summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb
Commit message (Collapse)AuthorAgeFilesLines
...
* Update dependenciesKen Raeburn2010-01-031-3/+58
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5int_count_etypes in rd_req_decoded_optGreg Hudson2010-01-021-4/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23567 dc483132-0cff-0310-8789-dd5450dbe970
* Factor out copying and counting of zero-terminated enctype lists intoGreg Hudson2010-01-018-99/+100
| | | | | | a new file src/lib/krb5/krb/etype_list.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23565 dc483132-0cff-0310-8789-dd5450dbe970
* Include os-proto.h for _krb5_conf_boolean prototype before declarationEzra Peisach2009-12-301-0/+2
| | | | | | of function. (gcc warning) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23547 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the krb5_set_default_in_tkt_ktypes andGreg Hudson2009-12-301-7/+0
| | | | | | | krb5_set_default_tgs_ktypes during context initialization, as they weren't doing anything. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23545 dc483132-0cff-0310-8789-dd5450dbe970
* Create a separate file for krb5_copy_context for better code modularityZhanna Tsitkov2009-12-293-63/+141
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23538 dc483132-0cff-0310-8789-dd5450dbe970
* Functions in enc_helper.c serve different code blocks. Split themZhanna Tsitkov2009-12-293-27/+70
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23535 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new profile variable preauth_module_dir, which specifiesGreg Hudson2009-12-281-5/+48
| | | | | | | | directories to look for preauth plugins in prior to the hardcoded locations. Undocumented for now since, like db_module_dir, this is mostly intended for the test suite. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23531 dc483132-0cff-0310-8789-dd5450dbe970
* Move krb5_get_profile back to init_os_ctx.c for now and revert r23519.Greg Hudson2009-12-282-8/+1
| | | | | | | | At this time we link t_etypes against init_ctx.so during "make check", which breaks if init_ctx contains reference to the profile library. More general solutions to this problem are under discussion. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23530 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixes for new anonymous supportGreg Hudson2009-12-283-29/+36
| | | | | | ticket: 6607 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970
* Anonymous support for KerberosSam Hartman2009-12-284-10/+147
| | | | | | | | | | | | | | | | | | | | | | This ticket implements Project/Anonymous pkinit from k5wiki. Provides support for completely anonymous principals and untested client support for realm-exposed anonymous authentication. * Introduce kinit -n * Introduce kadmin -n * krb5_get_init_creds_opt_set_out_ccache aliases the supplied ccache * No longer generate ad-initial-verified-cas in pkinit * Fix pkinit interactions with non-TGT authentication Merge remote branch 'anonymous' into trunk Conflicts: src/lib/krb5/krb/gic_opt.c ticket: 6607 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23527 dc483132-0cff-0310-8789-dd5450dbe970
* Include prof_int.h in init_ctx.c instead of init_os_ctx.c,Ken Raeburn2009-12-282-1/+2
| | | | | | corresponding to the moved use of profile_copy in r23484. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23519 dc483132-0cff-0310-8789-dd5450dbe970
* Code modularity related updatesZhanna Tsitkov2009-12-239-235/+309
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23484 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_ prefix from some static func namesZhanna Tsitkov2009-12-229-102/+111
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23483 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixesGreg Hudson2009-12-161-7/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23477 dc483132-0cff-0310-8789-dd5450dbe970
* On Luke's advice, remove krb5_init_creds_store_creds. It is not aGreg Hudson2009-12-151-11/+0
| | | | | | | Heimdal API and its functionality is covered by krb5_get_init_creds_opt_set_out_ccache. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23469 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of the requirement of defining MAX_ENCTYPE inGreg Hudson2009-12-151-36/+56
| | | | | | | krb5int_parse_enctype_list, at the cost of making repeated realloc() calls during parsing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23468 dc483132-0cff-0310-8789-dd5450dbe970
* Formatining enhancementZhanna Tsitkov2009-12-151-11/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23467 dc483132-0cff-0310-8789-dd5450dbe970
* fast negotiation projecSam Hartman2009-12-145-104/+400
| | | | | | | | | | | | | | | | Merge branches/fast-negotiate into trunk. This implements http://k5wiki.kerberos.org/wiki/Projects/Fast_negotiation Additional changes: * krb5_c_make_checksum with checksum type 0 uses mandatory checksum for given key enctype Conflicts: src/lib/crypto/krb/make_checksum.c ticket: 6595 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23465 dc483132-0cff-0310-8789-dd5450dbe970
* Change file holder for krb5int_check_clockskew. Minor Style changes per code ↵Zhanna Tsitkov2009-12-091-41/+25
| | | | | | practices git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23460 dc483132-0cff-0310-8789-dd5450dbe970
* handle negative enctypes betterTom Yu2009-12-071-2/+3
| | | | | | | | | | | krb5_dbe_def_search_enctype and krb5int_parse_enctype_list were making assumptions that enctype numbers are positive. Potentially more code makes this assumption, but these appear to be the major ones. ticket: 6592 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23454 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent and removed krb5_ prefix from static func nameZhanna Tsitkov2009-12-011-67/+67
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23398 dc483132-0cff-0310-8789-dd5450dbe970
* Terminate the loop in find_authdata_1 if we get an error in one of theGreg Hudson2009-11-301-1/+1
| | | | | | iterations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23382 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_key versions of the auth context key accessors, and use themGreg Hudson2009-11-271-0/+27
| | | | | | to simplify the gss-krb5 code a little bit. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23372 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up the flow control in krb5int_send_tgs, and avoid setting theGreg Hudson2009-11-271-38/+39
| | | | | | subkey output param when success is not guaranteed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23369 dc483132-0cff-0310-8789-dd5450dbe970
