summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Merge more KfM krb4 thingsTom Yu2002-11-2717-316/+1658
| | | | | | | | | | | | | | | | | | Implement *_in_tkt_creds, mk_req_creds, and rd_req_int functions. Implement KfM krb4 kadm password changing, mostly by pulling in the client side of the kadm library into the krb4 library. Do some more header file cleanup of des.h and krb.h. Remove some ancient krb4 dead weight. Some Mac-specific functionality still needs to be merged. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15014 dc483132-0cff-0310-8789-dd5450dbe970
* Remove references to kadm_err.et for now, since the requisite changesTom Yu2002-11-192-2/+5
| | | | | | have not yet been committed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15013 dc483132-0cff-0310-8789-dd5450dbe970
* * accept_sec_context.c (krb5_gss_accept_sec_context): Use unsignedEzra Peisach2002-11-158-12/+31
| | | | | | | | | | | | | | | | | | | lengths for arguments to g_token_size and g_make_token_header. * export_name.c (krb5_gss_export_name): Change local length variable to unsigned. * k5unseal.c (kg_unseal_v1): Seqnum variable changed from krb5_int32 to krb5_ui_4. * k5seal.c (make_seal_token_v1): Change seqnum argument to krb5_ui_4 from krb5_int32 to match krb5_gss_ctx_id_rec struct. * gssapiP_krb5.h, util_crypt.c, util_seqnum.c: kg_make_seq_num(), kg_get_seq_num() changed to use krb5_ui_4 for sequence numbers. kg_encrypt(), kg_decrypt() length argument now unsigned. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15007 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h, util_token.c: Change g_make_token_header andEzra Peisach2002-11-153-5/+12
| | | | | | g_verfy_token_header to take an unsigned length in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15006 dc483132-0cff-0310-8789-dd5450dbe970
* Better cleanup; reduce filename conflictKen Raeburn2002-11-153-14/+22
| | | | | | | | | | | | * Makefile.in (unit-test-ok): Depend only on unit-test-body. (unit-test-body): Remove krb5cc_rpc_test_* on entry and on successful exit. On error exit, let the trap handler do all the cleanup. Incorporate old unit-test-setup commands. (unit-test-setup, unit-test-cleanup): Targets deleted. * lib/helpers.exp (start_client, wait_client): Set KRB5CCNAME to something in the current directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15002 dc483132-0cff-0310-8789-dd5450dbe970
* * changepw.c: Remove reference to adm_err.hTom Yu2002-11-144-3/+5
| | | | | | Update dependencies as well. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15001 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Remove references to adm_err.et. It's not used,Tom Yu2002-11-143-194/+10
| | | | | | and conflicts with the krb4 kadm error table. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14999 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (krb5_get_in_tkt): Do not pass NULL when anEzra Peisach2002-11-142-1/+6
| | | | | | integer 0 is intended to send_as_request(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14998 dc483132-0cff-0310-8789-dd5450dbe970
* Wrong size for memset()s in combine_keys()Ken Hornstein2002-11-141-3/+3
| | | | | | | | | The wrong size was used in the final memset()'s of various combine_key temporary variables. Pointed out by Ken Renard. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14997 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (t_locate_kdc): Use normal CC_LINK rule for linking test programKen Raeburn2002-11-132-2/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14994 dc483132-0cff-0310-8789-dd5450dbe970
* * get_myaddress.c (get_myaddress): Local array buf size should be counted inKen Raeburn2002-11-112-1/+6
| | | | | | ifreq structs, not ifconf structs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14992 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (unit-test-body): Set RPC_TEST_SRVTAB based on process-id. SetKen Raeburn2002-11-112-3/+14
| | | | | | | trap handler to delete it before returning an exit status. (unit-test-cleanup): Don't delete files here. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14991 dc483132-0cff-0310-8789-dd5450dbe970
* rpc unit tests can fail due to race conditionTom Yu2002-11-072-0/+9
