summaryrefslogtreecommitdiffstats
path: root/src/kdc
Commit message (Collapse)AuthorAgeFilesLines
...
* kerberos_v4.c: Better DES key validation.Richard Basch1996-02-221-0/+8
| | | | | | | main.c: Don't assume master key is DES for initializing the V4 randkey generator; use a random key from the DES_CBC_CRC generator as the seed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7499 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.cRichard Basch1996-02-222-6/+33
| | | | | | | | | | | Improve the checks that DES keys are being used. * main.c Do not assume that the master key is necessarily a DES key suitable for use to initialize the V4 random key generator. Instead, after initializing the DES_CBC_CRC generator, get a random key and use that to seed the V4 random key generator. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7494 dc483132-0cff-0310-8789-dd5450dbe970
* kerberos_v4.c (kerberos_v4): Use strong random number generatorTheodore Tso1996-02-213-2/+11
| | | | | | main.c (main): Initialize Kerberos V4's random number generator. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7491 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_network): strtol is good enough for portMark Eichin1996-01-272-2/+10
| | | | | | | | number, and sunos doesn't have strtoul (and nothing else in the tree uses it.) (add_port): use proper old-style definition. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7398 dc483132-0cff-0310-8789-dd5450dbe970
* If there is no DES key with a V4 salttype, simply return any DES key.Richard Basch1996-01-221-1/+8
| | | | | | (Service keys only need to be DES for V4 requests to work.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7355 dc483132-0cff-0310-8789-dd5450dbe970
* Simplified to simply require the use of WITH_ANAME or USE_KDB5_LIBRARYRichard Basch1996-01-221-17/+1
| | | | | | to specify the need for dbm inclusion/testing/compilation flags. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7350 dc483132-0cff-0310-8789-dd5450dbe970
* Set the enctype to ENCTYPE_UNKNOWN when the enctype should be determined fromRichard Basch1996-01-111-1/+3
| | | | | | the stash file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7306 dc483132-0cff-0310-8789-dd5450dbe970
* * kerberos_v4.c : Remove mkvno for krb5_db_entryChris Provenzano1995-12-132-1/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7219 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c: Changed krb5_db_fetch_mkey() such that it will only tryRichard Basch1995-12-121-4/+4
| | | | | | | to set the enctype of the keyblock if the keyblock had it set to ENCTYPE_UNKNOWN. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7209 dc483132-0cff-0310-8789-dd5450dbe970
* * extern.h: Added a krb5_keytab to the realm context. The keytabChris Provenzano1995-12-124-14/+50
| | | | | | | | | | should be associated with a krb5_db_context which will make having a krb5_context unnecessary in the realm context. * kdc_util.c kdc_process_tgs_req(): Use the realm keytab instead of faking up a user-to-user key to pass to krb5_rd_req_decode(). * main.c: Added code to use the new database keytab routines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7200 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c: Use the master key enctype from the stash file if noneRichard Basch1995-12-121-10/+12
| | | | | | is specified (set the keyblock enctype to NULL). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7198 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c return_padata(): Initialize local variable "size"Chris Provenzano1995-12-112-1/+6
| | | | | | to 0 before using it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7192 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c: #@&^(!! Ultrix cc sucks. Typedef to functionTom Yu1995-12-012-9/+27
| | | | | | pointer rather than function prototype to avoid lossage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7143 dc483132-0cff-0310-8789-dd5450dbe970
* Removed extra eblock argument from call to krb5_encode_kdc_repTheodore Tso1995-11-292-6/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7142 dc483132-0cff-0310-8789-dd5450dbe970
* Removed extra eblock argument from call to krb5_encode_kdc_repTheodore Tso1995-11-182-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7120 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h: Added new prototypes for return_padata() and check_padata()Theodore Tso1995-11-144-110/+214
