krb5.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	stop exporting a few symbols internal to aes implementation	Ken Raeburn	2008-07-03	1	-5/+0
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20497 dc483132-0cff-0310-8789-dd5450dbe970
*	Added type checking for 64-bit platforms	Alexandra Ellwood	2008-07-01	1	-7/+10
\| \| \| \| \| \|	ticket: 6001 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20495 dc483132-0cff-0310-8789-dd5450dbe970
*	krb5_get_error_message returns const char *	Alexandra Ellwood	2008-07-01	1	-2/+2
\| \| \| \| \| \| \| \|	Changed temporary variables to use const char * ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20494 dc483132-0cff-0310-8789-dd5450dbe970
*	memcpy(NULL, ptr, 0) is invalid, so don't do it	Ken Raeburn	2008-06-30	1	-1/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20492 dc483132-0cff-0310-8789-dd5450dbe970
*	make depend	Ken Raeburn	2008-06-30	1	-1/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20491 dc483132-0cff-0310-8789-dd5450dbe970
*	Big endian stash file support	Alexandra Ellwood	2008-06-27	1	-2/+18
\| \| \| \| \| \| \| \| \| \|	Added support for stash files with a consistent endianness (big endian) so that one can migrate a KDC from a machine with one endianess to a machine with the other endianess. Used by Kerberos for Macintosh. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20489 dc483132-0cff-0310-8789-dd5450dbe970
*	misc uninitialized-storage accesses	Ken Raeburn	2008-06-27	1	-0/+1
\| \| \| \| \| \| \| \| \|	Fix some miscellaneous uninitialized-storage uses, mainly in unlikely error paths. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20487 dc483132-0cff-0310-8789-dd5450dbe970
*	use-after-free bugs	Ken Raeburn	2008-06-27	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \|	Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485 dc483132-0cff-0310-8789-dd5450dbe970
*	When returning an error, don't also pass back an invalid pointer	Ken Raeburn	2008-06-27	1	-1/+3
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20484 dc483132-0cff-0310-8789-dd5450dbe970
*	call kg_delete_lucidctx_id before freeing, not after	Ken Raeburn	2008-06-27	1	-1/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20483 dc483132-0cff-0310-8789-dd5450dbe970
*	Memory leak, and possible freed-memory dereference, in an error (small	Ken Raeburn	2008-06-27	1	-1/+1
\| \| \| \| \| \| \| \|	allocation failure) path. ticket: 5997 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20482 dc483132-0cff-0310-8789-dd5450dbe970
*	misc memory leaks	Ken Raeburn	2008-06-27	7	-12/+25
\| \| \| \| \| \| \| \| \| \| \| \|	Fix various memory leaks that show up mostly in error cases (e.g., failure to allocate one small object, and then we forget to free another one). ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20481 dc483132-0cff-0310-8789-dd5450dbe970
*	fix free of automatic storage	Ken Raeburn	2008-06-27	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \|	Fix a possible free of automatic storage that can happen on an (unlikely) encoding failure. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20480 dc483132-0cff-0310-8789-dd5450dbe970
*	Don't do FD_SETSIZE check on Windows.	Ken Raeburn	2008-06-27	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \|	Also, for form's sake, use closesocket instead of close inside the check. Kevin or Jeff, could you please verify that the code works again? ticket: 5925 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20479 dc483132-0cff-0310-8789-dd5450dbe970
*	Fix off-by-one error in range check on file descriptor number	Ken Raeburn	2008-06-27	1	-1/+1
\| \| \| \| \| \| \|	ticket: new target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20478 dc483132-0cff-0310-8789-dd5450dbe970
*	Fix possible null pointer deref, possible uninit ptr use, possible	Ken Raeburn	2008-06-27	1	-6/+13
\| \| \| \| \| \| \| \| \|	leak in unlikely small-allocation failure case. ticket: new target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20477 dc483132-0cff-0310-8789-dd5450dbe970
*	Apple PKINIT LKDC support	Alexandra Ellwood	2008-06-26	2	-20/+86
\| \| \| \| \| \| \|	ticket: 5968 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20476 dc483132-0cff-0310-8789-dd5450dbe970
*	Rolled back patch because tickets 4495 and 5124 fix this bug	Alexandra Ellwood	2008-06-25	1	-4/+1
\| \| \| \| \| \| \| \|	in a different way. ticket: 5991 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20474 dc483132-0cff-0310-8789-dd5450dbe970
