summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Rollback previous change. This version is the same as R19472Kevin Koch2007-04-191-61/+261
| | | | | | | | Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19507 dc483132-0cff-0310-8789-dd5450dbe970
* More NIM Developer documentation updatesJeffrey Altman2007-04-185-80/+124
| | | | | | | | | | | | | | Revisions to the plug-in architecture documentation. Adds a graphic showing the plug-in architecture Defines "ALIASES" in the Makefile so that the current NIM API Version number will be used within the docs at build time. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19490 dc483132-0cff-0310-8789-dd5450dbe970
* Factor repository access out of bkw.pl into repository1.plKevin Koch2007-04-184-261/+340
| | | | | | | | | | | | Modify bkw.pl to use an initial config file to fetch the sources and then use the config file from those sources to do the build. This way, the description of how to build the sources is in the config file that is part of the sources. It is possible and probably reasonable for the initial config file to be the same as the tagged version. Output all the options used. Add bootstrap.xml - a sample minimal config file, sufficient to fetch the sources from a repository. Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19489 dc483132-0cff-0310-8789-dd5450dbe970
* kfwlogon corrections for XPJeffrey Altman2007-04-181-9/+11
| | | | | | | | | | | | | | | | | | This patch addresses a problem discovered on some XP systems. After rundll32.exe starts, the CreateProcess can fail to start kfwcpcc.exe if the current directory is not %WinDir%\System32. CreateProcess() should be called with the lpApplicationName parameter set to NULL in order to permit the use of the PATH. Also, in ConfigureLogonScript ensure that the trailing NUL of the constructed command line is processed when producing the wide character version of the string. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19488 dc483132-0cff-0310-8789-dd5450dbe970
* updates for NIM developer documentationJeffrey Altman2007-04-1718-229/+417
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add the use of Tabs and Frames to the resulting output (doxyfile.cfg) Stylesheet changes to improve readability (stylesheet.css) Copyright updates (all files) Language Editing (all files) Version History (main_page.h) There are still a number of missing sections that need to be filled in as time permits: - Writing the dialog procedure for a cred type panel - Credential messages - configuration provider details - Actions - Menus ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19481 dc483132-0cff-0310-8789-dd5450dbe970
* In testing it has been observed that remote desktop connectionsJeffrey Altman2007-04-173-7/+93
| | | | | | | | | | | | | | | will execute the NPLogonNotify function but if the logon is re-connecting to an existing session, the LogonScript is ignored. This leaves orphaned credential cache files. This commit adds a function, KFW_cleanup_orphaned_caches, which is called by NPLogonNotify to delete any orphaned cache files. An orphaned cache file is one that is older than five minutes. ticket: 5532 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19477 dc483132-0cff-0310-8789-dd5450dbe970
* KFW Network Provider ImprovementsJeffrey Altman2007-04-173-57/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change event log name from "KFW Logon" to "MIT Kerberos". This is being done to avoid confusion with the "KFW Logon" functionality that was provided by older versions of OpenAFS. (kfwlogon.h) Remove logging of the inability to access the "Debug" registry value. On Vista, kfwlogon.dll is no longer loaded by winlogin.exe. Instead it is loaded by mpnotify.exe which is spawned once for each logon request. (kfwcommon.c) Add a test to ensure that RegisterEventSource succeeded before calling ReportEvent. (kfwcommon.c) Absolutely make sure that krb5_init_context() succeeded before calling any other krb5 functions. (kfwcommon.c) Add a comment explaining why NPGetCaps() says we are a file system even though we are not. "It won't work otherwise." (kfwlogon.c) Change all comparisions for Windows Station and AuthentInfoType names to case insensitive comparisons. Vista does not use the same case as XP. (kfwlogon.c) Change the requested access to the temporary cache file from "All" to "Read | Delete" when importing its contents into the API cache. Otherwise, the access test will fail on Vista. (kfwlogon.c) ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19476 dc483132-0cff-0310-8789-dd5450dbe970
* Add the new kadm5srv function krb5_get_principal_keys to the export listRuss Allbery2007-04-163-5/+17
| | | | | | | | | | Build a separate copy of kadmin/cli/keytab.c for kadmin.local that exposes the -norandkey flag in a way that doesn't require the compiler support -c and -o at the same time. Ticket: 914 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19475 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for extracting existing keys from the KDC with kadmin.local.Russ Allbery2007-04-164-2/+112
