summaryrefslogtreecommitdiffstats
path: root/src/kdc/ChangeLog
Commit message (Collapse)AuthorAgeFilesLines
...
* * network.c (setup_port): Change sin to sin4 to prevent shadowingEzra Peisach2001-06-221-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13490 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Test for daemon prototypeEzra Peisach2001-06-211-0/+6
| | | | | | * main.c: Provide daemon prototype if needed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13456 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Use optional argument to KRB5_NEED_PROTO so testEzra Peisach2001-06-211-0/+5
| | | | | | for swab existance removed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13453 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c: Include prototypes for mit_des_fixup_key_parityEzra Peisach2001-06-211-0/+10
| | | | | | | | | | | and mit_des_is_weak_key here as no other "public" header file defines it. Needed for return_sam_data() code. * configure.in: Test for unistd.h and existance of swab() prototype. * kerberos_v4.c: If swab() prototype needed, provide. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13446 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.c (ktypes2str): New function; construct a stringTom Yu2001-06-191-0/+17
| | | | | | | | | | | | | | | | | | containing a list of enctypes, given a number and list of enctypes. (rep_etypes2str): New function; construct a string indicating all three enctypes associated with a KDC reply. * kdc_util.h: Add prototypes for ktypes2str() and rep_etypes2str(). * do_as_req.c (process_as_req): Call ktypes2str() and rep_etypes2str() as appropriate. * do_tgs_req.c (process_tgs_req): Call ktypes2str() and rep_etypes2str() as appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13389 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_network): Cast argument to isspace() to intEzra Peisach2001-06-181-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13372 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c: Include adm_proto.h for krb5_klog_syslog()Ezra Peisach2001-06-081-0/+11
| | | | | | | | | | | | prototype. * main.c: Include des.h for des_init_random_number_generator() prototype. * network.c: Include adm_proto.h for krb5_klog_syslog() prototype. Pass kdc_context to krb5_klog_reopen(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13314 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c: Get rid of file wide static krb5_error_code. CastEzra Peisach2001-06-071-0/+5
| | | | | | argument to sleep to unsigned int. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13300 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.c (add_to_transited): Add braces to provide unambiguousEzra Peisach2001-06-041-0/+9
| | | | | | | | | | if - if - else statements. * kdc_preauth.c (verify_sam_response): Cleanup assignments in conditionals. * main.c (main): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13265 dc483132-0cff-0310-8789-dd5450dbe970
* assume ANSI C: delete no-volatile support, and most no-prototype supportKen Raeburn2001-04-261-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13201 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c, do_tgs_req.c, kdc_preauth.c, kdc_util.h, kerberos_v4.c, main.c,Ken Raeburn2001-04-101-0/+8
| | | | | | | | policy.h: Don't use macros PROTOTYPE or KRB5_PROTOTYPE. * kerberos_v4.c (req_act_vno): Delete variable definition. (kerberos_v4): Don't set it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13161 dc483132-0cff-0310-8789-dd5450dbe970
* Update ChangeLog for last checkin..Ezra Peisach2001-03-081-0/+3
| | | | | | | * do_as_req.c: If KRBCONF_KDC_MODIFIES_KDB defined, produce code that compiles and works. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13065 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h: Add prototype for process_v4_mode() for main.c to useEzra Peisach2001-03-081-0/+10
| | | | | | | | | | * kerberos_v4.c: Do not shadow progname and more variables. * rtest.c (make_princ): Declare static. * sock2p.c: Include kdc_util.h for prototypes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13064 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (kerberos_v4): Remove references toTom Yu2001-02-091-0/+5
| | | | | | KRB_NEVERDATE. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13002 dc483132-0cff-0310-8789-dd5450dbe970
* fix multiple-include problem on OpenBSDKen Raeburn2000-12-131-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12893 dc483132-0cff-0310-8789-dd5450dbe970
* update network.c with getifaddrs support from lib/krb5/os/localaddr.cKen Raeburn2000-12-131-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12892 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Get rid of test for termios.h. The kdc does not use itEzra Peisach2000-11-011-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12837 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (get_etype_info): Initialize length ofEzra Peisach2000-10-171-0/+12
