summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the front of theKen Raeburn2003-04-182-0/+6
| | | | | | | | | list. No 128-bit support by defaut. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15358 dc483132-0cff-0310-8789-dd5450dbe970
* * dk_encrypt.c (krb5int_aes_dk_encrypt): Set output length properlyKen Raeburn2003-04-182-0/+7
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15357 dc483132-0cff-0310-8789-dd5450dbe970
* * g_ad_tkt.c: Added support for login library to get_ad_tkt. Support is ↵Alexandra Ellwood2003-04-142-0/+16
| | | | | | copied from Mac Kerberos4 library and conditionalized for USE_LOGIN_LIBRARY to avoid changing get_ad_tkt's behavior for non-Kerberos Login Library builds git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15352 dc483132-0cff-0310-8789-dd5450dbe970
* Finish implementation of CBC+CTS decryption and truncated HMAC for AES.Ken Raeburn2003-04-139-36/+348
| | | | | | | | | Fix memory management bugs. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15351 dc483132-0cff-0310-8789-dd5450dbe970
* Obscure memory leak in asn1_decode_kdc_req_bodyEzra Peisach2003-04-132-1/+20
| | | | | | | | | | | | * asn1_k_decode.c (asn1_decode_kdc_req_body): Fix memory leak if optional server field is lacking, ticket: new component: krb5-libs target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15350 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid really, really huge cpu time usage caused by iteration count inKen Raeburn2003-04-132-0/+11
| | | | | | | | | | | | | spoofed preauth data. (Merely huge cpu time usage is probably still possible.) * aes_s2k.c (krb5int_aes_string_to_key): Return an error if the supplied iteration count is really, really large. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15349 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in krb5_read_passwordKen Raeburn2003-04-132-6/+8
| | | | | | | | | | | * read_pwd.c (krb5_read_password): Always free temporary storage used for verification version of password. ticket: new target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15348 dc483132-0cff-0310-8789-dd5450dbe970
* update for 1.3a2Tom Yu2003-04-121-23/+67
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15344 dc483132-0cff-0310-8789-dd5450dbe970
* build libtelnet with library build frameworkTom Yu2003-04-113-12/+22
| | | | | | | | | | | | | * Makefile.in: Use library build framework. * configure.in: Add support for library build framework. Remove old explicit checks for ranlib, etc. ticket: new target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15341 dc483132-0cff-0310-8789-dd5450dbe970
* back out requirement of autoconf-2.53Tom Yu2003-04-104-1/+15
| | | | | | | | | | | | | Back out requirement of autoconf-2.53, as MacOS X doesn't have it. To compensate, place warning in util/reconf if autoconf-2.52 is discovered. ticket: new status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15339 dc483132-0cff-0310-8789-dd5450dbe970
* Thanks, patch appliedTom Yu2003-04-093-4/+26
| | | | | | | | | | | | | | * kerberos.c (kerberos4_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. * kerberos5.c (kerberos5_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. ticket: 1362 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15338 dc483132-0cff-0310-8789-dd5450dbe970
* etype info handling infinite loopSam Hartman2003-04-092-2/+9
| | | | | | | | | | | If a request contains no des-cbc-crc enctype bumt des-cbc-crc or des-cbc-md5 existis in the database then an infinite loop is created. Fix etype info handling to avoid this. ticket: new Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15332 dc483132-0cff-0310-8789-dd5450dbe970
* document krb4 cross-realm patchTom Yu2003-04-082-0/+148
| | | | | | | | | | | | * krb4-xrealm.txt: New file. Describe the krb4 cross-realm patchkit. Copied from 2003-004-krb4_patchkit. ticket: new target_version: 1.3 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15326 dc483132-0cff-0310-8789-dd5450dbe970
* * krshd.c (main): Use LOG_AUTH syslog facility, not LOG_DAEMON, for consistencyKen Raeburn2003-04-082-3/+8
| | | | | | | | | | | with krlogind.c. ticket: 844 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15325 dc483132-0cff-0310-8789-dd5450dbe970
* * fake-addrinfo.h (getaddrinfo) [NUMERIC_SERVICE_BROKEN]: Overwrite the portKen Raeburn2003-04-072-11/+19
| | | | | | | | | | number only if a numeric service port was supplied. ticket: 1392 status: open target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15324 dc483132-0cff-0310-8789-dd5450dbe970
* don't install in-tree libdbTom Yu2003-04-0211-17/+61
| | | | | | | | | | | | | Don't install the in-tree libdb. This requires that libkdb, etc. explicitly pull in the object files of the in-tree libdb if not using the system libdb. ticket: new status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15320 dc483132-0cff-0310-8789-dd5450dbe970
* * fake-addrinfo.h (COPY_FIRST_CANONNAME) [_AIX]: Define.Ken Raeburn2003-04-022-9/+55
| | | | | | | | | | | | | (GET_HOST_BY_NAME) [_AIX]: New version for AIX version of gethostbyname_r. (getaddrinfo) [NUMERIC_SERVICE_BROKEN]: Use "discard" as a dummy service name instead of none at all. Don't check for unsigned value less than zero. (getaddrinfo) [COPY_FIRST_CANONNAME]: Set any ai_canonname fields other than the first one to null. ticket: 1392 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15317 dc483132-0cff-0310-8789-dd5450dbe970
