summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* When generating etype_info2 for DES style keys, use s2kparams toSam Hartman2003-05-242-2/+21
| | | | | | | | | | | | communicate the type if the key has afs3 salt. If such s2kparams are received by the client, use the afs string2key function to process the key. Ticket: 1512 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15489 dc483132-0cff-0310-8789-dd5450dbe970
* Populate etype_info_entry.s2kparams.dataSam Hartman2003-05-242-1/+7
| | | | | | | | | | | The ASN.1 decoder for etype_info_entry accidentally throws away the pointer to s2kparams data. Don't Correctly store the pointer. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15488 dc483132-0cff-0310-8789-dd5450dbe970
* use kdc_default_optionsSam Hartman2003-05-232-1/+5
| | | | | | | | | | | The documentation and context initialization supports an option called kdc_default_options which is an integer that sets the default KDC request flags. Make the code actually use the option. Ticket: new Component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15485 dc483132-0cff-0310-8789-dd5450dbe970
* * gen_seqnum.c (krb5_generate_seq_number): Fix think-o on sequenceTom Yu2003-05-232-1/+4
| | | | | | | | | number mask. ticket: 1262 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15480 dc483132-0cff-0310-8789-dd5450dbe970
* Implement heuristic for matching broken Heimdal sequence number encodingsTom Yu2003-05-235-2/+184
| | | | | | | | | ticket: 1263 target_version: 1.3 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15479 dc483132-0cff-0310-8789-dd5450dbe970
* * kt_file.c (krb5_ktfile_get_entry): Check principal name prior toTom Yu2003-05-222-8/+13
| | | | | | | | | | checking enctype. Suggested by Wyllys Ingersoll. ticket: 1229 status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15470 dc483132-0cff-0310-8789-dd5450dbe970
* Cross realm checks can check beyond end of bufferEzra Peisach2003-05-222-1/+6
| | | | | | | | | | | * keytab.c (is_xrealm_tgt): Use strncmp instead of strcmp - as principal and realm name do not need to be null terminated. ticket: new tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15466 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_populate_gic_opt should return voidSam Hartman2003-05-222-1/+5
| | | | | | | | | | | Since none of the functions it calls can return an error, this should return void. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15465 dc483132-0cff-0310-8789-dd5450dbe970
* Set length correctly in krb5_get_in_tkt_with_password if password isTom Yu2003-05-215-8/+23
| | | | | | | | | | actually passed in. Also, fix test suite to be more lenient about password prompts, which changed under the previous patches for this ticket. ticket: 1480 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15463 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_in_tkt now only supports old (non-etype-info2) enctypesSam Hartman2003-05-202-1/+18
| | | | | | | Ticket: 1480 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15462 dc483132-0cff-0310-8789-dd5450dbe970
* Implement krb5_get_in_tkt_with_password andSam Hartman2003-05-207-257/+155
| | | | | | | | | | | | krb5_get_in_tkt_with_keytab in terms of krb5_get_init_creds. It turns out that these do in fact need to use get_init_creds not get_init_creds_{password,keytab} because of those functions do not allow the AS request to be returned. Ticket: 1480 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15461 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_k_encode.c (asn1_encode_krb_safe_body): UseEzra Peisach2003-05-203-2/+11
| | | | | | | | | | | | asn1_encode_unsigned_integer for sequence number. * asn1_k_decode.c (asn1_decode_krb_safe_body): Use asn1_decode_seqnum to decode sequence number. ticket: 1262 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15460 dc483132-0cff-0310-8789-dd5450dbe970
* Register writable keytabs by defaultSam Hartman2003-05-192-1/+10
| | | | | | | | | | | | | | | | We have a customer requirement to support writable keytabs using the public API in 1.3 Discussion on krbcore indicates there is no good reason why these are not registered by default. So, they are now registered by default. Also adjust other code in the tree not to try and register them. Ticket: new Target_Version: 1.3 Component: krb5-libs Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15459 dc483132-0cff-0310-8789-dd5450dbe970
* Sequence numbers are now unsigned. Implement lenient parser forTom Yu2003-05-1810-11/+115
| | | | | | | | | | | sequence numbers which folds received negative sequence numbers into positive unsigned numbers. Constrain the space of initial sequence numbers to facilitate backwards compatibility. ticket: 1262 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15457 dc483132-0cff-0310-8789-dd5450dbe970
* * chpw.c (krb5int_rd_chpw_rep): Allow new kpasswd error codes up throughKen Raeburn2003-05-172-1/+4
| | | | | | | | | _INITIAL_FLAG_NEEDED. ticket: 1441 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15455 dc483132-0cff-0310-8789-dd5450dbe970
* * ser_ctx.c (krb5_context_internalize): Copy read-in OS context data intoKen Raeburn2003-05-172-6/+22