| | | | | | | | | | | | | etype_info_entry to KRB5_ETYPE_NO_SALT. Before copying salt into etype_info_entry, test that salt length (from get_salt_from_key()) is not SALT_TYPE_NO_LENGTH. * kdc_util.c (get_salt_from_key): Initialize salt type to SALT_TYPE_NO_LENGTH (instead of -1). * network.c (process_packet): Cast length in sendto() call to int. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12787 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (kerb_get_principal): Modify to take a pointer toTom Yu2000-10-071-0/+12
| | | | | | | | | | | | | a krb5_deltat in order to return the life in seconds. Also, use time_to_life() to compute krb4 life. (check_princ): Modify to pass a pointer to a krb5_deltat to kerb_get_principal(). (set_tgtkey): Update for new kerb_get_principal() call signature. (kerberos_v4): Update for new check_princ() call signature. Modify lifetime computations to use lifetimes in seconds. Back-date issue time if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12729 dc483132-0cff-0310-8789-dd5450dbe970
* * dispatch.c (dispatch): inet_ntop() returns const char *Ezra Peisach2000-09-201-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12660 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (initialize_realms): For "cannot initialize realm" messages, tell theKen Raeburn2000-08-231-0/+10
| | | | | | | | | | user to check the log file. Print out an error message as well as logging it if retrieving the default realm name fails. * kerberos_v4.c (kerberos_v4): Mask requested-life byte value with 0xff to avoid sign-extension problems. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12631 dc483132-0cff-0310-8789-dd5450dbe970
* Makefile.in (rtest): Link in the kdb5 libraryEzra Peisach2000-07-031-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12520 dc483132-0cff-0310-8789-dd5450dbe970
* pullup from 1.2-beta4Ken Raeburn2000-06-301-0/+36
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12472 dc483132-0cff-0310-8789-dd5450dbe970
* Change wsanchez@apple -> tritan@mitWilfredo Sanchez2000-06-011-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12331 dc483132-0cff-0310-8789-dd5450dbe970
* * sock2p.c: New file.Ken Raeburn2000-03-141-1/+20
| | | | | | | | | | | | | | | | | (inet_ntop): Define if system doesn't provide it. (sockaddr2p): New function. * Makefile.in (SRCS, OBJS): Add sock2p. * kdc_util.h (inet_ntop, sockaddr2p): Declare them. * network.c (add_fd): New function. Reallocate udp_port_fds array as needed here. (setup_port): Use add_fd to record new sockets. Use inet_ntop unconditionally. Disable ipv6 support until process_packet and friends will support it. (process_packet): Ignore ECONNREFUSED when reading UDP packets. Fill in port field of faddr properly, dependent on address family. Use sockaddr2p when logging source address. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12109 dc483132-0cff-0310-8789-dd5450dbe970
* Also change kdc_insert_lookaside() to take a const krb5_fulladdr *Ezra Peisach2000-03-121-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12103 dc483132-0cff-0310-8789-dd5450dbe970
* * replay.c, kdb_util.h (kdc_check_lookaside): Make second argumentEzra Peisach2000-03-121-0/+5
| | | | | | const to allow passing a const krb5_fulladdr * and keeping the compiler happy. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12102 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c: Move kdc_initialize_rcache() to kdc_util.cTom Yu2000-03-011-0/+10
| | | | | | | | | | | | * kdc_util.c (kdc_initialize_rcache): Move kdc_initialize_rcache() back here since it's needed for rtest to work. process_tgs_req() which is called from rtest needs to call kdc_intiialize_rcache() and we can't very well link rtest with main.o * kdc_preauth.c (verify_sam_response): Ooops. Get rc_lifetime from kdc_util, since it's actually declared there. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12093 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Fix --enable-kdc-replay-cache to actually defaultTom Yu2000-03-011-0/+3
| | | | | | to "yes". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12092 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (verify_sam_response): Declare and set rc_lifetimeTom Yu2000-03-011-0/+10
| | | | | | | | | for real. * dispatch.c: Include some more net-related headers. (dispatch): Fix ifndef HAVE_INET_NTOP branch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12091 dc483132-0cff-0310-8789-dd5450dbe970
* new --enable/--disable-kdc-replay-cache configure hooksKen Raeburn2000-02-281-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12090 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Check for sys/sockio.hTom Yu2000-02-251-0/+9
| | | | | | | | | * network.c: Conditionally include sys/sockio.h for SIOC* if necessary. (process_packet): Bracket AF_INET6 branch of a switch statement with an ifdef. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12074 dc483132-0cff-0310-8789-dd5450dbe970
* fix udp_port_fds allocation bug; partial ipv6 supportKen Raeburn2000-02-251-1/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12073 dc483132-0cff-0310-8789-dd5450dbe970
* oops, update changelog for bug fixKen Raeburn2000-02-251-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12072 dc483132-0cff-0310-8789-dd5450dbe970
