summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Makefile.in, ChangeLog: Add support to compile shared librariesTheodore Tso1995-11-184-3/+29
| | | | | | | gssapi.h: Include sys/types.h, since that's where POSIX says size_t is defined. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7116 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed token type numbers so they conform with the protocol spec. PaulTheodore Tso1995-11-182-3/+11
| | | | | | | Park didn't realize that he wasn't allowed to change these willy-nilly... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7115 dc483132-0cff-0310-8789-dd5450dbe970
* Renamed filenames so they would be unique in an 8.3 filesystem. AddedTheodore Tso1995-11-1829-100/+239
| | | | | | GSSAPI V2 functions to mechglueP.h (now mglueP.h) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7114 dc483132-0cff-0310-8789-dd5450dbe970
* (krb5_get_server_rcache): Use krb5_rc_default_type instead of assumingEzra Peisach1995-11-172-1/+7
| | | | | | default rcache type is "dfl". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7110 dc483132-0cff-0310-8789-dd5450dbe970
* * *.c (*): initialize lock_arg to a copy of a staticMark Eichin1995-11-168-0/+35
| | | | | | | | | | | | | | (thus zero) struct flock, to avoid panic'ing sunos 4.1.4. If you call fcntl F_SETLKW with l_type == F_UNLCK and l_xxx == 15 (GRANT_LOCK_FLAG) you'll panic sunos 4.1.4 with assertion failed: ld->l_xxx != GRANT_LOCK_FLAG, file: ../../ufs/ufs_lockf.c, line: 995 Since automatic structs like these have random values in uninitialized fields, we initialize from a static struct (since using memset in this case is abhorrent, and naming l_xxx is non POSIX.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7109 dc483132-0cff-0310-8789-dd5450dbe970
* Initial checkin of Sun's (Derek's) multi-mechanism GSSAPI supportTheodore Tso1995-11-1531-0/+2356
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7107 dc483132-0cff-0310-8789-dd5450dbe970
* Added ANL changes to support configuration authentication pathsTheodore Tso1995-11-152-0/+137
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7106 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth.c (krb5_process_padata): Added generalized processing forTheodore Tso1995-11-133-76/+121
| | | | | | | | | | | | | | | preauth information which is returned by the KDC. This should be general enough to support the AFS3_SALT preauth type, the SNK4 preauth type, and the public-key mods to Kerberos. (process_pw_salt): New function for processing the KRB5_PW_SALT preauthentication type. * get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for processing the PW_SALT preauth type; that's now done in preauth.c (krb5_get_in_tkt): Call krb5_process_padata with new arguments so that the preauth code can set the decryption_key if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7102 dc483132-0cff-0310-8789-dd5450dbe970
* * encrypt_data.c (krb5_encrypt_data): New file. A generic routineTheodore Tso1995-11-134-0/+153
| | | | | | | | | | | | | | for encrypting data in a krb5_data structure. Fills in a krb5_enc_data structure. * decrypt_data.c (krb5_decrypt_data): New file. A generic routine for decrypting data in a krb5_enc_data structure. Fills in a krb5_data structure. * Makefile.in (SRCS): Added decrypt_data.c and encrypt_data.c to list of files to be compiled. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7100 dc483132-0cff-0310-8789-dd5450dbe970
* * def_realm.c (krb5_get_default_realm): check for PROF_NO_PROFILEMark Eichin1995-11-132-1/+10
| | | | | | | and return KRB5_CONFIG_CANTOPEN instead of BADFORMAT so that the user in the end knows what is going on. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7097 dc483132-0cff-0310-8789-dd5450dbe970
* * g_cnffile.c (krb__get_srvtabname): new function, looks upMark Eichin1995-11-132-4/+76
| | | | | | | | | | | | [libdefaults]krb4_srvtab for use where KEYFILE used to be. * g_cnffile.c (krb__v5_get_file): new function, looks up argument in [libdefaults] and tries to open it as a filename. Returns filehandle (or NULL, if fopen failed.) (krb__get_cnffile, krb__get_realmsfile): use krb__v5_get_file to look up "krb4_config" or "krb4_realms" respectively. Also add $KRB_REALMS override for realms file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7096 dc483132-0cff-0310-8789-dd5450dbe970