* If krb5_init_creds_step is called on an already complete context,Greg Hudson2009-11-271-1/+1
| | | | | | return 0 rather than uninitialized stack garbage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23368 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2009-11-271-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23366 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up a few cases where krb5_get_in_tkt_with_keytab would leak theGreg Hudson2009-11-261-3/+4
| | | | | | options structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23363 dc483132-0cff-0310-8789-dd5450dbe970
* libkrb5 support for non-blocking AS requestsGreg Hudson2009-11-269-634/+1230
| | | | | | | | | | | Merge Luke's iakerb-libkrb5-as-only branch into trunk with several bug fixes. Adds support for the krb5_init_creds APIs (same as Heimdal's) which allow AS requests to be performed via a different transport than the blocking send_to_kdc. ticket: 6586 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23358 dc483132-0cff-0310-8789-dd5450dbe970
* Defer the conversion of the gic options structure to the extended formGreg Hudson2009-11-254-91/+72
| | | | | | | until we reach krb5_get_init_creds. Rename that function to krb5int_get_init_creds since it isn't public. Also stop exporting it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23357 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_ prefix from the name of the static func get_as_key_keytab. ReindentZhanna Tsitkov2009-11-241-13/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23352 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-222-712/+712
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_free_ad_signedpath must free outer structureLuke Howard2009-11-191-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23293 dc483132-0cff-0310-8789-dd5450dbe970
* Move prototypes for krb5int_send_tgs and krb5int_decode_tgs_rep to int-proto.h.Ezra Peisach2009-11-163-8/+30
| | | | | | These functions are not exported by the library. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23232 dc483132-0cff-0310-8789-dd5450dbe970
* Constrained delegation without PAC supportGreg Hudson2009-11-142-20/+58
| | | | | | | | | | | Merge Luke's users/lhoward/s4u2proxy branch to trunk. Implements a Heimdal-compatible mechanism for allowing constrained delegation without back-end support for PACs. Back-end support exists in LDAP only (via a new krbAllowedToDelegateTo attribute), not DB2. ticket: 6580 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23160 dc483132-0cff-0310-8789-dd5450dbe970
* Deal with some open paren formatting issues, and reindent. MakeTom Yu2009-11-052-570/+567
| | | | | | preauth.c use the function pointer typdefs in the prototypes as well. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23131 dc483132-0cff-0310-8789-dd5450dbe970
* Restore the krb5 1.6 behavior of not retrying AS requests afterGreg Hudson2009-11-041-16/+1
| | | | | | | | | PREAUTH_FAILED errors. Among other things, this change causes krb5_get_init_creds_opt_set_pa to act (mostly) as a constraint rather than simply as an optimistic set of preauth types, which is the behavior apps had been seeing prior to 1.7. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23128 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent and manually restore some BSD-style files that wereTom Yu2009-11-042-0/+2
| | | | | | previously incorrectly marked as krb5-style. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23126 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent after making fixes for emacs-23Tom Yu2009-11-031-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23123 dc483132-0cff-0310-8789-dd5450dbe970
* Memory leak fix: in obtain_sam_padata, after claiming the contents ofGreg Hudson2009-11-011-1/+2
| | | | | | | the scratch data object, free the outer structure before nulling the pointer to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23114 dc483132-0cff-0310-8789-dd5450dbe970
* Stop using deprecated krb5_encrypt_data in preauth code. UseGreg Hudson2009-11-012-6/+6
| | | | | | | | krb5_encrypt_helper instead. (encrypt_helper takes a key usage instead of an ivec, but that's okay since the invocations were using null ivecs anyway.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23111 dc483132-0cff-0310-8789-dd5450dbe970
* In lib/krb5/krb, ensure all function definition headers are in ANSIGreg Hudson2009-10-3110-140/+122
| | | | | | style and have the function name at the beginning of a line. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23102 dc483132-0cff-0310-8789-dd5450dbe970
* Fix indentation in gc_via_tkt.c which was messed up by a malformed #ifGreg Hudson2009-10-311-221/+221
| | | | | | 0 block. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23101 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-31112-12620/+12684
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Replace krb5_ with krb5Int_ prefix for non-API functionsZhanna Tsitkov2009-10-281-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23079 dc483132-0cff-0310-8789-dd5450dbe970
* When iterating through the keytab in krb5_rd_req(), do notLuke Howard2009-10-221-2/+4
| | | | | | | return success if we did not find any matching keytab entries, otherwise we will crash upon accessing ticket->enc_part2. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22974 dc483132-0cff-0310-8789-dd5450dbe970
* For naming extensions draft compliance, s/mspac:/urn:mspac:/Luke Howard2009-10-201-12/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22957 dc483132-0cff-0310-8789-dd5450dbe970
* fix some Coverity reported defects in naming extensionsLuke Howard2009-10-204-25/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22948 dc483132-0cff-0310-8789-dd5450dbe970
* Implement new APIs to allow improved crypto performanceGreg Hudson2009-10-1916-203/+217
| | | | | | | | | | | Merge branches/enc-perf to trunk. Adds the krb5_key opaque type, the krb5_k_* APIs to use them, and caching of derived keys when krb5_k_* functions are used. Updates the krb5 auth context and GSS id-rec to use krb5_keys. ticket: 6576 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22944 dc483132-0cff-0310-8789-dd5450dbe970
* Fix preauth looping in krb5_get_init_credsGreg Hudson2009-10-131-2/+16
| | | | | | | | | | | | | | In 1.7, krb5_get_init_creds will continue attempting the same built-in preauth mechanism (e.g. encrypted timestamp) until the loop counter maxes out. Until the preauth framework can remember not to retry built-in mechanisms, only continue with preauth after a PREAUTH_FAILED error resulting from optimistic preauth. ticket: 6573 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22890 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 18:43:48 +0000