summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Make gss-krb5 use cache collectionGreg Hudson2011-09-0510-91/+456
| | | | | | | | | | | | | | | | For default credentials, defer ccache resolution until we need the information. If this happens in init_sec_context when we have the target principal in hand, use krb5_cc_select() to pick a cache. If the target principal is not known, use the default cache. For credentials with a specified principal, use krb5_cc_cache_match() to find the cache. If no cache is found and a password is specified, create a new cache within the collection to hold the new credentials, if the default cache type supports a collection. ticket: 6958 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25160 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor gss-krb5 acquire_init_credGreg Hudson2011-09-051-224/+237
| | | | | | | | These changes have no functional impact, but will allow the GSSAPI changes for credential selection to be made with a minimum of code movement. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25159 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_cc_select() API and pluggable interfaceGreg Hudson2011-09-0517-3/+797
| | | | | | | | | | | The interface has two built-in modules. The realm module guesses a cache based on the server realm if it is known. The k5identity module (Unix only) chooses a client principal based on rules in a .k5identity file in the user's homedir. ticket: 6957 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25158 dc483132-0cff-0310-8789-dd5450dbe970
* Add ccache collection support to toolsGreg Hudson2011-09-0517-61/+598
| | | | | | | | | | | | | | | | * "kdestroy -A" destroys all caches in collection. * "kinit princ" searches the collection for a matching cache and overwrites it, or creates a new cache in the collection, if the type of the default cache is collection-enabled. The chosen cache also becomes the primary cache for the collection. * "klist -l" lists (in summary form) the caches in the collection. * "klist -A" lists the content of all of the caches in the collection. * "kswitch -c cache" (new command) makes cache the primary cache. * "kswitch -p princ" makes the cache for princ the primary cache. ticket: 6956 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25157 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded cccol behaviorsGreg Hudson2011-09-055-499/+146
| | | | | | | | | | Do not yield any default caches in the top level cccol implementation. In the FILE type, yield the default cache if it exists and is of type FILE, instead of yielding the set of open file caches. ticket: 6955 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25156 dc483132-0cff-0310-8789-dd5450dbe970
* Add new cache collection APIsGreg Hudson2011-09-0513-0/+193
| | | | | | | | | | | | | | | * krb5_cc_get_full_name retrieves the full type:name of a cache. * krb5_cc_switch makes a cache the primary cache. * krb5_cc_cache_match searches the collection for a client principal. * krb5_free_string releases a string (for the krb5_cc_get_full_name result). All of these are from Heimdal except for krb5_free_string (Heimdal uses krb5_xfree). ticket: 6954 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25155 dc483132-0cff-0310-8789-dd5450dbe970
* Add the DIR ccache typeGreg Hudson2011-09-057-27/+755
| | | | | | | | | | | | The DIR ccache type supports a collection of credential caches within a private directory (which must be created out of band). One cache is designated as primary at any given time. Setting the default cache name to DIR:dirname will cause caches within dirname to be present in the global cache collection. ticket: 6953 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25154 dc483132-0cff-0310-8789-dd5450dbe970
* Add fnmatch support to libkrb5supportGreg Hudson2011-09-055-3/+257
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25153 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the mechglue union cred auxinfo fieldGreg Hudson2011-09-058-242/+65
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25152 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize some more variablesKen Raeburn2011-09-052-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25151 dc483132-0cff-0310-8789-dd5450dbe970
* Use hard links for LIBLINKSGreg Hudson2011-09-052-5/+7
| | | | | | | | | | | | verto uses dladdr() to figure out where it should look for modules, and dladdr may or may not follow symlinks. Hard links ensure that it always looks in the directory where liblinks are, allowing it to find the verto-k5ev module. Make symlinks within the lib directory for .so and .so.X instead of symlinking those back to the library build directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25150 dc483132-0cff-0310-8789-dd5450dbe970
