hudson2009-06-081-707/+311
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22408 dc483132-0cff-0310-8789-dd5450dbe970
* In kdb5.c, remove calls to the locking macros which were stubbed outGreg Hudson2009-06-081-258/+1
| | | | | | in r17612. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22407 dc483132-0cff-0310-8789-dd5450dbe970
* Restore limited support for static linkingGreg Hudson2009-06-081-74/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add enough static linking support to run the test suite without shared libraries, to facilitate gcov and other kinds of instrumentation. The necessary changes include: * Undo some of the changes which removed static linking support, and cannibalize the defunct krb5_force_static conditional block in aclocal.m4. * Add --enable-static-only configure option. * For plugins, use a different symbol name for static and dynamic builds, via a macro in k5plugin.h. * Add build machinery for building static libraries for plugins (somewhat grotty due to the difference in names). * Move plugin subdirs earlier in SUBDIRS in src/Makefile.in. * Make the in-tree KDB5 plugins dependencies of libkdb5 in a static build (aclocal.m4 has to know what they are). * In kdb5.c, cannibalize the broken _KDB5_STATIC_LINK support to allow "loading" of statically linked plugin libraries. Preauth, authdata, locate, and GSSAPI plugins are not handled by this change, as they are not currently necessary to the test suite. Supporting GSSAPI plugins may be a bit tricky but the others should be straightforward if they become needed. $(STLIBEXT) changes from .a-nobuild to .a in a normal shared build as a result of these changes (except on AIX where aclocal.m4 changes it). This does not seem to be important as we avoid selecting the static library for building via other means. ticket: 6510 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22406 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build the kadm5/unit-test test programs during "make all"; buildGreg Hudson2009-06-081-4/+0
| | | | | | | | them during "make check" via test dependencies for consistency with the way we handle other test programs. (Also means we don't need libraries to be linkable until later in the build process.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22404 dc483132-0cff-0310-8789-dd5450dbe970
* kadmind is parsing acls good deref NULL pointer on errorEzra Peisach2009-06-061-13/+17
| | | | | | | | | | | | In kadm5int_acl_parse_line, if you setup an acl w/ restrictions (i.e. the four argument acl format) - but have an error parsing the first few fields, acle is NULLed out, and is then derefed. This adds a conditional and indents according to the krb5 c-style... ticket: 6509 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22403 dc483132-0cff-0310-8789-dd5450dbe970
* kadm5int_acl_parse_restrictions could ref uninitialized variableEzra Peisach2009-06-061-1/+1
| | | | | | | | | | The variable sp is never initialized. If the first argument to the function is null, the code falls through to freeing sp if valid. However, sp is never set. ticket: 6508 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22402 dc483132-0cff-0310-8789-dd5450dbe970
* Make results of krb5_db_def_fetch_mkey more predictableGreg Hudson2009-06-011-25/+16
| | | | | | | | | | | | | | | | | | | | krb5_db_def_fetch_mkey tries the stash file as a keytab, then falls back to the old stash file format. If the stash file was in keytab format, but didn't contain the desired master key, we would try to read a keytab file as a stash file. This could succeed or fail depending on byte order and other unpredictable factors. The upshot was that one of the libkadm5 unit tests (init 108) was getting a different error code on different platforms. To fix this, only try the stash file format if we get KRB5_KEYTAB_BADVNO trying the keytab format. This requires reworking the error handling logic. ticket: 6506 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22397 dc483132-0cff-0310-8789-dd5450dbe970
* Revert last changeKen Raeburn2009-05-271-7/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22394 dc483132-0cff-0310-8789-dd5450dbe970
* Don't re-run test programs to recreate output every time 'check' is builtKen Raeburn2009-05-271-5/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22393 dc483132-0cff-0310-8789-dd5450dbe970
* fix t_prf test code properlyKen Raeburn2009-05-271-6/+8
| | | | | | | | | | | | | Correction to patch in r22364: "i" was used in two places, one of which required an int-sized value and the other of which required a size_t. Instead of changing the type, split the two uses into separate variables. ticket: 6505 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22392 dc483132-0cff-0310-8789-dd5450dbe970
* Fix test rules for non-gmake make versionsGreg Hudson2009-05-241-2/+2
| | | | | | | | | | | | | The build rules for the new t_ad_fx_armor and t_authdata test programs used $<, which is only portable for implicit rules (but is valid in gmake for all rules). Stop using $< in those rules so that "make check" works with System V make. ticket: 6495 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22368 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_ktfileint_write_entry, add a no-op fseek in between readingGreg Hudson2009-05-231-0/+3
| | | | | | | | EOF and writing the placeholder length field. Otherwise we can run into an apparent bug in the Solaris 10 stdio library which causes the next no-op fseek after the fwrite to fail with EINVAL. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22367 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2009-05-221-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22366 dc483132-0cff-0310-8789-dd5450dbe970
* Use correct type for krb5_c_prf_length length argKen Raeburn2009-05-221-8/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22364 dc483132-0cff-0310-8789-dd5450dbe970
* Use printf format attribute only with gccKen Raeburn2009-05-222-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22363 dc483132-0cff-0310-8789-dd5450dbe970
* make prompt string vars point to constKen Raeburn2009-05-221-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22362 dc483132-0cff-0310-8789-dd5450dbe970
* fix minor syntax errorKen Raeburn2009-05-221-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22361 dc483132-0cff-0310-8789-dd5450dbe970
* Include regression test for krb-fx-cf2 for RC4 enctypeSam Hartman2009-05-203-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22359 dc483132-0cff-0310-8789-dd5450dbe970
* Restore compatibility with KDCs using key usage 8 to encrypt TGSGreg Hudson2009-05-202-39/+74
| | | | | | | | | replies in a subkey, by implementing a fallback in krb5_arcfour_decrypt. ticket: 6490 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22357 dc483132-0cff-0310-8789-dd5450dbe970
* When using keyed checksum types with TGS subkeys, Microsoft AD 2003Greg Hudson2009-05-191-0/+2
| | | | | | | | | | | | | | | | verifies the checksum using the subkey, whereas MIT and Heimdal verify it using the TGS session key. (RFC 4120 is actually silent on which is correct; RFC 4757 specifies the TGS session key.) To sidestep this interop issue, don't use keyed checksum types with RC4 keys without explicit configuration in krb5.conf. Using keyed checksum types with AES is fine since, experimentally, AD 2008 accepts checksums keyed with the TGS session key. ticket: 6490 status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22356 dc483132-0cff-0310-8789-dd5450dbe970
* In practice, key usage 9 requires no translationSam Hartman2009-05-181-1/+1
| | | | | | | ticket: 6490 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22355 dc483132-0cff-0310-8789-dd5450dbe970
* Copy the sequence key rather than the subkey for lucid contexts in RFCSam Hartman2009-05-181-1/+1
| | | | | | | | | | | 1964 mode, so that we map to raw des enctypes rather than say des-cbc-crc. ticket: 6488 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22354 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 12:30:40 +0000