summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Added sanity checking so we can't dereference NULL trying to call a callbackAlexandra Ellwood2007-09-181-2/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19952 dc483132-0cff-0310-8789-dd5450dbe970
* Added additional debugging error checkingAlexandra Ellwood2007-09-181-2/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19951 dc483132-0cff-0310-8789-dd5450dbe970
* cci_array_move should work when the source and dest positions are equalAlexandra Ellwood2007-09-181-1/+2
| | | | | | | | Fixed so it does nothing when moving an element to its own index. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19950 dc483132-0cff-0310-8789-dd5450dbe970
* Make config.status itself update the timestamp file associated withKen Raeburn2007-09-172-2/+2
| | | | | | | autoconf.h, so that we don't need a redundant invocation of config.status during the first build. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19937 dc483132-0cff-0310-8789-dd5450dbe970
* wix installer - permit administrative installsJeffrey Altman2007-09-141-32/+3
| | | | | | | | | remove the registration requirement for administrative installs. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19936 dc483132-0cff-0310-8789-dd5450dbe970
* In the pkinit decoders, set up things properly so that asn1buf_sync()Tom Yu2007-09-131-3/+22
| | | | | | | | | behaves correctly and isn't acting on uninitialized variables. ticket: 5704 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19935 dc483132-0cff-0310-8789-dd5450dbe970
* Before the error-message tests, make sure the host principal exists,Ken Raeburn2007-09-111-3/+5
| | | | | | | so we get consistent errors. Expect the "keytab not found" error, rather than the "principal doesn't exist" error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19931 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed macro for cc_ccache_unlock and updated documentationAlexandra Ellwood2007-09-1027-39/+36
| | | | | | ticket: 4644 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19930 dc483132-0cff-0310-8789-dd5450dbe970
* 64-bit Windows krb5int_cc_default calls to LeashJeffrey Altman2007-09-051-1/+6
| | | | | | | | AMD64 builds must load leashw64.dll not leashw32.dll ticket:new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19929 dc483132-0cff-0310-8789-dd5450dbe970
* Revise patch to avoid 32-byte overflow which remained after theTom Yu2007-09-051-2/+10
| | | | | | | | | | | initial patch. Memory written to by the IXDR macro calls had not been accounted for. Thanks to Kevin Coffman, Will Fiveash, and Nico Williams for discovering this bug and assisting with patch development. ticket: 5706 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19923 dc483132-0cff-0310-8789-dd5450dbe970
* MSI installer for 64-bit AMD64Jeffrey Altman2007-09-059-314/+687
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for building 64-bit AMD64 MSI install packages in addition to 32-bit i386 MSI install packages. Differences between 32-bit MSI and 64-bit MSI include: * no krb4 binaries and libraries * no kclient binaries and libraries * no krb524 binaries and libraries * no leash32.exe * new AMD64 UpgradeCode permits parallel installation with 32-bit MSI * support for Visual Studio 2005 (VS8, CL1400) merge modules Open Issues: * 32-bit MSI installs kfwlogon.dll on AMD64 systems * 32-bit and 64-bit NetIDMgr.exe as startup. Need to decide which should be executed by default. Only one can run at a time. * Need to make sure that src/windows/build properly configures the site-local.wxi file for Visual Studio 2005 and platform. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19922 dc483132-0cff-0310-8789-dd5450dbe970
* 64-bit Windows gss.exe (gui version of gss-client.exe)Jeffrey Altman2007-09-052-3/+5
| | | | | | | | | | Now that krbcc64.lib exists we can build the gss.exe gss-api test client. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19921 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_fcc_generate_new is non-functionalEzra Peisach2007-09-052-49/+104
| | | | | | | | | | | | | File locking was non-existant in this code and fccs chained list was not used at all. This resulted in an assertion failure when closing the cache. Code has been reorganized to parallel the code in krb5_fcc_resolve for easier maintenence. Commented out test in t_cc.c has been updated to actually test this code. ticket:new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19920 dc483132-0cff-0310-8789-dd5450dbe970
* Rework error-mapping code to preserve status code values when returnedKen Raeburn2007-09-055-84/+179
| | | | | | | | | | | | | | | by only one mechanism. Revert RPC code to relying on this. Build error-mapping code on a bidirectional map instead of a simple array. When a status code is returned but has been seen returned from a different mechanism already, generate a new number, starting at 100,000. Use gssrpcint_printf for some more debugging code. ticket: 5654 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19919 dc483132-0cff-0310-8789-dd5450dbe970
* Bidirectional map template codeKen Raeburn2007-09-041-0/+194
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19918 dc483132-0cff-0310-8789-dd5450dbe970
* Fix bug in clearing of new storageKen Raeburn2007-09-041-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19917 dc483132-0cff-0310-8789-dd5450dbe970
* Support using valgrind on test programsKen Raeburn2007-09-042-1/+44
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19916 dc483132-0cff-0310-8789-dd5450dbe970
* revert accidental commit of gc_frm_kdc.cTom Yu2007-09-041-181/+20