| | | | | | | | | | | | | | * kdc_preauth.c (return_padata): New function which calls out to each preauth type to see if it is necessary to return preauth data or not. (return_pw_salt): New function responsible for returning the KRB5_PW_SALT preauth information. * do_as_req.c (process_as_req): Move creation of the PW_SALT preauthentication step into kdc_preauth.c. Call return_pdata() which is responsible for all padata info which is returned by the KDC in the KRB_AS_REP message. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7103 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (get_etype_info): Added function to return theTheodore Tso1995-11-096-18/+171
| | | | | | | | | | | | etype_info preauth hint to the client. * kdc_util.c (get_salt_from_key): Added new function which determines the salting information from the krb5_key_data structure. * main.c (kdc_initialize_rcache): Replace use of krb5_clockskew with context->clockskew. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7073 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.c (): Added new helper functionsTheodore Tso1995-11-087-195/+467
| | | | | | | | | | | | | | | | | | | | | | dbentry_has_key_for_enctype(), dbentry_supports_enctype(), and select_session_keytype(). * kdc_preauth.c: Added support for the ENC_TIMESTAMP preauthentication scheme. * do_tgs_req.c (process_tgs_req): Fixed the keytype/enctype selection criteria for the server key, and the ticket session key. * do_as_req.c (process_as_req): Added calls to the kdc preauthentication verification routines. Fixed the keytype/enctype selection criteria for the client key, the server key, and the ticket session key. * main.c (finish_realm): Make sure all parts of the realm structure are freed properly. (main): Free the kcontext krb5_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7058 dc483132-0cff-0310-8789-dd5450dbe970
* remove rcs keyword cruft which doesn't make much sense in CVS.Mark Eichin1995-11-032-5/+3
| | | | | | | | removal simplifies merging. I left in the RCSID's that are in actual error table values (*_RCSID typically) but comments had them elided (Source keywords replaced with a literal pathname, Id totally removed.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7014 dc483132-0cff-0310-8789-dd5450dbe970
* Missing 'break' statement during option parsing;Richard Basch1995-10-301-0/+1
| | | | | | -p <port> could not be specified, without falling into the usage message. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7006 dc483132-0cff-0310-8789-dd5450dbe970
* kdc_preauth.c (get_preauth_hint_list): Fix missing indirection inTheodore Tso1995-10-114-14/+11
| | | | | | | | | | | | | get_hint_list. kdc_util.c (validate_as_request): Remove preauthentication check; this is handled in do_as_req.c do_as_req.c (process_as_request): Pass e_data to prepare_as_error so that the proper preauthentication hint list can be passed back to the client. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6960 dc483132-0cff-0310-8789-dd5450dbe970
* do_tgs_req.c (process_tgs_req): Use a slightly more compressed loggingTheodore Tso1995-10-064-118/+116
| | | | | | | | | | format. do_as_req.c (process_as_req): Unify the logging and error packet production, to make sure that both logging and an error packet is returned for each error condition. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6939 dc483132-0cff-0310-8789-dd5450dbe970
* network.c (setup_network):Theodore Tso1995-10-069-375/+145
| | | | | | | | | | | | | | | | | | | | | main.c (initialize_realms): Massive revamp of how the network ports are setup. The default port list for a realm is read from [kdcdefaults]/kdc_ports from the kdc.conf file. For each realm, a list of ports can be specified in [realms]/<realm>/kdc_ports. extern.h (kdc_realm_t): Remove realm_pport and realm_sport, and added realm_ports. do_tgs_req.c (process_tgs_req): do_as_req.c (process_as_req): dispatch.c (dispatch): Pass the portnumber of the incoming request down to process_as_req and process_tgs_req, instead of the boolean "is_secondary". kerberos_v4.c (kerb_get_principal, kerberos_v4): Fix gcc -Wall flames, by fixing signed vs. unsigned types. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6937 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (init_realm): strdup KRB5_KDB_M_NAME if we use it, toMark Eichin1995-09-182-1/+6
| | | | | | avoid free'ing a constant later. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6810 dc483132-0cff-0310-8789-dd5450dbe970
* Stop after finding the first TGS key which matches an entry in theTheodore Tso1995-09-152-6/+12
| | | | | | key/salt list. (Typo; added missing '!') git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6790 dc483132-0cff-0310-8789-dd5450dbe970
* When checking for master in tthe list of valid encryption types, do notEzra Peisach1995-09-102-1/+6
| | | | | | stop after checking the first one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6748 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c, do_tgs_req.c, kdc_util.c, kerberos_v4.c, main.c :Chris Provenzano1995-09-066-68/+72
