summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove krb4 code in libkrb5Greg Hudson2008-12-156-526/+4
| | | | | | | ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21452 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed memory leak in krb5_stdccv3_removeZhanna Tsitkov2008-12-131-1/+5
| | | | | | Ticket: 6299 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21362 dc483132-0cff-0310-8789-dd5450dbe970
* Release default credentials before exiting krb5_gss_init_sec_context routineZhanna Tsitkov2008-12-091-1/+3
| | | | | | Ticket: 6294 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21298 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some lingering Saber C cruftGreg Hudson2008-12-051-4/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21293 dc483132-0cff-0310-8789-dd5450dbe970
* When storing info into cred cache, remove any dups. Zhanna Tsitkov2008-12-051-4/+9
| | | | | | Ticket: 6291 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21292 dc483132-0cff-0310-8789-dd5450dbe970
* Merge in fix from ms-krb-integ branch to avoid modifying input data on ↵Sam Hartman2008-12-051-4/+15
| | | | | | | | | aead_decrypt_compat ticket: 6274 Status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21287 dc483132-0cff-0310-8789-dd5450dbe970
* Fix from Marcus Watts for glob-to-regexp conversion bug.Ken Raeburn2008-12-041-1/+2
| | | | | | | | Tweaked test case to exercise the bug. ticket: 5667 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970
* Cleanup warningsSam Hartman2008-12-044-19/+19
| | | | | | | ticket: 6274 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21280 dc483132-0cff-0310-8789-dd5450dbe970
* Merge R21122 from mskrb-integSam Hartman2008-12-046-60/+60
| | | | | | | | | Namespace cleanup ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21279 dc483132-0cff-0310-8789-dd5450dbe970
* Merge r21120 from mskrb-integSam Hartman2008-12-046-39/+210
| | | | | | | | | | | | Refactor code such that an AEAD provider does not need to implement the older, non-IOV SPIs. Instead, the older APIs will implement their behaviour on top of the AEAD SPIs, using the wrapper functions in aead.c. ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21278 dc483132-0cff-0310-8789-dd5450dbe970
* make dependSam Hartman2008-12-027-18/+119
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21266 dc483132-0cff-0310-8789-dd5450dbe970
* Crypto IOV API per Projects/AEAD encryption APISam Hartman2008-12-0233-50/+2561
| | | | | | | | | | | | | | Merge in the mskrb-crypto-iov branch at r21259 in order to move an implementation of http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the trunk. This branch contains a subset of the commits on the mskrb-integ branch that implement the krb5 library part of the crypto IOV API. ticket: new Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21263 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded LEAN_CLIENT #define'sZhanna Tsitkov2008-12-021-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21261 dc483132-0cff-0310-8789-dd5450dbe970
* add k5-platform.h for asprintfTom Yu2008-12-021-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21260 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-018-16/+13
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* make dependEzra Peisach2008-12-011-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21206 dc483132-0cff-0310-8789-dd5450dbe970
* Move cc_mutex code from k5-int.h - where it is globally available to cc-int.hEzra Peisach2008-12-012-1/+31
| | | | | | | where it is declared and used. The functions are not exported by the library - nor are they used outside lib/krb5/ccache... For cc_file.h - include cc-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21205 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify memory management a bit in places, by allocating and freeingKen Raeburn2008-11-241-139/+107
| | | | | | | | | | | separately, instead of reallocating arrays of pointers to themselves be reallocated. Do a better job of initializing arrays of which we only use a variable-sized part. Use a temp var instead of lots of long macro invocations. Fix some overrun-by-one errors in buffer copying. Clean up some possible leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21182 dc483132-0cff-0310-8789-dd5450dbe970
* Use profile_free_list as appropriate. Fix memory leaksKen Raeburn2008-11-241-20/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak caught by valgrindKen Raeburn2008-11-241-23/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory management bugKen Raeburn2008-11-171-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21133 dc483132-0cff-0310-8789-dd5450dbe970
* Lite Client - the following calls are server-side functions:Zhanna Tsitkov2008-11-176-4/+18
