summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Add more missing headers in kernel subset directory. Hopefully theGreg Hudson2011-05-112-91/+101
| | | | | | | | whole set this time. ticket: 6909 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24926 dc483132-0cff-0310-8789-dd5450dbe970
* Reference libraries from the build tree when linking andGreg Hudson2011-05-111-0/+1
| | | | | | | | t_kgss_kernel. ticket: 6909 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24925 dc483132-0cff-0310-8789-dd5450dbe970
* Add more missing headers in kernel subset directoryGreg Hudson2011-05-102-84/+109
| | | | | | ticket: 6909 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24924 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the header list for the kernel subset directoryGreg Hudson2011-05-102-32/+38
| | | | | | ticket: 6909 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24923 dc483132-0cff-0310-8789-dd5450dbe970
* fix regression in r24853: PAC no longer exposedLuke Howard2011-05-091-1/+1
| | | | | | | | Windows PAC is not AD-KDCIssued, rather it is signed with the long-term service session key (or user-to-user key). Advertise this correctly in the internal authorization data SPI. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24922 dc483132-0cff-0310-8789-dd5450dbe970
* Kernel subsetGreg Hudson2011-05-0913-2/+1496
| | | | | | | | | | | Add a directory containing a "kernel subset" (context import and message functions only) of the gss-krb5 library, with a test framework to exercise the functionality and indicate when unknown dependencies creep in. ticket: 6909 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24921 dc483132-0cff-0310-8789-dd5450dbe970
* Updated documentation for krb5_init_creds_ function familyZhanna Tsitkov2011-05-091-18/+112
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24920 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid calling gss_release_buffer() from the message-processing codeGreg Hudson2011-05-092-15/+6
| | | | | | in lib/gssapi/krb5. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24919 dc483132-0cff-0310-8789-dd5450dbe970
* Use internal crypto functions directly from util_crypt.c, avoiding aGreg Hudson2011-05-092-19/+4
| | | | | | dependency on the accessor. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24918 dc483132-0cff-0310-8789-dd5450dbe970
* Delete sec context properly in gss_krb5_export_lucid_sec_contextGreg Hudson2011-05-091-1/+1
| | | | | | | | | | | | | Since r21690, gss_krb5_export_lucid_sec_context() has been passing a union context to krb5_gss_delete_sec_context(), causing a crash as the krb5 routine attempts to interpret a union context structure as a krb5 GSS context. Call the mechglue gss_delete_sec_context instead. ticket: 6908 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24917 dc483132-0cff-0310-8789-dd5450dbe970
* Updated documentation: added usage example for krb5_tkt_creds family, ↵Zhanna Tsitkov2011-05-051-91/+105
| | | | | | removed "(unused)" string from the comments and other cleanup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24913 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate a redundant initialization in cm_init_selstate() inGreg Hudson2011-05-031-1/+0
| | | | | | sendto_kdc.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24911 dc483132-0cff-0310-8789-dd5450dbe970
* Updated API documentation with the comments mostly related to verify and ↵Zhanna Tsitkov2011-05-031-250/+172
| | | | | | convert routines git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24910 dc483132-0cff-0310-8789-dd5450dbe970
* Add poll support to sendto_kdc.c so that it can work in processes withGreg Hudson2011-05-026-136/+276
| | | | | | | | | | large numbers of open files. Move krb5int_cm_call_select() to a separate file so that the poll support doesn't interfere with net-server.c's continuing use of select. ticket: 6905 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24908 dc483132-0cff-0310-8789-dd5450dbe970
* r24899 moved the declarations of krb5int_mk_chpw_req and relatedGreg Hudson2011-05-021-29/+0
| | | | | | | | | | functions from k5-int.h to int-proto.h. The removal of those declarations from k5-int.h was accidentally omitted from the commit; commit it now. ticket: 6893 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24907 dc483132-0cff-0310-8789-dd5450dbe970
* Updated documentation of krb5_copy_ , krb5_free_ and krb5_kt_ functionsZhanna Tsitkov2011-05-011-191/+206
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24906 dc483132-0cff-0310-8789-dd5450dbe970
* Updated the documentation for API related to the credentials caches and ↵Zhanna Tsitkov2011-04-281-137/+140
| | | | | | their collections git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24905 dc483132-0cff-0310-8789-dd5450dbe970
