summaryrefslogtreecommitdiffstats
path: root/src/kdc/ChangeLog
Commit message (Collapse)AuthorAgeFilesLines
...
* * configure.in: Default to --disable-fakekaKen Raeburn2003-03-051-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15221 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo that caused infinite loop in previous patchSam Hartman2003-02-211-0/+5
| | | | | | Ticket: 1006 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15195 dc483132-0cff-0310-8789-dd5450dbe970
* The client sorts the enctype list returned by etype_info orderingSam Hartman2003-02-151-0/+6
| | | | | | | | | | | | enctypes that it requested or that are similar to ones it requested first. The KDC only includes enctypes in etype_info if they were requested by the client. ticket: 1006 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15191 dc483132-0cff-0310-8789-dd5450dbe970
* Sorry, forgot this ChangeLog on the last commitKen Hornstein2003-02-061-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15161 dc483132-0cff-0310-8789-dd5450dbe970
* disable krb4 by defaultSam Hartman2003-02-041-0/+7
| | | | | | | | | | | | By default, we disable krb4 in the KDC. This means that -4 none is the default mode. Krb4 is reenabled for the dejagnu tests. ticket: new Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15149 dc483132-0cff-0310-8789-dd5450dbe970
* Timestamp preauth should return clock skew errorsSam Hartman2003-01-211-0/+4
| | | | | | | | | | | When the user supplies the correct password, but has a timestamp that is out of bounds, the server should reply with a clock skew error rather than a preauth required error. ticket: new Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h, replay.c, main.c: Pass global krb5_context toEzra Peisach2003-01-121-0/+6
| | | | | | | kdc_free_lookaside() instead of per realm one - which has been freed by time invoked. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15113 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c: On exit, free more allocated memory, including:Ezra Peisach2003-01-031-0/+13
| | | | | | | | | | | | | | realm_tcp_ports data, kdc_realmlist, close the replay cache, and free the lookaside cache. * network.c (FREE_SET_DATA): Do not free a NULL pointer. * replay.c, kdc_util.h: Add kdc_free_lookaside() to clear the lookaside cache on shutdown - to search for memory leaks. * rtest.c (main): Do not allocate or free a NULL pointer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15080 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (process_v4): Use a temporary variable for the current timeKen Raeburn2002-12-301-0/+5
| | | | | | instead of an incorrect pointer cast. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15072 dc483132-0cff-0310-8789-dd5450dbe970
* More KfM merge workTom Yu2002-12-121-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | Create new file FSp-glue.c including KfM functions that had previously been scattered through various other files. Port RealmsConfig-glue.c from KfM, including old Unix-ish krb4 configuration code as fallback. Remove other files containing old realm/config file support. Add KRB5_CALLCONV to krb_get_in_tkt_creds. Fix various functions to take const char* as arguments now that tkt_string() returns const. Assorted minor cleanup. Implement krb_get_err_text in terms of com_err. Implement gross kludge to force krb_err_txt to remain in sync with com_err. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15046 dc483132-0cff-0310-8789-dd5450dbe970
* Merge more KfM krb4 thingsTom Yu2002-11-271-0/+7
| | | | | | | | | | | | | | | | | | Implement *_in_tkt_creds, mk_req_creds, and rd_req_int functions. Implement KfM krb4 kadm password changing, mostly by pulling in the client side of the kadm library into the krb4 library. Do some more header file cleanup of des.h and krb.h. Remove some ancient krb4 dead weight. Some Mac-specific functionality still needs to be merged. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15014 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c (process_as_req): Fix previous patch; it caused anTom Yu2002-11-041-0/+6
| | | | | | | | | uninitialized pointer to be dereferenced under certain error conditions. ticket: 1206 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14964 dc483132-0cff-0310-8789-dd5450dbe970
* Don't include trailing null in the transited encoding produced by the KDC.Sam Hartman2002-10-281-0/+4
| | | | | | | | | | Other routines do not expect the null to be included in the length so policy checks fail. Also, sending the null over the wire is wrong. ticket: 1230 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14940 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c (process_as_req): Apply fix from Kevin Coffman toTom Yu2002-10-061-0/+5
| | | | | | | | avoid leaking padata. ticket: 1206 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14910 dc483132-0cff-0310-8789-dd5450dbe970
* Limit the number of TCP connections that will be handled at one time.Ken Raeburn2002-09-271-0/+13