| | | | | | | | | | | | | | | | | | The rpc unit tests can fail in fullrun.exp due to a failure to drain output from the server in expire.exp. This commit works around the problem by calling flush_server, but a real synchronization method should probably be implemented, perhaps by having the server log when a client disconnects. * rpc_test.0/expire.exp (overlap): Add another call to flush_server to make a race condition a little less likely. There really should be better synchronization, as this test suite is just full of race conditions waiting to happen. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14979 dc483132-0cff-0310-8789-dd5450dbe970
* Thanks, patch appliedTom Yu2002-11-072-1/+8
| | | | | | | | | | | | * svr_principal.c (kadm5_setkey_principal_3): Apply patch from Emily Ratliff to allow n_ks_tuple to be zero, which is the case if being called from kadmind answering a client's setkey_principal request. ticket: 1008 target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14978 dc483132-0cff-0310-8789-dd5450dbe970
* * conv_princ.c (strnchr): Make length argument unsigned intEzra Peisach2002-11-073-9/+18
| | | | | | | * preauth2.c: Add parentheses around assignment used as truth value. Cleanup unused variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14976 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_k_encode.c (asn1_encode_sam_challenge_2): Test for errorEzra Peisach2002-11-073-6/+24
| | | | | | | | | | | | returned from asn1buf_insert_oxtetstring and cleanup strctures properly. * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Change sequence_of/end_sequence_of to use sequence_of_no_tagvars/end_sequence_of_no_tagravs to avoid shadowing variables. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14975 dc483132-0cff-0310-8789-dd5450dbe970
* For sam_challenge do not encode optional strings if string not present.Ezra Peisach2002-11-072-1/+6
| | | | | | | | Previously, a string of length zero was transmitted. ticket: 1224 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14974 dc483132-0cff-0310-8789-dd5450dbe970
* This commit fixes up the in-tree callers of krb5_read_password() andTom Yu2002-11-062-2/+7
| | | | | | | | | | des_read_password(). We should perhaps tighten up the test suite now. ticket: 1217 status: open target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14972 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_encode.h (asn1_encode_oid):Tom Yu2002-11-055-0/+48
| | | | | | | | | | | | | * asn1_encode.c (asn1_encode_oid): New function. * asn1_decode.h (asn1_decode_oid): * asn1_decode.c (asn1_decode_oid): New function. ticket: 1223 target_version: 1.3 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14971 dc483132-0cff-0310-8789-dd5450dbe970
* Calling convention for krb5int_c_combine_keys does not match prototypeKen Hornstein2002-11-032-1/+6
| | | | | | | | | | The Windows calling convention for krb5int_c_combine_keys does not match the prototype in k5-int.h. I missed this during the initial commit since I neglected to test out the build of this code on Windows. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14962 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (check-unix): Don't run t_pkcs5Ken Raeburn2002-10-312-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14956 dc483132-0cff-0310-8789-dd5450dbe970
* * xdr_alloc.c (xdralloc_putlong): Coerce value pointed to by argument to 32Ken Raeburn2002-10-312-2/+9
| | | | | | bits, rather than reading only 32 bits from the supplied address. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14954 dc483132-0cff-0310-8789-dd5450dbe970
* * k5-int.h (krb5_ser_handle): Now points to const.Ken Raeburn2002-10-314-17/+26
| | | | | | | | | | | | | | | (krb5_kt_dfl_ops): Now const. (struct _krb5_kt_ops): Field serializer now points to const krb5_ser_entry instead of void. * krb5.hin (struct _krb5_kt): Field ops now points to const. * kt_file.c (krb5_ktf_ops, krb5_ktf_writable_ops): Now const. Drop cast of serializer entry initializer. (fopen_mode_rbplus, fopen_mode_rb): Now const. * kt_srvtab.c (krb5_kts_ops): Now const. * ktbase.c (krb5_ktf_ops, krb5_kts_ops): Update declarations. (struct krb5_kt_typelist): Field ops now points to const. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14953 dc483132-0cff-0310-8789-dd5450dbe970
* ticket: newSam Hartman2002-10-311-1/+1
| | | | | | | | | | owner: tlyu status: open Fix typo in debugging printf introduced in null handling git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14951 dc483132-0cff-0310-8789-dd5450dbe970
* * chk_trans.c (krb5_check_transited_list): Style nit: checkTom Yu2002-10-302-3/+8
| | | | | | character against '\0' not NULL. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14949 dc483132-0cff-0310-8789-dd5450dbe970
* ticket: 1230Sam Hartman2002-10-302-4/+15
