summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove variable set but unusedEzra Peisach2011-08-191-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25105 dc483132-0cff-0310-8789-dd5450dbe970
* Remove an unused variableEzra Peisach2011-08-191-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25104 dc483132-0cff-0310-8789-dd5450dbe970
* Make data_eq_string work with const stringsGreg Hudson2011-08-151-8/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25101 dc483132-0cff-0310-8789-dd5450dbe970
* Removed unused "db_modules" and "preauth_module_dir" configuration optionsZhanna Tsitkov2011-08-121-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25099 dc483132-0cff-0310-8789-dd5450dbe970
* Fix call to gss_inquire_cred from spnego_gss_acquire_cred_impersonate_nameGreg Hudson2011-08-111-13/+11
| | | | | | | | | | | If desired_mechs is NULL (this should never happen when invoked from the MIT mechglue), we call gss_inquire_cred to get a list of mechs. This call needs to pass a union cred handle, not the SPNEGO handle we got as input. Reported by aberry@likewise.com. ticket: 6945 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25098 dc483132-0cff-0310-8789-dd5450dbe970
* Fix major status handling in gss_acquire_credGreg Hudson2011-08-111-0/+1
| | | | | | | | | | | If we have at least one cred element after the mech loop, reset major before continuing on, or we could mistakenly return a failure status from the last mech (and free the returned creds). Reported by aberry@likewise.com. ticket: 6944 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25097 dc483132-0cff-0310-8789-dd5450dbe970
* Correctly dereference cred_handle when assigning to spcred inGreg Hudson2011-08-111-1/+1
| | | | | | | | | | spnego_gss_set_cred_option. Reported by aberry@likewise.com. ticket: 6943 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25096 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify k5_path test programGreg Hudson2011-08-111-41/+41
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25095 dc483132-0cff-0310-8789-dd5450dbe970
* Cleanup memory leak in testEzra Peisach2011-08-111-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25094 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up some ldap #define'sZhanna Tsitkov2011-08-106-15/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25092 dc483132-0cff-0310-8789-dd5450dbe970
* WhitespaceGreg Hudson2011-08-098-99/+8
| | | | | | Also remove the erroneously added gssapi_err_krb5 error table sources. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25091 dc483132-0cff-0310-8789-dd5450dbe970
* call gssint_mecherrmap_init() from gssint_mechglue_init()Sam Hartman2011-08-091-0/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25090 dc483132-0cff-0310-8789-dd5450dbe970
* Windows fixes for gss-client.cSam Hartman2011-08-091-9/+19
| | | | | | | | | | | | close(s) -> closesocket(s) #include "port-sockets.h" (for closesocket()) #include "winsock.h" -> #include "winsock2.h" for consistency with port-sockets.h call WSAStartup() before using sockets functions on Windows Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25089 dc483132-0cff-0310-8789-dd5450dbe970
* Fix rare duplicate time issue On systems with imprecise clocksSam Hartman2011-08-091-5/+18
| | | | | | | | | | | | (e.g. windows), there was as issue where microsecond rollover could conceivably cause the same time to be reported twice. Also document potential performance improvement by using thread-local storage for last_time and eliminating the mutex. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25088 dc483132-0cff-0310-8789-dd5450dbe970
* Use KRB5_CALLCONV for all gss mechanism functions. Also wrap #include ↵Sam Hartman2011-08-0943-269/+365
| | | | | | | | | <unistd.h> with #ifdef HAVE_UNISTD_H in g_authorize_localname.c Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25087 dc483132-0cff-0310-8789-dd5450dbe970
* Added functions to export tables krb5_32:Sam Hartman2011-08-092-0/+4
| | | | | | | | | | krb5int_c_mandatory_cksumtype, krb5int_arcfour_gsscrypt gssapi32: gss_pname_to_uid Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25086 dc483132-0cff-0310-8789-dd5450dbe970
* Add 'const' to fix mismatched parameter warningsSam Hartman2011-08-092-2/+2
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25085 dc483132-0cff-0310-8789-dd5450dbe970
* Compile fix for WIN32 implementation of k5_get_os_entropy: declare ↵Sam Hartman2011-08-091-1/+1
| | | | | | | | | HCRYPTPROV provider Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25084 dc483132-0cff-0310-8789-dd5450dbe970
* Updated OBJS and SRCS in lib/crypto/krb/Makefile.inSam Hartman2011-08-091-2/+17
