summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* don't pass null pointer to krb5_do_preauth_tryagain()Tom Yu2006-12-191-17/+24
| | | | | | | | | | | | | * src/lib/krb5/krb/get_in_tkt.c (krb5_get_init_creds): If the error isn't PREAUTH_NEEDED and preauth_to_use is null, return the error in err_reply, rather than attempting to pass a null pointer to krb5_do_preauth_tryagain(). ticket: new status: open target_version: 1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18976 dc483132-0cff-0310-8789-dd5450dbe970
* ktfns.c (krb5_kt_get_entry): If the supplied server principal has an emptyKen Raeburn2006-12-191-1/+18
| | | | | | | | | realm name, replace it with the default realm, in a private copy. ticket: 5121 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18975 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_is_referral_realm now takes a pointer to const krb5_data, since it doesn'tKen Raeburn2006-12-192-2/+2
| | | | | | | | | modify it. ticket: 5121 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18974 dc483132-0cff-0310-8789-dd5450dbe970
* Use __extension__ if initializing by field name and using GCC in pre-C99 modeKen Raeburn2006-12-191-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18973 dc483132-0cff-0310-8789-dd5450dbe970
* (k5_mutex_lock_update_stats) [!DEBUG_THREADS_STATS && __GNUC__]: DeclareKen Raeburn2006-12-191-2/+3
| | | | | | | arguments with "unused" attribute. (k5_pthread_mutex_lock) [DEBUG_THREADS && __GNUC__]: Use __extension__. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18972 dc483132-0cff-0310-8789-dd5450dbe970
* export krb5_get_init_creds_opt_set_change_password_promptTom Yu2006-12-191-0/+1
| | | | | | ticket: 5090 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18970 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_rc_io_open_internal on error will call close(-1)Ezra Peisach2006-12-181-1/+3
| | | | | | | | | | | If there is an error in opening the replay cache - memory is freed, but close() is invoked with -1 (failure from open()). While technically, close() will return EBADF in such a case, and nothing bad will happen, valgrind picks up on this and provides an error... ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18961 dc483132-0cff-0310-8789-dd5450dbe970
* Inovke krb5_rc_close to shutdown cache - and check for memory leaksEzra Peisach2006-12-181-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18960 dc483132-0cff-0310-8789-dd5450dbe970
* Add -clearpolicy to kadmin addprinc usageRuss Allbery2006-12-161-1/+1
| | | | | | | | | | | | | Add -clearpolicy to the usage message returned by kadmin when one types addprinc without any arguments. ticket: new Component: krb5-admin Version_Reported: 1.4.4 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18955 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_init_creds_opt_set_change_password_promptJeffrey Altman2006-12-146-2/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | krb5_get_init_creds_opt_set_change_password_prompt is a new gic option that permits the prompter code to be skipped when the password has expired. This option is meant to be used by credential managers such as NetIDMgr and Kerberos.app that have their own built in password change dialogs. This patch adds the new function, exports it on Windows, and makes use of it within the Krb5 identity provider for NetIDMgr. The patch is written to ensure that no changes to the krb5_get_init_creds_opt structure are required and to ensure that the default behavior, prompting, is maintained. The export lists for UNIX and KFM must still be updated. The function prototype was committed as part of ticket 3642. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18954 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-131-17/+25
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18949 dc483132-0cff-0310-8789-dd5450dbe970
* Pull r18927 up to trunk, and tweak check for "history" principal nameKen Raeburn2006-12-131-165/+257
| | | | | | | | | | | to be a little more precise. Ready for pullup to 1.6 branch; make depend should be run. ticket: 5009 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18948 dc483132-0cff-0310-8789-dd5450dbe970
* set AUTOCONF_HEADERKen Raeburn2006-12-137-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18947 dc483132-0cff-0310-8789-dd5450dbe970
* pull r18926 up to trunk; ready for pullup to 1.6 branchKen Raeburn2006-12-132-6/+43
| | | | | | ticket: 5005 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18946 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-121-6/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18942 dc483132-0cff-0310-8789-dd5450dbe970
