summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* add get_name callback for kdb keytab type, for debuggingKen Raeburn2003-12-132-1/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15910 dc483132-0cff-0310-8789-dd5450dbe970
* ignore extra lines output when debugging code enabledKen Raeburn2003-12-132-0/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15909 dc483132-0cff-0310-8789-dd5450dbe970
* Add platform-dependent 64-bit and inline-function support via new headerKen Raeburn2003-12-138-45/+166
| | | | | | | | | | | | | | | k5-platform.h. Add 64-bit serializer support. [Not needed for ticket 1471, but needed for 2040 and annoying to check in separately.] Add to (internal for now) crypto API a function to get the mandatory checksum type associated with an enctype. New support for server-generated subkey, selected via an auth_context flag. ticket: 1471 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15908 dc483132-0cff-0310-8789-dd5450dbe970
* * an_to_ln.c (krb5_aname_to_localname): Don't write one byte pastTom Yu2003-12-132-6/+14
| | | | | | | | | | the end of a string. Found by Christopher Nebergall. ticket: 2024 component: krb5-libs version_reported: 1.3.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15895 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Move ##WIN32## constructs from insideTom Yu2003-12-132-9/+12
| | | | | | | | | | backslash-continued lists, as it was breaking them. Move explicit dependency information from under automatic dependencies. ticket: 2049 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15894 dc483132-0cff-0310-8789-dd5450dbe970
* * Added new krb5_ccache type "MSLSA" for Windows only.Jeffrey Altman2003-12-128-2/+1314
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This new ccache type provides an interface for the MIT krb5_cc api functions to be used to access the contents of the MS Kerberos LSA cache. The ccache type is read-only because the MS Kerberos LSA does not allow third party applications to insert credentials into the cache. The primary motivation of this work was to encapsulate the complex operations necessary to manipulate the MS Kerberos LSA. The code was far from trivial and was often implemented incorrectly. Worse still was the fact that each version of Windows since W2K modified the use of the LSA API. The code which was originally donated in the form of ms2mit.c had many memory and handle leaks which were acceptable for a one time application such as ms2mit.c. Unfortunately, this code has started to appear in many other applications: KfW's Leash, the AFS Wake systray tool, and others. By using the new MSLSA ccache the implementation of ms2mit.c went from 890 lines to 50 lines of code and comments. All that is necessary is for the MSLSA ccache to be resolved and for its contents to be copied with krb5_cc_copy_creds to the default ccache. The MSLSA ccache implements all of the functions of a ccache except those which would be used to store data into the ccache. When a write attempt is performed the new error KRB5_CC_READONLY is returned. The residual portion of the MSLSA ccache name is current ignored but preserved. If you ask for ccache "MSLSA:myname" you will be given access to the LSA cache for the current Logon Session. If you later ask for the name of the ccache you will be returned the same name. In the future, the residual might be used to provide information necessary to identify a specific logon session whose cache it is desired to access. If this is ever done, the applications which use it will have to possess the SeTcbPrivilege privilege. Using KfW's Leash it is now possible to set the Krb5 credential cache to "MSLSA:" and use it to monitor the contents of the MS Kerberos LSA cache. As part of adding this functionality, krb5_32.dll is not linked against the "secur32.lib" library as the Lsa security sdk routines are stored in the SECUR32.DLL file. ticket: 2049 target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15886 dc483132-0cff-0310-8789-dd5450dbe970
* Added kg_sync_ccache_name(), kg_get_ccache_name, and kg_set_ccache_name() ↵Alexandra Ellwood2003-12-115-33/+177
| | | | | | | | and rewrote gss_krb5_ccache_name() and added a call to kg_sync_ccache_name() to acquire_init_cred() to fix a bug where on systems with multiple ccaches that GSSAPI gets stuck on the ccache that was default when it launched ticket: 2060 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15879 dc483132-0cff-0310-8789-dd5450dbe970
