summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* When storing info into cred cache, remove any dups. Zhanna Tsitkov2008-12-051-4/+9
| | | | | | Ticket: 6291 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21292 dc483132-0cff-0310-8789-dd5450dbe970
* Merge in fix from ms-krb-integ branch to avoid modifying input data on ↵Sam Hartman2008-12-051-4/+15
| | | | | | | | | aead_decrypt_compat ticket: 6274 Status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21287 dc483132-0cff-0310-8789-dd5450dbe970
* Fix from Marcus Watts for glob-to-regexp conversion bug.Ken Raeburn2008-12-041-1/+2
| | | | | | | | Tweaked test case to exercise the bug. ticket: 5667 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970
* Cleanup warningsSam Hartman2008-12-044-19/+19
| | | | | | | ticket: 6274 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21280 dc483132-0cff-0310-8789-dd5450dbe970
* Merge R21122 from mskrb-integSam Hartman2008-12-046-60/+60
| | | | | | | | | Namespace cleanup ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21279 dc483132-0cff-0310-8789-dd5450dbe970
* Merge r21120 from mskrb-integSam Hartman2008-12-046-39/+210
| | | | | | | | | | | | Refactor code such that an AEAD provider does not need to implement the older, non-IOV SPIs. Instead, the older APIs will implement their behaviour on top of the AEAD SPIs, using the wrapper functions in aead.c. ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21278 dc483132-0cff-0310-8789-dd5450dbe970
* make dependSam Hartman2008-12-027-18/+119
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21266 dc483132-0cff-0310-8789-dd5450dbe970
* Crypto IOV API per Projects/AEAD encryption APISam Hartman2008-12-0233-50/+2561
| | | | | | | | | | | | | | Merge in the mskrb-crypto-iov branch at r21259 in order to move an implementation of http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the trunk. This branch contains a subset of the commits on the mskrb-integ branch that implement the krb5 library part of the crypto IOV API. ticket: new Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21263 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded LEAN_CLIENT #define'sZhanna Tsitkov2008-12-021-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21261 dc483132-0cff-0310-8789-dd5450dbe970
* add k5-platform.h for asprintfTom Yu2008-12-021-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21260 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-018-16/+13
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* make dependEzra Peisach2008-12-011-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21206 dc483132-0cff-0310-8789-dd5450dbe970
* Move cc_mutex code from k5-int.h - where it is globally available to cc-int.hEzra Peisach2008-12-012-1/+31
| | | | | | | where it is declared and used. The functions are not exported by the library - nor are they used outside lib/krb5/ccache... For cc_file.h - include cc-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21205 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify memory management a bit in places, by allocating and freeingKen Raeburn2008-11-241-139/+107
| | | | | | | | | | | separately, instead of reallocating arrays of pointers to themselves be reallocated. Do a better job of initializing arrays of which we only use a variable-sized part. Use a temp var instead of lots of long macro invocations. Fix some overrun-by-one errors in buffer copying. Clean up some possible leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21182 dc483132-0cff-0310-8789-dd5450dbe970
* Use profile_free_list as appropriate. Fix memory leaksKen Raeburn2008-11-241-20/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak caught by valgrindKen Raeburn2008-11-241-23/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory management bugKen Raeburn2008-11-171-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21133 dc483132-0cff-0310-8789-dd5450dbe970
* Lite Client - the following calls are server-side functions:Zhanna Tsitkov2008-11-176-4/+18
| | | | | | | | | | decode_krb5_authenticator, krb5_auth_con_getauthenticator, krb5_copy_authenticator, krb5_ser_authenticator_init Take them out for the Lite CLient. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21129 dc483132-0cff-0310-8789-dd5450dbe970
* PERF: Introduced a new function krb5_is_permitted_enctype_ext to replace ↵Zhanna Tsitkov2008-11-172-4/+75
| | | | | | multiple calls to krb5_is_permitted_enctype git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21128 dc483132-0cff-0310-8789-dd5450dbe970
* In pa_sam(), free the outer krb5_data structure returned byGreg Hudson2008-11-101-0/+2
| | | | | | | | encode_krb5_sam_response. ticket: 6211 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21063 dc483132-0cff-0310-8789-dd5450dbe970
* Properly free sam_challenge in pa_sam()Greg Hudson2008-11-101-8/+8
| | | | | | ticket: 6210 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21062 dc483132-0cff-0310-8789-dd5450dbe970
* Only look for IPv4 addresses for the kpasswd server. This is just aKen Raeburn2008-11-051-2/+3