* Patches from Alec Peterson, plus some work of my own, to let a multihomedKen Raeburn2000-02-251-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | KDC respond to requests from the same IP address that the requests were sent to. **N.B. This will perform worse in the case of addresses dynamically added and removed after the KDC has started, since it will be incapable of using any new addresses. I'm unclear on why the loopback interface address needs to be included in the list of addresses. Apparently, on NetBSD-current, if it's not, packets sent to other local addresses but over the loopback interface are queued but not received?? Needs further investigation; could just be a NetBSD bug. * configure.in: Invoke KRB5_SOCKADDR_SA_LEN. * network.c: Include <sys/ioctl.h>, <syslog.h>, <net/if.h>. (foreach_localaddr): New function, copied from lib/krb5/os/localaddr.c. Tweaked to not exclude loopback interface. (NEED_SOCKETS): Define before including k5-int.h. (n_sockets): New variable. (setup_port): New function; creates listening udp ports given an address. (setup_network): Call foreach_localaddr to set up listening sockets on each local address, so we can always respond from the receiving address. (listen_and_process): Use n_sockets as upper bound of loop. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12070 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (v4_klog): Don't treat the formatted text as a format stringKen Raeburn2000-02-251-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12067 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (return_sam_data): Just return 0 if no input preauth data is ↵Ken Raeburn2000-02-071-1/+2
| | | | | | available git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12015 dc483132-0cff-0310-8789-dd5450dbe970
* fix my email address in log headerKen Raeburn2000-02-071-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12013 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (get_preauth_hint_list): Log a message if preauth is requiredKen Raeburn2000-02-071-0/+7
| | | | | | | | but no preauth types are available. (return_sam_data): Fix typo in figuring length of data to XOR when merging keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12011 dc483132-0cff-0310-8789-dd5450dbe970
* Frank Cusack's patches, first two sets. Should be no incompatible changes,Ken Raeburn2000-02-071-0/+36
| | | | | | | | | | | except perhaps for a client talking to both a new and old KDC? Several improvements to guard against replay attacks when hardware preauth is in use, though they require re-enabling the USE_RCACHE code, which I haven't done yet. Several changes of mine for silencing a few compiler warnings, and adding some debugging log messages while I track what's going on with the preauth code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12010 dc483132-0cff-0310-8789-dd5450dbe970
* * dispatch.c (dispatch): Log address and port number of detected retransmitsKen Raeburn2000-01-271-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11977 dc483132-0cff-0310-8789-dd5450dbe970
* permit use of non-des session keys nowKen Raeburn2000-01-271-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11976 dc483132-0cff-0310-8789-dd5450dbe970
* * dispatch.c (dispatch): Make message in lookaside case less suggestive ofKen Raeburn1999-10-291-0/+6
| | | | | | | replay attacks, since it can result from normal packet loss causing retransmissions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11889 dc483132-0cff-0310-8789-dd5450dbe970
* log tritan's changesTom Yu1999-10-261-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11877 dc483132-0cff-0310-8789-dd5450dbe970
* Tom's patch:Ken Raeburn1999-09-211-0/+5
| | | | | | | * do_tgs_req.c (process_tgs_req): Don't try to take the 2nd component of a principal that doesn't have 2 components. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11839 dc483132-0cff-0310-8789-dd5450dbe970
* force single-des session keys until we've got multiple-cryptosystem stuff ↵Ken Raeburn1999-09-011-0/+5
| | | | | | working better git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11761 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (compat_decrypt_key): Align DES3 enctypes withTom Yu1999-08-181-0/+6
| | | | | | | current names. (kerb_get_principal): Align DES3 enctypes with current names. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11685 dc483132-0cff-0310-8789-dd5450dbe970
* Disable lookaside cache. It's needed if the replay cache is enabled, and couldKen Raeburn1999-06-301-0/+8
| | | | | | | | | theoretically make certain attacks more difficult, but the replay cache is disabled, the attack is very difficult compared to other existing attacks (would need huge numbers of queries), and under heavy load the lookaside cache degrades performance. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11538 dc483132-0cff-0310-8789-dd5450dbe970
* * replay.c (MATCH): Fix up to compare the correct components ofTom Yu1999-06-291-0/+5
| | | | | | the input address. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11533 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (kerberos_v4): Fix bug where krb_create_ticket()Tom Yu1999-04-301-0/+6
| | | | | | | was getting called for an APPL_REQUEST even when there was no single-DES key, resulting in random weirdness. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11412 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-06 18:07:50 +0000