summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix some error-handling bugs in cc_dir.cGreg Hudson2011-09-071-4/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25168 dc483132-0cff-0310-8789-dd5450dbe970
* Change how bundled libverto is linkedGreg Hudson2011-09-061-0/+7
| | | | | | | | | Give libverto-k5ev a header file. When using the internal verto library, link against -lverto-k5ev and use verto_default_k5ev() instead of verto_default(), bypassing the module loading logic and making static builds possible. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25166 dc483132-0cff-0310-8789-dd5450dbe970
* Fix several bugs in gss-krb5 inq_credGreg Hudson2011-09-061-8/+9
| | | | | | | | | cred could be used uninitialized if krb5_timeofday() failed. defcred had the wrong type. kg_cred_resolve() should be used instead of krb5_gss_validate_cred() to do delayed name/ccache resolution and get a lock. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25164 dc483132-0cff-0310-8789-dd5450dbe970
* Newer GCCs optimizer catches a variable used without initializationEzra Peisach2011-09-062-463/+849
| | | | | | in the bison library code. Use a GCC pragma to suppress. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25163 dc483132-0cff-0310-8789-dd5450dbe970
* Make gss-krb5 use cache collectionGreg Hudson2011-09-056-83/+149
| | | | | | | | | | | | | | | | For default credentials, defer ccache resolution until we need the information. If this happens in init_sec_context when we have the target principal in hand, use krb5_cc_select() to pick a cache. If the target principal is not known, use the default cache. For credentials with a specified principal, use krb5_cc_cache_match() to find the cache. If no cache is found and a password is specified, create a new cache within the collection to hold the new credentials, if the default cache type supports a collection. ticket: 6958 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25160 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor gss-krb5 acquire_init_credGreg Hudson2011-09-051-224/+237
| | | | | | | | These changes have no functional impact, but will allow the GSSAPI changes for credential selection to be made with a minimum of code movement. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25159 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_cc_select() API and pluggable interfaceGreg Hudson2011-09-0510-1/+565
| | | | | | | | | | | The interface has two built-in modules. The realm module guesses a cache based on the server realm if it is known. The k5identity module (Unix only) chooses a client principal based on rules in a .k5identity file in the user's homedir. ticket: 6957 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25158 dc483132-0cff-0310-8789-dd5450dbe970
* Add ccache collection support to toolsGreg Hudson2011-09-051-1/+1
| | | | | | | | | | | | | | | | * "kdestroy -A" destroys all caches in collection. * "kinit princ" searches the collection for a matching cache and overwrites it, or creates a new cache in the collection, if the type of the default cache is collection-enabled. The chosen cache also becomes the primary cache for the collection. * "klist -l" lists (in summary form) the caches in the collection. * "klist -A" lists the content of all of the caches in the collection. * "kswitch -c cache" (new command) makes cache the primary cache. * "kswitch -p princ" makes the cache for princ the primary cache. ticket: 6956 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25157 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded cccol behaviorsGreg Hudson2011-09-055-499/+146
| | | | | | | | | | Do not yield any default caches in the top level cccol implementation. In the FILE type, yield the default cache if it exists and is of type FILE, instead of yielding the set of open file caches. ticket: 6955 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25156 dc483132-0cff-0310-8789-dd5450dbe970
* Add new cache collection APIsGreg Hudson2011-09-0511-0/+123
| | | | | | | | | | | | | | | * krb5_cc_get_full_name retrieves the full type:name of a cache. * krb5_cc_switch makes a cache the primary cache. * krb5_cc_cache_match searches the collection for a client principal. * krb5_free_string releases a string (for the krb5_cc_get_full_name result). All of these are from Heimdal except for krb5_free_string (Heimdal uses krb5_xfree). ticket: 6954 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25155 dc483132-0cff-0310-8789-dd5450dbe970
* Add the DIR ccache typeGreg Hudson2011-09-057-27/+755
| | | | | | | | | | | | The DIR ccache type supports a collection of credential caches within a private directory (which must be created out of band). One cache is designated as primary at any given time. Setting the default cache name to DIR:dirname will cause caches within dirname to be present in the global cache collection. ticket: 6953 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25154 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the mechglue union cred auxinfo fieldGreg Hudson2011-09-058-242/+65