* * t_cksum.c : Remove krb5_enctype from krb5_string_to_key() argsChris Provenzano1995-11-092-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7085 dc483132-0cff-0310-8789-dd5450dbe970
* * string2key.c : Remove krb5_enctype from krb5_string_to_key() args.Chris Provenzano1995-11-093-3/+9
| | | | | | | * string2key.c, des_int.h : Remove krb5_enctype from mit_des_string_to_key() args. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7084 dc483132-0cff-0310-8789-dd5450dbe970
* * fetch_mkey.c, kdb_cpw.c, t_kdb.c :Chris Provenzano1995-11-094-12/+11
| | | | | | Remove krb5_enctype from krb5_string_to_key() args. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7083 dc483132-0cff-0310-8789-dd5450dbe970
* * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() argsChris Provenzano1995-11-092-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7082 dc483132-0cff-0310-8789-dd5450dbe970
* * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument fromTheodore Tso1995-11-093-7/+29
| | | | | | | | | | the call to krb5_obtain_padata. * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO preauth, if it exists, to determine which salt type to use when encrypting the preauthentication data. Remove the etype_info argument. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7071 dc483132-0cff-0310-8789-dd5450dbe970
* Don't require val->salt to be non-zero if val->lenth is zeroTheodore Tso1995-11-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7070 dc483132-0cff-0310-8789-dd5450dbe970
* Fix stupid typo when creating functionTheodore Tso1995-11-091-2/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7069 dc483132-0cff-0310-8789-dd5450dbe970
* * asn1_k_decode.c (asn1_decode_etype_info_entry): If the optionalTheodore Tso1995-11-093-3/+13
| | | | | | | | | | | salt element is not present, set etype.length to -1. * asn1_k_encode.c (asn1_encode_etype_info_entry): When encoding the etype_info_entry structure, use length == -1 to mean that the optional salt structure should not be sent. (It used to be if length == -1.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7067 dc483132-0cff-0310-8789-dd5450dbe970
* Added new function to free a krb5_etype_info structureTheodore Tso1995-11-083-0/+46
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7065 dc483132-0cff-0310-8789-dd5450dbe970
* * krbconfig.c: Removed the krb5_clockskew variableTheodore Tso1995-11-0810-20/+23
| | | | | | | | | | | | | * srv_rcache.c (krb5_get_server_rcache): * rd_safe.c (krb5_rd_safe): * rd_req_dec.c (krb5_rd_req_decoded): * rd_priv.c (krb5_rd_priv): * rd_cred.c (krb5_rd_cred): * gc_via_tkt.c (krb5_get_cred_via_tkt): * get_in_tkt.c (verify_as_reply): Replace use of krb5_clockskew with context->clockskew. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7063 dc483132-0cff-0310-8789-dd5450dbe970
* * encrypt_tk.c (cleanup_scratch): Changed interface to no longer requireTheodore Tso1995-11-084-409/+224
| | | | | | | | | | | an eblock; we can use our own and figure out the enctype from the passed-in key. * get_in_tkt.c (krb5_get_in_tkt): Added calls to krb5_obtain_padata(). * preauth.c: Completely restructured file to support preauthentication. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7056 dc483132-0cff-0310-8789-dd5450dbe970
* Free the realm_kdc_ports element of the structureTheodore Tso1995-11-082-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7055 dc483132-0cff-0310-8789-dd5450dbe970
* Added magic number for krb5_preauth_opsTheodore Tso1995-11-082-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7054 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_decode.c (decode_krb5_pa_enc_ts, decode_krb5_enc_data): AddedTheodore Tso1995-11-084-3/+76
| | | | | | | | | | | | new functions. * krb5_encode.c (encode_krb5_pa_enc_ts, encode_krb5_enc_data): Added new functions. KRB5-asn.py (PA-ENC-TS-ENC): Added new definition for the krb5_pa_enc_ts structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7053 dc483132-0cff-0310-8789-dd5450dbe970
* * kdb_xdr.c (krb5_dbe_search_enctype): Make a more general versionTheodore Tso1995-11-072-9/+38
