summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* whitespaceKen Raeburn2006-10-071-27/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18663 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2006-10-071-191/+190
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18662 dc483132-0cff-0310-8789-dd5450dbe970
* Use const pointers for error messages.Ken Raeburn2006-10-074-10/+48
| | | | | | Add some debugging hooks in the libkrb5 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18661 dc483132-0cff-0310-8789-dd5450dbe970
* drop comma at end of enum listKen Raeburn2006-10-071-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18660 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate some warnings and non-gcc build problems:Ken Raeburn2006-10-076-48/+68
| | | | | | | | | | | | | - nested function - bogus pointer casts - C++-style comments - unused variables - variables of same name in nested scopes - if condition syntax - unused function - use of GNU-only strndup() function git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18659 dc483132-0cff-0310-8789-dd5450dbe970
* 10/3 patch from Savitha R, part 2, patch-krb-schema.diffKen Raeburn2006-10-061-419/+342
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18658 dc483132-0cff-0310-8789-dd5450dbe970
* 10/3 patch from Savitha R, part 1, patch-ldap-schema.diffKen Raeburn2006-10-0617-998/+1940
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18657 dc483132-0cff-0310-8789-dd5450dbe970
* schema infoKen Raeburn2006-10-062-0/+1381
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18656 dc483132-0cff-0310-8789-dd5450dbe970
* remove old changelogKen Raeburn2006-10-061-51/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18655 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/ccache/t_cccursor.c: Bugfixes from Ezra to clean upTom Yu2006-10-061-1/+32
| | | | | | | | | memory leaks. ticket: 4389 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18654 dc483132-0cff-0310-8789-dd5450dbe970
* update export listsTom Yu2006-10-062-0/+6
| | | | | | | ticket: 4389 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18653 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-0648-946/+1155
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* cursor for iterating over ccachesTom Yu2006-10-0511-3/+861
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some ccache back ends need per-type cursors implemented. * src/include/k5-int.h: Declare krb5_cc_ptcursor. Update krb5_cc_ops vector to include functions for ptcursor and some not-yet-implemented functionality. * src/include/krb5/krb5.hin: Prototype krb5_cccol_cursor_new, krb5_cccol_cursor_next, krb5_cccol_cursor_free. * src/lib/krb5/ccache/Makefile.in: Compile cccursor.c. Build t_cccursor. * src/lib/krb5/ccache/cccursor.c: Implementation of cursor for iterating over ccaches. * src/lib/krb5/ccache/ccbase.c: Add typecursor functionality for iteration over registered ccache types. * src/lib/krb5/ccache/cc_memory.c: Implmement per-type ccache cursor functionality. * src/lib/krb5/ccache/cc_mslsa.c: * src/lib/krb5/ccache/cc_file.c: * src/lib/krb5/ccache/ccapi/stdcc.c: Add place-holder ops vector entries. * src/lib/krb5/ccache/t_cccursor.c: New test of ccache cursor functionality. * src/lib/krb5/os/ccdefname.c (krb5int_cc_os_default_name): New function to return the OS-specific default ccache name. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18651 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (return_padata): Allocate a padata context if notSam Hartman2006-10-051-0/+3
| | | | | | | | | | already allocated. In the preauth_required path check will not be called to set up the context first. ticket: 4377 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18650 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Kevin Coffman:Ken Raeburn2006-10-051-44/+35
| | | | | | | | | - adds a function to get ccache keycount - uses it in two places - fixes free problem if next_cred fails - simplifies the clearcache function by using keyctl_clear git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18649 dc483132-0cff-0310-8789-dd5450dbe970
* fix dependence on config.status to use correct dirKen Raeburn2006-10-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18647 dc483132-0cff-0310-8789-dd5450dbe970
* Add decode_tagged_unsigned_integer, and try to fix signed/unsigned andKen Raeburn2006-10-051-10/+69
| | | | | | | long/int/int32 mixups in ASN.1 decoding. Add comments describing encoding of key data. Don't always parenthesize safe_syncbuf arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18646 dc483132-0cff-0310-8789-dd5450dbe970
* set a more meaningful error message in asn1 decode failure caseKen Raeburn2006-10-051-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18645 dc483132-0cff-0310-8789-dd5450dbe970