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25152 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize some more variablesKen Raeburn2011-09-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25151 dc483132-0cff-0310-8789-dd5450dbe970
* Silence various "may be used uninitialized" warnings from GCC causedKen Raeburn2011-09-058-9/+10
| | | | | | | | | by it not figuring out the control flow (initialization and use both tied to some other variable). DB2 code not included. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25146 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-0433-132/+125
| | | | | | | Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
* Skip redundant inclusion of iprop.hKen Raeburn2011-09-042-2/+18
| | | | | | | Suppress GCC's unused-variable diagnostic for purely generated code using outside tools, known to have that issue but not ours to fix. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25142 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of variables triggering gcc's "defined but not used"Ken Raeburn2011-09-0410-40/+0
| | | | | | complaints, almost entirely "rcsid" variables. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25141 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify some files mistakenly created with tabsGreg Hudson2011-09-0412-310/+310
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25140 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2011-09-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25137 dc483132-0cff-0310-8789-dd5450dbe970
* Rename local variable "socket" to avoid the one shadowed-declarationKen Raeburn2011-09-041-3/+3
| | | | | | warning I get in a simple GNU/Linux build. Solaris may have others. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25136 dc483132-0cff-0310-8789-dd5450dbe970
* declarations before codeKen Raeburn2011-09-041-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25135 dc483132-0cff-0310-8789-dd5450dbe970
* Fix pointer type in net-server.c:make_event()Greg Hudson2011-09-041-1/+2
| | | | | | | We use void pointers as temporaries in other uses of ADD(), so do so here as well. The type-safe type would be verto_ev **. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25134 dc483132-0cff-0310-8789-dd5450dbe970
* Fix arg list for dummy version of setup_udp_pktinfo_portsKen Raeburn2011-09-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25133 dc483132-0cff-0310-8789-dd5450dbe970
* Migrate net-server loop to use libvertoGreg Hudson2011-09-021-588/+589
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25132 dc483132-0cff-0310-8789-dd5450dbe970
* Add a loop_ prefix to net-server.c functionsGreg Hudson2011-09-021-11/+12
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25128 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cross-realm traversal TGT requestsGreg Hudson2011-09-011-1/+1
| | | | | | | | | | | | When requesting a cross-realm TGT, use the KDC instance of the current TGT (the second data component), not the realm which the TGT came from. ticket: 6952 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25121 dc483132-0cff-0310-8789-dd5450dbe970
* Fix connection termination bug in sendto_kdcGreg Hudson2011-09-011-4/+4
| | | | | | | | | | | When terminating a connection, close and invalidate conn->fd so that we don't look for it in selstate on the next select or poll invocation. Looking for such an fd is harmless when using select, but results in an assertion failure when using poll. ticket: 6951 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25120 dc483132-0cff-0310-8789-dd5450dbe970
* Fix style issues in r25087Greg Hudson2011-08-2937-297/+289
| | | | | | | | | | | * Function names should be at the beginning of lines in definitions. * Changes should not create lines >79 characters. * Continuation lines should align after left parens when appropriate. Also, krb5_gss_accept_sec_context_ext and acquire_accept_cred are not gss mechanism functions and should not have been tagged. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25116 dc483132-0cff-0310-8789-dd5450dbe970
* Remember and close the kadmin socket we openedGreg Hudson2011-08-262-1/+9
| | | | | | | | | | | Prior to ticket #6746, the RPC library opened the kadmin socket and took responsibility for closing. When we added IPv6 support, the calling code became the owner of the socket but wasn't closing it, resulting in a file descriptor leak. ticket: 6949 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25115 dc483132-0cff-0310-8789-dd5450dbe970
* Fix signed/unsigned warnings in testsEzra Peisach2011-08-245-19/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25113 dc483132-0cff-0310-8789-dd5450dbe970
* make-dependKen Raeburn2011-08-201-13/+110
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25108 dc483132-0cff-0310-8789-dd5450dbe970
* Remove setting a variable that is never usedEzra Peisach2011-08-191-14/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25106 dc483132-0cff-0310-8789-dd5450dbe970
