summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Update documentationKevin Koch2007-03-271-209/+277
| | | | | | | | Target_Version: 1.6.1 Ticket: 5490 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19294 dc483132-0cff-0310-8789-dd5450dbe970
* Correct error message text, add comments, change some command line defaults. ↵Kevin Koch2007-03-271-6/+7
| | | | | | | | | | Change plink path Target_Version: 1.6.1 Ticket: 5490 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19293 dc483132-0cff-0310-8789-dd5450dbe970
* All Windows apps were popping MessageBoxes when stderr is redirected. ↵Kevin Koch2007-03-271-3/+11
| | | | | | | | | | | | | Console apps shouldn't and no longer do that. Added isGuiApp, which tests gui resource usage Removed duplicate nested tests for _WIN32. Ticket: 5446 Status: resolved Target_Version: 1.6.1 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19292 dc483132-0cff-0310-8789-dd5450dbe970
* remove unwanted files from kfw build scriptJeffrey Altman2007-03-271-222/+215
| | | | | | | | | | Remove aklog, khhelp.h, and the .manifest files as they are not installed by the installer. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19291 dc483132-0cff-0310-8789-dd5450dbe970
* WIX installer stores WinLogon event handler under wrong registry valueJeffrey Altman2007-03-271-6/+6
| | | | | | | | | | | | | | | | | | | | The WinLogon event handler in prior versions of the Wix installer has been installing the event handler under the registry value "KFWLogon" which happens to be the name that "OpenAFS" also uses for its Kerberos logon events. The KFW NSIS installer has used "MIT_KFW" in order to avoid the conflict. The Wix installer is being corrected to match. When there is a name collision, only one of the event handlers gets installed. As a result, Kerberos FILE ccaches get created with SYSTEM only ACLs and are never destroyed. This is the same problem that happens on Windows Vista when integrated logon is used because the event handler hooks do not exist. ticket: new tags: pullup component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19290 dc483132-0cff-0310-8789-dd5450dbe970
* This commit addresses several issues:Jeffrey Altman2007-03-272-20/+131
| | | | | | | | | | | | | | | | | | | | | | | | (1) The registry key used for activating event reporting to the Windows application log was wrong. It should be "NetworkProvider" not "Network Provider" (2) Event logging of the state of the "Debug" value has been added so that it is possible to debug the use of event reporting. (3) The code no longer performs the pre-kinit operations if a password was not provided. (4) A new function KFW_copy_file_cache_to_api_cache() has been added. This is used instead of KFW_copy_file_cache_to_default_cache() permitting the default cache to be MSLSA, FILE, or anything else. The API cache name will be of the form API:principal just as is done by Network Identity Manager. ticket: 5469 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19289 dc483132-0cff-0310-8789-dd5450dbe970
* KfW build automationKevin Koch2007-03-261-17/+17
| | | | | | | | | | | | Don't fetch afscompat. Handle case of checkout into non-existent directory. Target_Version: 1.6.1 Component: KfW Tags: pullup Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19288 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused scc_default_format field from krb5_contextKen Raeburn2007-03-263-14/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19287 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize 'now' to avoid compiler warningKen Raeburn2007-03-251-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19285 dc483132-0cff-0310-8789-dd5450dbe970
* MAX_FORMAT_BUFFER should be type size_t to reduce warningsKen Raeburn2007-03-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19284 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust type of 'stable' in krb5_register_serializer to reduce warningsKen Raeburn2007-03-251-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19283 dc483132-0cff-0310-8789-dd5450dbe970
* Change strnchr sought value to int to match passed valueKen Raeburn2007-03-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19282 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize values to avoid 'possibly uninitialized' compiler warningsKen Raeburn2007-03-251-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19281 dc483132-0cff-0310-8789-dd5450dbe970
* Convert keyblock or padata types to krb5_data without compiler warnings.Ken Raeburn2007-03-253-7/+33