| | | | | | | | | krb5_context and free up the newly allocated OS context. ticket: 1497 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15453 dc483132-0cff-0310-8789-dd5450dbe970
* Only allow combine_keys to work on des and 3des enctypes. It is notSam Hartman2003-05-152-0/+26
| | | | | | | | | supported for rc4 or AES until we implement the crypto framework PRF. Ticket: 1248 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15448 dc483132-0cff-0310-8789-dd5450dbe970
* Be more friendly towards parallel buildsKen Raeburn2003-05-142-5/+17
| | | | | | | | | | * Makefile.in ($(EHDRDIR)$(S)timestamp): New target, used for ensuring $(EHDRDIR) exists. (clean-unix): Delete the dummy file. ($(EHDRDIR)$(S)gssapi.h): Depend on it, instead of creating the directory here. ($(EHDRDIR)$(S)gssapi_generic.h): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15443 dc483132-0cff-0310-8789-dd5450dbe970
* provide shorthand aliases for AES enctypesKen Raeburn2003-05-132-0/+15
| | | | | | | | | | | * etypes.c (krb5_enctypes_list): Add names aes128-cts and aes256-cts as aliases. ticket: new target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15433 dc483132-0cff-0310-8789-dd5450dbe970
* Try forwarding with no enctype restriction if forwarding with anSam Hartman2003-05-132-3/+12
| | | | | | | | enctype restriction fails. This is sufficient for 1.3. Ticket: 1473 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15431 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapi_krb5.h: Remove check for GSS_RFC_COMPLIANT_OIDSTom Yu2003-05-132-3/+4
| | | | | | | | | ticket: 1482 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15429 dc483132-0cff-0310-8789-dd5450dbe970
* AES shouldn't be in KDC default enctype listKen Raeburn2003-05-132-1/+6
| | | | | | | | | | | Until all services including GSS-based ones can support AES, we don't want it in the default supported enctypes list on the KDC. ticket: new tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15428 dc483132-0cff-0310-8789-dd5450dbe970
* reduce AES string-to-key iteration count to 4096Ken Raeburn2003-05-132-3/+39
| | | | | | | | | | | | | | * aes_s2k.c (DEFAULT_ITERATION_COUNT): New macro; define to 4096. (MAX_ITERATION_COUNT): New macro. (krb5int_aes_string_to_key): Use them. Also added a proper copyright notice. ticket: new tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15427 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor error in previous commit that broke v4 saltsSam Hartman2003-05-131-1/+1
| | | | | | | Ticket: 1470 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15426 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leaks and double frees in preauth2.cSam Hartman2003-05-134-42/+81
| | | | | | | Ticket: 1470 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15425 dc483132-0cff-0310-8789-dd5450dbe970
* Add AES enctypes to t_encryptSam Hartman2003-05-132-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15424 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Add setting of KRB_ERR on WindowsTom Yu2003-05-122-0/+5
| | | | | | ticket: 1477 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15419 dc483132-0cff-0310-8789-dd5450dbe970
* Don't #include compile_et .c filesSam Hartman2003-05-124-12/+18
| | | | | | | | | | | | | | At least the e2fsprogs compile_et produces .c files that duplicate definitions found in com_err.h and so you need to avoid including those .c files in other files. In order to do this we duplicate the string tables. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15415 dc483132-0cff-0310-8789-dd5450dbe970
* * IMplement etype_info in KDC. If the request contains any newSam Hartman2003-05-129-89/+97
| | | | | | | | | | | | | | | | | | | | enctypes (currently AES but anything not explicitly listed as old) then only etype_info2 is sent back in response. Send back etype_info2 all the time. Also send back etype_info2 to provide salt and s2kparams with AS reply not just for preauth errors. * Expose interface for getting string2key with parameters (previously implemented but not exported) * IN the client (at least for get_init_creds interface) prfer etype_info2 to etype_info and pw_salt. Pass s2kparams and use string2key_with_params. Ticket: 1454 Status: open Target_Version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15412 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new krb5_context field for the config-file tgs_enctypes, whichKen Raeburn2003-05-103-23/+57
| | | | | | | | | | | applications cannot override, and use it for ticket-granting tickets needed to acquire some desired service ticket. ticket: 1429 tags: pullup status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15411 dc483132-0cff-0310-8789-dd5450dbe970
* punt leftover conflict markersTom Yu2003-05-101-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15410 dc483132-0cff-0310-8789-dd5450dbe970
* Rename the local_subkey and remote_subkey fields in the auth_contextTom Yu2003-05-1019-77/+200
| | | | | | | | | | | | | | | | | to send_subkey and recv_subkey, respectively. Add new APIs to query and set these fields. Change the behavior of mk_req_ext, rd_req_dec, and rd_rep to set both subkeys. Applications wanting to set unidirectional subkeys may still do so by saving the values of subkeys and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the send_subkey. ticket: 1415 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970