| | | | | | | | | | | | | | | | | Remove some debugging calls. * network.c (struct connection): New field start_time. (tcp_data_counter, max_tcp_data_connections): New variables. (kill_tcp_connection): New function. (process_tcp_connection): Use it. Log reason for rejecting connection if the requested buffer size is too large. (accept_tcp_connection): If there are too many TCP connections already, shut down the oldest one. (setup_network, listen_and_process, process_tcp_connection, service_conn): Delete debugging code. (process_packet): Use socklen_t where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14903 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c: Include sys/filio.h if availableKen Raeburn2002-09-191-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14888 dc483132-0cff-0310-8789-dd5450dbe970
* Add TCP support to the KDC, turned off by default, and using separateKen Raeburn2002-09-191-2/+47
| | | | | | | | | | config file entries to indicate port numbers. Checkpointing a working version; debug code needs cleanup, doc needs writing. ticket: 1175 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14885 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (DEFAULT_KDC_PORTLIST): Define as DEFAULT_KDC_UDP_PORTLISTKen Raeburn2002-09-191-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14880 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (check_princ): Call strftime() with correct numberTom Yu2002-09-151-0/+5
| | | | | | of arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14869 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c: Always include stdarg.h, not varargs.h.Ken Raeburn2002-09-151-0/+7
| | | | | | | | (v4_klog): Always declare and define stdarg version. (krb4_stime): Deleted. (check_princ): Use strftime instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14865 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c (kerb_get_principal): Include kvno when logging failure to findKen Raeburn2002-09-131-0/+5
| | | | | | | a key. (v4_klog): Include explicit do-nothing default case in switch statement. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14849 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (initialize_realms): Include replay cache name in error if it can't ↵Ken Raeburn2002-09-131-0/+5
| | | | | | be initialized git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14848 dc483132-0cff-0310-8789-dd5450dbe970
* protoizeKen Raeburn2002-09-111-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14841 dc483132-0cff-0310-8789-dd5450dbe970
* Try a little harder to avoid returning e-text that says "Generic error (seeKen Raeburn2002-09-111-0/+11
| | | | | | | | | | | | | | | | e-text)" for out-of-range codes where we haven't explicitly decided to return a vague error message. * do_as_req.c (prepare_error_as): New argument, the error message text as determined *before* possibly replacing the error code with "generic error". (process_as_req): Fill it in based on 'status', or the error message corresponding to the error code to be returned. * do_tgs_req.c (prepare_error_tgs): New argument, the error message text as determined *before* possibly replacing the error code with "generic error". (process_tgs_req): Fill it in based on 'status', or the error message corresponding to the error code to be returned. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14835 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (process_packet): Call inet_ntop directly.Ken Raeburn2002-09-101-0/+6
| | | | | | | * sock2p.c: Deleted. * Makefile.in (SRCS, OBJS): Drop it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14834 dc483132-0cff-0310-8789-dd5450dbe970
* Change $(S)=>/ and $(U)=>.. globallyKen Raeburn2002-08-231-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14761 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c: For consistency, check for both DISALLOW_ALL_TIXTom Yu2002-08-151-0/+5
| | | | | | and DISALLOW_SVR when looking up services. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14726 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_port): Ignore AF_LINK addresses. Log address family numberKen Raeburn2002-08-081-0/+5
| | | | | | if unrecognized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14687 dc483132-0cff-0310-8789-dd5450dbe970
* network.c (setup_port): Enable ipv6Ken Raeburn2002-07-061-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14611 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c: Include fake-addrinfo.hKen Raeburn2002-07-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14604 dc483132-0cff-0310-8789-dd5450dbe970
* * dispatch.c, do_as_req.c, do_tgs_req.c: Define NEED_SOCKETS before ↵Ken Raeburn2002-07-051-0/+2
| | | | | | including k5-int.h git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14603 dc483132-0cff-0310-8789-dd5450dbe970
* Reduce or localize dependencies on address families.Ken Raeburn2002-07-051-0/+16