* Properly release resources in krb5_copy_authenticator()Zhanna Tsitkov2011-04-281-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24904 dc483132-0cff-0310-8789-dd5450dbe970
* The MIT krb5 and Heimdal implementations ofGreg Hudson2011-04-271-23/+6
| | | | | | | | | | | | | gss_krb5_export_lucid_sec_context error on version arguments other than 1, so the version negotiation described in the function documentation would not be backward-compatible. Change the docs so that the caller can assume the returned structure is of the requested version, but the caller will be responsible for retrying with lower version numbers on error. (Unfortunately, Heimdal and MIT return different error codes, and MIT's is in a currently-unpublished header, so we can't document the error code for unknown versions.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24903 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5_os_init_context compile again after r24901Greg Hudson2011-04-271-11/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24902 dc483132-0cff-0310-8789-dd5450dbe970
* Remove worthless call to krb5_cc_set_default_name in krb5_os_init_contextZhanna Tsitkov2011-04-271-3/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24901 dc483132-0cff-0310-8789-dd5450dbe970
* Correctly set the expiration field of impersonated credentials inGreg Hudson2011-04-251-1/+1
| | | | | | | | | kg_compose_deleg_cred(), so we can find them in the cache in init_sec_context. From aberry@likewise.com. ticket: 6902 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24900 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor krb5int_rd_chpw_rep() and make it properly handle both framedGreg Hudson2011-04-253-349/+165
| | | | | | | | | | and unframed KRB-ERROR messages. Eliminate krb5int_rd_setpw_rep() and krb5int_setpw_result_code_string() by making the chpw versions of those functions handle RFC 3244 replies. ticket: 6893 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24899 dc483132-0cff-0310-8789-dd5450dbe970
* Do not reference krb5_chpw_result_code_string inGreg Hudson2011-04-251-3/+1
| | | | | | | krb5_change_password() documentation, as it is not a public function. Do not falsely claim that the result_code_string parameter is unused. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24898 dc483132-0cff-0310-8789-dd5450dbe970
* Close comment in #endif for KRB5_DEPRECATED to avoid warning ofEzra Peisach2011-04-221-1/+1
| | | | | | /* in open comment. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24894 dc483132-0cff-0310-8789-dd5450dbe970
* Documented V4/V5 convertion and some credential cache API functions. Marked ↵Zhanna Tsitkov2011-04-221-137/+139
| | | | | | krb5_cc_gen_new() as deprecated git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24893 dc483132-0cff-0310-8789-dd5450dbe970
* Remove kg_map_toktype(), as the call sites were removed in r21742Greg Hudson2011-04-212-28/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24892 dc483132-0cff-0310-8789-dd5450dbe970
* Documented krb5_auth_con_ API familyZhanna Tsitkov2011-04-201-380/+367
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24891 dc483132-0cff-0310-8789-dd5450dbe970
* Install k5login(5) as well as .k5login(5)Greg Hudson2011-04-201-0/+1
| | | | | | | | | | Since there is conflicting precedent as to whether dotfile man pages should be installed with or without the leading dot, install the .k5login man page both ways. ticket: 6904 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24890 dc483132-0cff-0310-8789-dd5450dbe970
* Missed in r24888: remove the process_chpw_request() prototype fromGreg Hudson2011-04-191-8/+0
| | | | | | misc.h as it is now a static function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24889 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up schpw.c in kadmind a bit, making use of new k5-int.h helpersGreg Hudson2011-04-191-79/+44
| | | | | | where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24888 dc483132-0cff-0310-8789-dd5450dbe970
* Revert r24886; it was incorrectGreg Hudson2011-04-191-4/+0
| | | | | | ticket: 6903 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24887 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak in kpasswd server UDP error pathGreg Hudson2011-04-191-0/+4
| | | | | | | | | | | | | The dispatch() in kadmind's schpw.c could return a failure code with an allocated response container. net-server.c does not expect this and leaks the container in the UDP case. Free the container in dispatch() if we are returning an error. ticket: 6903 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24886 dc483132-0cff-0310-8789-dd5450dbe970
* Handle null OID values in gss_oid_equal()Greg Hudson2011-04-161-0/+3
| | | | | | ticket: 6890 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24885 dc483132-0cff-0310-8789-dd5450dbe970
* Check mech_type as well as mech_name in gssint_import_internal_name(),Greg Hudson2011-04-161-1/+2
