| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Active Directory returns structured policy information in the
nominally UTF-8 result string field of a password change reply. Add a
new API krb5_chpw_message() to convert a result string into a
displayable message, interpreting policy information if present.
Patch from stefw@gnome.org with changes.
ticket: 7128
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25857 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Factor out the core code of krb5_verify_init_creds into a helper, add
new helper functions to retrieve the list of unique host principals
from a keytab, and make krb5_verify_init_creds drive the helper once
per host principal.
Augment the test harness and test cases to better test the new
behavior. Add a k5test method to retrieve an NFS principal for the
test realm for the sake of the new test cases.
ticket: 7125
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25845 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Add K5Realm.prep_kadmin() to create a ccache and K5Realm.run_kadmin()
to run a kadmin query using it. Modify t_stringattr.py to use these
helpers instead of its own.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25826 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Very few Python tests need kadmind, so it makes more sense to have to
turn it on than to have to turn it off.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25816 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
asserts may be compiled out with -DNDEBUG, so it's wrong to use an
assert expression with an important side effect.
(We also have scores of side-effecting asserts in test programs, but
those are less important and can be dealt with separately.)
ticket: 7105
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25760 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The configure-time options to enable and disable IPv6 support have
been deprecated for some time, but the checks for OS support were
kept. This removes those checks, and unconditionally compiles in the
IPv6 support.
There was a configure-time test to see if the macro INET6 needed to be
defined in order to enable (visibility of) OS support for IPv6, which
was needed on an IRIX system we tested with. That check is retained,
but the revised code is untested on IRIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25719 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
New APIs of this sort should be discussed, and the goals motivating
the change clarified.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25670 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
diagnostics of the potential misconfiguration.
Added profile_get_(string/integer/boolean)_nodef functions to the profile library to get the typed values from the configuration
files (without setting these values to the defaults).
Used TRACE_PROFILE_ERR for the configuration diagnostics in krb5_init_context_profile API.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25669 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Add dependency rules so that "make depend" succeeds from a fresh build
tree.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25593 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
k5test is only supposed to require Python 2.4, but cross_realms uses
itertools.permutations which is new in 2.6. Use a list display
instead.
ticket: 7054
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25592 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25571 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25505 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
"make fake-install" no longer exists, so tell the developer to run
"make runenv.py" instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25477 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update verto sources to 0.2.2 release versions. verto_reinitialize()
now has a return value; check it in kdc/main.c. Store verto-libev.c
alongside verto-k5ev.c to make it easy to diff corresponding versions
when updating.
ticket: 7018
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25474 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make check was failing in util/gss-kernel-lib due to dependencies
when the build is configured with --with-system-et, because depfix.pl
wasn't smart enough to substitute the dependency on com_err.h in the
current directory. Make depfix.pl smarter, and adjust COM_ERR_DEPS
to be com_err.h in gss-kernel-lib when building with the bundled
com_err.
ticket: 7014
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25468 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NOTICE was missing the copyright statement for verto (it's not quite
the same as other Red Hat licenses). util/verto had no README file,
and neither the verto nor k5ev README contained pointers to the
upstream project pages.
ticket: 7002
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25443 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25437 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
Instead, use $(BUILDTOP)/plugins as the plugin base for tests. For
each real plugin module, create a link in the parent directory if
we're doing a shared-library build--so built KDB modules can be found
in plugins/kdb, preauth modules in plugins/preauth, etc..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25436 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Allow "make testrealm CROSSNUM=N" to make N fully-connected realms for
cross-realm testing convenience.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25435 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25430 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Add a cross_realms function to k5test.py to generate several linked
realms. Add a test script t_crossrealm.py to exercise six different
cross-realm scenarios.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25429 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25398 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the tar invocation in mkrel so that it defaults to using "tar" as
the tar program rather than "gtar".
This should probably be pulled up to at least 1.9 and 1.8 as well.
ticket: 6989
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25395 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Also fix pkinit_crypto_nss.c struct initializers and add parens to a
ternary operator in do_as_req.c for better indentation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains allocator methods for use with mechanisms and mechglues for
allocations that must be made in one module but freed in another. On
windows, an allocation made in one module cannot safely be freed in
another using the usual c runtime malloc/free; runtime dll mismatch
will cause heap corruption in that case. But it is safe to instead
directly use HeapAlloc()/HeapFree() specifying the default process
heap. For now, this header is not public. If it becomes public
strncpy will need to be used instead of strlcpy.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25330 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Microsecond accuracy on _WIN32, but only one second accuracy on other,
AFAIK purely hypothetical, platforms that lack native gettimeofday.
Shamelessly cribbed from Heimdal.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25310 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25283 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Updated Windows specific Makefiles to search for header files in src/windows/include
Signed-off-by: Alexey Melnikov <aamelnikov@gmail.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25279 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25274 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Moved wshelper from windows to util to fix build order dependencies.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25273 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25240 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Also add verto_reinitialize to libverto exports (missed in the last
update).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25174 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
When we build with the internal verto, we include verto-k5ev.h in
order to create loops. When we build with the system verto, we don't
include that header file. Add depfix logic and pre.in variables to
avoid depending on verto-k5ev.h for a system verto build.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25173 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Also update verto-k5ev.c to match changes to verto-libev.c.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25172 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
If k5test is invoked with any stop, wait, or debug options, wait for
input before killing daemons, in case a daemon is being debugged.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25171 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
When we have conditionally built bundled source, we need logic in
depfix.pl and variables in pre.in to avoid depending on the bundled
verto.h in generated dependencies. Add that logic for verto.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25170 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
ev.c explicitly disables poll() on Mac and FreeBSD, which left our
standalone version without any working back ends on Mac OS X, for
example. Fall back to using select() on these platforms.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25169 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
Give libverto-k5ev a header file. When using the internal verto
library, link against -lverto-k5ev and use verto_default_k5ev()
instead of verto_default(), bypassing the module loading logic and
making static builds possible.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25166 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* "kdestroy -A" destroys all caches in collection.
* "kinit princ" searches the collection for a matching cache and
overwrites it, or creates a new cache in the collection, if the
type of the default cache is collection-enabled. The chosen cache
also becomes the primary cache for the collection.
* "klist -l" lists (in summary form) the caches in the collection.
* "klist -A" lists the content of all of the caches in the collection.
* "kswitch -c cache" (new command) makes cache the primary cache.
* "kswitch -p princ" makes the cache for princ the primary cache.
ticket: 6956
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25157 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25153 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Some minor reformatting added in places to avoid exceeding 80 columns.
Used Emacs 22.1 built-in C mode.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Also remove k5ev.c, which shouldn't have been committed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25138 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
Add configure and build support for libverto and the libverto-k5ev
module. Fix the version script rules to work for libraries with
hyphens in their names.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25127 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25126 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
These are from the source repository as of 2011-08-24, since there are
no formal releases yet.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25125 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
socket.getfqdn() tries to produce a result containing a period, so it
may disagree with krb5_sname_to_principal's result--for example, in
Fedora's default DHCP configuration. Use getaddrinfo and getnameinfo
calls mirroring krb5_sname_to_principal's logic instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25122 dc483132-0cff-0310-8789-dd5450dbe970
|