| | | | | | | | | | owner: tlyu status: open Ignore trailing nulls on incoming tr encoding to be compatible with bug in previous versions of krb5 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14946 dc483132-0cff-0310-8789-dd5450dbe970
* Wrong ASN.1 definition and padata type for new hardware preauthKen Hornstein2002-10-302-1/+5
| | | | | | | | | | | | | | | It turned out that early in the development cycle, one of our developers picked the "next" PADATA type in krb5.hin, and we said, "We've got to fix that when we get the real one assigned" ... and we never did. Noticed by Ezra Peisach. Also, the definition for sam-pk-for-sad was changed to OCTET STRING from EncryptionKey in the draft and the code, but we never updated the ASN.1 definition. Also noticed by Ezra Peisach. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14945 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (print_addr) [TEST]: Don't mix size_t and socklen_t, just assumeKen Raeburn2002-10-282-7/+9
| | | | | | | socklen macro will return a socklen_t value. Cast buffer size to socklen_t in getnameinfo call. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14944 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (conf_yes, conf_no): Now const. References updated.Ken Raeburn2002-10-284-11/+19
| | | | | | | | * preauth.c (preauth_systems): Now const. References updated. * preauth2.c (pa_types): Now const. (krb5_do_preauth): Local array paorder now const. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14943 dc483132-0cff-0310-8789-dd5450dbe970
* If we get cannot resolve KDC for master but find a slaveSam Hartman2002-10-282-1/+6
| | | | | | | | return the real error from the slave rather than the resolution error. ticket: 1232 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14941 dc483132-0cff-0310-8789-dd5450dbe970
* Client code lacks support for draft-ietf-krb-wg-kerberos-sam-01.txtKen Hornstein2002-10-2418-7/+1134
| | | | | | | | | | | This widely-spread commit implements support for the so-called "new" hardware preauth protocol, defined in the IETF internet-draft draft-ietf-krb-wg-kerberos-sam-01.txt. Note that this code is client-side only. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14939 dc483132-0cff-0310-8789-dd5450dbe970
* No support for negative password expiration last-req hintKen Hornstein2002-10-241-1/+2
| | | | | | | | | Fixing an omission; previous code didn't support a negative value for the password expiration hint (which is legal). Pointed out by Ezra Peisach. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14938 dc483132-0cff-0310-8789-dd5450dbe970
* Implement asn1_encode_enumeratedSam Hartman2002-10-234-4/+51
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14937 dc483132-0cff-0310-8789-dd5450dbe970
* gic_pwd doesn't support password expiration notification via last_req hintKen Hornstein2002-10-232-1/+46
| | | | | | | | | | | | | | In kerberos-clarifications, a new last-req type (6) has been specified that indicates when a principal's password will expire. This code implements support for this last-req type. Note that the intent is that the last-req type will only be included by the KDC when the time until password expiration reaches some threshold (e.g, one week), so this code will display the password expiration anytime the last-req type is included. ticket: 1065 ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14936 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (service_tcp_fd): If DEBUG defined, ensure thatEzra Peisach2002-10-222-1/+7
| | | | | | initialization of variable not bypassed by goto. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14934 dc483132-0cff-0310-8789-dd5450dbe970
* This commit fixes the test suite aspects. Callers of the variousTom Yu2002-10-193-5/+14
| | | | | | | | | | | | | | | read_password functions still need to be updated. * api.2/init-v2.exp (test106): Make regexp more forgiving of variant password prompts. * api.0/init.exp (test7, test22, test225): Make regexp more forgiving of variant password prompts. ticket: 1217 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14932 dc483132-0cff-0310-8789-dd5450dbe970
* Thanks, (corrected) patch appliedTom Yu2002-10-153-2/+10
| | | | | | | | | | | | * hst_realm.c (krb5_try_realm_txt_rr): Apply patch from Nalin Dahyabhai to bounds-check return value from res_search(). * locate_kdc.c (krb5_locate_srv_dns_1): Apply patch from Nalin Dahyabhai to bounds-check return value from res_search(). ticket: 1216 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14928 dc483132-0cff-0310-8789-dd5450dbe970
