summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* The fallback to slave kdc's wasn't working because the code did not handleRichard Basch1996-05-062-0/+7
| | | | | | the error return "KRB524_NOTRESP". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7906 dc483132-0cff-0310-8789-dd5450dbe970
* Include the uid in the replay cachenameRichard Basch1996-05-063-1/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7905 dc483132-0cff-0310-8789-dd5450dbe970
* * rsh.exp: Setup a wrapper script in executing klist in the remoteEzra Peisach1996-05-063-2/+18
| | | | | | | | | shell so that environment variables are properly set. * kadmin.exp: (kpasswd_cpw): After giving new password, wait for the newline or we hang waiting for the process to finish. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7904 dc483132-0cff-0310-8789-dd5450dbe970
* Use a wrapper script when invoking login.krb5 in order for sharedEzra Peisach1996-05-062-1/+14
| | | | | | libraries to be setup properly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7903 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp: Add procedure setup_wrapper to first setup shared libraryEzra Peisach1996-05-062-0/+32
| | | | | | | | | environment variables and the exec program. This allows for easy testing of "rsh $hostname klist" which would normally fail due to shared libraries not being setup. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7902 dc483132-0cff-0310-8789-dd5450dbe970
* preauth.c: Add const and casts as needed to handle warnings..Ezra Peisach1996-05-052-7/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7901 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp: For stty_init set to \^h as on some /bin/sh, ^ isEzra Peisach1996-05-052-1/+6
| | | | | | | | | | treated as a pipe. I had never heard of this until under DU 3.2 the tests started failing until I read the sh man page. Apparently ^ is for some very old compatibility. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7900 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn1996-05-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7899 dc483132-0cff-0310-8789-dd5450dbe970
* work around process group problems; recognize certain failure modes (e.g.,Ken Raeburn1996-05-043-9/+67
| | | | | | connection closed) better; work around gnu getopt problem git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7898 dc483132-0cff-0310-8789-dd5450dbe970
* cygnus merge: sscanf workaround; logs for sam testsKen Raeburn1996-05-042-3/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7897 dc483132-0cff-0310-8789-dd5450dbe970
* * rsh.exp: Add tests for ticket forwardingKen Raeburn1996-05-046-47/+164
| | | | | | | | | | | | | | | | | | | | | * kadmin.exp and gssapi.exp: Fix syntax of expect_after blocks. The -i $foo must be inside the {, and the { must be by itself at the end of the line. * gssftp.exp (start_ftp_daemon): use krb5.conf, not krb.conf * gssftp.exp (ftp_test): Explicitly select binary mode. * kadmin.exp: Don't look at output from kadmind to drain it; that problem is handled elsewhere now. * kadmin.exp (kadmin_delete, kamind_add, kadmin_add_rnd, kadmin_examine, kadmin_cpw, kadmin_cpw_rnd, kadmin_modify, kadmin_rename, kadmin_list, kadmin_extract, kadmin_extractv4): check for "lost KDC" as well. * kadmin.exp (kadmin_show): extend regexp to match current kadmin interface. (kadmin_add): match more of extended output (tentative change, should be expanded later to actually check the values.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7896 dc483132-0cff-0310-8789-dd5450dbe970
* Tue Apr 2 22:22:47 1996 Chris Provenzano <proven@cygnus.com>Ken Raeburn1996-05-042-45/+115
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * default.exp : Do an stty to set kill and erase correctly. Things don't work if kill is set to '@'. Fri Mar 29 15:02:32 1996 Chris Provenzano <proven@cygnus.com> * default.exp : Always use variable BINSH instead of sh. Use -f flag with kinit to get forwardable tickets. Setup kdc.conf to allow forwardable tickets. Thu Mar 28 17:30:55 1996 Ken Raeburn <raeburn@cygnus.com> * default.exp (touch, tail1): New proc. (start_kerberos_daemons, stop_root_shell): Use them, and sleep built-in cmd. Wed Mar 27 22:43:08 1996 Ken Raeburn <raeburn@cygnus.com> * default.exp (start_kerberos_daemons): Use ">>" to avoid updating mod time on kadmind log file. Wed Mar 27 21:35:57 1996 Marc Horowitz <marc@mit.edu> * default.exp: (start_kerberos_daemons): exec the kadmind inside an sh to redirect stderr (this is a pending bug), and keep the same pid, so that stop_kerberos_daemons doesn't leave a kadmind running. Wed Mar 27 21:24:35 1996 Marc Horowitz <marc@mit.edu> * default.exp: (start_kerberos_daemons): add a check for "cannot initialize network" as a failure message to the kadmind5 startup expect checks Wed Mar 27 21:10:47 1996 Marc Horowitz <marc@mit.edu> * default.exp (start_kerberos_daemons): use ezra's KDC tail changes for kadmind5, too. * rlogin.exp (start_rlogin_daemon): start klogind with sh -c so that setsid() won't fail due to the process already being the leader of a process group git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7895 dc483132-0cff-0310-8789-dd5450dbe970