* export krb5_ldap_createKen Raeburn2006-10-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18644 dc483132-0cff-0310-8789-dd5450dbe970
* array before test for pointing at entry with the principal. AvoidsEzra Peisach2006-10-041-4/+8
| | | | | | | | | | buffer overflow for end of list. Detected with a hacked up version of valgrind to handle keyring syscalls. krb5_krcc_next_cred: Move initial test if pointing past end of key git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18643 dc483132-0cff-0310-8789-dd5450dbe970
* The keyring code introduced in r18638 also included tests of the KEYRING:Ezra Peisach2006-10-041-1/+37
| | | | | | | | regardless of whether the type is registered or not in the library. Test to see if KEYRING: is registered - and if so - run the tests on it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18642 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-0328-159/+2704
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* configure: Depend on $(AUTOCONF_HEADER) so check-ac-syms will be happierKen Raeburn2006-10-021-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18640 dc483132-0cff-0310-8789-dd5450dbe970
* (AUTOCONF_HEADER): Change to match file's target nameKen Raeburn2006-10-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18639 dc483132-0cff-0310-8789-dd5450dbe970
* Merge Kevin Coffman's keyring ccache branch for Linux, with some modifications:Ken Raeburn2006-10-026-4/+2131
| | | | | | | | | | | | | | | | | | | | | aclocal.m4: Enable keyring ccache if the header and library are available; no configure-time option. No error if it's not found. ccdefname.c: Keep old default of FILE: cache, at least for now. libkrb5.exports: Don't export krb5_krcc_ops. ccbase.c: Only initialize krb5int_krcc_mutex if USE_KEYRING_CCACHE; destroy it in finalization. Define INITIAL_TYPEHEAD macro (for file vs keyring), and use it for initialization and in krb5int_cc_finalize. Re-enable freeing of additional registered-type structures. cc_keyring.c: Avoid calls to com_err from within library. cc_file.c: Punt change; generate_new is badly broken, and we expect to replace it with a new API anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18638 dc483132-0cff-0310-8789-dd5450dbe970
* Nuke old Saber-related stuffKen Raeburn2006-10-021-294/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18637 dc483132-0cff-0310-8789-dd5450dbe970
* kdc: make_toolong_error does not initialize all fields for krb5_mk_errorEzra Peisach2006-10-011-0/+2
| | | | | | | | | | | network.c: make_too_long_error() fails to set the ctime and cusec elements of the krb5_error structure. Valgrind detects errors in the asn.1 encoding handlers in reading an unitialized value. Initialize to 0. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18635 dc483132-0cff-0310-8789-dd5450dbe970
* Update expected results for krb5_get_host_realm with referral patchesKen Raeburn2006-09-301-2/+2
| | | | | | installed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18634 dc483132-0cff-0310-8789-dd5450dbe970
* (get_errmsg): Check for errcode_2_string and release_errcode_stringKen Raeburn2006-09-291-1/+4
| | | | | | being null function pointers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18633 dc483132-0cff-0310-8789-dd5450dbe970
* Fix AIX version of GET_HOST_BY_NAME to use TMP.ent for the result, notKen Raeburn2006-09-281-1/+1
| | | | | | | | the no-longer-defined my_h_ent. ticket: 4256 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18632 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Will Fiveash for "kdb5_util create" support in LDAP, modified toKen Raeburn2006-09-2516-32/+437
| | | | | | | drop separate port-number spec so it'll build with current sources. Not tested because of a bug in the recent Novell patch. :-( git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18616 dc483132-0cff-0310-8789-dd5450dbe970
* Implement renew credential functionality which was inadvertentlyJeffrey Altman2006-09-241-16/+108
| | | | | | | | left out. ticket: 4312 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18609 dc483132-0cff-0310-8789-dd5450dbe970
* Remove now-unused 'port' fieldsKen Raeburn2006-09-221-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18608 dc483132-0cff-0310-8789-dd5450dbe970
* Misc cleanup:Ken Raeburn2006-09-223-338/+334
| | | | | | | | Include header instead of duplicating public decls. Don't use C99-style "//" comments. Reformat a bit to krb5 tree normal style. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18607 dc483132-0cff-0310-8789-dd5450dbe970
* New patch from Savitha, for new principal key storage format in LDAPKen Raeburn2006-09-224-280/+494
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18606 dc483132-0cff-0310-8789-dd5450dbe970
* KFW 3.1 Beta 2 NetIDMgr ChangesJeffrey Altman2006-09-2136-161/+843