* Enable -Werror=uninitialized if supportedKen Raeburn2011-09-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25149 dc483132-0cff-0310-8789-dd5450dbe970
* Instead of passing a 0 to add_new_mkey for kvno and leavingKen Raeburn2011-09-051-1/+3
| | | | | | | | | | new_mkey_kvno (used when stashing) uninitialized, use get_next_kvno to set the latter to the only non-zero value that add_new_mkey will accept. ticket: 6617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25148 dc483132-0cff-0310-8789-dd5450dbe970
* Fix "may be used uninitialized" warnings in db2 code, even though allKen Raeburn2011-09-056-9/+11
| | | | | | | such cases appear to be safe. This will permit making uninitialized-variable messages fatal. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25147 dc483132-0cff-0310-8789-dd5450dbe970
* Silence various "may be used uninitialized" warnings from GCC causedKen Raeburn2011-09-0511-12/+13
| | | | | | | | | by it not figuring out the control flow (initialization and use both tied to some other variable). DB2 code not included. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25146 dc483132-0cff-0310-8789-dd5450dbe970
* Change output type of pkinit_init_kdc_req_context so as not to requireKen Raeburn2011-09-051-3/+3
| | | | | | gratuitous casting. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25145 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-0456-314/+309
| | | | | | | Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-041-117/+117
| | | | | | Mostly changes column choice for backslashes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25143 dc483132-0cff-0310-8789-dd5450dbe970
* Skip redundant inclusion of iprop.hKen Raeburn2011-09-042-2/+18
| | | | | | | Suppress GCC's unused-variable diagnostic for purely generated code using outside tools, known to have that issue but not ours to fix. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25142 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of variables triggering gcc's "defined but not used"Ken Raeburn2011-09-0416-64/+0
| | | | | | complaints, almost entirely "rcsid" variables. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25141 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify some files mistakenly created with tabsGreg Hudson2011-09-0412-310/+310
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25140 dc483132-0cff-0310-8789-dd5450dbe970
* Exclude some new outside sources from mark-cstyleGreg Hudson2011-09-041-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25139 dc483132-0cff-0310-8789-dd5450dbe970
* Prevent verto-k5ev from using clock_gettimeGreg Hudson2011-09-042-36/+2
| | | | | | Also remove k5ev.c, which shouldn't have been committed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25138 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2011-09-043-108/+118
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25137 dc483132-0cff-0310-8789-dd5450dbe970
* Rename local variable "socket" to avoid the one shadowed-declarationKen Raeburn2011-09-041-3/+3
| | | | | | warning I get in a simple GNU/Linux build. Solaris may have others. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25136 dc483132-0cff-0310-8789-dd5450dbe970
* declarations before codeKen Raeburn2011-09-041-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25135 dc483132-0cff-0310-8789-dd5450dbe970
* Fix pointer type in net-server.c:make_event()Greg Hudson2011-09-041-1/+2
| | | | | | | We use void pointers as temporaries in other uses of ADD(), so do so here as well. The type-safe type would be verto_ev **. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25134 dc483132-0cff-0310-8789-dd5450dbe970
* Fix arg list for dummy version of setup_udp_pktinfo_portsKen Raeburn2011-09-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25133 dc483132-0cff-0310-8789-dd5450dbe970
* Migrate net-server loop to use libvertoGreg Hudson2011-09-026-749/+691
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25132 dc483132-0cff-0310-8789-dd5450dbe970
* Remove vestigial reset_db() in kadmindGreg Hudson2011-09-021-34/+1
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25131 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ancient Purify support in kadmindGreg Hudson2011-09-021-67/+0
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25130 dc483132-0cff-0310-8789-dd5450dbe970
* Don't bother logging SIGPIPE in kadmindGreg Hudson2011-09-021-19/+2
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25129 dc483132-0cff-0310-8789-dd5450dbe970
* Add a loop_ prefix to net-server.c functionsGreg Hudson2011-09-024-32/+34
| | | | | | From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25128 dc483132-0cff-0310-8789-dd5450dbe970
* Create k5ev verto module from libev sourcesGreg Hudson2011-09-0213-4/+396
| | | | | | | | Add configure and build support for libverto and the libverto-k5ev module. Fix the version script rules to work for libraries with hyphens in their names. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25127 dc483132-0cff-0310-8789-dd5450dbe970
