summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* If we get cannot resolve KDC for master but find a slaveSam Hartman2002-10-282-1/+6
| | | | | | | | return the real error from the slave rather than the resolution error. ticket: 1232 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14941 dc483132-0cff-0310-8789-dd5450dbe970
* Don't include trailing null in the transited encoding produced by the KDC.Sam Hartman2002-10-282-2/+6
| | | | | | | | | | Other routines do not expect the null to be included in the length so policy checks fail. Also, sending the null over the wire is wrong. ticket: 1230 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14940 dc483132-0cff-0310-8789-dd5450dbe970
* Client code lacks support for draft-ietf-krb-wg-kerberos-sam-01.txtKen Hornstein2002-10-2421-7/+1228
| | | | | | | | | | | This widely-spread commit implements support for the so-called "new" hardware preauth protocol, defined in the IETF internet-draft draft-ietf-krb-wg-kerberos-sam-01.txt. Note that this code is client-side only. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14939 dc483132-0cff-0310-8789-dd5450dbe970
* No support for negative password expiration last-req hintKen Hornstein2002-10-242-2/+4
| | | | | | | | | Fixing an omission; previous code didn't support a negative value for the password expiration hint (which is legal). Pointed out by Ezra Peisach. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14938 dc483132-0cff-0310-8789-dd5450dbe970
* Implement asn1_encode_enumeratedSam Hartman2002-10-234-4/+51
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14937 dc483132-0cff-0310-8789-dd5450dbe970
* gic_pwd doesn't support password expiration notification via last_req hintKen Hornstein2002-10-234-1/+52
| | | | | | | | | | | | | | In kerberos-clarifications, a new last-req type (6) has been specified that indicates when a principal's password will expire. This code implements support for this last-req type. Note that the intent is that the last-req type will only be included by the KDC when the time until password expiration reaches some threshold (e.g, one week), so this code will display the password expiration anytime the last-req type is included. ticket: 1065 ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14936 dc483132-0cff-0310-8789-dd5450dbe970
* * ftpcmd.y: Bison 1.75 cleanup. Essentially remove `=' beforeEzra Peisach2002-10-232-78/+83
| | | | | | | | statements to be executed. ticket: 1218 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14935 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (service_tcp_fd): If DEBUG defined, ensure thatEzra Peisach2002-10-222-1/+7
| | | | | | initialization of variable not bypassed by goto. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14934 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Autoconf 2.55 will not simply use cpp to test forEzra Peisach2002-10-222-1/+17
| | | | | | | | | header file existance - the header file must be compilable. This will mean that if one header depends on another, it must be included. Test for term.h using the optional fourth argument to AC_CHECK_HEADERS to specify include files to test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14933 dc483132-0cff-0310-8789-dd5450dbe970
* This commit fixes the test suite aspects. Callers of the variousTom Yu2002-10-193-5/+14
| | | | | | | | | | | | | | | read_password functions still need to be updated. * api.2/init-v2.exp (test106): Make regexp more forgiving of variant password prompts. * api.0/init.exp (test7, test22, test225): Make regexp more forgiving of variant password prompts. ticket: 1217 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14932 dc483132-0cff-0310-8789-dd5450dbe970
* * start_servers_local: Set names of replay cache and log files to be per-user,Ken Raeburn2002-10-182-3/+10
| | | | | | since they're in system-wide shared directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14931 dc483132-0cff-0310-8789-dd5450dbe970
* * start_servers_local: Telnet to 127.0.0.1, not "localhost", to probe forKen Raeburn2002-10-162-1/+9
| | | | | | kadmind, since kadmind does IPv4 only. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14930 dc483132-0cff-0310-8789-dd5450dbe970