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | source for (1.1.0.1) - Updated documentation with additional information and fixed errors. nidmgr32.dll (1.1.0.1) - Fixed a deadlock in the configuration provider that may cause NetIDMgr to deadlock on load. - Prevent the configuration provider handle list from getting corrupted in the event of a plug-in freeing a handle twice. - Add more parameter validation for the configuration provider. - If a plug-in is only partially registered (only some of the entries were set in the registry), the completion of the registration didn't complete successfully, leaving the plug-in in an unusable state. This has been fixed. Plug-ins will now successfully complete registration once they are loaded for the first time, assuming the correct resources are present in the module. - Fixed notifications for setting a default identity. Notifications were not being properly sent out resulting in the credentials window not being updated when the default identity changed. - Changes to the API for type safety. - Handling of binary data fields was changed to support validation and comparison. - Data types that do not support KCDB_CBSIZE_AUTO now check for and report an error if it is specified. - Password fields in the new credentials dialog will trim leading and trailing whitespace before using a user-entered value. - Change password action will no longer be disabled if no identity is selected. An identity selection control is present in the dialog making this restriction unnecessary. - When renewing credentials, error messages will be suppressed if the renewal was for an identity and the identity does not have any identity credentials associated with it. - Error messages that are related to credentials acquisition or password changes will now display the name of the identity that the error applies to. - Automatic renewals now renews all identities that have credentials associated with them instead of just the default identity. - Fixed a bug where error messages did not have a default button which can be invoked with the return key or the space bar. - The new credentials window will force itself to the top. This can be disabled via a registry setting, but is on by default. - Fixed the sort order in the new credentials tabs to respect sort hints provided by plug-ins. - If a new credentials operation fails, the password fields will be cleared. - Once a new credentials operation starts, the controls for specifying the identity and password and any other custom prompts will be disabled until the operation completes. - Notifications during the new credentials operation now supply a handle to the proper data structures as documented. - Hyperlinks in the new credentials dialog now support markup that will prevent the dialog from switching to the credentials type panel when the link is activated. - If there are too many buttons added by plug-ins in the new credentials dialog, they will be resized to accomodate all of them. - The options button in the new credentials dialog will be disabled while a new credentials operation is in progress. - The 'about' dialog retains the original copyright strings included in the resource. - Multiple modal dialogs are now supported. Only the topmost one will be active. Once it is closed, the other dialogs will gain focus in turn. This allows for error messages to be displayed from other modal dialogs. - The hypertext window supports italics. krb4cred.dll (1.1.0.1) - Fixed a bug where the plug-in would attempt to free a handle twice. - Fixed a handle leak. - Changed the facility name used for event reporting to match the credentials type name. krb5cred.dll (1.1.0.1) - Fixed handling of expired passwords. If the password for an identity is found to have expired at the time a new credentials acquisition is in progress, the user will be given an opportunity to change the password. If this is successful, the new credentials operation will continue with the new password. - Prevent the new credentials dialog from switching to the Kerberos 5 credentials panel during a password change. - Prompts that were cached indefinitely will now have a limited lifetime. Prompt caches that were created using prior versions of the plug-in will automatically expire. - Multistrings in the resource files were converted to CSV to protect them against a bug in Visual Studio 2005 which corrupted multistrings. - Added handling of and reporting WinSock errors that are returned from the Kerberos 5 libraries. - Fixed uninitialized variables. - The username and realm that is entered when selecting an identity will be trimmed of leading and trailing whitespace. - Changed the facility name used for event reporting to match the credentials type name. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18604 dc483132-0cff-0310-8789-dd5450dbe970
* NSIS installer - update for Win2K NetIDMgrJeffrey Altman2006-09-211-6/+23