| | | | | | (Added inline functions, with appropriate casts, for data conversion.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19280 dc483132-0cff-0310-8789-dd5450dbe970
* Use memset to silence some 'may be used uninitialized' warningsKen Raeburn2007-03-252-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19279 dc483132-0cff-0310-8789-dd5450dbe970
* whitespace (mostly wrapping long lines produced by protoize)Ken Raeburn2007-03-2513-36/+74
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19278 dc483132-0cff-0310-8789-dd5450dbe970
* Configure db2 plugin directory at top levelKen Raeburn2007-03-253-28/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19277 dc483132-0cff-0310-8789-dd5450dbe970
* Pass the extra library dependency on AIX (is this even still needed??) via a newKen Raeburn2007-03-252-2/+6
| | | | | | variable instead of by updating LIBS at configure time. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19276 dc483132-0cff-0310-8789-dd5450dbe970
* Don't test for stuff not used, used unconditionally, or with feature-test ↵Ken Raeburn2007-03-251-4/+0
| | | | | | macros in k5-int.h available at test time git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19275 dc483132-0cff-0310-8789-dd5450dbe970
* Build tests subtree makefiles at top levelKen Raeburn2007-03-2514-55/+45
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19274 dc483132-0cff-0310-8789-dd5450dbe970
* Include autoconf.hKen Raeburn2007-03-253-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19273 dc483132-0cff-0310-8789-dd5450dbe970
* Configure appl test programs from top levelKen Raeburn2007-03-2511-40/+33
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19272 dc483132-0cff-0310-8789-dd5450dbe970
* Include autoconf.hKen Raeburn2007-03-251-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19271 dc483132-0cff-0310-8789-dd5450dbe970
* Generate makefiles for two static libs plus the python plugin from the ↵Ken Raeburn2007-03-257-45/+14
| | | | | | top-level configure script git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19270 dc483132-0cff-0310-8789-dd5450dbe970
* Fix some syntax issues in testing krb5-config outputKen Raeburn2007-03-251-6/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19269 dc483132-0cff-0310-8789-dd5450dbe970
* Depend on support libraryKen Raeburn2007-03-251-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19268 dc483132-0cff-0310-8789-dd5450dbe970
* Include autoconf.h before testing macros for Python header locationKen Raeburn2007-03-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19267 dc483132-0cff-0310-8789-dd5450dbe970
* Remove KRB5_BUILD_LIBRARY_STATIC; always use KRB5_BUILD_LIBRARYKen Raeburn2007-03-255-18/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19266 dc483132-0cff-0310-8789-dd5450dbe970
* Never set krb5_force_static. Instead, set the defaults for buildingKen Raeburn2007-03-259-8/+49
| | | | | | | | | | | | | | | | shared libraries, and allow a Makefile.in to include a new makefile fragment for building private (static, not installed) libraries. Created another makefile fragment to be included to indicate the shared library has no dependencies. (Currently this is the case only for the libdb2 library, which we don't install, but do build for testing.) The way we construct the library dependency search path arguments doesn't work for an empty list on some platforms. Updated Makefile.in to use @libpriv_frag@ and @libnodeps_frag@ as necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19265 dc483132-0cff-0310-8789-dd5450dbe970
* Store a little more detail for unknown enctype errorKen Raeburn2007-03-251-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19264 dc483132-0cff-0310-8789-dd5450dbe970
* Fix PROG_LIBPATH, and use -l instead of an explicit filename to build ↵Ken Raeburn2007-03-251-3/+3
| | | | | | profile_tcl git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19263 dc483132-0cff-0310-8789-dd5450dbe970
* Rearrange code so all of the 'krb5_force_static' stuff is done in one placeKen Raeburn2007-03-251-63/+41
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19262 dc483132-0cff-0310-8789-dd5450dbe970
* Remove traces of enable_shared, enable_static, enable_profiled, andKen Raeburn2007-03-256-89/+47
| | | | | | | build_dynobj. Hard-code the behavior for shared libraries, no static, no profiled. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19261 dc483132-0cff-0310-8789-dd5450dbe970
* Remove separate KRB5_BUILD_LIBRARY_WITH_DEPS macro, just use KRB5_BUILD_LIBRARYKen Raeburn2007-03-257-18/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19260 dc483132-0cff-0310-8789-dd5450dbe970