* a little more info on libpython loading issueKen Raeburn2006-12-121-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18941 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-124-52/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18940 dc483132-0cff-0310-8789-dd5450dbe970
* Don't leak padata when looping for krb5_do_preauth_tryagain()Kevin Coffman2006-12-081-4/+4
| | | | | | | | | | | | | | * src/lib/krb5/krb/get_in_tkt.c: krb5_get_init_creds() Free any existing request.padata at the top of the loop calling krb5_do_preauth() and krb5_do_preauth_tryagain(). ticket: new component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18935 dc483132-0cff-0310-8789-dd5450dbe970
* build the trunk on Windows (again)Jeffrey Altman2006-12-085-15/+13
| | | | | | | | | | This revision corrects a number of missing or extraneous KRB5_CALLCONV symbols; exposes symbols for _WIN32; and avoids including headers that don't exist ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18932 dc483132-0cff-0310-8789-dd5450dbe970
* Undo revision 18930 which was not supposed to include thisJeffrey Altman2006-12-071-11/+1
| | | | | | | | file. ticket: 3642 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18931 dc483132-0cff-0310-8789-dd5450dbe970
* Modifications to support the generation and embedding Jeffrey Altman2006-12-0722-42/+91
| | | | | | | | | | | | of library manifests into generated EXEs and DLLs. Manifests are required for Windows XP and above when applications are built with Microsoft Visual Studio 2005 (aka VS8) or above. ticket: 3642 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18930 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_cc_remove should work for the CCAPIAlexandra Ellwood2006-12-056-111/+200
| | | | | | | | | | | | | | Implemented a working krb5_cc_remove for the CCAPI cache type. Added a private support function krb5_creds_compare() which checks if two krb5_creds are identical. This function should be needed by implementations of krb5_cc_remove for other ccache types. ticket: new owner: tlyu target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18923 dc483132-0cff-0310-8789-dd5450dbe970
* minor update to kdb5_util man page for LDAP pluginWill Fiveash2006-12-041-1/+8
| | | | | | | | | | I added some info to the kdb5_util man page regarding the LDAP plugin. ticket: new Target_Version: krb5-1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18919 dc483132-0cff-0310-8789-dd5450dbe970
* fix for kdb5_util load bug with dumps from a LDAP KDBWill Fiveash2006-12-041-7/+21
| | | | | | | | | | | | | I found a bug when I did a "kdb5_util load -update ldap-dump" where ldap-dump was a dump done from a LDAP based KDB. The issue is that this sort of dump contains principal_dn data which is not the case for a db2 KDB dump. ticket: new Target_Version: krb5-1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18918 dc483132-0cff-0310-8789-dd5450dbe970
* Make clean in lib/krb5/os does not clean test objsEzra Peisach2006-12-031-1/+1
| | | | | | | | | make clean failed to remove t_locate_kdc.o ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18915 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused prototype for krb5_find_config_filesEzra Peisach2006-12-031-2/+0
| | | | | | | | | The prototype for krb5_find_config_files() no longer is necessary as the function does not exist in the source tree anymore. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18914 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/ccache/cc_file.c: Adapted patch from RolandTom Yu2006-12-011-8/+24
| | | | | | | | | | | | Dowdeswell to avoid possible double-free conditions on certain errors. ticket: 4788 tags: pullup target_version: 1.6 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18897 dc483132-0cff-0310-8789-dd5450dbe970
* send a new request with the new padata returned by krb5_do_preauth_tryagain()Kevin Coffman2006-12-013-6/+5
| | | | | | | | | | | | | | | | | | | | | | Send another request containing the padata obtained from tryagain. * src/include/k5-int.h Update prototype * src/lib/krb5/krb/get_in_tkt.c Send pointer to the request.padata so krb5_do_preauth_tryagain() can update the request to be sent. * src/lib/krb5/krb/preauth2.c If a module returns modified padata, add it to the return_padata and return. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18896 dc483132-0cff-0310-8789-dd5450dbe970
* Return edata from non-"PA_REQUIRED" preauth typesKevin Coffman2006-12-011-15/+47