| | | | | | | | | | Adds a -norandkey option to the ktadd command only in kadmin.local, and adds a new function to the libkadm5srv library that kadmin.local can call. There is no protocol or network access to this function. Ticket: 914 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19474 dc483132-0cff-0310-8789-dd5450dbe970
* The about dialog box did not respond to Alt-F4 because the Jeffrey Altman2007-04-151-0/+5
| | | | | | | | WM_CLOSE message was not being processed. ticket: 5530 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19473 dc483132-0cff-0310-8789-dd5450dbe970
* Leave built installers in their temp areas and change final copy step to ↵Kevin Koch2007-04-142-18/+17
| | | | | | | | | | copy them into <out> from their new location. Delay cleaning up the temp areas until after that copy Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19472 dc483132-0cff-0310-8789-dd5450dbe970
* Add resource data windows/version.rc for:Jeffrey Altman2007-04-1414-76/+285
| | | | | | | | | | | | | | | | | | | | | kinit.exe, klist.exe, kdestroy.exe, kvno.exe kdeltkt.exe, kcpytkt.exe, kfwlogon.dll, kfwcpcc.exe gss-client.exe, gss-server.exe, kpasswd.exe Remove resource files: kfwcpcc.rc kfwlogon.rc and use windows/version.rc in their place Add resource make rules to Makefile.in files included in this commit Add missing _VC_MANIFEST_EMBED_EXE rule to kpasswd/Makefile.in Comment out addition Windows only make rules with ##WIN32## ticket: 5529 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19471 dc483132-0cff-0310-8789-dd5450dbe970
* Implement environment variable settings from the config xml file. See notes ↵Kevin Koch2007-04-132-2/+8
| | | | | | | | | | in bkwconfig.xml Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19469 dc483132-0cff-0310-8789-dd5450dbe970
* Add vertical scrollbars to realm fields in dialogsJeffrey Altman2007-04-131-2/+2
| | | | | | | | | | | | | | | The obtain new credentials dialog and the change password dialog provide a "Realm" combo-box. These controls were not configured to display a vertical scroll bar if there were more than five realms in the list. Version number remains 1.2.0.2 ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19468 dc483132-0cff-0310-8789-dd5450dbe970
* Add BUILD_KFW=1 & DEBUG_SYMBOL=1 to build.pl invocation.Kevin Koch2007-04-131-8/+8
| | | | | | | | | | Align setting of RELEASE/DEBUG/BETA with release notes. Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19465 dc483132-0cff-0310-8789-dd5450dbe970
* TypoKevin Koch2007-04-131-1/+1
| | | | | | | | Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19464 dc483132-0cff-0310-8789-dd5450dbe970
* Remove redundant check for null pointerKen Raeburn2007-04-131-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19462 dc483132-0cff-0310-8789-dd5450dbe970
* Add a few comments on k5_mutex_t handlingKen Raeburn2007-04-131-1/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19460 dc483132-0cff-0310-8789-dd5450dbe970
* update copyrightKen Raeburn2007-04-131-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19459 dc483132-0cff-0310-8789-dd5450dbe970
* sdkfiles.xml - add msi-deployment-guide.txtJeffrey Altman2007-04-132-1/+3
| | | | | | | | | copyfiles.xml - add msi-deployment-guide.txt and do not copy netiddev.chm twice ticket: 5527 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19458 dc483132-0cff-0310-8789-dd5450dbe970
* Revert previous change; krb5int_cm_call_select is used by the KDC, and shouldKen Raeburn2007-04-131-7/+8
| | | | | | | | | return when interrupted by a signal. Instead, check for EINTR in service_fds and call krb5int_cm_call_select again. ticket: 5440 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19457 dc483132-0cff-0310-8789-dd5450dbe970
* Produce a more informative error message for KDC_UNREACH with KDC not respondingKen Raeburn2007-04-131-2/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19456 dc483132-0cff-0310-8789-dd5450dbe970
* Provide more detailed error message for 'client not found in kdb'Ken Raeburn2007-04-131-0/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19455 dc483132-0cff-0310-8789-dd5450dbe970
* kfw build - include netidmgr_userdoc.pdf in zip fileJeffrey Altman2007-04-131-0/+1
| | | | | | | | | | | Include netidmgr_userdoc.pdf in zip file. The leash_userdoc.pdf should be pulled from the zip when leash32.exe is removed. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19454 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up usage message a littleKen Raeburn2007-04-131-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19453 dc483132-0cff-0310-8789-dd5450dbe970
* If select returns EINTR, recompute the expiration time and call it againKen Raeburn2007-04-131-1/+5
