| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
We have added a krb5-latest symlink for the latest stable release,
which is preferred to the krb5-current link (which points to a nightly
build of master).
ticket: 7673 (new)
ticket: 7493
queue: kfw
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With WiX 3.x, the preprocessor candle.exe expands variables using
$(); the linker light.exe expands localization and similar variables
using !(), though it accepts the $() form and prints a warning.
Switch to using the expected form to silence the warnings.
ticket: 7390
tags: pullup
target_version 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It has been unconditionally activated by all supported build systems
for almost two years, and no complaints or issues have been reported.
In particular, aclocal.m4 has had an unconditional AC_DEFINE() since
3d708e55 in 2003, and win-pre.in has unconditionally set KRB5_USE_DNS_KDC
since 17ffebf7 in 2011.
While here, simplify some other DNS conditionals in win-pre.in where
only one branch was ever taken.
ticket: 7691 (new)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a long-standing documentation bug where we claimed that
a domain_realm mapping for a host name would not affect entries
under that domain name. The code has always had the behavior where
a host name mapping implies the corresponding domain name mapping,
since the 1.0 release.
While here, replace media-lab with csail in example files, as the
media lab realm is no longer in use. Also strip port 88 from KDC
specifications, and drop the harmful default_{tgs,tkt}_enctypes
lines from src/util/profile/krb5.conf.
Further cleanup on these files to remove defunct realms may be in order.
ticket: 7690 (new)
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
| |
The Windows SDK 8 dropped the command-line build environment, so
provide instructions for building with the Visual Studio (2012)
command-line build environment.
ticket: 7669 (new)
queue: kfw
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As advised by the VC 11 merge modules.
Windows Installer 4.5 requires Windows Server 2008, Windows Vista, Windows XP
with Service Pack 2 (SP2) and later, or Windows Server 2003 with Service
Pack 1 (SP1) and later. I believe we already enforce these restrictions
manually elsewhere, so this should not restrict our set of valid target
machines.
ticket: 7667 (new)
queue: kfw
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
| |
The merge modules need to reference VC110 paths.
Use a variable for VC100 versus VC110 so that we don't copy a lot
of boilerplate around.
ticket: 7666 (new)
queue: kfw
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It's more aggressive about enforcing that keywords are not macros
in C++ mode, and has bumped the MFC version to 11.
Keep compatibility with older versions of Visual Studio, appropriately
conditionalized.
ticket: 7664 (new)
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
| |
ticket: 7440
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
| |
We omit the patchlevel if it is zero, but the check whether
the patchlevel was zero was checking the wrong variable, and thus
always succeeding.
ticket: 7481 (new)
queue: kfw
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve accessibility by actually enabling access keys for ribbon
elements (tap alt and follow the onscreen hints for keys to press),
instead of just underlining a letter in the name of each element.
Supply an underlined letter in the text of each element, corresponding
to this access key, even if there is not a shortcut key bound to that
element. While here, fix conflicting assignment to 'R' on the 'options'
tab (between "Renewable Until" and "Automatic Ticket Renewal") by
making "Automatic Ticket Renewal" use 'T'. Microsoft's UI recommendations
seem to say that access keys should be easy to locate when searching
through the menu, and thus using the first letter of the first or
second word is advisable.
The Ribbon XML Reference seems to indicate that these elements should
be "keytip" elements, but MSVS creates "keys" elements, which seem
to work, whereas "keytip" does not. Apparently 'F' is standard for
the application button menu (which contains exit). Access keys work
somewhat poorly for us in this menu, as they appear on top of the text
of the menu items, since we have no icons here.
ticket: 7441
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
|
| |
A big pile of XML on one line is not very readable.
Use 'xmllint --format' to make things more sane.
ticket: 7478 (new)
queue: kfw
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The AboutBox dialog as specified in the resource file is larger than
the one we display; the dialog init routine marks several things as
non-visible, moves the 'OK' button up to where the now-invisible items
were, and shrinks the dialog's bounding rectangle.
However, the edit boxes containing copyright and version information
seem to always present as being on top of the 'OK' button, and their
background causes the button to appear almost invisible with the current
repositioning.
To keep the 'OK' button visible, reduce the amount that it is moved
(and the amount the dialog is shrunk) so that the button does not overlap
with the edit box.
ticket: 7443
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
| |
Executables and shared libraries should have a file version, so
that the upgrade process works as expected.
ticket: 7386 (new)
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
| |
windows/leashdll/include contains only a krb4 directory.
We have a dubious need for the latter through AFSroutines.c,
but the former can be eliminated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The build instructions have changed somewhat, as have the requirements
for a build environment.
The default behavior for KRB5_CONFIG and KRB5CCNAME has also changed.
Attempt to remove mention of overly specific Windows versions that
are now quite old when the behavior persists in newer versions of Windows.
Document the usage of DNS by default and the reduced need for a large
krb5.ini file.
Talk a little more about the LSA cache.
The kerbsrc.win target is no longer supported.
ticket: 7363 (new)
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The NSIS installer appears to have only ever existed as a 32-bit
software. As such, unconditionally check the 32-bit registry tree
for an uninstall string; the architecture of the current package
being installed is not relevant to what was previously installed.
ticket: 7362 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This installer option determines whether the -autoinit argument
is passed to the MIT Kerberos executable.
