summaryrefslogtreecommitdiffstats
path: root/src/lib/kdb
Commit message (Collapse)AuthorAgeFilesLines
...
* fix kadmind startup failure with krb4 vuln patchTom Yu2003-03-192-8/+15
| | | | | | | | | | | * keytab.c (krb5_ktkdb_get_entry): Do not perform the enctype comparison if the requested enctype is a wildcard. ticket: new status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15295 dc483132-0cff-0310-8789-dd5450dbe970
* Disable krb4 cross-realm in krb524d and krb5kdc. Provide an option toSam Hartman2003-03-172-1/+54
| | | | | | | | | | | | | | | | | | | reenable (-X) which prints a warning that you are creating a security hole. Remove support for generating krb4 tickets encrypted using 3DES service keys as it is insecure. They are still accepted however. The KDc is much more strict about accepting only tickets that it would have issued in the current configuration. In particular if the KDC would choose some enctype for writing a TGT, other enctypes will not be accepted when using a TGT. Ticket: 1385 Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15286 dc483132-0cff-0310-8789-dd5450dbe970
* use kdb keytab for kadmindTom Yu2003-03-064-8/+49
| | | | | | | | | | | | | kadmind previously required a file-based keytab to support its use of gssapi. For ease of administration, a kdb-based keytab would be beneficial. This commit includes changes to the kdb library to support this goal, as well as actual changes in the kadmind itself. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15237 dc483132-0cff-0310-8789-dd5450dbe970
* Change comments to remove the note that we're going to redesign keyTom Yu2003-02-082-2/+6
| | | | | | | | storage architecture for 1.3. ticket: 1193 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15168 dc483132-0cff-0310-8789-dd5450dbe970
* Search for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather thanKen Raeburn2003-01-102-4/+3
| | | | | | explicitly in directories using those macros. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15111 dc483132-0cff-0310-8789-dd5450dbe970
* Use markers in Makefile.in rather than rules in configure.in to indicate whenKen Raeburn2003-01-102-0/+8
| | | | | | | | to use the lib.in and libobj.in makefile fragments. Pushing this per-directory info into Makefile.in will make it a little easier to work on combining configure scripts for multiple directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15107 dc483132-0cff-0310-8789-dd5450dbe970
* * setup_mkey.c (krb5_db_setup_mkey_name): Use size_t instead ofEzra Peisach2002-12-232-2/+7
| | | | | | int for lengths. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15069 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (check): Remove test_db before running testsKen Raeburn2002-12-192-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15057 dc483132-0cff-0310-8789-dd5450dbe970
* Changes to allow compilation --with-system-db and --enable-sharedEzra Peisach2002-12-162-3/+11
| | | | | | (Do not depend on lib/db.so being present) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15049 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2002-09-131-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14857 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_db2.c (krb5_db2_db_iterate_ext): Don't call bt_rseq if HAVE_BT_RSEQ isKen Raeburn2002-09-132-0/+15
| | | | | | undefined; instead, just return an error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14850 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2002-08-291-10/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14791 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Revert $(S)=>/ change, for Windows supportKen Raeburn2002-08-292-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14786 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore a bunch of files generated by building in the source tree, excludingKen Raeburn2002-08-291-0/+1
| | | | | | | | | those covered by CVSROOT/cvsignore patterns. Static UNIX build only, at the moment, may need updates for other configurations. (Second try; this time, deal with the cases where "cvs add"/"cvs ci" choked on previously deleted versions numbered 5.x.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14785 dc483132-0cff-0310-8789-dd5450dbe970
* Change $(S)=>/ and $(U)=>.. globallyKen Raeburn2002-08-232-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14761 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_db2.h: Add prototype and rename forTom Yu2002-08-234-5/+53
| | | | | | | | | | | | | krb5_db2_db_iterate_ext(). * kdb_db2.c (krb5_db2_db_iterate_ext): New function; allow optional backwards or recursive (if btree) traversal of the database. * Makefile.in (LIBMINOR): Bump due to addition of krb5_db_iterate_ext(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14755 dc483132-0cff-0310-8789-dd5450dbe970
* * keytab.c (krb5_ktkdb_get_entry): For consistency, check forTom Yu2002-08-152-0/+11
| | | | | | DISALLOW_ALL_TIX and DISALLOW_SVR when looking up keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14727 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch toSam Hartman2002-08-092-0/+6
| | | | | | | initialize return value in kdb5_dbe_search_enctype so etype info works reliably git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14692 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2002-06-151-24/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14522 dc483132-0cff-0310-8789-dd5450dbe970
* shlib version number updates from 1.2.x branchKen Raeburn2002-03-072-1/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14233 dc483132-0cff-0310-8789-dd5450dbe970
* Use const instead of krb5_constKen Raeburn2002-02-232-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14161 dc483132-0cff-0310-8789-dd5450dbe970
* * t_kdb.c (do_testing): Invoke krb5_free_principal andEzra Peisach2001-11-192-0/+17
| | | | | | | krb5_free_keyblock_contents on master key to prevent minor memory leak. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13994 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_cpw.c (cleanup_key_data): Do not free NULL pointerEzra Peisach2001-10-302-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13906 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_encode_princ_contents): Use krb5_ui_2 instead ofEzra Peisach2001-10-262-1/+6
| | | | | | krb5_int16 for key_data_length. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13860 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_dbe_search_enctype): Filter out enctypes thatTom Yu2001-10-253-2/+31