* * init_os_ctx.c: Added support for KLL's __KLAllowHomeDirectoryAccess() ↵Alexandra Ellwood2003-05-072-1/+12
| | | | | | function so that krb4, krb5 and gssapi will not access the user's homedir if the application forbids it git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15398 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typoSam Hartman2003-05-061-1/+1
| | | | | | | Ticket: 1454 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15394 dc483132-0cff-0310-8789-dd5450dbe970
* Implement encoders for etype_info2 and add support to s2kparams forSam Hartman2003-05-068-9/+63
| | | | | | | | | decoders. Ticket: 1454 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15393 dc483132-0cff-0310-8789-dd5450dbe970
* Replace ovpasswd with kpasswdSam Hartman2003-05-042-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15392 dc483132-0cff-0310-8789-dd5450dbe970
* * kadm_stream.c: Fixed vts_long() and vts_short() so they return a pointer ↵Alexandra Ellwood2003-05-012-3/+15
| | | | | | to the beginning of the memory they allocate and place their data at the end of the buffer which was passed in git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15388 dc483132-0cff-0310-8789-dd5450dbe970
* AES code shouldn't define uint32_t etc if the system provides themKen Raeburn2003-04-292-1/+5
| | | | | | | | | | Use inttypes.h if available. ticket: new status: open target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15383 dc483132-0cff-0310-8789-dd5450dbe970
* set-change password breaks kpasswdSam Hartman2003-04-282-1/+7
| | | | | | | | | | | | In some cases a null realm argument was passed into the function for locating the kpasswd server. This ended up causing segfaults in kpasswd. Fix to use the right realm. ticket: new Tags: pullup Target_Version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15379 dc483132-0cff-0310-8789-dd5450dbe970
* Incorporate krb5_os_context directly into krb5_context, since they're alwaysKen Raeburn2003-04-282-15/+7
| | | | | | allocated and freed at the same time, even if in different files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15378 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_setpw_result_string should be internalSam Hartman2003-04-274-3/+12
| | | | | | | | | | | | | Make krb5_setpw_result_string a krb5int_ function prototyped in k5-int.h. The prototype was already there, but the code did not match the function name. This needs to be pulled up to the release branch to fix Windows build because of a KRB5_CALLCONV issue. ticket: new Tags: pullup Target_Version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15375 dc483132-0cff-0310-8789-dd5450dbe970
* Implementation of Microsoft set password client library code providedSam Hartman2003-04-258-19/+438
| | | | | | | | | | by Paul Nelson. Ticket: 1377 Status: open Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15373 dc483132-0cff-0310-8789-dd5450dbe970
* * kfree.c (krb5_free_pwd_sequences): Correction to previousEzra Peisach2003-04-242-2/+7
| | | | | | | | fix. Free contents of krb5_data - not just the pointer. ticket: 1439 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15369 dc483132-0cff-0310-8789-dd5450dbe970
* errno should never be explicitly declaredKen Raeburn2003-04-249-15/+14
| | | | | | | | | | | | Remove explicit declarations of errno; include errno.h as needed. (Also, errmsg in krb4, and malloc in compile_et.) ticket: new target_version: 1.3 tags: pullup status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15368 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_free_pwd_sequences only frees first elementEzra Peisach2003-04-232-7/+18
| | | | | | | | | | | | | | | | * kfree.c (krb5_free_pwd_sequences): Actually free the entire sequence of passwd_phase_elements and not just the first one. In our tree, this code is only used by krb5_free_pwd_data() which is subsequently not used anywhere else. Perhaps all code pertaining to pwd data (asn.1 decoders, encoders, etc. should be removed) ticket: new component: krb5-libs target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15364 dc483132-0cff-0310-8789-dd5450dbe970
* * alt_prof.c (kadm5_get_config_params): Add aes256 to the default supportedKen Raeburn2003-04-192-1/+6
| | | | | | | | | enctypes list. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15362 dc483132-0cff-0310-8789-dd5450dbe970
* Note to self: Save buffers before checkin, not after. GrrKen Raeburn2003-04-181-1/+5
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15360 dc483132-0cff-0310-8789-dd5450dbe970
* fix typoKen Raeburn2003-04-181-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15359 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the front of theKen Raeburn2003-04-182-0/+6
| | | | | | | | | list. No 128-bit support by defaut. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15358 dc483132-0cff-0310-8789-dd5450dbe970
* * dk_encrypt.c (krb5int_aes_dk_encrypt): Set output length properlyKen Raeburn2003-04-182-0/+7
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15357 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-13 22:04:39 +0000