* Note that krb4 expiration needs to be more conservative than krb5Sam Hartman2003-12-112-0/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15878 dc483132-0cff-0310-8789-dd5450dbe970
* Add exports for functions exported by KfMJeffrey Altman2003-12-082-0/+34
| | | | | | | | ticket: 2051 target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15871 dc483132-0cff-0310-8789-dd5450dbe970
* 2003-11-26 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2003-12-082-0/+33
| | | | | | | | | | | * cc_default.c: Add support for Leash Kinit Dialog on Windows to krb5int_c_default() ticket: 2028 target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15870 dc483132-0cff-0310-8789-dd5450dbe970
* initial sequence number mask short by 4 bitsTom Yu2003-10-302-1/+6
| | | | | | | | | | | | | * gen_seqnum.c (krb5_generate_seq_number): Fix mask; was short by 4 bits. ticket: new version_reported: 1.3.1 target_version: 1.3.2 component: krb5-libs tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15849 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c: Sockets must be closed with closesocket() insteadJeffrey Altman2003-10-272-1/+7
| | | | | | | | | | | | of close() for proper socket deallocation on systems which do not use file descriptors for sockets. i.e., Windows. ticket: 1973 target_version: 1.3.2 tags: pullup status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15844 dc483132-0cff-0310-8789-dd5450dbe970
* * api.1/lock.exp: Work around a race condition in the Solaris 9Tom Yu2003-10-172-18/+56
| | | | | | | | | | | | | | | pty implementation: output sent to a pty slave immediately before last close/exit can get lost on the way to the master. This is Sun bug #4927647. The workaround consists of changing the tests to always make lock-test wait to read a character prior to exiting, so any output prior to the "wait" directive will not get lost. ticket: 1792 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15840 dc483132-0cff-0310-8789-dd5450dbe970
* Save encoded KRB-SAFE-BODY to avoid problems caused by re-encoding it.Tom Yu2003-10-087-5/+134
| | | | | | | | | | Also, handle correctly implemented RFC 1510 KRB-SAFE i.e., checksummed over KRB-SAFE-BODY only. ticket: 1893 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15831 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Cesar Garcia to fix lifetime computation in 524Tom Yu2003-09-022-1/+6
| | | | | | | | | | | ticket conversion. ticket: 1712 tags: pullup version_reported: 1.3.1 target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15808 dc483132-0cff-0310-8789-dd5450dbe970
* kill() might overwrite errno. Save it beforehandAlexandra Ellwood2003-09-021-1/+1
| | | | | | ticket: 1799 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15806 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed handling of krb5_net_write() failing (need to call waitpid() on child ↵Alexandra Ellwood2003-09-021-14/+8
| | | | | | | | even if we kill it) ticket: 1799 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15805 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed comment (part of adding Apple Password Server support)Alexandra Ellwood2003-09-021-2/+1
| | | | | | ticket: 1799 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15804 dc483132-0cff-0310-8789-dd5450dbe970
* Added Apple password server supportAlexandra Ellwood2003-09-022-0/+149
| | | | | | ticket: 1799 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15803 dc483132-0cff-0310-8789-dd5450dbe970
* In my tests (2GHz P4 Linux, 5 minutes, no pre-existing replay cache), this getsKen Raeburn2003-08-272-10/+30
| | | | | | | | | | | | | | about a 10% speedup adding entries to an already open replay cache. * rc_dfl.c (alive): Take a timestamp argument instead of the context, and don't check the current time here. All callers changed to pass in the current time. (rc_store): Take a timestamp argument. All callers changed to pass in the current time. ticket: 1784 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15799 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_file.c (krb5_fcc_store_int32, krb5_fcc_store_ui_4, krb5_fcc_store_ui_2)Ken Raeburn2003-08-262-51/+6
| | | | | | | (krb5_fcc_store_octet): Remove gratuitous conditionalizing of casts on USE_STDIO, left over from merge. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15797 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2003-08-211-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15788 dc483132-0cff-0310-8789-dd5450dbe970
* * dnssrv.c: New file; split out DNS SRV RR query support...Ken Raeburn2003-08-214-225/+281