| | | | | | | | | | workaround for other parts of the code failing to cope with IPv6 addresses, and won't work in an IPv6-only environment; the problem should still be fixed for real. ticket: 5595 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21004 dc483132-0cff-0310-8789-dd5450dbe970
* Rename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be usedGreg Hudson2008-11-059-10/+10
| | | | | | | | | | | for binary data as well as C string data. The buffer will always have a null byte at krb5int_buf_len bytes regardless of whether it contains C string data. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21003 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of strcpy/strcat (and sometimes sprintf) to acceptedGreg Hudson2008-11-053-27/+24
| | | | | | | | | string-handling functions. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
* Check in Nalin's patch, and a test case for changing passwords via kinitKen Raeburn2008-11-042-1/+10
| | | | | | | | when +needchange is set. Update dependencies. ticket: 5867 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20966 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-0435-2361/+2508
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* Apply Apple patch to null out key->contents after freeing on failure,Greg Hudson2008-11-031-0/+2
| | | | | | | | eliminating the possibility that the pointer will be used after free. ticket: 6247 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970
* Fix conditionals from last changeKen Raeburn2008-11-032-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20960 dc483132-0cff-0310-8789-dd5450dbe970
* Apply a patch from Apple to correct a few memory leaksGreg Hudson2008-11-031-2/+9
| | | | | | ticket: 6201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20958 dc483132-0cff-0310-8789-dd5450dbe970
* If we're not making asn1buf_insert_octet an inline function, then makeKen Raeburn2008-11-034-29/+20
| | | | | | | | | | | | asn1buf_size, asn1buf_ensure_space, and asn1buf_expand static in asn1buf.c, for better optimization. Recode asn1buf_ensure_space to directly return the result of asn1buf_expand. Don't check for NULL before malloc/realloc in asn1buf_expand. Fix a couple minor signedness warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20957 dc483132-0cff-0310-8789-dd5450dbe970
* Use the k5buf module instead of strcpy/strcat in several placesGreg Hudson2008-10-308-181/+82
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20941 dc483132-0cff-0310-8789-dd5450dbe970
* Only prompt automatically from GUI appsAlexandra Ellwood2008-10-292-6/+27
| | | | | | | | | | Direct callers such as kinit need command line prompts. Do not automatically prompt (via krb5 or gssapi calls) unless the caller has loaded GUI libraries. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20937 dc483132-0cff-0310-8789-dd5450dbe970
* partial rewrite of the ASN.1 encodersKen Raeburn2008-10-2514-2195/+2327
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of a pile of macros generating code, that have to be threaded together in just the right way to get a valid ASN.1 encoding, we now have a pile of macros for defining data structures describing the objects and the ASN.1 types they should be encoded as, which structures are interpreted by recursive invocations of an encoder engine; there should be somewhat less rope for accidentally creating invalid encodings. The new macros are commented in asn1_k_encode.c. Putting most of the work into the encoder engine also reduces the code size (in one configuration, including LDAP-KDB and PKINIT encoders, code size went from 37K to <16K, though 10K of tables were added, and the PKINIT encoders are still open-coded). Some encoder interfaces have been revised to be more regular -- all now take one pointer to const argument (no two-input encoders, no pointer-to-non-const-pointer-to-const). A few encoders were eliminated or disabled because they were neither used nor exported from the library. The LDAP-KDB encoder has been converted, but the PKINIT encoders have not as there are no regression tests for them currently. There is still plenty of room for improvement; some notes on specific ideas have been added. String encoding primitives have been combined to reduce code size. A primitive for encoding bit strings has been added. Some miscellaneous warnings in the decoders have been cleaned up. A new dejagnu test case is added that ensures that KRB-SAFE messages get exercised. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20923 dc483132-0cff-0310-8789-dd5450dbe970
* More regression tests for ASN.1 encodersKen Raeburn2008-10-251-0/+3
| | | | | | | | | Export encode_krb5_sam_response_2 and encode_krb5_enc_sam_response_enc_2 via accessor. Add encode tests for encode_krb5_sam_key, _enc_sam_response_enc, _predicted_sam_response, _sam_response_2, _enc_sam_response_enc_2. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20922 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_build_principal_ext walks off beginning of arrayAlexandra Ellwood2008-10-241-1/+1