*	krb5_do_preauth_tryagain should check for NULL padata	Alexandra Ellwood	2008-06-25	1	-1/+4
\| \| \| \| \| \| \| \| \| \|	Fixed so krb5_do_preauth_tryagain no longer crashes on NULL padata but instead returns an error. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20473 dc483132-0cff-0310-8789-dd5450dbe970
*	kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvno	Alexandra Ellwood	2008-06-25	1	-0/+2
\| \| \| \| \| \| \| \| \|	Added lines to copy these fields. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20472 dc483132-0cff-0310-8789-dd5450dbe970
*	Bump minor version number. Update dependencies	Ken Raeburn	2008-06-25	1	-1/+4
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20470 dc483132-0cff-0310-8789-dd5450dbe970
*	Pull in xdr_sizeof from tirpc2.3 (which has the same license as our current ↵	Ken Raeburn	2008-06-25	3	-0/+167
\| \| \| \| \| \|	rpc code) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20468 dc483132-0cff-0310-8789-dd5450dbe970
*	Include kdb_log.h for missing prototypes. Declare conv_princ_2db &	Ezra Peisach	2008-06-24	1	-2/+3
\| \| \| \| \| \|	conv_princ_2ulog as static as they are not exported or used outside this file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20466 dc483132-0cff-0310-8789-dd5450dbe970
*	Merge from branch sun-iprop	Ken Raeburn	2008-06-24	19	-73/+3004
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970
*	Remove test115 for 'bad client params', no longer appropriate	Ken Raeburn	2008-06-19	1	-104/+0
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20429 dc483132-0cff-0310-8789-dd5450dbe970
*	This patch is derived from a patch originally submitted to RT	Jeffrey Altman	2008-06-18	2	-2/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	by: Nik Conwell <nik@bu.edu> krb5_set_real_time() accepts as input the time of the KDC or an application server as a combination of seconds and microseconds. Often it is the case that the time source does not provide the real time with less than one second granularity. Up until this patch such a caller would fill in the microseconds parameter as zero. krb5_set_real_time() would treat the zero microseconds as the actual reported time and compute a microsecond based offset. During a one second window subsequent calls to krb5_set_real_time() would have an ever increasing offset size until the number of seconds is incremented. This in turn produces a side effect in which the microseconds value of the local clock is effectively erased. If there are multiple processes or threads on the same machine each requesting service tickets using the same client principal for the same service principal where the number of seconds reported by the KDC are equivalent, then they will now all create authenticators with exactly the same timestamp. As a result, the authenticating service will detect a replay attack even though the authenticators are actually unique. The replay cache only maintains a tuple of client, server and timestamp. This patch modifies the interpretation of the microseconds parameter. If -1 is specified, the microseconds offset is ignored. ticket: 5924 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20413 dc483132-0cff-0310-8789-dd5450dbe970
*	Disable check for invalid client-side admin config parameters in the	Ken Raeburn	2008-06-18	1	-1/+5
\| \| \| \| \| \| \|	config file. Since KDC configuration parameters can now be put in krb5.conf, this doesn't make sense any more. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20411 dc483132-0cff-0310-8789-dd5450dbe970
*	Factor out repeated code for looking up string, port, or deltat config params	Ken Raeburn	2008-06-11	1	-150/+144
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20395 dc483132-0cff-0310-8789-dd5450dbe970
*	Don't use private copy of syslog.h. Rebuild dependencies	Ken Raeburn	2008-06-10	4	-12/+7
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
*	Warn against new uses of kadm5_config_params.dbname field	Ken Raeburn	2008-06-10	1	-0/+4
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20384 dc483132-0cff-0310-8789-dd5450dbe970
*	Get rid of handling of set-but-unused kadm5_config_params.admin_dbname	Ken Raeburn	2008-06-10	3	-14/+3
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20383 dc483132-0cff-0310-8789-dd5450dbe970
*	Get rid of handling of set-but-unused kadm5_config_params.admin_lockfile	Ken Raeburn	2008-06-10	3	-11/+8