| | | | | | | | | of kdb5_dbe_find_enctype() which allows you to search the keylist looking for multiple keys that fit your criteria. Eventually we should convert all programs to use kdb5_dbe_search_enctype() instead of kdb5_dbe_find_enctype(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7023 dc483132-0cff-0310-8789-dd5450dbe970
* mcc_ops.c: Remove excess code which is defined in fcc_ops.cTheodore Tso1995-11-045-40/+8
| | | | | | | | | | | | | | (which may not be the right place for it anyway). mcc.h: Remove use of krb5_ccache_sessions mcc_destry.c (krb5_mcc_destroy): Remove use of krb5_ccache_sessions mcc_gennew.c (krb5_mcc_generate_new): Remove use of krb5_ccache_sessions mcc_reslv.c (krb5_mcc_resolve): Remove use of krb5_ccache_sessions git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7019 dc483132-0cff-0310-8789-dd5450dbe970
* Added the ccache/memory subdirectoryTheodore Tso1995-11-042-4/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7018 dc483132-0cff-0310-8789-dd5450dbe970
* Added memory subdirectoryTheodore Tso1995-11-042-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7017 dc483132-0cff-0310-8789-dd5450dbe970
* Added memory-based credentials cacheTheodore Tso1995-11-0422-0/+1486
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7016 dc483132-0cff-0310-8789-dd5450dbe970
* remove rcs keyword cruft which doesn't make much sense in CVS.Mark Eichin1995-11-0312-62/+35
| | | | | | | | removal simplifies merging. I left in the RCSID's that are in actual error table values (*_RCSID typically) but comments had them elided (Source keywords replaced with a literal pathname, Id totally removed.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7014 dc483132-0cff-0310-8789-dd5450dbe970
* * decrypt_key.c (krb5_dbekd_decrypt_key_data()) : If key salt lengthChris Provenzano1995-11-034-40/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | is 0 then set keysalt->data.data to NULL. * kdb_cpw.c (add_key_rnd(), add_key_pwd()) : When creating new keys for a new kvno and there are multiple enctypes that use a common keytype, then set the enctype in the key to the first specified enctype and skip all other enctypes that use the same keytype. (This assumes the salt type is the same too.) This way when the kdc needs to get the server key it doesn't need to gues what enctypes the server supports. * kdb_xdr.c (krb5_dbe_find_enctype()): Match keys that use common keytypes but different enctypes. Eg. ENCTYPE_DES_CBC_MD5 matches ENCTYPE_DES_CBC_CRC and vice versa. * kdb_xdr.c krb5_dbe_find_enctype()): If kvno = 0 then determine maxkvno for all the keys and then search keys for a key that matches enctype salttype and has kvno == maxkvno. This is different than when kvno = -1 which searches the keys for THE key with the greatest kvno which also matches enctype and salttype. * kdb_kdr.c (krb5_dbe_find_enctype()): If kvno = ktype = stype = -1 then set kvno = 0. The first doesn't make a lot of sense. * kdb_xdr.c (krb5_dbe_encode_last_pwd_change(), krb5_dbe_decode_last_pwd_change()) : Added. * kdb_xdr.c (krb5_decode_princ_contents()) : Don't try to allocate space for keys if n_key_data = 0. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7012 dc483132-0cff-0310-8789-dd5450dbe970
* Make mit_des_finish_key() safe to call even if there is no key thatTheodore Tso1995-11-012-2/+10
| | | | | | needs to be freed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7009 dc483132-0cff-0310-8789-dd5450dbe970
* Extensive reworking of the structure of this file to make it possibleTheodore Tso1995-10-282-203/+333
| | | | | | to support preauthentication. (interim checkin) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7002 dc483132-0cff-0310-8789-dd5450dbe970
* Fix to properly malloc password buffer, instead of returning a pointerTheodore Tso1995-10-252-6/+18
| | | | | | to an automatic variable(!). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6999 dc483132-0cff-0310-8789-dd5450dbe970
* Change the input type of do_mutual to be OM_int32 instead of an int,Theodore Tso1995-10-252-1/+8
| | | | | | | to prevent lossage under windows, since the passed in type size is a OM_int32. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6998 dc483132-0cff-0310-8789-dd5450dbe970
* For the windows, add the oldnames library to the link lines forTheodore Tso1995-10-252-2/+7