* Add libev 4.04 sources in util/k5evGreg Hudson2011-09-028-0/+5825
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25126 dc483132-0cff-0310-8789-dd5450dbe970
* Add libverto sources in util/vertoGreg Hudson2011-09-023-0/+1364
| | | | | | | These are from the source repository as of 2011-08-24, since there are no formal releases yet. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25125 dc483132-0cff-0310-8789-dd5450dbe970
* Make dejagnu tests work with non-FQDN hostnameGreg Hudson2011-09-012-34/+4
| | | | | | | | By making an entry for $hostname in [domain_realm], we can relax the requirement that the canonicalized local hostname must have a parent domain. This makes the test suite work more easily on Fedora. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25124 dc483132-0cff-0310-8789-dd5450dbe970
* Get local hostname more precisely in k5test.pyGreg Hudson2011-09-011-2/+18
| | | | | | | | | socket.getfqdn() tries to produce a result containing a period, so it may disagree with krb5_sname_to_principal's result--for example, in Fedora's default DHCP configuration. Use getaddrinfo and getnameinfo calls mirroring krb5_sname_to_principal's logic instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25122 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cross-realm traversal TGT requestsGreg Hudson2011-09-011-1/+1
| | | | | | | | | | | | When requesting a cross-realm TGT, use the KDC instance of the current TGT (the second data component), not the realm which the TGT came from. ticket: 6952 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25121 dc483132-0cff-0310-8789-dd5450dbe970
* Fix connection termination bug in sendto_kdcGreg Hudson2011-09-011-4/+4
| | | | | | | | | | | When terminating a connection, close and invalidate conn->fd so that we don't look for it in selstate on the next select or poll invocation. Looking for such an fd is harmless when using select, but results in an assertion failure when using poll. ticket: 6951 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25120 dc483132-0cff-0310-8789-dd5450dbe970
* Have kinit, klist and klist_keytab in k5test.realm take keyword argsTom Yu2011-08-301-6/+7
| | | | | | Apply patch from Linus Nordberg. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25119 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a display bug in t_kgss_userGreg Hudson2011-08-291-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25118 dc483132-0cff-0310-8789-dd5450dbe970
* Update config.guess and config.statusTom Yu2011-08-292-310/+482
| | | | | | | | Copy in the latest config.guess and config.status from upstream git master as of 2011-08-23. Our previous version didn't recognize Android. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25117 dc483132-0cff-0310-8789-dd5450dbe970
* Fix style issues in r25087Greg Hudson2011-08-2937-297/+289
| | | | | | | | | | | * Function names should be at the beginning of lines in definitions. * Changes should not create lines >79 characters. * Continuation lines should align after left parens when appropriate. Also, krb5_gss_accept_sec_context_ext and acquire_accept_cred are not gss mechanism functions and should not have been tagged. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25116 dc483132-0cff-0310-8789-dd5450dbe970
* Remember and close the kadmin socket we openedGreg Hudson2011-08-262-1/+9
| | | | | | | | | | | Prior to ticket #6746, the RPC library opened the kadmin socket and took responsibility for closing. When we added IPv6 support, the calling code became the owner of the socket but wasn't closing it, resulting in a file descriptor leak. ticket: 6949 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25115 dc483132-0cff-0310-8789-dd5450dbe970
* Update profile.swg to remove compilation warnings. profile_tcl.c Ezra Peisach2011-08-243-1341/+2549
| | | | | | modified to remove spaces and tabs at end of line. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25114 dc483132-0cff-0310-8789-dd5450dbe970
* Fix signed/unsigned warnings in testsEzra Peisach2011-08-245-19/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25113 dc483132-0cff-0310-8789-dd5450dbe970
* Only build the po subdir if i18n is enabledGreg Hudson2011-08-243-1/+7
| | | | | | Also clean the built message catalogs in "make clean". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25112 dc483132-0cff-0310-8789-dd5450dbe970
* make-dependKen Raeburn2011-08-206-52/+158
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25108 dc483132-0cff-0310-8789-dd5450dbe970
* Remove setting a variable that is never usedEzra Peisach2011-08-191-14/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25106 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-30 15:23:04 +0000