| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
as libpty deals.
Use setsid() instead of setpgrp() in krshd
if possible.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7812 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7811 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
an unusual location, so they are not likely to be reused by other sessions.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7810 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
kerberos5.c: Add a cleanup function to destroy the credentials cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7799 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7798 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
* krlogind.c, krshd.c: Allow the recvauth routine to find any key
in the keytab for which the user is trying to login. The host may
be known as many names. Additionally, for krlogind, clean up the
error handling for bad authentication (potential null dereference
and a misleading message because of the wrong authentication system
being used)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7791 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
This is used by the DejaGnu test suite to pass the shared library
paths to start up rcp properly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7752 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
zero bytes are returned. Since we are using blocking
read calls, and the net_read function deals with
interrupted/resumed reads, consider zero bytes to be
be a terminated connection, so as not to spin.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7749 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Solaris test was incorrect.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7746 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7745 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
and #$%&* ultrix doesn't protect it from multiple
inclusions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7718 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7711 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7710 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
* krcp works correctly even if not all data is written in a single
request.
* Implement temporary patch to make sure des_outbuf is big enough.
Proven should be sending the Cygnus patch once he decides how to
handle this permanently.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7706 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
* Force telnetd not to use streams on the SGI; it doesn't support
pushing modules onto a pty.
* Remove old utmpx crud from sys_term.c because it was getting called
inadvertently, didn't compile on the SGI, and libpty already does
something reasonable with utmpx.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7705 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7698 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
instead of char * (Solaris 2.5 refuses to compile it, otherwise).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7672 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
telnetd.c (getterminaltype): If the authentication option which was
negotiated requires that encryption be turned on, then enforce this
here.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7663 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
authenc.c (telnet_spin): Implemented the telnet spin function, which
works by calling the Scheduler with the tty_lockout flag set.
main.c (main): If the -x option is given, set the autologin,
wantencryption, and auth_enable_encrypt flag. They enable
authentication, enforcement of the encryption option, and a flag to
the auth layer to negotiate authentication with mandatory encryption
option.
telnet.c (telnet): If the wantencryption flag is set (because the user
has given the -x option, then we enforce that encryption must be
turned on. The user will not be able to type to the network stream
until encryption is enabled, and if encryption is refused, the client
will print an error message.
(Scheduler): If the tty_lockout flag is set, then don't process
keyboard read events. This prevents the user from typing over the
network until encryption is enabled.
utilities.c (printsub): Added print support for the authentication
must-encrypt option.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7662 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* kerberos5.c (kerberos5_send): Send in as input the
authentication type pair (ap->type, ap->way) to be
checksumed in the authenticator.
(kerberos5_is): If the checksum is present in the
authenticator, then validate the authentication type pair
against the checksum.
(kerberos5_reply): If we didn't do mutual authentication,
and we receive a KRB_ACCEPT, then stash away the session
key anyway. This way we have a chance of doing encryption
even if mutual authentication wasn't done.
* encrypt.c (EncryptStartInput, EncryptStartOutput): Added
conditional around printf so that these two functions can
be called by the server.
(encrypt_is_encrypting): New function which returns true
only if both sides of the telnet stream is encrypted.
Fri Mar 15 18:19:44 1996 Theodore Y. Ts'o <tytso@dcl>
* auth.c: Added new authentication scheme for Krb5 mutual
authentication with mandatory encryption.
(auth_send, auth_send_retry): Split auth_send() so that
the functionality done by auth_send_retry() is separate.
This avoids a really dodgy pointer comparison which was
caused by auth_send() being used for two purposes.
If the client has not requested encryption, then don't
use the authentication systems which require encryption.
(auth_must_encrypt): New function which returns whether
or not encryption must be negotiated.
* auth-proto.h: Added prototype for new option
auth_must_encrypt().
* Makefile.in (ENCRYPTION, DES_ENCRYPTION): Added defines to turn
on encryption and des encryption.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7661 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
The old test assumed that either STDARG was defined or __STDC__ - which
is not sufficient.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7660 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7655 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7649 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7647 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
present in keytab. If no services present, return a useful
minor error status.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7642 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7640 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
if setupterm is in curses, grab it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7630 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7629 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
header files. Sigh. rename to HEstr.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7624 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7623 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
so we ask for the right local service name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7622 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7615 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7614 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
encrypting.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7612 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7611 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
executable to run.
The real bug was that for encrypted rcp, it was checking (with stat) if
"-x ....../rcp" existed instead of "..../rcp"
Another change is so that freed memory is not accessed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7610 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7604 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
to gettimeofday.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7585 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the received message to be signed is not printable (at least the
first two characters are not), display the message in hex. Print the
hex values of the incoming and outcoming packets, for your
information.
gss-misc.c (print_token, display_buffer): Two new tokens for
displaying GSSAPI buffers, either has hex or as a printable string.
gss-client.c (call_server): Add option to support reading in the
message to be signed from a file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7583 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
the nametype OID. This tests gss_display_name()'s ability to return a
valid nametype, which can then be freed successfully.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7570 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7552 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
*not* MAXHOSTNAMELEN, which is the maximum length
of an argument to gethostname or sethostname.
Look for arpa/nameser.h to find this constant,
defining it to 256 inf not present in an included file.
Call USE_ANAME in the configure.in, so db library is included.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7549 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
*not* MAXHOSTNAMELEN, which is the maximum length
of an argument to gethostname or sethostname.
Look for arpa/nameser.h to find this constant,
defining it to 256 inf not present in an included file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7548 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
db libraries under Linux.
(I'm not quite sure I understand Richard's db changes,
but if I do understand them, this is correct.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7547 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7546 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Also, import the ops changes to do with enable-athena.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7545 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7519 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7517 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
remove extra ; from previous merge
remove declaration of errno
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7516 dc483132-0cff-0310-8789-dd5450dbe970
|