| | | | | | | ticket: 5440 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19452 dc483132-0cff-0310-8789-dd5450dbe970
* Only copy install/[wix|nsi] areas into install builder temp areas.Kevin Koch2007-04-131-20/+19
| | | | | | | | | | Write site-local files to those temp areas. Now tagged files stay in the staging area and are incorporated into the installers. The substituted files are only in the installer build temp areas. Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19451 dc483132-0cff-0310-8789-dd5450dbe970
* NIM - Fix taskbar button visibility on VistaJeffrey Altman2007-04-123-4465/+4455
| | | | | | | | | | | | | | Although the Platform SDK docs suggest using ITaskbarList to add/remove a taskbar button on the fly, it doesn't work on Vista. Instead we will just set the window style to use WS_EX_APPWINDOW and be done with it. No change in the NIM version number. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19440 dc483132-0cff-0310-8789-dd5450dbe970
* Locate unixfind correctly in $config, againKevin Koch2007-04-121-1/+1
| | | | | | | | Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19434 dc483132-0cff-0310-8789-dd5450dbe970
* Locate unixfind correctly in $configKevin Koch2007-04-121-1/+1
| | | | | | | | Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19433 dc483132-0cff-0310-8789-dd5450dbe970
* [From previous commit]Kevin Koch2007-04-121-1/+1
| | | | | | | | | | | | | | Make case of username in config.xml and presence test match what's passed to GETOPTS! Update doc for new config structure in config xml. For case of username in one more place. Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19432 dc483132-0cff-0310-8789-dd5450dbe970
* Make case of username in config.xml and presence test match what's passed to ↵Kevin Koch2007-04-123-11/+5
| | | | | | | | GETOPTS! Update doc for new config structure in config xml. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19431 dc483132-0cff-0310-8789-dd5450dbe970
* KfW build automation:Kevin Koch2007-04-127-446/+537
| | | | | | | | | | | | | | | | | | | | Consolidate all command line switch info in one section of the config.xml, flatten structure. Don't prune .../site/... . Use getopts negate option where possible. New method of dealing with repository options, driven from config xml. Adjust code to find switches in new place. Hardwire default config to bkwconfig.xml. Makes "bkw.pl" the out-of-the-box command line. Hardwire unixfind path to C:\tools\cygwin\bin. Add filver to required programs list. Update documentation. Target_Version: 1.6.1 Ticket: 5521 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19430 dc483132-0cff-0310-8789-dd5450dbe970
* Fix some typos and most importantly add IndexingJeffrey Altman2007-04-1210-31/+76
| | | | | | ticket: 5525 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19429 dc483132-0cff-0310-8789-dd5450dbe970
* NIM 1.2 HtmlHelp User DocumentationJeffrey Altman2007-04-1291-397/+781
| | | | | | | | | | | | | | | | | | Update all text for NIM 1.2. Update most screen images. Convert all images to PNG format from BMP in order to reduce the size of the files. Ensure that all pages are accessible via a path beginning at the welcome.htm page. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19428 dc483132-0cff-0310-8789-dd5450dbe970
* NIM doxyfile.cfg - update to Doxygen 1.5.2Jeffrey Altman2007-04-121-220/+479
| | | | | | | | | | | | The doxyfile.cfg file was generated using Doxygen 1.2 which is years old. There have been significant improvements in the quality of the Html output since then. As of this commit, the current version is 1.5.2. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19427 dc483132-0cff-0310-8789-dd5450dbe970
* KFW 3.2 Beta 2 commitsJeffrey Altman2007-04-1223-347/+623
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NetIDMgr 1.2.0.2 ================ nidmgr32.dll - When the root credential set is touched, trigger an identity refresh. This is necessary to ensure that the identity list has a complete state of the world when the identity provider attempts to initialize an initial default identity when none previously existed. (see krb5cred.dll section) - Don't set the enabled state for KHUI_ACTION_DESTROY_CRED and KHUI_ACTION_RENEW_CRED actions. They are set elsewhere. krb5common.obj - Initialize variables to prevent uninitialized use. krb4cred.dll - Re-order controls and use CheckRadioButton() for manipulating the radio buttons which select the ticket acquisition method. - Use symbolic constants instead of numbers. - If Kerberos 4 is enabled for a specific identity, then that setting takes precedence over the global setting. The global setting is merely a default if a per-identity setting is not specified. However, a per-identity setting is only read for the default identity. - If the validity of an identity is not known, assume that it is still being checked and don't display any credential text. - When handling WM_COMMAND messages for the new credentials panel, only