| | | | | | | | | | decode_krb5_authenticator, krb5_auth_con_getauthenticator, krb5_copy_authenticator, krb5_ser_authenticator_init Take them out for the Lite CLient. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21129 dc483132-0cff-0310-8789-dd5450dbe970
* PERF: Introduced a new function krb5_is_permitted_enctype_ext to replace ↵Zhanna Tsitkov2008-11-172-4/+75
| | | | | | multiple calls to krb5_is_permitted_enctype git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21128 dc483132-0cff-0310-8789-dd5450dbe970
* In pa_sam(), free the outer krb5_data structure returned byGreg Hudson2008-11-101-0/+2
| | | | | | | | encode_krb5_sam_response. ticket: 6211 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21063 dc483132-0cff-0310-8789-dd5450dbe970
* Properly free sam_challenge in pa_sam()Greg Hudson2008-11-101-8/+8
| | | | | | ticket: 6210 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21062 dc483132-0cff-0310-8789-dd5450dbe970
* Only look for IPv4 addresses for the kpasswd server. This is just aKen Raeburn2008-11-051-2/+3
| | | | | | | | | | workaround for other parts of the code failing to cope with IPv6 addresses, and won't work in an IPv6-only environment; the problem should still be fixed for real. ticket: 5595 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21004 dc483132-0cff-0310-8789-dd5450dbe970
* Rename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be usedGreg Hudson2008-11-059-10/+10
| | | | | | | | | | | for binary data as well as C string data. The buffer will always have a null byte at krb5int_buf_len bytes regardless of whether it contains C string data. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21003 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of strcpy/strcat (and sometimes sprintf) to acceptedGreg Hudson2008-11-053-27/+24
| | | | | | | | | string-handling functions. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
* Check in Nalin's patch, and a test case for changing passwords via kinitKen Raeburn2008-11-042-1/+10
| | | | | | | | when +needchange is set. Update dependencies. ticket: 5867 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20966 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-0435-2361/+2508
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* Apply Apple patch to null out key->contents after freeing on failure,Greg Hudson2008-11-031-0/+2
| | | | | | | | eliminating the possibility that the pointer will be used after free. ticket: 6247 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970
* Fix conditionals from last changeKen Raeburn2008-11-032-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20960 dc483132-0cff-0310-8789-dd5450dbe970
* Apply a patch from Apple to correct a few memory leaksGreg Hudson2008-11-031-2/+9
| | | | | | ticket: 6201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20958 dc483132-0cff-0310-8789-dd5450dbe970
* If we're not making asn1buf_insert_octet an inline function, then makeKen Raeburn2008-11-034-29/+20
| | | | | | | | | | | | asn1buf_size, asn1buf_ensure_space, and asn1buf_expand static in asn1buf.c, for better optimization. Recode asn1buf_ensure_space to directly return the result of asn1buf_expand. Don't check for NULL before malloc/realloc in asn1buf_expand. Fix a couple minor signedness warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20957 dc483132-0cff-0310-8789-dd5450dbe970
* Use the k5buf module instead of strcpy/strcat in several placesGreg Hudson2008-10-308-181/+82
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20941 dc483132-0cff-0310-8789-dd5450dbe970
* Only prompt automatically from GUI appsAlexandra Ellwood2008-10-292-6/+27
| | | | | | | | | | Direct callers such as kinit need command line prompts. Do not automatically prompt (via krb5 or gssapi calls) unless the caller has loaded GUI libraries. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20937 dc483132-0cff-0310-8789-dd5450dbe970
* partial rewrite of the ASN.1 encodersKen Raeburn2008-10-2514-2195/+2327
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of a pile of macros generating code, that have to be threaded together in just the right way to get a valid ASN.1 encoding, we now have a pile of macros for defining data structures describing the objects and the ASN.1 types they should be encoded as, which structures are interpreted by recursive invocations of an encoder engine; there should be somewhat less rope for accidentally creating invalid encodings. The new macros are commented in asn1_k_encode.c. Putting most of the work into the encoder engine also reduces the code size (in one configuration, including LDAP-KDB and PKINIT encoders, code size went from 37K to <16K, though 10K of tables were added, and the PKINIT encoders are still open-coded). Some