| | | | | | | | for the sake of static analyzers. (Also, since this is an internal function, it can be called on a half-constructed MN; checking the type alone would be insufficient.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24884 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a code path where mech could be used uninitialized inGreg Hudson2011-04-161-1/+1
| | | | | | | | gss_accept_sec_context after r24645. ticket: 6813 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24883 dc483132-0cff-0310-8789-dd5450dbe970
* Revert r24826. Export krb5int_nfold from libk5crypto and link t_nfoldGreg Hudson2011-04-163-8/+5
| | | | | | | against libk5crypto, matching the approach used in most other library unit tests. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24882 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the sole case in process_chpw_request() where a return could occurTom Yu2011-04-131-2/+12
| | | | | | | | | | | | | | without allocating the data pointer in the response. This prevents a later free() of an invalid pointer in kill_tcp_or_rpc_connection(). Also initialize rep->data to NULL in process_chpw_request() and clean up *response in dispatch() as an additional precaution. ticket: 6899 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24878 dc483132-0cff-0310-8789-dd5450dbe970
* Remove pointer validation code from the gss krb5 mechGreg Hudson2011-04-1335-809/+35
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24877 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_gss_display_status, correct the sense of theGreg Hudson2011-04-121-5/+6
| | | | | | | | | g_make_string_buffer test, and return GSS_S_FAILURE if it fails. Reported by snambakam@likewise.com. ticket: 6898 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24876 dc483132-0cff-0310-8789-dd5450dbe970
* Documentation updates. Mostly GIC relatedZhanna Tsitkov2011-04-122-231/+207
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24875 dc483132-0cff-0310-8789-dd5450dbe970
* Shuffle around some gss-krb5 entry points to eliminate four mostlyGreg Hudson2011-04-119-301/+171
| | | | | | | content-free source files and better separate IOV stuff from non-IOV stuff. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24874 dc483132-0cff-0310-8789-dd5450dbe970
* Add Doxygen markup for gss_userok() and gss_authorize_localname()Greg Hudson2011-04-101-0/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24870 dc483132-0cff-0310-8789-dd5450dbe970
* Implement gss_authorize_localname, as discussed on the kitten list,Greg Hudson2011-04-107-121/+145
| | | | | | | | | | | | | and make gss_userok a wrapper around it matching the Gnu GSS prototype. The SPI for gss_authorize_localname doesn't match the API since we have no way of representing the contents of an internal name to a mech at the moment. From r24855, r24857, r24858, r24862, r24863, r24864, r24866, r24867, and r24868 in users/lhoward/moonshot-mechglue-fixes. ticket: 6891 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24869 dc483132-0cff-0310-8789-dd5450dbe970
* When inquiring the default GSS acceptor principal, return a principalGreg Hudson2011-04-081-3/+19
| | | | | | | | name from the keytab if we can, for better compliance with GSSAPI. ticket: 6897 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24861 dc483132-0cff-0310-8789-dd5450dbe970
* Correctly recognize non-iterable keytabs in k5_kt_get_principal()Greg Hudson2011-04-081-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24860 dc483132-0cff-0310-8789-dd5450dbe970
* Add k5_kt_get_principal, an internal krb5 interface to try to get aGreg Hudson2011-04-085-23/+39
| | | | | | | | principal name from a keytab. Used currently by vfy_increds.c (in place of its static helper); will also be used when querying the name of the default gss-krb5 acceptor cred. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24859 dc483132-0cff-0310-8789-dd5450dbe970
* In the authdata framework, determine which authdata sources to queryGreg Hudson2011-04-071-3/+18
| | | | | | | based on the module's usage flags. From r24794 in users/lhoward/moonshot-mechglue-fixes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24853 dc483132-0cff-0310-8789-dd5450dbe970
* Allow anonymous name to be imported with empty name bufferGreg Hudson2011-04-061-4/+11
| | | | | | | | | | | | When importing a name of type GSS_C_NT_ANONYMOUS, allow the input name buffer to be null or empty (null is translated into empty before mechanisms see it). From r24820 in users/lhoward/moonshot-mechglue-fixes. ticket: 6896 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24852 dc483132-0cff-0310-8789-dd5450dbe970
* Documentation updatesZhanna Tsitkov2011-04-061-190/+213
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24851 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 23:58:12 +0000