| | | | | | | | | | | | | | | | | | * src/kdc/kdc_preauth.c (check_padata) Return e-data from any failing preauth module. Save the e-data and return value from the first failing module. If a subsequent module marked as PA_REQUIRED fails, return its e-data and error instead. * src/kdc/kdc_preauth.c (load_preauth_plugins) Quiet compiler warning by setting pointer to NULL. ticket: new Target_Version: 1.6 tags: pullup Component: krb5-kdc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18895 dc483132-0cff-0310-8789-dd5450dbe970
* bump minor versions due to API additionsTom Yu2006-12-012-2/+2
| | | | | | | ticket: 4689 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18894 dc483132-0cff-0310-8789-dd5450dbe970
* * src/kadmin/dbutil/dump.c (load_db): Open the dumpfile asTom Yu2006-12-011-1/+1
| | | | | | | | | read-only; we only get a shared lock, so no reason to open for writing for the sake of getting a lock. ticket: 3218 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18893 dc483132-0cff-0310-8789-dd5450dbe970
* * src/appl/telnet/libtelnet/kerberos5.c (kerberos5_send):Tom Yu2006-12-011-2/+4
| | | | | | | | | Conditionalize debugging printfs. ticket: 4941 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18892 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/vfy_increds.c (krb5_verify_init_creds): UseTom Yu2006-11-302-23/+5
| | | | | | | | | | | | | krb5_cc_new_unique(). * src/lib/gssapi/krb5/accept_sec_context.c: (rd_and_store_for_creds): Use krb5_cc_new_unique(). ticket: 4805 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18887 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/gc_via_tkt.c (check_reply_server): New functionTom Yu2006-11-301-20/+62
| | | | | | | | | | | | | | | to check server principal in reply. Ensures that the reply is self-consistent, allows rewrites if canonicalization is requested, and allows limited rewrites of TGS principals if canonicalization is not requested. (krb5_get_cred_via_tkt): Move server principal checks into check_reply_server(). ticket: 3322 target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18879 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/gc_frm_kdc.c: Also do style cleanup.Tom Yu2006-11-301-81/+124
| | | | | | | | | | | | | | | | | (krb5_get_cred_from_kdc_opt): If server principal was rewritten, fall back unless it was rewritten to a TGS principal. This fixes a bug when a MS AD rewrites the service principal into a single-component NETBIOS-style name. If we get a referral back to the immediately preceding realm, fall back to non-referral handling. This fixes the changepw failure. To prevent memory leaks, when falling back to non-referral handling, free any tgts previously obtained by the initial non-referral do_traversal() call. ticket: 4955 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18878 dc483132-0cff-0310-8789-dd5450dbe970
* Implemented CCAPI v3 specific ccache collection cursorJustin Anderson2006-11-293-3/+152
| | | | | | | | | | | | * src/lib/krb5/ccache/ccbase.c: Added CCAPI v3 entry to list of type cursors * src/lib/krb5/ccache/ccapi/stdcc.h: * src/lib/krb5/ccache/ccapi/stdcc.c: Implemented CCAPI v3 cursor functionality. ticket: 4739 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18877 dc483132-0cff-0310-8789-dd5450dbe970
* skip all modules in plugin if init function failsKevin Coffman2006-11-291-4/+16
| | | | | | | | | | | | | If the plugin initialization function fails, skip all modules in the plugin, not just the first. Also, print the error message from the plugin if supplied. ticket: new Target_Version: 1.6 Tags: pullup Component: krb5-kdc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18873 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_copy_data_contents shouldn't free memory it didn't allocateTom Yu2006-11-281-2/+0
| | | | | | | | | | | | * src/lib/krb5/krb/copy_data.c (krb5int_copy_data_contents): Don't free outdata on malloc failure; we didn't allocate outdata. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18865 dc483132-0cff-0310-8789-dd5450dbe970
* documentation updates for KFW 3.1Jeffrey Altman2006-11-2716-28/+152
| | | | | | | | | Documentation updates including new screen shots for KFW 3.1 ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18864 dc483132-0cff-0310-8789-dd5450dbe970
* KFW 3.1 commits for Final ReleaseJeffrey Altman2006-11-2214-62/+353