* * kinit.c (krb5_validate_tgt): new function, takes a credential cache with anKen Raeburn1996-05-042-1/+64
| | | | | | | | | | tgt with the "invalid flag" set, and asks the kdc to validate it. Wipes cache and stores only the newly validated credential. (After all, there won't be any others, because the invalid krbtgt couldn't have gotten them.) Most of the code is taken from krb5_mk_req, since it did the right thing. (main): add -v option, validates the ticket already in the selected cache. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7894 dc483132-0cff-0310-8789-dd5450dbe970
* *** empty log message ***Ken Raeburn1996-05-041-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7893 dc483132-0cff-0310-8789-dd5450dbe970
* Tue Apr 2 22:31:48 1996 Mark Eichin <eichin@cygnus.com>Ken Raeburn1996-05-044-3/+18
| | | | | | | | | | | | * krb5.conf.M, krb5.conf: add default_tkt_enctypes. Wed Mar 27 22:44:36 1996 Mark Eichin <eichin@cygnus.com> * krb5.conf, kdc.conf: specify des-cbc-crc as the only valid enctype (but permit normal, v4, norealm, onlyrealm, and afs3 salttypes.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7892 dc483132-0cff-0310-8789-dd5450dbe970
* decls for new routinesKen Raeburn1996-05-042-0/+33
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7891 dc483132-0cff-0310-8789-dd5450dbe970
* * get_creds.c (krb5_get_credentials_core): new function. Common part ofKen Raeburn1996-05-045-28/+197
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | krb5_get_credentials and krb5_get_credentials_validate. Some formerly local variables are now arguments. (krb5_get_credentials): same as before, but calls _core to do some of the work. (krb5_get_credentials_validate): uses krb5_get_cred_from_kdc_validate and only stores the returned credential in the cache, instead of storing all of them. * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): new function. Same body as krb5_get_cred_from_kdc, but takes one new argument, kdcopts, and combines it with the other kdc options when calling krb5_get_cred_via_tkt. This is static and only called by (krb5_get_cred_from_kdc): a wrapper that provides the same function it did before, and (krb5_get_cred_from_kdc_validate): a wrapper that passes KDC_OPT_VALIDATE, so that kinit can use it. We'll probably need another one for renewing tickets as well. * rd_req_dec.c (krb5_rd_req_decoded_opt): new function. Same body as krb5_rd_req_decoded, but takes one new argument, check_valid_flag, to determine whether or not to check if the "invalid flag" is set in the ticket. Also made static, so that it is only called via: (krb5_rd_req_decoded): wrapper for krb5_rd_req_decoded_opt that specifies the "invalid flag" gets checked, and (krb5_rd_req_decoded_anyflag): wrapper for krb5_rd_req_decoded_opt that specifies that the "invalid flag" doesn't get checked. (This version is only called from kdc_util.c:kdc_process_tgs_req.) * str_conv.c (krb5_string_to_timestamp): double check that strptime at least parsed *some* of the string, avoid degenerate cases from GNU libc strptime. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7890 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_decode.c (decode_krb5_enc_tkt_part): use tagnum correctly to handleKen Raeburn1996-05-042-3/+10
| | | | | | optional starttime (previous code *always* replaced starttime with authtime.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7889 dc483132-0cff-0310-8789-dd5450dbe970
* missing log entriesKen Raeburn1996-05-031-0/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7888 dc483132-0cff-0310-8789-dd5450dbe970
* Add code to support appropriate behavior when the input credentials isTheodore Tso1996-05-032-13/+51
| | | | | | | | NULL (i.e., the default credential). We use the default credential for the "default mechanism", which is the first mechanism registered with the library. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7887 dc483132-0cff-0310-8789-dd5450dbe970
* * ss_wrapper.c (main): Make sci_idx a global. This makes certain CygnusKen Raeburn1996-05-033-1/+33
| | | | | | | | customizations simpler. * dump.c (restore_dump): If header indicates a beta-5 dump, process it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7886 dc483132-0cff-0310-8789-dd5450dbe970
* missing log entriesKen Raeburn1996-05-023-1/+40
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7885 dc483132-0cff-0310-8789-dd5450dbe970
* Cygnus merge: new option -s to set tgt start timeKen Raeburn1996-05-023-9/+50
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7884 dc483132-0cff-0310-8789-dd5450dbe970
* cygnus merge:Ken Raeburn1996-05-028-64/+156