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20381 dc483132-0cff-0310-8789-dd5450dbe970
*	Don't check for NULL before calling free or krb5_xfree	Ken Raeburn	2008-06-09	1	-43/+21
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20379 dc483132-0cff-0310-8789-dd5450dbe970
*	Report file name in detailed cache creation error	Ken Raeburn	2008-06-08	1	-2/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20371 dc483132-0cff-0310-8789-dd5450dbe970
*	Do hash stuff with unsigned math	Ken Raeburn	2008-06-08	1	-8/+9
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20370 dc483132-0cff-0310-8789-dd5450dbe970
*	On Mac OS X, try poking launchd to get the portmapper launched before	Ken Raeburn	2008-06-06	1	-3/+55
\| \| \| \| \| \|	we try to connect to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20364 dc483132-0cff-0310-8789-dd5450dbe970
*	Check for GSS_C_NO_CREDENTIAL before loop check	Ken Raeburn	2008-06-06	1	-3/+3
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20363 dc483132-0cff-0310-8789-dd5450dbe970
*	Fix a few incompatible-pointer warnings that aren't just about signedness	Ken Raeburn	2008-06-02	5	-13/+17
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20351 dc483132-0cff-0310-8789-dd5450dbe970
*	Change krb5_context.db_context to point to the real structure type,	Ken Raeburn	2008-06-02	4	-82/+81
\| \| \| \| \| \| \| \|	and change uses to not cast all the time. Also rename it from db_context to dal_handle, since one of the fields in the pointed-to structure is also called db_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20348 dc483132-0cff-0310-8789-dd5450dbe970
*	Add header for kill() in USE_PASSWORD_SERVER case	Alexandra Ellwood	2008-05-30	1	-0/+2
\| \| \| \| \| \|	ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20347 dc483132-0cff-0310-8789-dd5450dbe970
*	Apple PKINIT patch commit	Alexandra Ellwood	2008-05-30	8	-4/+3189
\| \| \| \| \| \| \| \| \| \| \| \| \|	Commit of Apple PKINIT patches under "APPLE_PKINIT" preprocessor symbol. Long term goal is to merge these patches with the pkinit preauth plugin which does not currently have support for Mac OS X crypto libraries or the exported functions used by Back To My Mac. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20346 dc483132-0cff-0310-8789-dd5450dbe970
*	Minor spelling & comment formatting	Ken Raeburn	2008-05-16	1	-13/+19
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20322 dc483132-0cff-0310-8789-dd5450dbe970
*	Move auto var to outer scope, because its storage is used beyond the inner scope	Ken Raeburn	2008-05-15	1	-1/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20320 dc483132-0cff-0310-8789-dd5450dbe970
*	Don't test error code when it's known to be 0	Ken Raeburn	2008-05-15	1	-3/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20319 dc483132-0cff-0310-8789-dd5450dbe970
*	Fix minor bug in kg_save_name failure cleanup code	Ken Raeburn	2008-05-15	1	-1/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20318 dc483132-0cff-0310-8789-dd5450dbe970
*	Free context after use, not before	Ken Raeburn	2008-05-15	1	-2/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20317 dc483132-0cff-0310-8789-dd5450dbe970
*	(more) After malloc/realloc/calloc/strdup/asprintf failures, use	Ken Raeburn	2008-04-30	7	-12/+12
\| \| \| \| \| \| \| \|	ENOMEM explicitly instead of reading it from errno. This may make static analysis tools less confused about when we return zero vs nonzero values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20313 dc483132-0cff-0310-8789-dd5450dbe970
*	After malloc/realloc/calloc failures, return ENOMEM explicitly instead	Ken Raeburn	2008-04-30	10	-21/+21
\| \| \| \| \| \| \|	of reading it from errno. This may make static analysis tools less confused about when we return zero vs nonzero values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20312 dc483132-0cff-0310-8789-dd5450dbe970
*	Left-shifting all the way in signed math is undefined, use unsigned	Ken Raeburn	2008-04-25	1	-1/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20310 dc483132-0cff-0310-8789-dd5450dbe970
*	Multiple assignments without sequence points invoke undefined	Ken Raeburn	2008-04-25	1	-6/+12
\| \| \| \| \| \| \|	behavior, even if the assignments all compute and store the same value. Don't put an assignment in the argument to macro ff(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20309 dc483132-0cff-0310-8789-dd5450dbe970