* ver.h to winver.h ver.h has become depricated by MS. Using winver.h will ↵Paul Hill2002-10-162-2/+2
| | | | | | support MSVC 6 and 7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14929 dc483132-0cff-0310-8789-dd5450dbe970
* Thanks, (corrected) patch appliedTom Yu2002-10-153-2/+10
| | | | | | | | | | | | * hst_realm.c (krb5_try_realm_txt_rr): Apply patch from Nalin Dahyabhai to bounds-check return value from res_search(). * locate_kdc.c (krb5_locate_srv_dns_1): Apply patch from Nalin Dahyabhai to bounds-check return value from res_search(). ticket: 1216 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14928 dc483132-0cff-0310-8789-dd5450dbe970
* * server_init.c (kadm5_lock, kadm5_unlock): Return KADM5_OKEzra Peisach2002-10-152-0/+9
| | | | | | instead of falling off end of function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14927 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4 (CONFIG_RULES): Define using AC_DEFUNKen Raeburn2002-10-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14926 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4: Use dnl after all AC_REQUIRE invocations.Ken Raeburn2002-10-122-43/+56
| | | | | | | | | | | | | | | (KRB5_AC_FORCE_STATIC): New macro. Warn if invoked after KRB5_LIB_AUX. (KRB5_BUILD_LIBRARY_STATIC): Require it. (CHECK_SIGPROCMASK, AC_PROG_ARCHIVE, AC_PROG_ARCHIVE_ADD, CHECK_DIRENT, CHECK_WAIT_TYPE, CHECK_SIGNALS, KRB5_SIGTYPE, CHECK_SETJMP, WITH_KRB4, ADD_DEF, KRB_INCLUDE, K5_GEN_MAKEFILE, _K5_GEN_MAKEFILE, K5_GEN_FILE, K5_AC_OUTPUT, V5_AC_OUTPUT_MAKEFILE, CHECK_UTMP, WITH_NETLIB, KRB5_BUILD_LIBRARY_STATIC): Define using AC_DEFUN instead of define. Doesn't change the generated configure scripts except for changing (mostly deleting) whitespace. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14925 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4 (WITH_CC_DEPRECATED_ARG): New macro.Ken Raeburn2002-10-112-6/+8
| | | | | | (WITH_CC): Require it, and AC_PROG_CC. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14924 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4 (CONFIG_RULES): Comment out code looking for the in-tree versionKen Raeburn2002-10-112-8/+14
| | | | | | of autoconf that we deleted. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14923 dc483132-0cff-0310-8789-dd5450dbe970
* implement krb5_read_password, des_read_password via krb5_prompter_posixTom Yu2002-10-112-5/+15
| | | | | | | | | | | | | | | | | | This commit fixes one incompatibility introduced when krb5_read_password was reimplemented in terms of krb5_prompter_posix. There is a remaining incompatibility, which is krb5_prompter_posix's appending of the string ": " following a prompt. Callers of krb5_read_password and of des_read_password don't expect this behavior, which results in a double colon prompt, which breaks the libkadm5 test suite. * read_pwd.c (krb5_read_password): Restore name of size_return. Set *size_return after successful call to krb5_prompter_posix, since some callers were actually checking, e.g. kadm5. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14922 dc483132-0cff-0310-8789-dd5450dbe970
* Implement krb5_read_password an des_read_pw_stringSam Hartman2002-10-104-223/+74
| | | | | | | | | in terms of krb5_prompter_posix. Change motivated by the desire for echo foo |kinit -4 bar to work in test scripts, but having one implementation of password read functions on unix is good anyway git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14921 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (EXTRADEPSRCS): New variable.Ken Raeburn2002-10-102-1/+63
| | | | | | | (t_hmac$(EXEEXT), t_pkcs5$(EXEEXT), vectors$(EXEEXT)): New targets. (check-unix): Depend on and run t_hmac and t_pkcs5. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14920 dc483132-0cff-0310-8789-dd5450dbe970
* * string2key.c (mit_des_string_to_key_int): If PRINT_TEST_VECTORS is defined,Ken Raeburn2002-10-102-6/+69
| | | | | | print some of the intermediate results. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14919 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (t_cksum4, t_cksum5): Include com_err library when linkingKen Raeburn2002-10-102-2/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14918 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2002-10-101-3/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14917 dc483132-0cff-0310-8789-dd5450dbe970