update the data when a BN_CLICKED message is received and only update the display if the IDC_NCK4_OBTAIN checkbox is toggled. - Remove unused symbols from langres.h krb5cred.dll - When renewing an identity which was imported, first try to import it again. If that fails to obtain newer tickets, then try initializing the MSLSA cache and then importing again. - Correct spelling: k5_ident_valiate_name() -> k5_ident_validate_name(). - Refactor the code for setting an identity as the default so we can call it internally. - When setting the initial default identity, if there is no current default ccache and no known last default identity, then look through the list of ccaches with credentials and pick one with valid tickets. If all else fails, then pick any of the ccaches. netidmgr.exe - Credentials Window - Consistently use KHUI_CW_O_RELIDENT as a necessary and sufficient indicator that the identity needs to be released when freeing an outline node. - Properly initialize an outline node. - Don't group similar credentials if we aren't sorting/grouping by any specific column. - Use the KHUI_CW_O_EMPTY flag to indicate that an outline node contains no children. - Handle the case where we aren't sorting/grouping by any column. - Make sure outline nodes have valid idx_start and idx_end values. - Use consistent logic when painting and handling mouse hotspots. - Don't use WS_EX_TRANSPARENT when creating the notification window. - Use a fixed height for the notification window. - Update the outline when the default identity changes. - Hypertext Window - Correctly handle the "center" attribute in the "p" element. - Use a system brush for painting the background instead of creating one of our own. - Correct the handling of scroll_left and scroll_top when calculating the coordinates for text. - Don't check if the rectangle for the text is inside the visible area of the window before drawing. - Handle WM_ERASEBKGND and use a system color brush to erase the background. - When the size changes, force the extents to be recomputed. This will also update the scroll bars. - Use the proper return value after handling WM_PAINT. - The scrollbar messages send the operation code in the low word of wParam, not the high word. - Use GetScrollInfo() with SIF_POS when the operation is SB_ENDSCROLL or SB_THUMBPOSITION. - When the hottracked link changes for a transparent window, don't invalidate the entire parent window. Instead use MapWindowPoints() to calculate the affected rectangle and invalidate that. - Misc - Change the text of the IDS_NO_CREDS message so that it renders better on a small window. - Initialize COM when starting the GUI. - When showing and hiding the main window and the new credentials window, add a button to the task bar. This allows the user to switch focus to the window if it's obstructed. - Remove unused symbols from resource.h - New Credentials Window - Ignore the validity state of the identity when showing a password change dialog. We don't expect the identity provider to validate the identity when changing the password. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19426 dc483132-0cff-0310-8789-dd5450dbe970
* NIM 3.2 documentation updateJeffrey Altman2007-04-122-0/+0
| | | | | | | | | | | Replace the notification icon action menu image with the latest menu structure. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19425 dc483132-0cff-0310-8789-dd5450dbe970
* Move autoconf.h inclusion before tests for HAVE_UNISTD_H and HAVE_SYS_TIME_HEzra Peisach2007-04-111-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19423 dc483132-0cff-0310-8789-dd5450dbe970
* Missed part of last checkin.Ken Raeburn2007-04-101-1/+6
| | | | | | | | Check for cmsghdr and pktinfo structures. ticket: 5517 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19411 dc483132-0cff-0310-8789-dd5450dbe970
* EAI_NODATA deprecated, not always definedKen Raeburn2007-04-092-2/+11
| | | | | | | | | | | | | | | | Brian Kantor reports (on the kerberos@mit list today) that krb5-1.6 doesn't build on FreeBSD 6.1 because they've done away with EAI_NODATA, which was removed from the getaddrinfo API in RFC 3943. This patch conditionalizes two tests for EAI_NODATA on the macro being defined, and also adds handling for EAI_OVERFLOW, a new error code added in RFC 3943. ticket: new tags: pullup target_version: 1.6.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19410 dc483132-0cff-0310-8789-dd5450dbe970
* use IP(V6)_PKTINFO in KDC for UDP socketsKen Raeburn2007-04-071-42/+343