* Remove commented-out macroKen Raeburn2007-03-251-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19259 dc483132-0cff-0310-8789-dd5450dbe970
* Remove special support for building a shared library with no dependencies, ↵Ken Raeburn2007-03-251-3/+1
| | | | | | | | since we only have one such library, and it's one we don't install. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19258 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use -Bsymbolic on Linux for now, it seems to break kadmind somehowKen Raeburn2007-03-211-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19241 dc483132-0cff-0310-8789-dd5450dbe970
* When using the Vista SDK version of NTSecAPI.h it is necessaryJeffrey Altman2007-03-212-20/+48
| | | | | | | | | | | | | | | | | | | | | to ensure the _WIN32_WINNT have a value of 0x0501 or greater. Otherwise, required LSA type declarations are undeclared. Provide a registry value that can be set to turn on Application Event log messages for debugging. HKLM\System\CurrentControlSet\Services\MIT Kerberos\Network Provider DWORD "Debug" Ensure that KFW_obtain_user_temp_directory() returns a value on error. Correct the declaration of KFW_copy_cache_to_system_file() to match the prototype. ticket: 5469 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19240 dc483132-0cff-0310-8789-dd5450dbe970
* krb5 library uses kdc.conf when it shouldn'tKen Raeburn2007-03-211-1/+1
| | | | | | | | | Don't add kdc.conf to the list of config files to use unless it's actually requested. Reported by Will Fiveash. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19239 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: New Default View and miscellaneous fixesJeffrey Altman2007-03-2044-740/+3031
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ================================ KfW 3.1 Alpha (NetIDMgr 1.1.11.0) -- nidmgr32.dll - Only one action in a menu is allowed to have KHUI_ACTIONREF_DEFAULT flag set. This marks the action as being the default action for the menu and will be rendered as such. - Newly created identities start off with the KCDB_IDENT_FLAG_EMPTY flag set. Once credentials are associated with the identity and the identity is refreshed, the flag will be cleared. - When creating actions, enforce the name length. - khm_value_exists() now handles shadowed configuration spaces. - Add new action KHUI_ACTION_LAYOUT_MINI which toggles between 'Advanced' and 'Basic' views. - Add support for F11 and F12 keys in khui_get_cmd_accel_string(). - New option for alerts to indicate that instead of just setting the response field in the alert, the UI should dispatch the command that the user has selected. -- krb5common.obj - khm_krb5_initialize() can return a handle to a krb5_ccache that has already been closed. Now it doesn't. - Also import 'krb5_string_to_deltat()'. - Work around conditioned symbol definitions in ntsecapi.h in the Vista Platform SDK that affect Win 2000. -- krb5cred.dll - Don't clear the prompts when the options for an identity changes. The prompter code relies on the prompts being around so that the values that the user has entered can be retained if the new set of prompts is the same as the old one. - Use the same code in the new credentials acquisition and the identity configuration code to obtain krb5 parameters for an identity. - Reset the 'IMPORTED' flag when we get new credentials using a password. - If the validity of a principal is not known, then we restrict the options that can be specified when calling krb5_get_init_creds_password() so that we can reliably determine if the principal is valid. If we need to get new credentials for the principal, we need to make another call using the correct options. - The return codes from the prompter need to indicate that the password read operation was cancelled instead of arbiraty non-zero values. - When reading identity settings, if a particular setting is not defined in the registry, then default to reading the settings out of krb5.ini. - Refer to credentials as 'credentials' or 'tickets' instead of 'creds'. - If an identity has imported credentials, don't import for the same identity again. - When importing an identity, create the identity configuration in the registry if we don't already have any settings there. - Work around conditioned symbol definitions in ntsecapi.h in the Vista Platform SDK that affect Win 2000. - Rearrange declarations for clarity. - Use the correct APIs to parse configuration