summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb
Commit message (Collapse)AuthorAgeFilesLines
...
* Add platform-dependent 64-bit and inline-function support via new headerKen Raeburn2003-12-134-24/+89
| | | | | | | | | | | | | | | k5-platform.h. Add 64-bit serializer support. [Not needed for ticket 1471, but needed for 2040 and annoying to check in separately.] Add to (internal for now) crypto API a function to get the mandatory checksum type associated with an enctype. New support for server-generated subkey, selected via an auth_context flag. ticket: 1471 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15908 dc483132-0cff-0310-8789-dd5450dbe970
* initial sequence number mask short by 4 bitsTom Yu2003-10-302-1/+6
| | | | | | | | | | | | | * gen_seqnum.c (krb5_generate_seq_number): Fix mask; was short by 4 bits. ticket: new version_reported: 1.3.1 target_version: 1.3.2 component: krb5-libs tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15849 dc483132-0cff-0310-8789-dd5450dbe970
* Save encoded KRB-SAFE-BODY to avoid problems caused by re-encoding it.Tom Yu2003-10-082-4/+21
| | | | | | | | | | Also, handle correctly implemented RFC 1510 KRB-SAFE i.e., checksummed over KRB-SAFE-BODY only. ticket: 1893 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15831 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Cesar Garcia to fix lifetime computation in 524Tom Yu2003-09-022-1/+6
| | | | | | | | | | | ticket conversion. ticket: 1712 tags: pullup version_reported: 1.3.1 target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15808 dc483132-0cff-0310-8789-dd5450dbe970
* Don't double free the encrypted credential partSam Hartman2003-08-192-5/+5
| | | | | | | Ticket: 1731 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15773 dc483132-0cff-0310-8789-dd5450dbe970
* get_init_creds_password: DNS SRV off causes bogus REALM_UNKNOWNTom Yu2003-08-082-1/+10
| | | | | | | | | | | | | | | * gic_pwd.c (krb5_get_init_creds_password): If DNS SRV support is turned off, the second call to get_init_creds() will fail with KRB5_REALM_UNKNOWN under certain circumstances. If that happens, return the error from the first call to get_init_creds(), which will be more useful to the user. ticket: new target_version: 1.3.2 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15761 dc483132-0cff-0310-8789-dd5450dbe970
* Send generalstring not octetstring in etype_info2. Accept eitherSam Hartman2003-07-222-4/+15
| | | | | | | | | | | | form. Also, if a etype_info fails to decode, skip it rather than failing to process the AS reply. Ticket: 1681 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15723 dc483132-0cff-0310-8789-dd5450dbe970
* delete ##WIN16## lines from makefilesKen Raeburn2003-07-172-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15691 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.oKen Raeburn2003-07-152-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15689 dc483132-0cff-0310-8789-dd5450dbe970
* Export krb5_get_permitted_enctypes and krb5_set_real_time for SambaAlexandra Ellwood2003-07-092-1/+5
| | | | | | ticket: 1655 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15678 dc483132-0cff-0310-8789-dd5450dbe970
* * gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,Tom Yu2003-06-272-1/+6
| | | | | | | | | not &keytab, to get_init_creds. Thanks to Herb Lewis. ticket: 1630 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15653 dc483132-0cff-0310-8789-dd5450dbe970
* Set use_conf_ktypes to 1 while looking up the tgt to use forSam Hartman2003-06-162-0/+7
| | | | | | | | | forwarding. Ticket: 1610 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15627 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_rd_rep leaks subkeysTom Yu2003-06-132-0/+13
| | | | | | | | | | | | * rd_rep.c (krb5_rd_rep): Free subkeys before replacing them, if needed. This avoids a memory leak. ticket: new target_version: 1.3 component: krb5-libs tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15620 dc483132-0cff-0310-8789-dd5450dbe970
* Don't escape rcache filename characters with backslashTom Yu2003-06-112-5/+10
| | | | | | | | | | | | * srv_rcache.c (krb5_get_server_rcache): Octal escapes begin with hyphen now, since backslash is a pathname separator on DOS. ticket: new target_version: 1.3 component: krb5-libs tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15609 dc483132-0cff-0310-8789-dd5450dbe970
* Don't allow renewable_ok to be set if the renew liftime is greaterSam Hartman2003-06-062-0/+7
| | | | | | | | | | than the ticket lifetime. Ticket: 1576 Tags: pullup Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15590 dc483132-0cff-0310-8789-dd5450dbe970
* Static function krb5_generate_authenticator should take unsigned sequence ↵Ezra Peisach2003-06-062-2/+7
| | | | | | | | | | | | number argument * mk_req_ext.c (krb5_generate_authenticator): Sequence numbers are unsigned now. Ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15585 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (krb5_get_init_creds): Change hardcoded default ticket lifetimeKen Raeburn2003-05-302-1/+4
| | | | | | | | | from 10 hours to 24 hours. ticket: 1190 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15533 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ctx.c (DEFAULT_KDC_TIMESYNC): Define as 1 always.Ken Raeburn2003-05-302-8/+5