| | | | | | ticket: 5707 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19915 dc483132-0cff-0310-8789-dd5450dbe970
* fix CVE-2007-4000 modify_policy vulnerabilityTom Yu2007-09-042-22/+184
| | | | | | | | | | | In kadm5_modify_policy_internal, check for nonexistence of policy before doing anything with it, to avoid memory corruption. ticket: new target_version: 1.6.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19914 dc483132-0cff-0310-8789-dd5450dbe970
* fix CVE-2007-3999 svc_auth_gss.c buffer overflowTom Yu2007-09-041-1/+1
| | | | | | | | | | | | Make sure svcauth_gss_validate adequately checks oa->oa_length prior to copying into rpcbuf. ticket: new target_version: 1.6.3 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19913 dc483132-0cff-0310-8789-dd5450dbe970
* bump accessor version numberTom Yu2007-09-041-1/+1
| | | | | | ticket: 3334 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19911 dc483132-0cff-0310-8789-dd5450dbe970
* Bail out if encoded "ticket" doesn't decode correctly. This allowsTom Yu2007-09-041-1/+2
| | | | | | | | t_cc test case to pass and allows non-tickets to be stored (for now). ticket: 5697 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19910 dc483132-0cff-0310-8789-dd5450dbe970
* GSS-API Win64 support Jeffrey Altman2007-09-021-1/+6
| | | | | | | | The name of the Leash API DLL on Win64 is "leashw64.dll". ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19909 dc483132-0cff-0310-8789-dd5450dbe970
* Make internal functions staticKen Raeburn2007-08-311-38/+38
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19900 dc483132-0cff-0310-8789-dd5450dbe970
* Don't export file keytab implementation functionsKen Raeburn2007-08-311-20/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19899 dc483132-0cff-0310-8789-dd5450dbe970
* Make ccache handle referrals better by storing both server principalTom Yu2007-08-291-3/+40
| | | | | | | | | | | | names if they differ between the creds structure and the encoded ticket and by looking up the server principal using the client's realm if not found and server's realm was initially the referral (empty) realm. ticket: 5697 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19898 dc483132-0cff-0310-8789-dd5450dbe970
* NIM file ccache support improvementsJeffrey Altman2007-08-294-60/+163
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NIM supports the ability of the user to specify an explicit ccache name for use with an identity. If this ccache is a FILE ccache, we need to be able to store credentials into the ccache. krb5cred.dll did not previously specify the KRB5_TC_OPENCLOSE flag on the ccache when setting other flags such as KRB5_TC_NOTICKET (which is used with MSLSA ccaches). As a result, open/close mode was turned off, the ccache file would be opened in read-only mode and attempts to store credentials into the ccache would fail. This is fixed by specifying KRB5_TC_OPENCLOSE when setting the ccache flags. When a CCAPI implementation is unavailable, we need to automatically generate the FILE ccache name if one has not already been specified. We default to a file stored in the user's Local Settings\Temp directory. The generated ccache is then added to the file ccache watch list. Finally, some users have complained about the behavior of Microsoft Vista's UAC mode and how it makes the CCAPI cache useless for storing credentials that must be used in conjunction with processes that do not have restricted privileges since those processes run in a separate logon session. For these users we have added a "DefaultToFileCache" registry value that can be specified to force the use of FILE ccaches in preference to CCAPI ccaches when there is no explicit ccache specified for a given identity. Unlike CCAPI ccaches, the FILE ccaches are accessible from both restricted and unrestricted processes when UAC is active. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19897 dc483132-0cff-0310-8789-dd5450dbe970
* NIM - a small readability changeJeffrey Altman2007-08-291-1/+1
| | | | | | | | | | Instead of testing for NOT the machine key, test for is the user key. ticket: new component: windows/identity/kconfig/api.c git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19896 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: remove unused symbolsJeffrey Altman2007-08-291-2/+0
| | | | | | | | | | Remove unused preprocessor symbols automatically added by Visual Studio's dialog editor. ticket: new component: windows/identity/ui/resource.h git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19895 dc483132-0cff-0310-8789-dd5450dbe970
* -S sname option for kvnoTom Yu2007-08-292-7/+32
| | | | | | | | | | | | New option to use krb5_sname_to_principal() for building principal names, which is useful for testing referrals. ticket: new target_version: 1.6.3 tags: pullup component: krb5-clients git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19894 dc483132-0cff-0310-8789-dd5450dbe970
* test program build problemKen Raeburn2007-08-293-78/+113
| | | | | | | | | | | | | | | | | Split out the "standalone" test code from trval.c, so we produce trval.o only once, instead of twice with different compilation flags. One case generated the "trval" program directly, but produced and deleted trval.o as an intermediate step in the compiler, which messes things up if make thinks it's already built trval.o for another test program. Make the standalone test into t_trval. Build problem reported by Will Fiveash of Sun, about ten minutes ago. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19893 dc483132-0cff-0310-8789-dd5450dbe970