* * unparse.c (krb5_unparse_name_ext): Don't move buffer pointer backwards ifKen Raeburn2003-04-012-1/+5
| | | | | | | | nothing has been put into the buffer yet. ticket: 1397 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15314 dc483132-0cff-0310-8789-dd5450dbe970
* Red Hat's krb5_princ_size fixesKen Raeburn2003-04-0116-15/+73
| | | | | | | | ticket: 1397 status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15312 dc483132-0cff-0310-8789-dd5450dbe970
* If the auth context does not have the DO_TIME flag set and no replaySam Hartman2003-04-012-1/+8
| | | | | | | | | cache is available, do not generate one. ticket: 1400 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15311 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4: Require autoconf-2.53, since 2.52 generatesTom Yu2003-04-012-1/+6
| | | | | | | | | | | configure scripts that NetBSD /bin/sh doesn't like. ticket: 1384 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15310 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (start_kerberos_daemons): If we get a timeoutTom Yu2003-03-282-0/+9
| | | | | | | looking for the mark, log out the last 10 lines of the kdc logfile. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15309 dc483132-0cff-0310-8789-dd5450dbe970
* * kcmd.c (kcmd_connect): Log errors if a connect to port 0 is attempted.Ken Raeburn2003-03-282-3/+35
| | | | | | | Report port number in connection failure. (setup_secondary_channel): Use socklen_t for socket address length. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15307 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (verify_enc_timestamp): Save decryption error, inTom Yu2003-03-282-1/+20
| | | | | | | | | | | | | case we get NO_MATCHING_KEY later. This allows us to log a more sane error if an incorrect password is used for encrypting the enc-timestamp preauth. ticket: 1324 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15306 dc483132-0cff-0310-8789-dd5450dbe970
* fix test suite to reflect loss of des3-krb4Tom Yu2003-03-266-86/+42
| | | | | | | | | | | | | | Fix a few things broken by fix for MITKRB5-SA-2003-004, since kiniting to a des3 TGT intentionally no longer works. Remove code to set up kadmind srvtab, as it's not needed anymore. ticket: new status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15303 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2003-003: xdrmem int overflowsTom Yu2003-03-242-6/+21
| | | | | | | | | | | | | * xdr_mem.c (xdrmem_create): Perform some additional size checks. (xdrmem_getlong, xdrmem_putlong, xdrmem_getbytes): Check x_handy prior to decrementing it. ticket: new status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15300 dc483132-0cff-0310-8789-dd5450dbe970
* fix kadmind startup failure with krb4 vuln patchTom Yu2003-03-192-8/+15
| | | | | | | | | | | * keytab.c (krb5_ktkdb_get_entry): Do not perform the enctype comparison if the requested enctype is a wildcard. ticket: new status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15295 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Use KRB5_AC_NEED_BIND_8_COMPAT to check for bind 9 and ↵Alexandra Ellwood2003-03-182-0/+9
| | | | | | higher. When bind 9 is present, BIND_8_COMPAT needs to be defined to get bind 8 types git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15290 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4: Define KRB5_AC_NEED_BIND_8_COMPAT to check for bind 9 and ↵Alexandra Ellwood2003-03-182-0/+26
| | | | | | higher. When bind 9 is present, BIND_8_COMPAT needs to be defined to get bind 8 types git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15289 dc483132-0cff-0310-8789-dd5450dbe970
* Turned on DNS supportAlexandra Ellwood2003-03-181-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15288 dc483132-0cff-0310-8789-dd5450dbe970
* Added configure.in and aclocal.m4 to the PB project so we can edit themAlexandra Ellwood2003-03-181-22/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15287 dc483132-0cff-0310-8789-dd5450dbe970
* Disable krb4 cross-realm in krb524d and krb5kdc. Provide an option toSam Hartman2003-03-179-81/+190
| | | | | | | | | | | | | | | | | | | reenable (-X) which prints a warning that you are creating a security hole. Remove support for generating krb4 tickets encrypted using 3DES service keys as it is insecure. They are still accepted however. The KDc is much more strict about accepting only tickets that it would have issued in the current configuration. In particular if the KDC would choose some enctype for writing a TGT, other enctypes will not be accepted when using a TGT. Ticket: 1385 Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15286 dc483132-0cff-0310-8789-dd5450dbe970
* Do not claim GSS_C_PROT_READY_FLAG since we don't support itSam Hartman2003-03-144-1/+14
| | | | | | | | | | | | | Our code does not currently support GSS_C_PROT_READY_FLAG so only return that flag after context establishment. A potential future addition is to support that flag and return GAP_TOKEN if the initiator processes a message token before the final context token. Ticket: 1352 Tags: pullup Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15280 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (setup_root_shell): If we get connection refused messages,Ken Raeburn2003-03-142-1/+16