| | | | | | | | | | | | | | | | | | | | | | | | | As Denis Vlasenko pointed out in ticket 3306, using IP(V6)_PKTINFO to get or set the local address in UDP communications instead of allocating one socket for each address seen at startup will behave better in environments where the addresses may change while the KDC is running, or in certain unusual network configurations. The patch from Denis was specific to Linux (didn't do IPV6_PKTINFO if IP_PKTINFO wasn't defined). I've reworked it a fair amount, and tested the results briefly on Mac OS X (which has IPV6_PKTINFO but not IP_PKTINFO) and Linux (which has both). With this change, on systems like Linux supporting both socket options, the KDC should be able to use just two UDP sockets, one for IPv4 and one for IPv6. (And if we turned off IPV6_V6ONLY, we might do with one.) Filed as a separate ticket, because Denis's complaint and patch in 3306 cover the RPC code as well. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19408 dc483132-0cff-0310-8789-dd5450dbe970
* NIM 1.2.0.1 correctionsJeffrey Altman2007-04-0710-10/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | NetIdMgr Version 1.2.0.1 netidmgr.exe: - add functionality to implement previously defined "DefaultSticky" registry based configuration parameter. This value is can be added to an installer by a transform or pushed by Group Policy. When set, it controls the default setting of the "sticky" flag for new identities. nidmgr32.dll: - fix the version resources: FileVersion, ProductName, and ProductVersion krb5cred.dll: - when importing an identity from the MSLSA, if there has never been a default identity, configure the MSLSA identity to be the default. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19407 dc483132-0cff-0310-8789-dd5450dbe970
* KFW NSIS installer - copyright updates and aklog removalJeffrey Altman2007-04-071-20/+5
| | | | | | | | | | | | | | Update copyrights to include 2007 Removal all references to aklog Correct generation of Product Version ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19406 dc483132-0cff-0310-8789-dd5450dbe970
* wix installer - modify file listJeffrey Altman2007-04-061-2/+3
| | | | | | | | | | | | | | | | | for build script changes: site-local.nsi -> site-local-tagged.nsi site-local.wxi -> site-local-tagged.wxi add missing file: nsi-includes.nsi ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19402 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_open_plugin_dirs errors out if directory does not existAlexandra Ellwood2007-04-051-10/+2
| | | | | | | | | | | If one of the directories in the list doesn't exist and no filenames are passed in because opendir fails and then the code gets an error. opendir() failing should not be a fatal error. The function should just move on to the next directory. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19400 dc483132-0cff-0310-8789-dd5450dbe970
* service location plugin returning no addresses handled incorrectlyKen Raeburn2007-04-051-18/+18
| | | | | | | | | | | | | | If a locate plugin (e.g., the Python sample plugin and script, when given realm BOBO.MIT.EDU) returns no error but no addresses, the library won't report an error, but will try to make contact, and eventually crash with a null pointer dereference. Fix: If a plugin returns a value other than PLUGIN_NO_HANDLE, including success, continue into the code that checks for an empty address list. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19399 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2007-001: telnetd allows login as arbitrary userTom Yu2007-04-032-2/+26
| | | | | | | | | | | | | | | | | | Fix MITKRB5-SA-2007-001: * src/appl/telnet/telnetd/sys_term.c (start_login): Add "--" argument preceding username, in addition to the original patch. Explicitly check for leading hyphen in username. * src/appl/telnet/telnetd/state.c (envvarok): Check for leading hyphen in environment variables. On advice from Shawn Emery, not using strchr() as in the original patch. ticket: new tags: pullup target_version: 1.6.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19396 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslogTom Yu2007-04-039-175/+229
| | | | | | | | | | | | | | | | Fix MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog. * src/lib/krb5/krb/get_in_tkt.c (krb5_klog_syslog): Use vsnprintf if available. Everything else: use precision fields on "%s" specifiers to truncate logged strings, in case someone doesn't have vsnprintf. ticket: new target_version: 1.6.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19395 dc483132-0cff-0310-8789-dd5450dbe970
* Correct usage to track implementationKevin Koch2007-04-031-73/+89
| | | | | | | | | | | | | | | | Split repository action into two parts; setting kerveros.ver variables goes in the middle, no longer conditioned on repository access. This ensures that all substitution variables set correctly, even when the repository action is SKIP. Avoid 'file not found' msg when deleting temp file. BETA version not marked as RELEASE. Create installer sandboxes from the staging area. Build there and copy results back to staging area. NSI build no longer picks up WIX build products. Target_Version: 1.6.1 Ticket: 5490 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19394 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-09-27 20:17:25 +0000