| | | | | | | * locate_kdc.c: ...from here. Always compile in the calls. * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15787 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Don't substitute LIBOBJS, newer autoconfs don't like itKen Raeburn2003-08-212-4/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15786 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (STLIBOBJS, OBJS): EmptyKen Raeburn2003-08-212-2/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15785 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Don't replace any missing system functions. Just set LIBOBJSKen Raeburn2003-08-212-1/+10
| | | | | | empty for now and substitute it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15781 dc483132-0cff-0310-8789-dd5450dbe970
* Don't double free the encrypted credential partSam Hartman2003-08-192-5/+5
| | | | | | | Ticket: 1731 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15773 dc483132-0cff-0310-8789-dd5450dbe970
* krb_check_auth clears the return value for the schedule parameter with a ↵Alexandra Ellwood2003-08-152-1/+6
| | | | | | | | memset. This prevents callers from using the key schedule, which breaks code ticket: 1730 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15770 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Don't check for or replace vfprintf, vsprintf, strerror,Ken Raeburn2003-08-132-1/+6
| | | | | | memmove, or sscanf, all part of C 89. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15768 dc483132-0cff-0310-8789-dd5450dbe970
* use my mit changelog idKen Raeburn2003-08-131-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15767 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (OBJS, STLIBOBJS): Drop setenv.o.Ken Raeburn2003-08-134-197/+8
| | | | | | | * setenv.c: Deleted. * pos-obsolete.h: Deleted. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15766 dc483132-0cff-0310-8789-dd5450dbe970
* get_init_creds_password: DNS SRV off causes bogus REALM_UNKNOWNTom Yu2003-08-082-1/+10
| | | | | | | | | | | | | | | * gic_pwd.c (krb5_get_init_creds_password): If DNS SRV support is turned off, the second call to get_init_creds() will fail with KRB5_REALM_UNKNOWN under certain circumstances. If that happens, return the error from the first call to get_init_creds(), which will be more useful to the user. ticket: new target_version: 1.3.2 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15761 dc483132-0cff-0310-8789-dd5450dbe970
* configure.in: Don't assume all darwin boxes are powerpc. (eg: OpenDarwin/x86)Alexandra Ellwood2003-08-062-1/+6
| | | | | | ticket: 1718 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15757 dc483132-0cff-0310-8789-dd5450dbe970
* use new config file tag for master KDCKen Raeburn2003-07-252-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | We want to avoid making extra attempts to contact the "master" KDC, in the case where the password appears to be incorrect according to one KDC but we think maybe the master KDC could have a newer password, if there isn't actually a master KDC. Currently the admin_server tag is overloaded for kadmin and password changing. So, don't use it as a filter on the KDC list; instead, look for master_kdc as an independent list. (See also ticket 1511 re contacting the master twice if it's first in the regular KDC list.) Doc updates still needed. * locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server as the get_masters argument. Instead, if get_masters is set, look up "master_kdc" in the config file instead of "kdc". ticket: new target_version: 1.3.2 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15736 dc483132-0cff-0310-8789-dd5450dbe970
* Send generalstring not octetstring in etype_info2. Accept eitherSam Hartman2003-07-227-15/+81
| | | | | | | | | | | | form. Also, if a etype_info fails to decode, skip it rather than failing to process the AS reply. Ticket: 1681 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15723 dc483132-0cff-0310-8789-dd5450dbe970
* Always register the file ccache in the set of registered ops. TheSam Hartman2003-07-222-2/+14
| | | | | | | | | | | resolve code may also find it as the default ops on some platforms, but this will not cause problems. ticket: 1684 owner: lxs status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15716 dc483132-0cff-0310-8789-dd5450dbe970
* Change crypto "provider" structures to hold numeric values instead of functionKen Raeburn2003-07-2241-228/+190
| | | | | | | pointers for key sizes, block sizes, etc., when the values are always constant for each encryption or hash mechanism. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15714 dc483132-0cff-0310-8789-dd5450dbe970