encoder interfaces have been revised to be more regular -- all now take one pointer to const argument (no two-input encoders, no pointer-to-non-const-pointer-to-const). A few encoders were eliminated or disabled because they were neither used nor exported from the library. The LDAP-KDB encoder has been converted, but the PKINIT encoders have not as there are no regression tests for them currently. There is still plenty of room for improvement; some notes on specific ideas have been added. String encoding primitives have been combined to reduce code size. A primitive for encoding bit strings has been added. Some miscellaneous warnings in the decoders have been cleaned up. A new dejagnu test case is added that ensures that KRB-SAFE messages get exercised. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20923 dc483132-0cff-0310-8789-dd5450dbe970
* More regression tests for ASN.1 encodersKen Raeburn2008-10-251-0/+3
| | | | | | | | | Export encode_krb5_sam_response_2 and encode_krb5_enc_sam_response_enc_2 via accessor. Add encode tests for encode_krb5_sam_key, _enc_sam_response_enc, _predicted_sam_response, _sam_response_2, _enc_sam_response_enc_2. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20922 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_build_principal_ext walks off beginning of arrayAlexandra Ellwood2008-10-241-1/+1
| | | | | | | | | | | On error, krb5_build_principal_ext walks off the beginning of the array by using i-- in a conditional when it should be using --i (so that it actually compares the value of i that will be used below). ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20920 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-2414-46/+33
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_build_principal_va does not allocate krb5_principalAlexandra Ellwood2008-10-242-64/+140
| | | | | | | | | | | | | | | | | krb5_build_principal_va does not allocate the outer krb5_principal, making it useless for generating krb5_principals which can be freed with krb5_free_principal. Added krb5_build_principal_alloc_va which allocates the krb5_principal. Added krb5int_build_principal_alloc_va which is used by KIM to avoid code duplication. KIM's kim_identity_create_from_components takes the first component as an argument because principals with no components cannot be represented with the KIM UI. Modified KIM to use this new API. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20918 dc483132-0cff-0310-8789-dd5450dbe970
* Use snprintf instead of strcpy/strcat in many placesGreg Hudson2008-10-237-57/+20
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970
* Fix previous commit by adding "extern" to header declarations forTom Yu2008-10-221-2/+2
| | | | | | | | | | SPNEGO mechanism OID stuff. It was causing tentative definition issues on the Mac. (where there are constraints about common-block symbols) ticket: 6015 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20910 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_change_set_password should free chpw_rep contentsAlexandra Ellwood2008-10-211-0/+2
| | | | | | ticket: 6214 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20902 dc483132-0cff-0310-8789-dd5450dbe970
* Use asprintf instead of malloc/strcpy/strcat in many placesGreg Hudson2008-10-202-18/+3
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20901 dc483132-0cff-0310-8789-dd5450dbe970
* Apply adapted patch from http://bugs.debian.org/480434 to recurse intoTom Yu2008-10-201-0/+13
| | | | | | | | SPNEGO creds when attempting to retrieve a mechanism cred. ticket: 5807 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20900 dc483132-0cff-0310-8789-dd5450dbe970
* Apply (adapted) patch from Apple to check for SPNEGO mechanism inTom Yu2008-10-203-19/+48
| | | | | | | | export_lucid_sec_ctx. ticket: 6015 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20899 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-2025-91/+35
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-platform.h for SIZE_MAXEzra Peisach2008-10-191-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20897 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_def_store_mkey(), mktemp was being invoked with a string WRFILE:....Ezra Peisach2008-10-191-9/+8
| | | | | | | | | | | | | | This returns an error - as it actually tries to open the file. Move some of the logic that points to the actual filename earlier - so mktemp works on the .... portion. Note that the netbsd linker gives a warning on using mktemp as it may be insecure - but there is no obvious way to avoid it. ticket: new subhect: netbsd mktemp actually tries to open file git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20896 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 01:57:26 +0000