* Windows 64-bit CCAPI DLL nameJeffrey Altman2007-08-291-0/+4
| | | | | | | | | The 64-bit CCAPI DLL name is krbcc64.dll not krbcc32.dll. Conditionalize it on _WIN64. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19892 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: 64-bit Windows Support and Removal of Compile Time WarningsJeffrey Altman2007-08-2840-568/+713
| | | | | | | | | | | | | | | | | | | | | | | | This patch permits Network Identity Manager to be built for 64-bit Windows. In the process all compile time warnings have been taken care of. For 64-bit Windows, we do not build the Kerberos v4 Credential Provider and we will not attempt to load the krb524 library. Note that when testing the 64-bit NIM, there is no CCAPI at the moment so you must manually specify a FILE: ccache as part of the identity's Kerberos v5 configuration if you want to use cache's other than the MSLSA. This patch also consolidates the computation of the default ccache name into utility functions: khm_krb5_get_identity_default_ccache khm_krb5_get_identity_default_ccacheA ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19891 dc483132-0cff-0310-8789-dd5450dbe970
* Implement KRB5_ATTR_DEPRECATED for WindowsKen Raeburn2007-08-281-0/+2
| | | | | | ticket: 2836 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19890 dc483132-0cff-0310-8789-dd5450dbe970
* Remove macros and associated comments that appear to be forKen Raeburn2007-08-281-65/+0
| | | | | | | | | | | multiple-inclusion protection of only sub-portions of k5-int.h, presumably from a time when those portions were separate files. Since the entire file is now protected against multiple inclusions, these other macros aren't needed. A few are left, mostly because they also appear in other files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19889 dc483132-0cff-0310-8789-dd5450dbe970
* For gcc 4.x, add sentinel attribute to krb5_build_principalKen Raeburn2007-08-271-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19888 dc483132-0cff-0310-8789-dd5450dbe970
* Define KRB5_ATTR_DEPRECATED (and undef at end of file) and attach itKen Raeburn2007-08-271-7/+15
| | | | | | | | | | | | to the function declarations enabled by KRB5_DEPRECATED. Definition depends on having GCC version 3.2.3 or later. (Earlier versions may have supported it, but that's what I found docs for. Windows compiler support coming later, based on Jeff's suggestions.) ticket: 2836 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19887 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore KRB5_ATTR_DEPRECATEDKen Raeburn2007-08-271-0/+1
| | | | | | | ticket: 2836 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19886 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unused codesKen Raeburn2007-08-271-4/+0
| | | | | | ticket: 5642 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19885 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused PLURAL macroKen Raeburn2007-08-271-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19884 dc483132-0cff-0310-8789-dd5450dbe970
* Missing ../ in relative pathAlexandra Ellwood2007-08-271-1/+1
| | | | | | ticket: 5670 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19883 dc483132-0cff-0310-8789-dd5450dbe970
* Updated so that paths are now relative and don't contain my homedir.Alexandra Ellwood2007-08-271-6/+6
| | | | | | | | Oops. ticket: 5670 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19882 dc483132-0cff-0310-8789-dd5450dbe970
* Windows 64-bit - avoid missing symbol errorsJeffrey Altman2007-08-271-2/+2
| | | | | | | | | | | | | Microsoft defaults stack checking (/Gs) to on. This requires that bufferoverflowU.lib be included in the link step. The macro SCLIB in the build system specifies this library on versions of Windows that require it. Include SCLIB on the link line of the makefile. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19881 dc483132-0cff-0310-8789-dd5450dbe970
* Change use of choice_pa_pk_as_rep_UNKNOWN toEzra Peisach2007-08-261-1/+1
| | | | | | | | | choice_pa_pk_as_rep_draft9_UNKNOWN to cleanup warning... Value of enum same in both cases... ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19880 dc483132-0cff-0310-8789-dd5450dbe970
* If libdir is /usr/lib, don't add the -L argument to the library flagsKen Raeburn2007-08-251-1/+7
| | | | | | | | to be output. ticket: 5657 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19879 dc483132-0cff-0310-8789-dd5450dbe970
* Expect keytab error to be reportedKen Raeburn2007-08-251-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19878 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_free_addrlist needed tooKen Raeburn2007-08-251-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19877 dc483132-0cff-0310-8789-dd5450dbe970
* Oops, _krb5_conf_boolean is needed by a test programKen Raeburn2007-08-251-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19876 dc483132-0cff-0310-8789-dd5450dbe970
* Remove from export list several encode_* and decode_* symbols that areKen Raeburn2007-08-241-13/+0
| | | | | | | | | not used outside the krb5 library. (In some cases, the only use is in our own test programs, which means two things: The test programs should probably be changed to use the accessor interface, and some of the newer encoder/decoder functions aren't being unit-tested.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19875 dc483132-0cff-0310-8789-dd5450dbe970
* Stop exporting _krb5_* (note leading underscore) and asn1* symbolsKen Raeburn2007-08-241-158/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19874 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-18 19:32:58 +0000