* * pbkdf2.c, t_hmac.c, t_pkcs5.c: New filesKen Raeburn2002-10-104-0/+738
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14916 dc483132-0cff-0310-8789-dd5450dbe970
* principal can't specify ks_tuples changing own passwdTom Yu2002-10-083-18/+56
| | | | | | | | | | | | | | | | | | | | | Thanks, the patch has been applied and will appear in a future release. * misc.c (chpass_principal_wrapper_3): Renamed from chpass_principal_wrapper; calls chpass_principal_3 now. (randkey_principal_wrapper_3): Renamed from randkey_principal_wrapper; calls randkey_principal_3 now. Patch from Ben Cox. * server_stubs.c (chpass_principal_1_svc) (chpass_principal3_1_svc): Call chpass_principal_wrapper_3. (chrand_principal_1_svc, chrand_principal3_1_svc): Call randkey_principal_wrapper_3. Patch from Ben Cox. ticket: 1207 version_reported: 1.2.6 target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14915 dc483132-0cff-0310-8789-dd5450dbe970
* libkadm5 should allow persistent locksTom Yu2002-10-0814-7/+144
| | | | | | | | | | | libkadm5 should have a way to persistently lock the databases to avoid wasting time on closing and reopening. These patches implement persistent exclusive locks for local access only. ticket: new target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14914 dc483132-0cff-0310-8789-dd5450dbe970
* ASN.1 code passes uninitialized values aroundTom Yu2002-10-084-137/+239
| | | | | | | | | | | | | | | | | | | | | | * asn1_get.c (asn1_get_tag_indef): Stomp on asn1class, construction, retlen, and indef, even if we've hit the end of the buffer, to avoid passing uninitialized values around. * asn1_k_decode.c: Reformat somewhat and add comments to demystify things a little. (opt_field): Fix to explicitly check for end of subbuf before verifying the pre-fetched tag, which may have been stomped on by asn1_get_tag_indef() encountering end-of-buffer. * krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check for end of subbuf before verifying the pre-fetched tag, which may have been stomped on by asn1_get_tag_indef() encountering end-of-buffer. ticket: new target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14913 dc483132-0cff-0310-8789-dd5450dbe970
* Implement an install-headers target to install public headers into KRB5_INCDIR;Sam Hartman2002-10-0717-5/+59
| | | | | | | | probably called by setting DESTDIR. ticket: 1208 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14912 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (stop_kerberos_daemons): Kill, expect eof, wait, inTom Yu2002-10-072-2/+8
| | | | | | | that order. Avoids delivery of multiple signals (HUP+TERM) to KDC daemons when shutting down. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14911 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c (process_as_req): Apply fix from Kevin Coffman toTom Yu2002-10-062-1/+9
| | | | | | | | avoid leaking padata. ticket: 1206 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14910 dc483132-0cff-0310-8789-dd5450dbe970
* Move test_* from all to check targetSam Hartman2002-10-032-1/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14909 dc483132-0cff-0310-8789-dd5450dbe970
* * rsh.exp (rsh_test): Explicitly call stop_rsh_daemon upon passTom Yu2002-09-302-0/+6
| | | | | | for "encrypted rsh" test, to avoid zombies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14908 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (start_kerberos_daemons): Fix to use "tail -f" toTom Yu2002-09-292-74/+99
| | | | | | | check for setup messages from daemons; this avoids a few race conditions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14907 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesTom Yu2002-09-283-16/+23
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14906 dc483132-0cff-0310-8789-dd5450dbe970
* * depgen.sed: Solaris sed doesn't like '\(^.*$\)'; replace it withTom Yu2002-09-272-1/+6
| | | | | | '^\(.*\)$'. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14905 dc483132-0cff-0310-8789-dd5450dbe970