| | | | | | | | | | | | | | | | | | | | | | | | | * configure.in: Fix typo in Apr 16 HP-UX change. * state.c (envvarok): nuke all KRB5* environment variables, not just the previously selected ones. * telnetd.c (telnet -> doit): moved SIGTTOU handler before the first thing which would cause the terminal driver to get upset. * sys_term.c (line): Remove initialization silliness. The non-GNUC method was Just Wrong, do it the other way always. (Xline): Specify length, not contents. * termio-tn.c (readstream_termio): new file, provides isolated version of M_IOCTL handling for systems where termio and termios can't be compiled together. * termios-tn.c (readstream_termios): new file, provides isolated version of M_IOCTL handling for systems where termio and termios can't be compiled together. * telnetd.c (readstream): use readstream_termios and readstream_termio to handle getmsg with M_IOCTL. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7883 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (tgz-bin, pkgdir): New targets.Ken Raeburn1996-05-014-4/+32
| | | | | | | | | | | (PKGDIR, GZIPPROG): New variables. * aclocal.m4 (WITH_NETLIB): Don't look for socket lib on Irix. * aclocal.m4 (MAKE_SUBDIRS): Disable hack that tries to determine if "-k" or "-i" was given. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7882 dc483132-0cff-0310-8789-dd5450dbe970
* Merge with Cygnus sources, changes from Mark Eichin, Marc Horowitz, ChrisKen Raeburn1996-05-0113-629/+1547
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Provenzano and me: * Makefile.in (install): Install correct set of man pages, and check for failures. * kshd.M, klogind.M: Renamed from kr*.M versions. * login.M: New file. Man page for login with some description of new features. * rlogin.M: Remove references to using program with target hostname as argv[0]. * rsh.M: Ditto. Also document -f, -F, -x options. * login.c: Massive changes. Split much functionality out of main and into separate file sections: terminal flag settings, Kerberos 4 and 5 support, UNIX password support, mail check, signal handler handling, some other support routines. Revamp controlling tty and process group handling. For AFS configuration, use setpag and run aklog. Try validating password using krb5. Always set tty flags, not just for rlogin session. When validating tickets, treat an existing key file that doesn't contain the key we think we want (possibly because DNS was spoofed) as an error condition. * Makefile.in (LOGINLIBS): List libkrb524.a here. (LIBOBJS): Not here. (login.krb5): Reverse the order of LIBOBJS and LOGINLIBS. * configure.in: Check for --with-afs. Add AFS libs and define SETPAG if supplied. * login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new macros selecting single signon options. krb5.conf profile support for control over authentication options, above the compile time selection. (conf_affirmative): new function, recognize yes/no in profile value. (login_get_kconf): new function, look for all [login] flags and set them in appropriate globals (via login_conf_set array.) (main, sleepexit, destroy_tickets): Check the new login_* flags. (main): rename KRB4_USE_524 to KRB4_CONVERT. * configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid. * krlogind.c (control): Use tcgetpgrp if it's available. * loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04 versions, conditionalized on __hpux and !hpux. * login.c and configure.in: instead of checking _IBMR2 and __sgi__, write configure tests to check for the existence of /etc/environment and /etc/TIMEZONE files, respectively. * forward.c (rd_and_store_for_creds) : If chown fails then only pass failure back if owner is different than intended owner. This is to make rsh.exp test work without requiring root privlidges. * login.c (main): Don't set TERM to an empty value. (stypeof) [__hpux]: Return null if unknown. * krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix. (speeds): test __hpux for hpux speed list. (main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN (USE_TERMIO): test __hpux for bsdtty/ptyio headers. * krlogind.c: test __hpux for bsdtty/ptyio headers. (doit): test __hpux for use of setpgrp2. * krcp.c (main): test __hpux as well for remsh vs. rsh. * krcp.c (des_write): Make sure the buffer for the encrypted data is large enough. Only return an error in malloc fails. * krsh.c (main): Always turn on anyport -A option. * krlogind.c (ptsname): Declare if it's going to be used. * krshd.c (main): Use basename of argv[0] for progname. * login.c (dofork): On linux, TIOCNOTTY causes us to die on a SIGHUP, so don't even try it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7881 dc483132-0cff-0310-8789-dd5450dbe970
* hpux is unix. really, it isKen Raeburn1996-05-012-0/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7880 dc483132-0cff-0310-8789-dd5450dbe970
* previously checked-in changesKen Raeburn1996-05-011-0/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7879 dc483132-0cff-0310-8789-dd5450dbe970
* Removed duplicate #include <fcntl.h>Richard Basch1996-04-301-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7878 dc483132-0cff-0310-8789-dd5450dbe970
* clean up configure output styleKen Raeburn1996-04-302-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7877 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (libkrb5.$(STEXT)): Set a variable with or without "--force" andKen Raeburn1996-04-302-14/+15