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | KfW 3.1 final (NetIDMgr 1.1.8.0) nidmgr32.dll (1.1.8.0) - When detecting IP address changes, wait for things to settle down before setting of the IP address change notification. krb5cred.dll (1.1.8.0) - Fixed the Kerberos 5 configuration dialog which didn't handle setting the default realm properly. Setting the default realm now sets the correct string in krb5.ini. - Changing the default realm now marks the relevant configuration node as dirty, and enabled the 'Apply' button. - Changing the 'renewable', 'forwardable' and 'addressless' checkboxes in the identity configuration panels now mark the relevant configuration nodes as dirty, and enables the 'Apply' button. - The location of the Kerberos 5 configuration file is now read-only in the Kerberos 5 configuration dialog. - Set the maximum number of characters for the edit controls in the configuration dialog. krb4cred.dll (1.1.8.0) - The location of the Kerberos 4 configuration files are now read-only in the Kerberos 4 configuration dialog. - Handles setting the ticket string. - Changing the ticket string now marks the relevant configuration node as dirty, and enables the 'Apply' button. - Fixed the plug-in initialization code to perform the initial ticket listing at the end of the initializaton process. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18863 dc483132-0cff-0310-8789-dd5450dbe970
* library fragments to front of lineSam Hartman2006-11-221-2/+2
| | | | | | | | | | * src/plugins/kdb/ldap/libkdb_ldap/Makefile.in: Fix fragments substitutions so the makefile works with autoconf 2.60 ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18862 dc483132-0cff-0310-8789-dd5450dbe970
* fix debug messagesKevin Coffman2006-11-221-7/+7
| | | | | | | | | | | Change debugging messages so they print salt value correctly and clean up warnings when compiling with DEBUG. ticket: new Tags: pullup Target_Version: 1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18859 dc483132-0cff-0310-8789-dd5450dbe970
* free error message when freeing contextKevin Coffman2006-11-211-0/+2
| | | | | | | | | | | | | | | Call krb5_clear_error_message() to free any allocated error message before freeing the context. The condition that triggered this was a plugin library which fails to load because of unresolved references. It appears dlopen() on Linux leaks four bytes for each failing library in this situation. ticket: new Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18858 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/ccache/ccbase.c (krb5int_cc_getops): InternalTom Yu2006-11-184-11/+69
| | | | | | | | | | | | | | | | function to fetch ops vector given ccache prefix string. (krb5_cc_new_unique): New function to generate a new unique ccache of a given type. * src/include/krb5/krb5.hin: Prototype for krb5_cc_new_unique(). * src/lib/krb5/libkrb5.exports: * src/lib/krb5_32.def: Add krb5_cc_new_unique(). ticket: 3091 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18857 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_init_creds_password:Jeffrey Altman2006-11-171-8/+0
| | | | | | | | remove unintentionally committed code not meant for 1.4 branch ticket: 4802 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18842 dc483132-0cff-0310-8789-dd5450dbe970
* one more commit for kfw 3.1 beta 4Jeffrey Altman2006-11-171-0/+7
| | | | | | | | | | | - when the krb5 prompter callback function is called, set the focus to the first input field provided by the caller. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18841 dc483132-0cff-0310-8789-dd5450dbe970
* reset use_master flag when master_kdc cannot be found Jeffrey Altman2006-11-171-1/+11
| | | | | | | | | | | | | | krb5_get_init_creds_password: if the master_kdc cannot be identified reset the use_master flag. otherwise, the krb5_get_init_creds("kadmin/changepw") call will attempt to communicate with the master_kdc that cannot be reached. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18840 dc483132-0cff-0310-8789-dd5450dbe970
* use krb5_c_valid_enctype, not valid_enctypeKen Raeburn2006-11-171-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18839 dc483132-0cff-0310-8789-dd5450dbe970
* Didn't include header changes in the previous commitKevin Coffman2006-11-171-2/+7
| | | | | | | | ticket: 4799 Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18837 dc483132-0cff-0310-8789-dd5450dbe970
* update krb5_c_keylength function, create krb5_c_random_to_key functionKevin Coffman2006-11-174-10/+103
| | | | | | | | | | | | | | | Modify the keylength function to return both keybytes and keylength. Change the name of the function and source file to reflect this. Add a function, krb5_c_random_to_key() that takes random input data of the right length (keybytes) and produce a valid key for a given enctype. ticket: new Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18836 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 09:52:21 +0000