| | | | | | s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6709 dc483132-0cff-0310-8789-dd5450dbe970
* * do_as_req.c, do_tgs_req.c, kerberos_v4.c, main.c: Remove krb5_enctypeChris Provenzano1995-09-065-77/+61
| | | | | | references, and replace with krb5_keytype where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6673 dc483132-0cff-0310-8789-dd5450dbe970
* Add const declarations to make remove warnings about convertingEzra Peisach1995-09-046-10/+16
| | | | | | | a pointer to const string to a non-const type. Make this change consistant throughout the sources. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6657 dc483132-0cff-0310-8789-dd5450dbe970
* kdc_preauth.c: New file, to contain the server-side preauthenticationTheodore Tso1995-09-025-55/+207
| | | | | | | | | | | | | routines. do_as_req.c (process_as_req): Move preauthentication code to kdc_preauth.c, for better modularity. do_as_req.c (prepare_error_as): Add new argument to this function so that the e_data field may be passed in and included in the KRB_ERROR messsage which is passed back to the user. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6656 dc483132-0cff-0310-8789-dd5450dbe970
* Use libkadm string handling routinesPaul Park1995-08-213-4/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6563 dc483132-0cff-0310-8789-dd5450dbe970
* Close and re-open the database after updating principal statsPaul Park1995-08-172-1/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6543 dc483132-0cff-0310-8789-dd5450dbe970
* Pass fds to krb5_lock_file() and krb5_unlock_file()Chris Provenzano1995-08-162-0/+7
| | | | | | | Add a missing #ifdef KRBCONF_KDC_MODIFIES_KDB for update_client and updating the database. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6536 dc483132-0cff-0310-8789-dd5450dbe970
* Describe previous changesPaul Park1995-08-151-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6531 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5_dbe_find_keytype() to find appropriate key. Fix gcc -Wall complaintsPaul Park1995-08-151-32/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6530 dc483132-0cff-0310-8789-dd5450dbe970
* Use per-realm key/salt list to find appropriate keys. Fix gcc -Wall complaintsPaul Park1995-08-152-64/+104
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6529 dc483132-0cff-0310-8789-dd5450dbe970
* Generate/use per-realm key/salt list. Fix gcc -Wall complaintsPaul Park1995-08-151-52/+120
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6528 dc483132-0cff-0310-8789-dd5450dbe970
* Add key/salt list to per-relm dataPaul Park1995-08-151-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6527 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing variable when KRBCONF_KDC_MODIFIES_KDB onPaul Park1995-08-102-1/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6498 dc483132-0cff-0310-8789-dd5450dbe970
* do_as_req.c : Fix bug from new kdb changes.Chris Provenzano1995-08-033-57/+67
| | | | | | kerberos_v4.c : Use new db format. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6400 dc483132-0cff-0310-8789-dd5450dbe970
* Describe previous changesPaul Park1995-08-031-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6394 dc483132-0cff-0310-8789-dd5450dbe970
* Compile something when Kerberos 4 disabledPaul Park1995-08-031-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6390 dc483132-0cff-0310-8789-dd5450dbe970
* Ensure padata is NULL with normal saltPaul Park1995-08-031-1/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6389 dc483132-0cff-0310-8789-dd5450dbe970
* Fix compiler complaints and remove dependence on mit-des.hPaul Park1995-07-273-4/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6337 dc483132-0cff-0310-8789-dd5450dbe970
* Add --with-vague-errors and --with-kdc-kdb-update which controls KDC behaviorPaul Park1995-07-271-0/+28
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6336 dc483132-0cff-0310-8789-dd5450dbe970
* Use new kdb formatChris Provenzano1995-07-275-147/+157
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6329 dc483132-0cff-0310-8789-dd5450dbe970
* git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6306 ↵Paul Park1995-07-172-186/+82
| | | | dc483132-0cff-0310-8789-dd5450dbe970
* Include netinet/in.hSam Hartman1995-07-142-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6293 dc483132-0cff-0310-8789-dd5450dbe970
* Reorganize KDC profile and network port handlingPaul Park1995-07-126-66/+505
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6287 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for set_tgtkey. kdc now compiles cleanly withEzra Peisach1995-07-112-0/+5
| | | | | | -Wmissing_prototypes git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6275 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-01 06:45:50 +0000