* Fix call to gss_inquire_cred from spnego_gss_acquire_cred_impersonate_nameGreg Hudson2011-08-111-13/+11
| | | | | | | | | | | If desired_mechs is NULL (this should never happen when invoked from the MIT mechglue), we call gss_inquire_cred to get a list of mechs. This call needs to pass a union cred handle, not the SPNEGO handle we got as input. Reported by aberry@likewise.com. ticket: 6945 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25098 dc483132-0cff-0310-8789-dd5450dbe970
* Fix major status handling in gss_acquire_credGreg Hudson2011-08-111-0/+1
| | | | | | | | | | | If we have at least one cred element after the mech loop, reset major before continuing on, or we could mistakenly return a failure status from the last mech (and free the returned creds). Reported by aberry@likewise.com. ticket: 6944 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25097 dc483132-0cff-0310-8789-dd5450dbe970
* Correctly dereference cred_handle when assigning to spcred inGreg Hudson2011-08-111-1/+1
| | | | | | | | | | spnego_gss_set_cred_option. Reported by aberry@likewise.com. ticket: 6943 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25096 dc483132-0cff-0310-8789-dd5450dbe970
* WhitespaceGreg Hudson2011-08-097-97/+6
| | | | | | Also remove the erroneously added gssapi_err_krb5 error table sources. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25091 dc483132-0cff-0310-8789-dd5450dbe970
* call gssint_mecherrmap_init() from gssint_mechglue_init()Sam Hartman2011-08-091-0/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25090 dc483132-0cff-0310-8789-dd5450dbe970
* Fix rare duplicate time issue On systems with imprecise clocksSam Hartman2011-08-091-5/+18
| | | | | | | | | | | | (e.g. windows), there was as issue where microsecond rollover could conceivably cause the same time to be reported twice. Also document potential performance improvement by using thread-local storage for last_time and eliminating the mutex. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25088 dc483132-0cff-0310-8789-dd5450dbe970
* Use KRB5_CALLCONV for all gss mechanism functions. Also wrap #include ↵Sam Hartman2011-08-0943-269/+365
| | | | | | | | | <unistd.h> with #ifdef HAVE_UNISTD_H in g_authorize_localname.c Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25087 dc483132-0cff-0310-8789-dd5450dbe970
* Added functions to export tables krb5_32:Sam Hartman2011-08-092-0/+4
| | | | | | | | | | krb5int_c_mandatory_cksumtype, krb5int_arcfour_gsscrypt gssapi32: gss_pname_to_uid Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25086 dc483132-0cff-0310-8789-dd5450dbe970
* Add 'const' to fix mismatched parameter warningsSam Hartman2011-08-092-2/+2
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25085 dc483132-0cff-0310-8789-dd5450dbe970
* Compile fix for WIN32 implementation of k5_get_os_entropy: declare ↵Sam Hartman2011-08-091-1/+1
| | | | | | | | | HCRYPTPROV provider Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25084 dc483132-0cff-0310-8789-dd5450dbe970
* Updated OBJS and SRCS in lib/crypto/krb/Makefile.inSam Hartman2011-08-091-2/+17
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25083 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed typo in des OBJS: des_keys.c. -> des_keysSam Hartman2011-08-091-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25081 dc483132-0cff-0310-8789-dd5450dbe970
* Fix name of krb5_init_context_profile in krb5_32.defGreg Hudson2011-08-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25079 dc483132-0cff-0310-8789-dd5450dbe970
* Use portable path functions when loading pluginsGreg Hudson2011-08-071-30/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25075 dc483132-0cff-0310-8789-dd5450dbe970
* Legacy checksum APIs usually failGreg Hudson2011-07-261-9/+35
| | | | | | | | | | | | | krb5_calculate_checksum() and krb5_verify_checksum(), both deprecated, construct invalid keyblocks and pass them to the real functions, which used to work but now doesn't. Try harder to construct valid keyblocks or pass NULL if there's no key. ticket: 6939 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25059 dc483132-0cff-0310-8789-dd5450dbe970
* Define KRB5_TL_DB_ARGS unconditionally in kdb.hGreg Hudson2011-07-261-5/+0
| | | | | | | | | Due to an apparent merge bug, KRB5_TL_DB_ARGS was defined in a SECURID conditional block, and several source files worked around the problem by defining the constant themselves or defining SECURID. Move the definition and remove the workarounds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25055 dc483132-0cff-0310-8789-dd5450dbe970
* For GCC compiles, use an attribute to suppress the variable set butEzra Peisach2011-07-264-22/+34
| | | | | | | | | not used warnings. Due to the nested macros, it would get very ugly to try and remove the variables. Removes ~75 warnings from the build. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25054 dc483132-0cff-0310-8789-dd5450dbe970
* Remove t_vfyincreds on make cleanEzra Peisach2011-07-261-2/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25053 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 00:30:12 +0000