| | | | | | | | | (DEFAULT_CCACHE_TYPE): Define as 4 always. ticket: 1190 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15529 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c: (verify_as_reply) Only check the renewable lifetime of ↵Alexandra Ellwood2003-05-302-0/+8
| | | | | | tickets whose request options included KDC_OPT_RENEWABLE_OK if those options did not also include KDC_OPT_RENEWABLE. Otherwise verify_as_reply() will fail for all renewable tickets git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15524 dc483132-0cff-0310-8789-dd5450dbe970
* Rename interface to krb5_524_convert_creds, export it from krb5 library.Ken Raeburn2003-05-282-6/+30
| | | | | | | | | | | | Provide old names as functions for UNIX/MacOS binary compatibility, and deprecated macros for source code compatibility. (For Windows, we'll still need a krb524.dll, and it can worry about providing the old names.) Enable support on Windows always. ticket: 1491 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15513 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid memory leak of server and client principal inSam Hartman2003-05-273-1/+52
| | | | | | | | | krb5_get_in_tkt_with{_password,_keytab} Ticket: 1525 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15498 dc483132-0cff-0310-8789-dd5450dbe970
* Big step towards integrating libkrb524 into libkrb5:Ken Raeburn2003-05-245-0/+438
| | | | | | | | | | | | | | | | | | | | | | | Move libkrb524 code, including error table, into libkrb5. Now libkrb5 initialization pulls in the krb524 error table, so krb524_init_ets is gone; all calls deleted. Move krb4 life/time conversion functions into libkrb5 under new names, using accessor hooks to get at them from libkrb4. Move declarations from krb524.h into krb5.h, k5-int.h, or krb524d.h; the last doesn't get copied into the include directory. Changed inclusions of krb524.h to the appropriate files, if any were needed. Rebuilt dependencies in Makefiles. These changes are likely to break the Windows build; I'll look into that soon. ticket: 1491 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15491 dc483132-0cff-0310-8789-dd5450dbe970
* make-depend updatesKen Raeburn2003-05-241-267/+257
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15490 dc483132-0cff-0310-8789-dd5450dbe970
* use kdc_default_optionsSam Hartman2003-05-232-1/+5
| | | | | | | | | | | The documentation and context initialization supports an option called kdc_default_options which is an integer that sets the default KDC request flags. Make the code actually use the option. Ticket: new Component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15485 dc483132-0cff-0310-8789-dd5450dbe970
* * gen_seqnum.c (krb5_generate_seq_number): Fix think-o on sequenceTom Yu2003-05-232-1/+4
| | | | | | | | | number mask. ticket: 1262 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15480 dc483132-0cff-0310-8789-dd5450dbe970
* Implement heuristic for matching broken Heimdal sequence number encodingsTom Yu2003-05-235-2/+184
| | | | | | | | | ticket: 1263 target_version: 1.3 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15479 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_populate_gic_opt should return voidSam Hartman2003-05-222-1/+5
| | | | | | | | | | | Since none of the functions it calls can return an error, this should return void. Ticket: new Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15465 dc483132-0cff-0310-8789-dd5450dbe970
* Set length correctly in krb5_get_in_tkt_with_password if password isTom Yu2003-05-212-4/+11
| | | | | | | | | | actually passed in. Also, fix test suite to be more lenient about password prompts, which changed under the previous patches for this ticket. ticket: 1480 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15463 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_in_tkt now only supports old (non-etype-info2) enctypesSam Hartman2003-05-202-1/+18
| | | | | | | Ticket: 1480 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15462 dc483132-0cff-0310-8789-dd5450dbe970
* Implement krb5_get_in_tkt_with_password andSam Hartman2003-05-207-257/+155
| | | | | | | | | | | | krb5_get_in_tkt_with_keytab in terms of krb5_get_init_creds. It turns out that these do in fact need to use get_init_creds not get_init_creds_{password,keytab} because of those functions do not allow the AS request to be returned. Ticket: 1480 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15461 dc483132-0cff-0310-8789-dd5450dbe970
* Sequence numbers are now unsigned. Implement lenient parser forTom Yu2003-05-183-4/+26
| | | | | | | | | | | sequence numbers which folds received negative sequence numbers into positive unsigned numbers. Constrain the space of initial sequence numbers to facilitate backwards compatibility. ticket: 1262 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15457 dc483132-0cff-0310-8789-dd5450dbe970
* * chpw.c (krb5int_rd_chpw_rep): Allow new kpasswd error codes up throughKen Raeburn2003-05-172-1/+4
| | | | | | | | | _INITIAL_FLAG_NEEDED. ticket: 1441 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15455 dc483132-0cff-0310-8789-dd5450dbe970
* * ser_ctx.c (krb5_context_internalize): Copy read-in OS context data intoKen Raeburn2003-05-172-6/+22
| | | | | | | | | krb5_context and free up the newly allocated OS context. ticket: 1497 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15453 dc483132-0cff-0310-8789-dd5450dbe970