values from krb5.ini. -- krb4cred.dll - The dialog layout was updated to accomodate a localized string that no longer fit in its control. - Remove a spurious inclusion of ntsecapi.h and work around conditioned symbol definition in the Vista Platform SDK. -- netidmgr.exe - Fix the menu creation code to correctly tag the default action so that it will be rendered properly. - Update the menu enumeration code to use documented functions instead of accessing acton lists directly. - Pool of per-identity actions now include a set of actions for obtaining credentials for specific identities. - The default action performed when the notification icon is clicked is now configurable. When displaying the context menu in the notification area, the default action is highlighted. - Remove unnecessary handlers from the notifcation event handler. - Only handle NIN_SELECT instead of both NIN_SELECT and WM_LBUTTONUP in the notification event handler. When the user clicks the notication icon, both events are generated. NIN_SELECT is canonical. - When the handling NIN_BALLOONUSERCLICK in the notification event handler, reset balloon_alert before displaying any new alerts so that we won't overwrite it later. - Reset the notification alert icon after displaying an alert. - If a renewal fails, the displayed alert contains a button that the user can click to initiate the process of acquiring new credentials for the identity. - Alerts can optionally dispatch the commands that were added to it using the KHUI_ALERT_FLAG_DISPATCH_CMD flag. - Increase the size of the About dialog. - Correct the action text for the IDS_ACTION_OPEN_APP and IDS_ACTION_CLOSE_APP to say 'Show' and 'Hide' instead of 'Open' and 'Close'. These actions only control the visible state of the NIM window. - Add additional notification which signals that the commandline has finished processing. - Add an 'acquire' action to the per-identity actions. - The per identity actions (renew, destroy, acquire) now have useful captions, names and tooltips. - Use WM_NEXTDLGCTL message when changing the focus of dialog controls. SetFocus() is insufficient. - If we get a request to show a new credential acquisition dialog and we are already showing one, bring that one to the foreground instead of trying to display a new one or waiting quietly. - New configuration schema for the UI that include definitions for the new default view. - The alerter window can now show more than one alert at once. - If we are about to show queued alerts, then check if the alerts that are waiting are related and if they can be grouped together. If so, show them in a single alert window instead of multiple ones. - If new alerts are issued while a set of alerts are being displayed and if the new alert is related to the alerts that are being displayed, then add the new alert to the list being displayed. - Make sure we have a lock on the alert when we are manipulating or accessing it. - Set the focus to the correct control when displaying an alert. - When adding alerts from the alert queue, make sure we iterate through the queue properly. - Allow keyboard navigation inside the alert window and support scroll bars. - Check if we have a valid code pointer before invoking a UI callback. - Make sure the main window is in the normal configuration before switching to a layout that rquires it. - When moving the main window around, if it comes close to an edge of the working area of the display, snap to it. - Maintain two sets of settings for the main window placement. One for the mini mode and one for the normal mode. - When processing saved window placement information from the configuration, handle docking hints which note which edges of the screen the main window should be adjacent to, if any. - Switching to the 'Basic' view disables the layout and column selection menus. - Position the new credentials dialog above the main window if the main window is visible. - The alert that is displayed to indicate that an identity has expired, now contains a command button that can be used to invoke the new credentials dialog for that identity. -- source - Update the documentation to reflect the change in behavior regarding KHUI_ACTIONREF_DEFAULT in khui_menu_insert_action() and khui_menu_insert_paction(). - Remove notes about menu access functions being not thread safe. This is no longer true. - Update the documentation for khui_alert_show() to document new behavior regarding KHUI_ALERT_FLAG_DISPATCH_CMD. - Update documentation to indicate which KHUI_ALERT_FLAG_* flags are internal and document the new KHUI_ALERT_FLAG_DISPATCH_CMD flag. - Augment the queue handling macros to support additional operations. Also add new tree data structure with an ordered list of children. - Code reorganization to reuse code for obtaining the caption and tooltip for a system defined action in netidmgr.exe. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19238 dc483132-0cff-0310-8789-dd5450dbe970