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25083 dc483132-0cff-0310-8789-dd5450dbe970
* Removed references to deleted subdirectories from FILES and WINMAKEFILES listsSam Hartman2011-08-091-26/+0
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25082 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed typo in des OBJS: des_keys.c. -> des_keysSam Hartman2011-08-091-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25081 dc483132-0cff-0310-8789-dd5450dbe970
* In last-resort fallback va_copy change 'memcmp' to 'memcpy'Sam Hartman2011-08-091-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25080 dc483132-0cff-0310-8789-dd5450dbe970
* Fix name of krb5_init_context_profile in krb5_32.defGreg Hudson2011-08-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25079 dc483132-0cff-0310-8789-dd5450dbe970
* Fix accidental KDC use of replay cacheGreg Hudson2011-08-081-0/+4
| | | | | | | | | | | | | | | | | r24464 (ticket #6804) intended to remove the KDC replay cache by eliminating all of the USE_RCACHE code, but it had the unintended side effect of causing krb5_rd_req_decoded to use the default server rcache. Using this cache is much less efficient because it is opened and re-read for each request. Set appropriate flags on the auth context to disable replay cache use for TGS requests altogether. ticket: 6941 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25076 dc483132-0cff-0310-8789-dd5450dbe970
* Use portable path functions when loading pluginsGreg Hudson2011-08-072-38/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25075 dc483132-0cff-0310-8789-dd5450dbe970
* Add internal APIs for portable path manipulationGreg Hudson2011-08-075-2/+395
| | | | | | | | | | | | | k5_path_split separates a path into dirname and basename. k5_path_join joins two paths. k5_path_isabs determines if a path is absolute. All three functions follow the Python path function semantics. Currently the test module doesn't run in the Windows build, but the Windows path semantics are tested in the Unix build using specially built objects. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25074 dc483132-0cff-0310-8789-dd5450dbe970
* Document some variables in the right sectionGreg Hudson2011-08-021-17/+17
| | | | | | | database_name, disable_last_success, and disable_lockout should be under dbmodules, not dbdefaults. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25067 dc483132-0cff-0310-8789-dd5450dbe970
* Option to add API documentation to the Sphinx doc treeZhanna Tsitkov2011-08-011-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25065 dc483132-0cff-0310-8789-dd5450dbe970
* Minor comment correctionZhanna Tsitkov2011-08-011-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25064 dc483132-0cff-0310-8789-dd5450dbe970
* Fix profile test module on SolarisGreg Hudson2011-07-271-1/+5
| | | | | | | | The test module uses k5-platform.h and therefore implicitly libkrb5support (in this case, krb5int_asprintf), so make it depend on that. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25061 dc483132-0cff-0310-8789-dd5450dbe970
* Update test vtable functions to match proper function prototypes.Ezra Peisach2011-07-271-1/+3
| | | | | | Also - add return values when appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25060 dc483132-0cff-0310-8789-dd5450dbe970
* Legacy checksum APIs usually failGreg Hudson2011-07-261-9/+35
| | | | | | | | | | | | | krb5_calculate_checksum() and krb5_verify_checksum(), both deprecated, construct invalid keyblocks and pass them to the real functions, which used to work but now doesn't. Try harder to construct valid keyblocks or pass NULL if there's no key. ticket: 6939 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25059 dc483132-0cff-0310-8789-dd5450dbe970
* Ensure profile_iterator always sets output paramsGreg Hudson2011-07-261-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25057 dc483132-0cff-0310-8789-dd5450dbe970
* Document klist -V in the man pageGreg Hudson2011-07-261-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25056 dc483132-0cff-0310-8789-dd5450dbe970
* Define KRB5_TL_DB_ARGS unconditionally in kdb.hGreg Hudson2011-07-264-10/+2
| | | | | | | | | Due to an apparent merge bug, KRB5_TL_DB_ARGS was defined in a SECURID conditional block, and several source files worked around the problem by defining the constant themselves or defining SECURID. Move the definition and remove the workarounds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25055 dc483132-0cff-0310-8789-dd5450dbe970
* For GCC compiles, use an attribute to suppress the variable set butEzra Peisach2011-07-264-22/+34