* * server_init.c (kadm5_lock, kadm5_unlock): Return KADM5_OKEzra Peisach2002-10-152-0/+9
| | | | | | instead of falling off end of function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14927 dc483132-0cff-0310-8789-dd5450dbe970
* implement krb5_read_password, des_read_password via krb5_prompter_posixTom Yu2002-10-112-5/+15
| | | | | | | | | | | | | | | | | | This commit fixes one incompatibility introduced when krb5_read_password was reimplemented in terms of krb5_prompter_posix. There is a remaining incompatibility, which is krb5_prompter_posix's appending of the string ": " following a prompt. Callers of krb5_read_password and of des_read_password don't expect this behavior, which results in a double colon prompt, which breaks the libkadm5 test suite. * read_pwd.c (krb5_read_password): Restore name of size_return. Set *size_return after successful call to krb5_prompter_posix, since some callers were actually checking, e.g. kadm5. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14922 dc483132-0cff-0310-8789-dd5450dbe970
* Implement krb5_read_password an des_read_pw_stringSam Hartman2002-10-104-223/+74
| | | | | | | | | in terms of krb5_prompter_posix. Change motivated by the desire for echo foo |kinit -4 bar to work in test scripts, but having one implementation of password read functions on unix is good anyway git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14921 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (EXTRADEPSRCS): New variable.Ken Raeburn2002-10-102-1/+63
| | | | | | | (t_hmac$(EXEEXT), t_pkcs5$(EXEEXT), vectors$(EXEEXT)): New targets. (check-unix): Depend on and run t_hmac and t_pkcs5. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14920 dc483132-0cff-0310-8789-dd5450dbe970
* * string2key.c (mit_des_string_to_key_int): If PRINT_TEST_VECTORS is defined,Ken Raeburn2002-10-102-6/+69
| | | | | | print some of the intermediate results. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14919 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (t_cksum4, t_cksum5): Include com_err library when linkingKen Raeburn2002-10-102-2/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14918 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2002-10-101-3/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14917 dc483132-0cff-0310-8789-dd5450dbe970
* * pbkdf2.c, t_hmac.c, t_pkcs5.c: New filesKen Raeburn2002-10-104-0/+738
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14916 dc483132-0cff-0310-8789-dd5450dbe970
* libkadm5 should allow persistent locksTom Yu2002-10-0810-7/+81
| | | | | | | | | | | libkadm5 should have a way to persistently lock the databases to avoid wasting time on closing and reopening. These patches implement persistent exclusive locks for local access only. ticket: new target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14914 dc483132-0cff-0310-8789-dd5450dbe970
* ASN.1 code passes uninitialized values aroundTom Yu2002-10-084-137/+239
| | | | | | | | | | | | | | | | | | | | | | * asn1_get.c (asn1_get_tag_indef): Stomp on asn1class, construction, retlen, and indef, even if we've hit the end of the buffer, to avoid passing uninitialized values around. * asn1_k_decode.c: Reformat somewhat and add comments to demystify things a little. (opt_field): Fix to explicitly check for end of subbuf before verifying the pre-fetched tag, which may have been stomped on by asn1_get_tag_indef() encountering end-of-buffer. * krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check for end of subbuf before verifying the pre-fetched tag, which may have been stomped on by asn1_get_tag_indef() encountering end-of-buffer. ticket: new target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14913 dc483132-0cff-0310-8789-dd5450dbe970
* Implement an install-headers target to install public headers into KRB5_INCDIR;Sam Hartman2002-10-074-2/+10
| | | | | | | | probably called by setting DESTDIR. ticket: 1208 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14912 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesTom Yu2002-09-283-16/+23
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14906 dc483132-0cff-0310-8789-dd5450dbe970
* Fix DES_INT32 definitionTom Yu2002-09-2715-81/+205
| | | | | | | | | | | | Intial merge of KfM des library API. Update krb.h to use offsets from krb_err.et constants as error codes. Fix up definitions of KRB4_32, KRB_INT32, KRB_UINT32. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14904 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-09-30 07:19:30 +0000