* Enable Vista support for MSLSAJeffrey Altman2007-03-201-9/+99
| | | | | | | | | | | | | | | | | The MSLSA: ccache type when used on Windows Vista can take advantage of an ability to write tickets to the LSA credential cache for the current logon session. This is possible due to the addition of the KERB_SUBMIT_TICKET interface. Also new to Vista is the CACHE_INFO_EX2 interface which permits a much more efficient method of enumerating the contents of the LSA credential cache. The code to take advantage of these features has been present for more than a year. However, due to the lack of a public SDK that included the necessary data structures the functionality has been disabled. As of this commit, the functionality will be enabled if the version of NTSecAPI.h includes TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS. This is a preprocessor symbol that is new to the Vista SDK. In order to build with the new Vista functionality when using the XP SP2 SDK, the NTSecAPI.h file from the Vista SDK must be used in place of the version from the XP SP2 SDK. This commit also addresses the issues associated with the inability to read session keys from a UAC limited process. When UAC limitation is detected by examining the process token elevation level all access to the MSLSA contents is disabled. At some point in the future we can implement an elevated COM service in order to obtain access to the session keys. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19237 dc483132-0cff-0310-8789-dd5450dbe970
* Zero sockaddrs in fai_add_entry() so we can compare them with memcmp()Alexandra Ellwood2007-03-191-0/+2
| | | | | | | | | | | | If we don't zero the struct sockaddrs in fai_add_entry() then any sin_zero fields will be left as random memory and the memcmp() will return that the addresses are different even if they aren't. ticket: new target_version: 1.6.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19235 dc483132-0cff-0310-8789-dd5450dbe970
* KfW automated build scripts & supporting filesKevin Koch2007-03-169-276/+899
| | | | | | | | | | Updated scripts & additional configuration files. Ticket: new Target_Version: 1.6.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19234 dc483132-0cff-0310-8789-dd5450dbe970
* Update 3.1.0 to 3.2.0; update location of sample directoryKevin Koch2007-03-161-3/+3
| | | | | | | | Ticket: 5409 Target_Version: 1.6.1 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19233 dc483132-0cff-0310-8789-dd5450dbe970
* Update build files for new version and file locationsKevin Koch2007-03-163-16/+13
| | | | | | | Target_Version: 1.6.1 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19232 dc483132-0cff-0310-8789-dd5450dbe970
* On Linux, add linker flags -Bsymbolic (makes for smaller libraries, atKen Raeburn2007-03-151-1/+1
| | | | | | | | the cost of being able to override the symbol names we export) and --no-undefined (errors out on shared library generation with undefined symbols). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19229 dc483132-0cff-0310-8789-dd5450dbe970
* Depend on kadm5 server library too, now that we use the config_params callsKen Raeburn2007-03-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19228 dc483132-0cff-0310-8789-dd5450dbe970
* Use "unsigned __int{16,32}" types for Windows in load_{16,32}_n, per KevinKen Raeburn2007-03-141-0/+8
| | | | | | ticket: 5425 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19227 dc483132-0cff-0310-8789-dd5450dbe970
* * kadm5_create.c: Include fake-addrinfo.h.Ken Raeburn2007-03-141-6/+21
| | | | | | | | | | (add_admin_princs): Use getaddrinfo instead of gethostbyname. Report the correct message on getaddrinfo errors, and return EINVAL to caller. ticket: 5257 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19226 dc483132-0cff-0310-8789-dd5450dbe970
* Fix tail portability problem by adding an expression test to theKen Raeburn2007-03-141-1/+1
| | | | | | | | existing awk invocation instead. Patch from Robert Basch at MIT. ticket: 5447 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19225 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-11-19 02:09:58 +0000