diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2001-09-26 03:47:47 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2001-09-26 03:47:47 +0000 |
| commit | ed96414c30ce1f6bad4f0f1f22b6d2d8800cc008 (patch) | |
| tree | 6c98a25e645cb611608a3a8ef3090c54fd71fdd1 /src/include | |
| parent | e5de98cc3e7d32615193b106ed4193bb532a6532 (diff) | |
| download | krb5-ed96414c30ce1f6bad4f0f1f22b6d2d8800cc008.tar.gz krb5-ed96414c30ce1f6bad4f0f1f22b6d2d8800cc008.tar.xz krb5-ed96414c30ce1f6bad4f0f1f22b6d2d8800cc008.zip | |
better realm transit path checking for app server
transit path checking enforcement for kdc; supporting code, doc update
[merged from 1.2.3 release branch]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13758 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/ChangeLog | 2 | ||||
| -rw-r--r-- | src/include/krb5.hin | 2 | ||||
| -rw-r--r-- | src/include/krb5/ChangeLog | 6 | ||||
| -rw-r--r-- | src/include/krb5/adm.h | 5 |
4 files changed, 12 insertions, 3 deletions
diff --git a/src/include/ChangeLog b/src/include/ChangeLog index 6695c20e9..c7f210c61 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -4,6 +4,8 @@ TKT_FLG_OK_AS_DELEGATE, TKT_FLG_ANONYMOUS): New macros. (KDC_OPT_REQUEST_ANONYMOUS, KDC_OPT_DISABLE_TRANSITED_CHECK): Likewise. + (krb5_check_transited_list): Pointed-to krb5_data structures are + now all const. 2001-09-05 Ken Raeburn <raeburn@mit.edu> diff --git a/src/include/krb5.hin b/src/include/krb5.hin index a7fe2b712..fab9f8acb 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -1,7 +1,7 @@ /* * include/krb5.h * - * Copyright 1989,1990,1995 by the Massachusetts Institute of Technology. + * Copyright 1989,1990,1995,2001 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may diff --git a/src/include/krb5/ChangeLog b/src/include/krb5/ChangeLog index 2fa911042..a330549af 100644 --- a/src/include/krb5/ChangeLog +++ b/src/include/krb5/ChangeLog @@ -1,3 +1,9 @@ +2001-09-25 Ken Raeburn <raeburn@mit.edu> + + * adm.h (struct __krb5_realm_params): Added fields + realm_reject_bad_transit, realm_reject_bad_transit_valid; deleted + field realm_filler. + 2001-07-25 Ezra Peisach <epeisach@mit.edu> * kdb.h: For structs krb5_tl_data (tl_data_length), krb5_key_data diff --git a/src/include/krb5/adm.h b/src/include/krb5/adm.h index b3a2b6af3..820f652b9 100644 --- a/src/include/krb5/adm.h +++ b/src/include/krb5/adm.h @@ -1,7 +1,7 @@ /* * include/krb5/adm.h * - * Copyright 1995 by the Massachusetts Institute of Technology. + * Copyright 1995,2001 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -208,13 +208,14 @@ typedef struct __krb5_realm_params { krb5_timestamp realm_expiration; krb5_flags realm_flags; krb5_key_salt_tuple *realm_keysalts; + unsigned int realm_reject_bad_transit:1; unsigned int realm_kadmind_port_valid:1; unsigned int realm_enctype_valid:1; unsigned int realm_max_life_valid:1; unsigned int realm_max_rlife_valid:1; unsigned int realm_expiration_valid:1; unsigned int realm_flags_valid:1; - unsigned int realm_filler:7; + unsigned int realm_reject_bad_transit_valid:1; krb5_int32 realm_num_keysalts; } krb5_realm_params; #endif /* KRB5_ADM_H__ */ |