* Fix DES_INT32 definitionTom Yu2002-09-2718-219/+439
| | | | | | | | | | | | Intial merge of KfM des library API. Update krb.h to use offsets from krb_err.et constants as error codes. Fix up definitions of KRB4_32, KRB_INT32, KRB_UINT32. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14904 dc483132-0cff-0310-8789-dd5450dbe970
* Limit the number of TCP connections that will be handled at one time.Ken Raeburn2002-09-272-55/+82
| | | | | | | | | | | | | | | | | Remove some debugging calls. * network.c (struct connection): New field start_time. (tcp_data_counter, max_tcp_data_connections): New variables. (kill_tcp_connection): New function. (process_tcp_connection): Use it. Log reason for rejecting connection if the requested buffer size is too large. (accept_tcp_connection): If there are too many TCP connections already, shut down the oldest one. (setup_network, listen_and_process, process_tcp_connection, service_conn): Delete debugging code. (process_packet): Use socklen_t where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14903 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (krb5int_cm_call_select): Fix last changeKen Raeburn2002-09-272-2/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14902 dc483132-0cff-0310-8789-dd5450dbe970
* * socket-utils.h (sa2sin, sa2sin6): Add redundant cast to (void *)Tom Yu2002-09-272-7/+17
| | | | | | to get GCC to shut up about alignment increasing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14901 dc483132-0cff-0310-8789-dd5450dbe970
* Actually commit krb5.confSam Hartman2002-09-241-2/+9
| | | | | | ticket: 1195 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14900 dc483132-0cff-0310-8789-dd5450dbe970
* Update enctypes in krb5.confSam Hartman2002-09-241-0/+4
| | | | | | | | | | | | | | Previously krb5.conf in config-files only allowed des-cbc-crc; really that's getting fairly old and we should allow all the enctypes we support. This has been updated and a comment added indicating that if the list is removed all enctypes are allowed by the code. Added club.cc.cmu.edu to distributed realms list per request ticket: new cc: leko@MIT.EDU git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14899 dc483132-0cff-0310-8789-dd5450dbe970
* Makefile.in, configure.in, aclocal.m4: Use AC_CONFIG_FILES instead ofEzra Peisach2002-09-246-17/+34
| | | | | | | | | | | | | arguments to AC_OUTPUT. This allows for generation of a single Makefile. config/post.in: When regenerating Makefiles, invoke config.status with only the Makefile to generate. This completes the changes. ticket: 1188 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14898 dc483132-0cff-0310-8789-dd5450dbe970
* Add some dependencies on phony build targets to help with cross-directory ↵Ken Raeburn2002-09-244-0/+14
| | | | | | dependencies git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14897 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (EXTRADEPSRCS): New variableKen Raeburn2002-09-242-0/+33
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14896 dc483132-0cff-0310-8789-dd5450dbe970
* * pre.in (.et.c, .et.h): Change rules to only update the desired target file,Ken Raeburn2002-09-242-2/+18
| | | | | | by using temporary files; this makes them safe for use in parallel builds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14895 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (mydir): Add missing mydir linesEzra Peisach2002-09-242-0/+5
| | | | | | ticket: 1188 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14894 dc483132-0cff-0310-8789-dd5450dbe970
* configure fails (autoconf 2.52) if aclocal.m4 located in directory above ↵Ezra Peisach2002-09-232-1/+7
| | | | | | | | | | | | source tree * aclocal.m4 (V5_SET_TOPDIR): When determining the location of the top of the source tree, stop when reach the top and aclocal.m4 file is located instead of continuing up and out of the tree. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14893 dc483132-0cff-0310-8789-dd5450dbe970
* * port-sockets.h: Include sys/filio.h if availableKen Raeburn2002-09-192-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14890 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-09-30 09:27:04 +0000