| | | | | | | | | | | | | | | | * kdc_util.h (ADDRTYPE2FAMILY): New macro. * do_as_req.c (process_as_req): Use inet_ntop instead of inet_ntoa. * do_tgs_req.c (process_tgs_req): Ditto. * dispatch.c (dispatch): Fix inet_ntop code, and use it always. * kerberos_v4.c (process_v4): Check address family before copying out an IPv4 address. Log if not IPv4, but continue. * network.c (set_sa_port): New function. (setup_port): Use it. Combine IPv4 and IPv6 paths; IPv6 still disabled for now. Modify supplied sockaddr instead of making a copy. (process_packet): SADDR is now sockaddr_storage. Use socket-utils macros instead of casting. Enable the IPv6 code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14602 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (process_packet): Now static. Drop unused "portnum" argument.Ken Raeburn2002-07-021-0/+4
| | | | | | | Change caller. * kdc_util.h (process_packet): Delete declaration. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14597 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h (inet_ntop): Delete declarationKen Raeburn2002-07-021-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14596 dc483132-0cff-0310-8789-dd5450dbe970
* disable inet_ntop definitionKen Raeburn2002-07-021-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14595 dc483132-0cff-0310-8789-dd5450dbe970
* * dispatch.c (dispatch): Remove arg "portnum"; update callers.Ken Raeburn2002-06-261-2/+15
| | | | | | | | | | | * do_as_req.c (process_as_req): Ditto. * do_tgs_req.c (process_tgs_req): Ditto. * kerberos_v4.c (process_v4): Remove arg "is_secondary"; update callers. * kdc_util.h (dispatch, process_as_req, process_tgs_req, process_v4): Update prototypes. * main.c (init_realm): Remove unused variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14585 dc483132-0cff-0310-8789-dd5450dbe970
* Fix etype info; wrong termination condition used in get_etype_infoSam Hartman2002-06-241-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14565 dc483132-0cff-0310-8789-dd5450dbe970
* call krb5_c_ versions of enctype/cksumtype checking routinesKen Raeburn2002-04-061-0/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14367 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c: Include foreachaddr.c.Ken Raeburn2002-02-201-0/+6
| | | | | | | (printaddr, printifaddr, addr_eq, foreach_localaddr): Deleted. * Makefile.in ($(OUTPRE)network.$(OBJEXT)): Updated dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14157 dc483132-0cff-0310-8789-dd5450dbe970
* KDC support for new PRNGSam Hartman2002-01-081-0/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14090 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (main, init_realm): Get rid of variables set but never usedEzra Peisach2001-12-141-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14073 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.c (subrealm, add_to_transited): Unsigned vs. signed intEzra Peisach2001-12-111-0/+5
| | | | | | fixes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14064 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c (process_as_req: Treat SUPPORT_DESMD5 as if it wereTom Yu2001-10-251-0/+15
| | | | | | | | | | | | | | always cleared. * do_tgs_req.c (process_tgs_req): Treat SUPPORT_DESMD5 as if it were always cleared. * kdc_util.c (select_session_keytype): Don't issue session key enctype that is not in permitted_enctypes. (dbentry_supports_enctype): For now, always treat SUPPORT_DESMD5 as if it were cleared. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13857 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.c (ktypes2str, rep_etypes2str): Clean up somewhatTom Yu2001-10-131-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13808 dc483132-0cff-0310-8789-dd5450dbe970
* * do_tgs_req.c (process_tgs_req): Fix logging of bad transit path infoKen Raeburn2001-10-061-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13784 dc483132-0cff-0310-8789-dd5450dbe970
* better realm transit path checking for app serverKen Raeburn2001-09-261-0/+15
| | | | | | | transit path checking enforcement for kdc; supporting code, doc update [merged from 1.2.3 release branch] git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13758 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5kdc.M: Document the -n option. Thanks to Dennis DavisMitchell Berger2001-09-241-0/+5
| | | | | | | | | <D.H.Davis@bath.ac.uk> (Fixes krb5-doc/967, but the man page still needs to be revisited to check for other updates with all the other man pages) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13749 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Include stdlib.h in test for swab declarationKen Raeburn2001-08-011-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13663 dc483132-0cff-0310-8789-dd5450dbe970
* * rtest.c: Provide a prototype for krb5_klog_syslog() dummy handlerEzra Peisach2001-07-051-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13559 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Add check for ifaddrs.h, which missingTom Yu2001-06-301-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13531 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-07 18:43:44 +0000