| | | | | | | | | | | On error, krb5_build_principal_ext walks off the beginning of the array by using i-- in a conditional when it should be using --i (so that it actually compares the value of i that will be used below). ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20920 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-2414-46/+33
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_build_principal_va does not allocate krb5_principalAlexandra Ellwood2008-10-242-64/+140
| | | | | | | | | | | | | | | | | krb5_build_principal_va does not allocate the outer krb5_principal, making it useless for generating krb5_principals which can be freed with krb5_free_principal. Added krb5_build_principal_alloc_va which allocates the krb5_principal. Added krb5int_build_principal_alloc_va which is used by KIM to avoid code duplication. KIM's kim_identity_create_from_components takes the first component as an argument because principals with no components cannot be represented with the KIM UI. Modified KIM to use this new API. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20918 dc483132-0cff-0310-8789-dd5450dbe970
* Use snprintf instead of strcpy/strcat in many placesGreg Hudson2008-10-237-57/+20
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970
* Fix previous commit by adding "extern" to header declarations forTom Yu2008-10-221-2/+2
| | | | | | | | | | SPNEGO mechanism OID stuff. It was causing tentative definition issues on the Mac. (where there are constraints about common-block symbols) ticket: 6015 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20910 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_change_set_password should free chpw_rep contentsAlexandra Ellwood2008-10-211-0/+2
| | | | | | ticket: 6214 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20902 dc483132-0cff-0310-8789-dd5450dbe970
* Use asprintf instead of malloc/strcpy/strcat in many placesGreg Hudson2008-10-202-18/+3
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20901 dc483132-0cff-0310-8789-dd5450dbe970
* Apply adapted patch from http://bugs.debian.org/480434 to recurse intoTom Yu2008-10-201-0/+13
| | | | | | | | SPNEGO creds when attempting to retrieve a mechanism cred. ticket: 5807 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20900 dc483132-0cff-0310-8789-dd5450dbe970
* Apply (adapted) patch from Apple to check for SPNEGO mechanism inTom Yu2008-10-203-19/+48
| | | | | | | | export_lucid_sec_ctx. ticket: 6015 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20899 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-2025-91/+35
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-platform.h for SIZE_MAXEzra Peisach2008-10-191-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20897 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_def_store_mkey(), mktemp was being invoked with a string WRFILE:....Ezra Peisach2008-10-191-9/+8
| | | | | | | | | | | | | | This returns an error - as it actually tries to open the file. Move some of the logic that points to the actual filename earlier - so mktemp works on the .... portion. Note that the netbsd linker gives a warning on using mktemp as it may be insecure - but there is no obvious way to avoid it. ticket: new subhect: netbsd mktemp actually tries to open file git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20896 dc483132-0cff-0310-8789-dd5450dbe970
* Adapted patch from Apple to work around SAMBA mech OID quirks and toTom Yu2008-10-171-39/+37
| | | | | | | | disable sending request flags. ticket: 6016 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20893 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify. Normalize whitespace. Reindent. Fix some of the mostTom Yu2008-10-1566-8076/+8163
| | | | | | | egregious formatting quirks. Add emacs mode settings to flag untabified source files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20876 dc483132-0cff-0310-8789-dd5450dbe970
* handle stash file names with missing keytab type spec and colon in pathKen Raeburn2008-10-151-0/+5
| | | | | | | | | | | | | | | | | | | | Currently the keytab name resolution code will pass off any name with no colon to the default keytab type handler, which is the FILE handler. It will also check for Windows file names consisting of one letter followed by a colon, and treat them as FILE specs also. If a UNIX pathname contains a colon, however, and no type was explicitly specified, the leading part of the pathname gets treated as a type name and fails to match anything. It should instead treat type-less names starting with "/" as FILE specs also. Tweak the test suite to use such a name. Report and patch from Apple. rdar://problem/6179239 ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20872 dc483132-0cff-0310-8789-dd5450dbe970
* Change LDAP key-sequence encoder to use a single data structureKen Raeburn2008-10-061-7/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20829 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-03 05:47:58 +0000