On startup, if this argument is passed, and if there are no tickets
in the default cache, and if no useful tickets can be imported from
the LSA cache, MIT Kerberos will open the get ticket dialog and prompt
for a password; this option does not appear to have any other effect.
ticket: 7357 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
The file 'checkbox blank.png' is unneeded and contains a space in the
name, unnecessarily interfering with running find | xargs over the
source tree. Remove it.
ticket: 7352 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the Start Menu and Desktop are different folders, we should
use different components for the shortcuts in those folders, given
that components operate at directory granularity.
Take the opportunity to use the newer style for installing shortcuts
and registry keys, and make the names more descriptive.
Increment the buildlevel to ensure new files are installed.
ticket: 7348 (new)
subject: Use more meaningfully named registry keys for shortcuts
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7341 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7338 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The InstallValidate action of the windows installer will bring up
a dialog informing us that some currently running processes must
be terminated before installation may proceed, and offers to do so,
but does not actually kill the processes. We have our own code to
kill running processes which did not execute, for two reasons:
it was sequenced after InstallValidate, and we did not have a current
list of processes to look for.
Add the right processes to look for and kill, and use our own
process-killing code since it actually works.
ticket: 7343 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our 64-bit installer provides 32-bit libraries as well as 64-bit
libraries, but not all 32-bit applications (e.g., PuTTY, Pidgin)
are able to locate them in C:\Program Files\MIT\Kerberos .
Including an InstallDir key under the Wow6432Node tree lets them
work out-of-the-box; while here set all the registry keys in this
component in the compatibility tree, for consistency.
ticket: 7337 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without version info, this library would not get installed during
an upgrade scenario, causing the MIT Kerberos application to crash
on startup.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
[kaduk@mit.edu: add motivation to commit message]
ticket: 7336 (new)
subject: Fix KfW crash on startup after upgrade
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
We use separate UpgradeCodes for 32- and 64-bit installers, so
we must check for both of them when seeing if we are upgrading an
old/existing installation.
ticket: 7335 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using 3.9.9 as a conditional for the maximum version to
upgrade from, just use the current version.
This seems to pick up beta tags properly (so we can upgrade
from, e.g., beta 6 to beta 7 using the installer's upgrade tools),
and is future-proof.
Note that a 64-bit installer will not pick up an existing 32-bit
install (or vice versa), but there does not seem to be infrastructure
to deal with this situation easily.
Also, "downgrading" by running an older installer with a newer version
already installed will cause both versions to be simultaneously
installed; only do this if you know what you're doing.
ticket: 7334 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
"MIT Kerberos", not "Leash32"
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7333 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Stop filtering out SC_CLOSE. 'X' button works more reliably, also alt-F4.
Remove minimize box from style.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7332 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Set the CLeashApp::m_bUpdateDisplay flag to cause the display to
update on the next WM_IDLE message to the main thread.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7331 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Replace dogheads with the new 'K'.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7330 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases we could keep stack garbage in a local pointer
variable until the cleanup at the end of the function wherein
krb5_free_context() would choke on the invalid non-NULL value.
Initialize to zero to avoid the issue (should be written as NULL
but stick to the prevailing style).
ticket: 7329 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want to always use a new krb5.ini (and our search order guarantees
that we will), but users might be confused if there is still a file
named krb5.ini in the old location which is now non-functional.
However, it is rude to unconditionally delete the old file which may
potentially be the only copy a user has of their local changes.
Instead, rename the old file to a non-functioning name that indicates
it is no longer being used, so that it may be consulted if needed.
Only attempt the rename if we found an existing krb5.ini, and ignore errors
since this is not a critical part of the installation.
ticket: 7328 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These seem to be the only bits from the krb5.ini shipped with older
versions of KfW that remain useful.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
[kaduk@mit.edu: add motivation to commit message]
ticket: 7327 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was completely wrong, but only caused a severe problem on 64 bit
builds. On 32 bit builds the result was effectively always 'success',
so it would always attempt to renew even if there was not sufficient time
left in the renewable lifetime. This did not have much observable
adverse effect. But on 64 bit builds it always failed and so never
attempted renewal.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7326 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7325 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pre-existing krb5.ini files from old kfw versions will be overridden
due to the new search path, but not removed. This is the desired behavior
since old krb5.ini files are far more likely to cause problems than to
contain useful data.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7324 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The installer only picks it up if MIT_INTERNAL is defined in
the environment; otherwise it uses the now-empty krb5.ini in
the base directory.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7323 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Don't crash if we can't create a CLSID_AutoComplete instance.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7321 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Since we have x86 dlls, we need the x86 msm's.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7320 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use NODEBUG and DEBUG_SYMBOL from the environment to determine whether or
not to define Debug and DebugSyms for the installer build.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7319 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7318 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7315 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Increase title control height to make all text visible.
Adjust position of description controls accordingly.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7314 (new)
queue: kfw
target_version: 1.10.4
tags:pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7311 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7310 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Also a couple of minor fixups.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7309 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7308 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Require XP SP3 or Vista SP2 or Windows 7 or Server 2003 or Server 2008
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7307 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Without this, AfxGlobalsAddRef() is never called, so AfxGlobalsRelease()
does nothing, causing many leaks and a crash on exit in GdiplusShutdown()
on Vista.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7306 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