| | | | | | gssapi.dll and libkrb5.dll. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6997 dc483132-0cff-0310-8789-dd5450dbe970
* For compatibility with older .conf files, keep the domain name checkRichard Basch1995-10-241-4/+6
| | | | | | | | | being done in lower case, and if necessary, convert it to upper case if the domain is being used as the default realm. In addition, there was an extra free without an associated *alloc. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6994 dc483132-0cff-0310-8789-dd5450dbe970
* Added new error code KRB5_GET_IN_TKT_LOOPTheodore Tso1995-10-242-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6991 dc483132-0cff-0310-8789-dd5450dbe970
* Try to do a best realm match for a hostname, trying all the domain components.Richard Basch1995-10-241-30/+60
| | | | | | | | For example, the realm search for a host A.B.C.D will include A.B.C.D .B.C.D B.C.D .C.D C.D .D D If all of them fail, assume the realm is B.C.D (as was previously the case). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6988 dc483132-0cff-0310-8789-dd5450dbe970
* rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,Ezra Peisach1995-10-233-2/+14
| | | | | | | | | | set the length after initializing string. rd_req.c (krb5_rd_req): If a new auth_context is created and then there is an error, make sure return pointer is not looking at freed memory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6981 dc483132-0cff-0310-8789-dd5450dbe970
* Added the "/nod" option to the gssapi.dll and libkrb5.dll linkerTheodore Tso1995-10-112-2/+11
| | | | | | | | | commands. This prevents the linker from searching the llibcew.lib library for some externals which are already in ldllcew.lib. This is what we want since we are building a DLL. Without the "/nod" option we get a bunch of duplicate definitions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6959 dc483132-0cff-0310-8789-dd5450dbe970
* If secure_profile is set in the context, do not allow the defaultEzra Peisach1995-10-102-2/+8
| | | | | | keytab file to be overridden by an environment variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6953 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ##DOS!include of config/windows.in. config/windows.in is nowTheodore Tso1995-10-0746-25/+113
| | | | | | included by wconfig. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6944 dc483132-0cff-0310-8789-dd5450dbe970
* Change types of krb5_max_enctype and krb5_max_cksumtype to beTheodore Tso1995-10-062-2/+8
| | | | | | krb5_enctype and krb5_cksumtype, to fix some gcc -Wall flames. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6940 dc483132-0cff-0310-8789-dd5450dbe970
* Make the logs less verbose, by omitting the hostname, pid, etc.Theodore Tso1995-10-062-1/+14
| | | | | | information. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6938 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the profile relation, since it's really a bad idea. RemovedTheodore Tso1995-10-062-33/+13
| | | | | | | the "port" and "secondary_port" relations, and replaced them with the "kdc_port" relation, which takes a list of ports. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6936 dc483132-0cff-0310-8789-dd5450dbe970
* If the log file can't be opened, print an intelligent error messageTheodore Tso1995-10-052-10/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6930 dc483132-0cff-0310-8789-dd5450dbe970
* * alt_prof.c (krb5_read_realm_params): If secure flag is set inEzra Peisach1995-10-052-0/+9
| | | | | | | | | | | | context, do not allow for environment variables to specify configuration files. Note: It is still possible to bypass the secure flag by directly calling krb5_aprof_init which only krb5kdc does. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6929 dc483132-0cff-0310-8789-dd5450dbe970
* * init_os_ctx.c (krb5_secure_config_files): New function thatEzra Peisach1995-10-052-19/+60
| | | | | | | | | | | will set flag and path to prevent user from overriding configuration files with environment variables. This is intended for those pesky suid root programs so that they cannot break security as easily... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6928 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 08:52:36 +0000