* Don't combine encrypt and decrypt code paths.Ken Raeburn2003-07-222-19/+45
| | | | | | | | | | | | | Zap key schedule when done. * des3.c (validate_and_schedule): Split out from old k5_des3_docrypt. (k5_des3_encrypt, k5_des3_decrypt): Call it, and krb5int_des3_cbc_encrypt or _decrypt, instead of k5_des3_docrypt. Zap key schedules before returning. ticket: 1404 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15710 dc483132-0cff-0310-8789-dd5450dbe970
* crypto library has bogus dependence on com_errKen Raeburn2003-07-222-2/+4
| | | | | | | | | | | | Forgotten debugging code that was never removed... * pbkdf2.c (foo): Never call com_err. ticket: new target_version: 1.3.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15707 dc483132-0cff-0310-8789-dd5450dbe970
* * f_cbc.c (krb5int_des_cbc_decrypt): Move declarations that were afterKen Raeburn2003-07-223-4/+10
| | | | | | | statements after flattening blocks is previous change. * d3_cbc.c (krb5int_des3_cbc_decrypt): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15706 dc483132-0cff-0310-8789-dd5450dbe970
* Export krb5_principal2saltAlexandra Ellwood2003-07-212-0/+5
| | | | | | ticket: 1679 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15701 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ets.c (krb5_init_ets): Only initialize error tables once -Ezra Peisach2003-07-192-5/+16
| | | | | | | | | | | | | | | so that init_conext/free_context loops do not result in memory leaks. I did not implement the remove error table functions - as a system installed com_err library might not support remove_error_table that exists in our trees com_err library. ticket: 1665 target_version: 1.3.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15700 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_gss_register_acceptor_identity does not allocate enough memory for ↵Ezra Peisach2003-07-192-1/+6
| | | | | | | | | | | | | | | | cached keytab * acquire_cred.c (krb5_gss_register_acceptor_identity): Allocate enough memory to include the null at the end of the keytab char *. Essentially off by one error. ticket: new target_version: 1.3.1 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15699 dc483132-0cff-0310-8789-dd5450dbe970
* gssapi32.def: export the GSS_C_NT_xxxx constants as DATA. These are requiredJeffrey Altman2003-07-182-4/+15
| | | | | | | | | | | | by applications that wish to use the gss_nt_xxxx constants. ticket: 1666 target_version: 1.3.1 tags: pullup owner: jaltman@mit.edu status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15695 dc483132-0cff-0310-8789-dd5450dbe970
* Remove kg_release_defcred and caching of default credential. RewriteTom Yu2003-07-179-479/+625
| | | | | | | | | | | | krb5_gss_init_sec_context() while we're at it to make defcred-related changes easier, and as a side effect, fix some error condition memory leaks. ticket: 1365 target_version: 1.3.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15694 dc483132-0cff-0310-8789-dd5450dbe970
* Use the old DES encrypt function, not the split versions via macrosKen Raeburn2003-07-174-0/+9
| | | | | | | | * des.c (mit_des_cbc_encrypt): Undef before use. * enc_dec.c (mit_des_cbc_encrypt): Likewise. * mac_des_glue.c (mit_des3_cbc_encrypt): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15693 dc483132-0cff-0310-8789-dd5450dbe970
* Separate the DES encrypt and decrypt operations into separate functions,Ken Raeburn2003-07-174-254/+361
| | | | | | | | | | | | | | | | since they have almost no code in common. * f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): New functions broken out from mit_des_cbc_encrypt. (mit_des_cbc_encrypt): Call them. * d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): New functions broken out from mit_des3_cbc_encrypt. (mit_des3_cbc_encrypt): Call them. * des_int.h (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt, krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): Declare. (mit_des_cbc_encrypt, mit_des3_cbc_encrypt): New macros. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15692 dc483132-0cff-0310-8789-dd5450dbe970
* delete ##WIN16## lines from makefilesKen Raeburn2003-07-1750-27/+101
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15691 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_libinit.c: Include autoconf.hKen Raeburn2003-07-152-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15690 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.oKen Raeburn2003-07-152-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15689 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-13 07:34:11 +0000