| | | | | | | | | Install the Win2K specific binaries for NetIDMgr on Win2K ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18603 dc483132-0cff-0310-8789-dd5450dbe970
* oops, make sure we install from the correct source fileJeffrey Altman2006-09-211-1/+1
| | | | | | | | on Windows 2000 ticket: 4309 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18602 dc483132-0cff-0310-8789-dd5450dbe970
* wix installer - win2k compatibility for netidmgrJeffrey Altman2006-09-211-7/+7
| | | | | | | | | | Install the special win2k version of nidmgr32.dll on Windows 2000 systems. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18601 dc483132-0cff-0310-8789-dd5450dbe970
* windows thread support frees thread local storage after TlsSetValueJeffrey Altman2006-09-211-2/+2
| | | | | | | | | | | | | threads.c: The return value of TlsSetValue is non-zero on success. As a result of misinterpreting the return value, the memory set in TLS is then freed. A subsequent call to TlsGetValue returns the invalid pointer. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18600 dc483132-0cff-0310-8789-dd5450dbe970
* Set the canonicalize flag in TGS requests and accept cross-realm referral ↵Sam Hartman2006-09-2113-122/+647
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tickets. We do not yet accept tickets in which the server name changes. * krb5_sname_to_principal: If there is no domain realm mapping return null realm *krb5_get_cred_via_tkt: New behavior as described below 1) the referrals case: - check for TGT for initial realm - if a remote realm was specified (which must have happened via a domain_realm mapping), obtain a TGT for it the standard way and start with that. - use client realm for server if not specified - iterate through this loop: - request ticket with referrals turned on - if that fails: - if this was the first request, punt to non-referrals case - otherwise, retry once without referrals turned on then terminate either way - if it works, either use the service ticket or follow the referral path - if loop count exceeded, hardfail 2) the nonreferrals case - this is mostly the old walk_realm_tree TGT-finding (which allows limited shortcut referrals per 4120) followed by a standard tgs-req. - originally requested principal is used for this, although if we were handed something without a realm, determine a fallback realm based on DNS TXT records or a truncation of the domain name. ticket: 2652 Owner: amb git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_ldap.h: If BUILD_WITH_BROKEN_LDAP is defined, skip version checksKen Raeburn2006-09-201-5/+13
| | | | | | ticket: 4292 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18595 dc483132-0cff-0310-8789-dd5450dbe970
* Bad loop logic in krb5_mcc_generate_newAlexandra Ellwood2006-09-191-10/+8
| | | | | | | | | krb5_mcc_generate_new() Error in loop caused first item in the list to not get checked the second time through scanning for duplicates. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18594 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2006-09-182-20/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18593 dc483132-0cff-0310-8789-dd5450dbe970
* Savitha's patches for:Ken Raeburn2006-09-1814-151/+72
| | | | | | | | | - LDAP URI support for specifying server and port - support for ldapi interface - updated to newer LDAP APIs - updated documentation git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18592 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb5.c (kdb_load_library): Make error message a little more accurate.Ken Raeburn2006-09-161-29/+47
| | | | | | | | | | (get_errmsg): New function. Uses errcode_2_string and release_errcode_string functions to copy out an error message from the plugin and store it locally, if the error code supplied is nonzero. Changed other uses of plugin functions to call get_errmsg on returning. (krb5_db_errcode2string): Deleted. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18591 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2006-09-161-21/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18590 dc483132-0cff-0310-8789-dd5450dbe970
* Move RPC header files to include/gssrpc, which we copy to them atKen Raeburn2006-09-1630-688/+639
| | | | | | | build time, and which is the only place we use them from anyways. Update Makefile references and dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18589 dc483132-0cff-0310-8789-dd5450dbe970
* Export krb5_ldap_release_errcode_stringKen Raeburn2006-09-161-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18588 dc483132-0cff-0310-8789-dd5450dbe970
* Make it easier to ignore additional directories, like, oh, say, localKen Raeburn2006-09-151-3/+12
| | | | | | install paths for OpenLDAP. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18587 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 00:51:02 +0000