| | | | | | | | | use it, instead of duplicating the rest of the code. Use LIBDONE as list to process, so berk_db will be skipped when not in use. Check exit status of LIBUPDATE invocation. Remove library before creating as workaround for libupdate bug. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7876 dc483132-0cff-0310-8789-dd5450dbe970
* * t_ser.c (stuff): New variable.Ken Raeburn1996-04-304-12/+28
| | | | | | | | | | | | | | | (ser_acontext_test, ser_eblock_test, ser_cksum_test): Use it, instead of assuming it's valid to treat &FUNCTION as a data pointer. * conv_princ.c (sconv_list): Now const. (krb5_*_conv_principal): Use pointer to const for it. Tue Apr 23 19:39:59 1996 Mark Eichin <eichin@cygnus.com> * get_creds.c (krb5_get_credentials): this isn't the kernel, so don't return negative errno values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7875 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Test that regcomp actually worksKen Raeburn1996-04-305-7/+27
| | | | | | | | * Makefile.in (check-unix): Use $(RM). * t_an_to_ln.c (main): Print principal name when an error is detected. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7874 dc483132-0cff-0310-8789-dd5450dbe970
* log for mark's sam changesKen Raeburn1996-04-301-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7873 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Invoke AC_C_CROSS before AC_TRY_RUN to pretty up output formatKen Raeburn1996-04-303-3/+17
| | | | | | | * Makefile.in (autoconf.h): Use timestamp file to prevent repeated rebuilding if file timestamp is out of date but contents wouldn't change. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7872 dc483132-0cff-0310-8789-dd5450dbe970
* log for mark's sam changes of 4/9Ken Raeburn1996-04-301-0/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7871 dc483132-0cff-0310-8789-dd5450dbe970
* Added compile/link lines to build a PowerPC CFM shared librariesTheodore Tso1996-04-302-1/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7870 dc483132-0cff-0310-8789-dd5450dbe970
* Added prototype for getpeername()Theodore Tso1996-04-302-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7869 dc483132-0cff-0310-8789-dd5450dbe970
* Removed PROVIDE_SNEFRU (shouldn't be there) and added PROVIDE_CRC32Theodore Tso1996-04-302-1/+6
| | | | | | (was originally in k5-int.h). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7868 dc483132-0cff-0310-8789-dd5450dbe970
* Fix Windows definition of PROVIDE_DES_CBC_RAW so that the raw DESTheodore Tso1996-04-302-9/+12
| | | | | | | cryptosystem is properly included. Removed Macintosh definitions of PROVIDE_* since that is done in mac/libaries/KerberosHeaders.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7867 dc483132-0cff-0310-8789-dd5450dbe970
* For windows, mask off low 16 bits because Gradient DCE does thingsTheodore Tso1996-04-304-1/+57
| | | | | | wrong. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7866 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (libcrypto.$(STEXT)): Remove before creatingKen Raeburn1996-04-302-0/+5
| | | | | | Temporary workaround to avoid getting multiple versions of .o files in libs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7865 dc483132-0cff-0310-8789-dd5450dbe970
* login man page by mark eichinKen Raeburn1996-04-292-0/+70
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7864 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (install): Install correct set of man pages, and check forKen Raeburn1996-04-294-7/+17
| | | | | | | failures. * kshd.M, klogind.M: Renamed from kr*.M versions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7863 dc483132-0cff-0310-8789-dd5450dbe970
* The rd_req has to allow any local service principal, as the host may haveRichard Basch1996-04-282-21/+30
| | | | | | multiple names and multiple "host" keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7861 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed a potentional null dereferenceRichard Basch1996-04-282-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7860 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace cleanupRichard Basch1996-04-252-19/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7858 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4 (V5_USE_SHARED_LIB): Remove another dependency in theEzra Peisach1996-04-242-1/+6
| | | | | | | | executables on the build tree. The built executables should not look in the build tree for shared libraries... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7857 dc483132-0cff-0310-8789-dd5450dbe970
* One could not specify -c in inetd.conf, because of theRichard Basch1996-04-222-10/+12
| | | | | | | variable initialization; initialization has been corrected to allow either checksumming or ignoring the checksum. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7855 dc483132-0cff-0310-8789-dd5450dbe970
* Update the two sections I worked on with comments from jhawk. I don'tSam Hartman1996-04-212-37/+44
| | | | | | | have time to implement the rest of his comments to the document as a whole. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7853 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-03 18:29:26 +0000