| | | | | | | followed by no unrecognized errors and then eof, report it as an unsupported test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15279 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (AWK): Default to awk, not gawk. User can overrideTom Yu2003-03-132-1/+7
| | | | | | | | | | on make's command line if necessary. Still, only really useful for building kerbsrc.zip, etc. ticket: 1342 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15277 dc483132-0cff-0310-8789-dd5450dbe970
* First cut release notes for 1.3 branchTom Yu2003-03-131-191/+213
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15276 dc483132-0cff-0310-8789-dd5450dbe970
* Fix unaligned access found in alpha-linux testing:Ken Raeburn2003-03-122-2/+7
| | | | | | | * cnv_tkt_skey.c (krb524_convert_tkt_skey): Extract source IP address in its proper size, not as 'long'. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15275 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite asn1_get_tag interface to use a structure pointer rather than severalKen Raeburn2003-03-127-203/+246
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pointer variables for the returned data. Use the structure in the caller when straightforward; in cases where macros use different but overlapping sets of automatic scalar variables in one file, copy the values out of the structures for now, until they can be analyzed more carefully. * asn1_get.c (asn1_get_tag): Deleted. (asn1_get_tag_2): Renamed from asn1_get_tag_indef, now uses a pointer to taginfo rather than a bunch of pointer args. (asn1_get_id, asn1_get_length): Folded into asn1_get_tag_2. (asn1_get_sequence): Call asn1_get_tag_2. * asn1_get.h (taginfo): New structure. (asn1_get_tag_indef, asn1_get_tag, asn1_get_id, asn1_get_length): Declarations deleted. (asn1_get_tag_2): Declare. * asn1_decode.c (setup): Declare only a taginfo variable. (asn1class, construction, tagnum, length): New macros. (tag): Call asn1_get_tag_2. * asn1_k_decode.c (next_tag, get_eoc, apptag, end_sequence_of, end_sequence_of_no_tagvars, asn1_decode_krb5_flags): Call asn1_get_tag_2; if no error, copy out values into scalar variables. (asn1_decode_ticket): Call asn1_get_tag_2. * asn1buf.c (asn1buf_skiptail): Call asn1_get_tag_2. * krb5_decode.c (check_apptag, next_tag, get_eoc): Call asn1_get_tag_2; if no error, copy out values into scalar variables. (decode_krb5_enc_kdc_rep_part): Call asn1_get_tag_2. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15274 dc483132-0cff-0310-8789-dd5450dbe970
* Oops. Forgot the leading underscoreAlexandra Ellwood2003-03-101-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15272 dc483132-0cff-0310-8789-dd5450dbe970
* * t_kerb.c: Only include krb.h if krb4 support compiled in,Ezra Peisach2003-03-092-0/+12
| | | | | | otherwise define ANAME_SZ, INST_SZ and REALM_SZ. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15271 dc483132-0cff-0310-8789-dd5450dbe970
* Yet another attempt at cross-directory dependencies. Seems to fix the parallelKen Raeburn2003-03-082-8/+46
| | | | | | | | | | | build, and hasn't broken the out-of-date case so far as I can tell, so far... Added a bunch of comments describing the cases that need to be handled. * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h, generic/gssapi.h, generic/gssapi_err_generic.h, krb5/gssapi_err_krb5.h): Comment out old rules and dependencies; depend on all-recurse and supply a no-op rule. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15270 dc483132-0cff-0310-8789-dd5450dbe970
* Added krb5_principal2saltAlexandra Ellwood2003-03-071-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15269 dc483132-0cff-0310-8789-dd5450dbe970
* Added USE_BUNDLE_ERROR_STRINGS to turn off add_error_table calls in krb5 and ↵Alexandra Ellwood2003-03-071-0/+1
| | | | | | gss initializers git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15268 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro to ↵Alexandra Ellwood2003-03-072-2/+8
| | | | | | !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err style error tables git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15267 dc483132-0cff-0310-8789-dd5450dbe970
* * gss_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro to ↵Alexandra Ellwood2003-03-072-2/+8
| | | | | | !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err style error tables git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15266 dc483132-0cff-0310-8789-dd5450dbe970
* * ovsec_kadmd.c (REQUIRED_PARAMS): RemoveTom Yu2003-03-072-3/+8
| | | | | | | | | | KADM5_CONFIG_ADMIN_KEYTAB. (do_schpw): Use kdb keytab. ticket: 1372 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15265 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth2.c (pa_sam_2): Add intermediate size_t variable to holdTom Yu2003-03-062-1/+8
| | | | | | | | output of krb5_c_encrypt_length(). ticket: 1373 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15264 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing parenSam Hartman2003-03-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15263 dc483132-0cff-0310-8789-dd5450dbe970
* Added new AES filesAlexandra Ellwood2003-03-061-7/+28
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15262 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid redefined macro warnings by defining it to the same thing in the first ↵Alexandra Ellwood2003-03-061-1/+1
| | | | | | place git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15261 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-26 14:54:40 +0000