| | | | | | | | | | aren't in permitted_enctypes. This prevents the KDC from issuing a ticket whose enctype that it won't accept. * keytab.c (krb5_ktkdb_get_entry): For now, coerce enctype of output keyblock in case we got a match on a similar enctype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13855 dc483132-0cff-0310-8789-dd5450dbe970
* In directories building libraries, generate dependencies for .so/.po files tooKen Raeburn2001-10-201-10/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13828 dc483132-0cff-0310-8789-dd5450dbe970
* Update automatic dependencies to work on Windows by using $(OUTPRE) andKen Raeburn2001-10-111-23/+26
| | | | | | | $(OBJEXT). Change a couple of UNIX rules to not trigger incorrectly on Windows. Rebuild dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13801 dc483132-0cff-0310-8789-dd5450dbe970
* Don't conditionalize prototypes; delete macros supporting it. (Maybe overdone;Ken Raeburn2001-10-106-52/+57
| | | | | | don't worry about restoring them when importing new versions of code.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13792 dc483132-0cff-0310-8789-dd5450dbe970
* dependenciesKen Raeburn2001-09-011-0/+47
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13725 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_dbe_update_mod_princ_data,Ezra Peisach2001-07-273-4/+14
| | | | | | | | | krb5_encode_princ_contents): Delcare local variable unsigned. * kdb_cpw.c (add_key_pwd): Declare local variable unsigned based on use. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13644 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed several typos in commentsMitchell Berger2001-06-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13399 dc483132-0cff-0310-8789-dd5450dbe970
* kdb_dbm.c (destroy_file_suffix): Declare as staticEzra Peisach2001-04-252-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13189 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c: Change the variable index to idx to prevent functionEzra Peisach2001-03-102-4/+9
| | | | | | name shadowing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13069 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Use AC_CHECK_HEADERS instead of AC_HAVE_HEADERSEzra Peisach2000-11-012-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12835 dc483132-0cff-0310-8789-dd5450dbe970
* * fetch_mkey.c: Signed/unsigned int cleanupEzra Peisach2000-10-173-12/+17
| | | | | | | * kdb_cpw.c (add_key_pwd): Change salt data length of -1 to SALT_TYPE_AFS_LENGTH. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12778 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_dbe_free_contents): Clean up signedness warningEzra Peisach2000-09-206-15/+47
| | | | | | | | | | | | | | | | * fetch_mkey.c (krb5_db_fetch_mkey): Clean up signedness warnings. * kdb_db2.c (destroy_file_suffix): Declare function as static. Rewrite code to use off_t and unsigned ints to handle gcc warnings. (kdb5_context_internalize) Unmarshal boolean type properly. * store_mkey.c (krb5_db_store_mkey): Use mode_t instead of int in call to umask. * configure.in: Add AC_TYPE_MODE_T and AC_TYPE_OFF_T for mode_t and off_t declarations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12661 dc483132-0cff-0310-8789-dd5450dbe970
* * encrypt_key.c, kdb_cpw.c, kdb_xdr.c: Add parenthesis aboutEzra Peisach2000-07-044-22/+24
| | | | | | assignment in conditional and remove unused variables. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12531 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (SHLIB_EXPDEPS): Add libdb, since we can build thisTom Yu2000-06-302-2/+9
| | | | | | | shared now. (SHLIB_EXPLIBS): Add -ldb. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12490 dc483132-0cff-0310-8789-dd5450dbe970
* pullup from 1.2 branchKen Raeburn2000-06-275-25/+51
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12442 dc483132-0cff-0310-8789-dd5450dbe970
* Change wsanchez@apple -> tritan@mitWilfredo Sanchez2000-06-011-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12331 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of unused variableEzra Peisach2000-03-162-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12120 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): In casting argumentEzra Peisach2000-03-122-1/+6
| | | | | | | | to krb5_parse_name, use krb5_const not const. Under ultrix, krb5_const is not the same as const git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12100 dc483132-0cff-0310-8789-dd5450dbe970
* from Bear Giles:Ken Raeburn2000-02-212-2/+5
| | | | | | | * fetch_mkey.c (krb5_db_fetch_mkey): Don't attempt to override type of key read from stash file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12061 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_cpw.c (krb5_dbe_crk):Tom Yu2000-02-192-0/+13
| | | | | | (krb5_dbe_cpw): Fix to actually save old keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12054 dc483132-0cff-0310-8789-dd5450dbe970
* log tritan's changesTom Yu1999-10-261-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11877 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES suchWilfredo Sanchez1999-10-261-1/+0
| | | | | | | that one can override CFLAGS from the command line without losing CPP search patchs and defines. Some associated Makefile cleanup. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11876 dc483132-0cff-0310-8789-dd5450dbe970
* copyright notice updates from 1.1 branchKen Raeburn1999-09-2414-14/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11853 dc483132-0cff-0310-8789-dd5450dbe970
* testcase fixes from 1.1 branch:Ken Raeburn1999-09-012-11/+24
| | | | | | | | | | | * t_kdb.c (add_principal): Free only contents of a generated key, since the keyblock structure itself is on the stack. * t_kdb.c (add_principal): Update for new calling sequence to krb5_dbekd_encrypt_key_data. (do_testing): Update calls. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11775 dc483132-0cff-0310-8789-dd5450dbe970
* Makefile.in: Set the myfulldir and mydir variables (which are relativeTheodore Tso1998-12-052-0/+7
| | | | | | to buildtop and thisconfigdir, respectively.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11087 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_cpw.c (krb5_dbe_crk):Tom Yu1998-11-172-8/+38
| | | | | | | (krb5_dbe_cpw): Add "keepold" boolean argument to indicate whether to retain old keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11045 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 15:44:28 +0000