* Try forwarding with no enctype restriction if forwarding with anSam Hartman2003-05-132-3/+12
| | | | | | | | enctype restriction fails. This is sufficient for 1.3. Ticket: 1473 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15431 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor error in previous commit that broke v4 saltsSam Hartman2003-05-131-1/+1
| | | | | | | Ticket: 1470 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15426 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leaks and double frees in preauth2.cSam Hartman2003-05-134-42/+81
| | | | | | | Ticket: 1470 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15425 dc483132-0cff-0310-8789-dd5450dbe970
* * IMplement etype_info in KDC. If the request contains any newSam Hartman2003-05-125-88/+88
| | | | | | | | | | | | | | | | | | | | enctypes (currently AES but anything not explicitly listed as old) then only etype_info2 is sent back in response. Send back etype_info2 all the time. Also send back etype_info2 to provide salt and s2kparams with AS reply not just for preauth errors. * Expose interface for getting string2key with parameters (previously implemented but not exported) * IN the client (at least for get_init_creds interface) prfer etype_info2 to etype_info and pw_salt. Pass s2kparams and use string2key_with_params. Ticket: 1454 Status: open Target_Version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15412 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new krb5_context field for the config-file tgs_enctypes, whichKen Raeburn2003-05-103-23/+57
| | | | | | | | | | | applications cannot override, and use it for ticket-granting tickets needed to acquire some desired service ticket. ticket: 1429 tags: pullup status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15411 dc483132-0cff-0310-8789-dd5450dbe970
* punt leftover conflict markersTom Yu2003-05-101-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15410 dc483132-0cff-0310-8789-dd5450dbe970
* Rename the local_subkey and remote_subkey fields in the auth_contextTom Yu2003-05-1014-71/+176
| | | | | | | | | | | | | | | | | to send_subkey and recv_subkey, respectively. Add new APIs to query and set these fields. Change the behavior of mk_req_ext, rd_req_dec, and rd_rep to set both subkeys. Applications wanting to set unidirectional subkeys may still do so by saving the values of subkeys and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the send_subkey. ticket: 1415 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typoSam Hartman2003-05-061-1/+1
| | | | | | | Ticket: 1454 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15394 dc483132-0cff-0310-8789-dd5450dbe970
* Implement encoders for etype_info2 and add support to s2kparams forSam Hartman2003-05-062-0/+5
| | | | | | | | | decoders. Ticket: 1454 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15393 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_setpw_result_string should be internalSam Hartman2003-04-272-2/+6
| | | | | | | | | | | | | Make krb5_setpw_result_string a krb5int_ function prototyped in k5-int.h. The prototype was already there, but the code did not match the function name. This needs to be pulled up to the release branch to fix Windows build because of a KRB5_CALLCONV issue. ticket: new Tags: pullup Target_Version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15375 dc483132-0cff-0310-8789-dd5450dbe970
* Implementation of Microsoft set password client library code providedSam Hartman2003-04-252-4/+298
| | | | | | | | | | by Paul Nelson. Ticket: 1377 Status: open Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15373 dc483132-0cff-0310-8789-dd5450dbe970
* * kfree.c (krb5_free_pwd_sequences): Correction to previousEzra Peisach2003-04-242-2/+7
| | | | | | | | fix. Free contents of krb5_data - not just the pointer. ticket: 1439 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15369 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_free_pwd_sequences only frees first elementEzra Peisach2003-04-232-7/+18
| | | | | | | | | | | | | | | | * kfree.c (krb5_free_pwd_sequences): Actually free the entire sequence of passwd_phase_elements and not just the first one. In our tree, this code is only used by krb5_free_pwd_data() which is subsequently not used anywhere else. Perhaps all code pertaining to pwd data (asn.1 decoders, encoders, etc. should be removed) ticket: new component: krb5-libs target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15364 dc483132-0cff-0310-8789-dd5450dbe970
* Note to self: Save buffers before checkin, not after. GrrKen Raeburn2003-04-181-1/+5
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15360 dc483132-0cff-0310-8789-dd5450dbe970
* fix typoKen Raeburn2003-04-181-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15359 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the front of theKen Raeburn2003-04-182-0/+6
| | | | | | | | | list. No 128-bit support by defaut. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15358 dc483132-0cff-0310-8789-dd5450dbe970
* * unparse.c (krb5_unparse_name_ext): Don't move buffer pointer backwards ifKen Raeburn2003-04-012-1/+5
| | | | | | | | nothing has been put into the buffer yet. ticket: 1397 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15314 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 18:14:52 +0000