| | | | | | | | | not used warnings. Due to the nested macros, it would get very ugly to try and remove the variables. Removes ~75 warnings from the build. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25054 dc483132-0cff-0310-8789-dd5450dbe970
* Remove t_vfyincreds on make cleanEzra Peisach2011-07-261-2/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25053 dc483132-0cff-0310-8789-dd5450dbe970
* Remove declaration of static function that no longer existsEzra Peisach2011-07-251-3/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25052 dc483132-0cff-0310-8789-dd5450dbe970
* Better x-ref for simple macro's in doxygen commentsZhanna Tsitkov2011-07-251-159/+178
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25051 dc483132-0cff-0310-8789-dd5450dbe970
* PAC_CLIENT_INFO principal names do not contain a realm, so parse themGreg Hudson2011-07-251-1/+2
| | | | | | | | | | with the KRB5_PRINCIPAL_PARSE_NO_REALM flag. Otherwise we'll wind up using the default realm (and then ignoring it) which fails if one isn't configured. ticket: 6934 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25050 dc483132-0cff-0310-8789-dd5450dbe970
* Added documentation for the encrypt/decrypt API functionsZhanna Tsitkov2011-07-251-26/+204
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25049 dc483132-0cff-0310-8789-dd5450dbe970
* In rare circumstances, such as checksum errors, some network stacksGreg Hudson2011-07-251-5/+4
| | | | | | | | | | | | | can flag an fd for reading in select() and still block when the fd is read. Set all sockets non-blocking to prevent hangs when this occurs. (We don't actually handle the resulting EWOULDBLOCK or EAGAIN errors, so the rare cases will appear as communication failures and we will close the socket. This is already the case for TCP sockets and probably isn't a big deal.) ticket: 6933 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25048 dc483132-0cff-0310-8789-dd5450dbe970
* Never return profile on error opening fileGreg Hudson2011-07-251-1/+6
| | | | | | | | | | If profile_open_file() discovers a shared tree for the file, but encounters an error when updating it, dereference the data and return a null profile rather than returning an error and a newly broken file object. Otherwise we'd leak the returned file object in profile_init(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25047 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a premature free in ss_listen()Greg Hudson2011-07-251-1/+1
| | | | | | | | The readline support change freed input just after ss_execute_line(), but input can be used in the error block immediately following. Free input after the error block instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25046 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite set_results() in prof_get.cGreg Hudson2011-07-251-19/+22
| | | | | | | | The new implementation should be more friendly to static analyzers. Coverity was getting confused into thinking that profile_iterator() had the effect of returning a freed name pointer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25045 dc483132-0cff-0310-8789-dd5450dbe970
* Restore accessor behavior on null profilesGreg Hudson2011-07-251-0/+8
| | | | | | | | Prior to the pluggable configuration work, profile_get_values() and friends would return PROF_NO_PROFILE if called with a null profile. Restore that behavior. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25044 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify KDC realm initialization slightlyGreg Hudson2011-07-251-3/+1
| | | | | | | krb5_aprof_init() can no longer return 0 with a null profile, so we can call krb5_aprof_finish() unconditionally. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25043 dc483132-0cff-0310-8789-dd5450dbe970
* Fix build without KRB5_DNS_LOOKUPGreg Hudson2011-07-252-3/+3
| | | | | | | | | | | | | Define MAX_DNS_NAMELEN unconditionally in k5-int.h as we use it unconditionally in kdc_util.c. Don't define it in locate_kdc.c. Conditionalize dns_locate_server() in locate_kdc.c as its only call site (in k5_locate_server) and its helper function (locate_srv_dns_1) are conditional. From Chris Hecker with minor changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25042 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up a number of variables set but not used warningsEzra Peisach2011-07-245-14/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25041 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up the lock in gss_krb5int_import_credGreg Hudson2011-07-231-12/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25040 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-30 20:58:11 +0000