summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Patch from Luke Howard to:Sam Hartman2009-01-139-61/+191
| | | | | | | | | | * Accept both CFX and non-CFX tokens all the time on acceptor * Only produce an acceptor subkey if you are using cfx or dce or negotiating up to cfx Additional changes from Sam Hartman: * do not assume that the ticket key type (server key) is a valid target for negotiation: the client may not support it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21742 dc483132-0cff-0310-8789-dd5450dbe970
* FreeBSD compiler errors out on an error "zero or negative size array"Ezra Peisach2009-01-131-0/+8
| | | | | | | | | | | | after setting up an array with no elements. ifdef out array declarations and code that uses it until there are entries. Affects: krb5_gss_inquire_cred_by_oid_ops and krb5_gss_set_sec_context_option_ops which would return an error in any case as here are no entries in the arrays. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21740 dc483132-0cff-0310-8789-dd5450dbe970
* Remove gss_export_name_object and gss_import_name_object.Sam Hartman2009-01-129-243/+0
| | | | | | | | These are not standard interfaces, are not used by our tree and were added because they might be useful but ended up not being used. The stubs in gssapi.hin remain as they were shipped with previous releases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21728 dc483132-0cff-0310-8789-dd5450dbe970
* Check the return code from krb5int_clean_hostname as the sanity ↵Zhanna Tsitkov2009-01-121-3/+7
| | | | | | verification of the hostname might fail git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21724 dc483132-0cff-0310-8789-dd5450dbe970
* Add message hash support to the replay interface, using extensionGreg Hudson2009-01-1212-43/+378
| | | | | | | | | | | | | | records (with an empty client string) to retain compatibility with old code. For rd_req, the ciphertext of the authenticator (with no ASN.1 wrapping) is hashed; for other uses of the replay cache, no message hash is used at this time. This commit adds a command-line tool for testing the replay cache but does not add any automated tests. ticket: 1201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21723 dc483132-0cff-0310-8789-dd5450dbe970
* Follow "off-path" TGT referralsTom Yu2009-01-091-21/+189
| | | | | | | ticket: 5627 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21720 dc483132-0cff-0310-8789-dd5450dbe970
* Remove conflict marker; restore broken copyright lineKen Raeburn2009-01-091-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21719 dc483132-0cff-0310-8789-dd5450dbe970
* kdb/keytab.c: map KRB5_KDB_NO_MATCHING_KEY to KRB5_KT_KVNONOTFOUND.Sam Hartman2009-01-071-0/+2
| | | | | | | At least in cases other than tgts, this code handles its own enctype matching, so kvno not found is the only thing that produces the no matching key error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21718 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for referral null realms and use the default realm as ↵Sam Hartman2009-01-061-2/+10
| | | | | | | | krb5_rd_req_extended does ticket: 5954 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21716 dc483132-0cff-0310-8789-dd5450dbe970
* include string.hKen Raeburn2009-01-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21705 dc483132-0cff-0310-8789-dd5450dbe970
* fix missed var renameKen Raeburn2009-01-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21704 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-0575-5037/+4962
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* fix minor comment typosKen Raeburn2009-01-051-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21699 dc483132-0cff-0310-8789-dd5450dbe970
* Include ucdata/ucdata.h for missing prototypesEzra Peisach2009-01-051-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21696 dc483132-0cff-0310-8789-dd5450dbe970
* Include strings.h for memset prototypeEzra Peisach2009-01-052-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21695 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-03218-3542/+52164
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite walk_rtree.c to handle hierarchical traversal better and to beTom Yu2009-01-023-309/+468
| | | | | | | | less convoluted. Update test cases. ticket: 5947 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21659 dc483132-0cff-0310-8789-dd5450dbe970
* I don't know what it was that someone else didn't know, but it doesn'tKen Raeburn2008-12-311-5/+3
| | | | | | belong in the copyright header. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21642 dc483132-0cff-0310-8789-dd5450dbe970
* Signed/unsigned fixesEzra Peisach2008-12-302-3/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21639 dc483132-0cff-0310-8789-dd5450dbe970
* Signed/unsigned fixes and remove unused variableEzra Peisach2008-12-292-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21635 dc483132-0cff-0310-8789-dd5450dbe970
* Add gssrpcint.h to contain prototype for gssrpcint_printf. IncludeEzra Peisach2008-12-295-6/+51
| | | | | | | gcc printf attribute if supported. Include header file and fix up some of the debugging printf arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21632 dc483132-0cff-0310-8789-dd5450dbe970
* Revert r21589, and export krb5_get_fallback_host_realm insteadGreg Hudson2008-12-293-10/+21
| | | | | | | | | | | | | | Rationale: Zephyr and AFS both use the Kerberos realm name as the name of the service realm (AFS realm or Zephyr galaxy). AFS can grab the Kerberos realm from the ticket being aklogged, but Zephyr is not necessarily getting credentials at all (you could be sending an unauthenticated message), and currently finds its answer by looking up the realm of the server host. Although we can't currently provide an accurate result for this lookup in the presence of referrals, we do need to provide enough tools to get as good of an answer as libzephyr could have gotten before referrals went in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21631 dc483132-0cff-0310-8789-dd5450dbe970
* Create a private header file for local functions missing prototypes.Ezra Peisach2008-12-294-14/+60
| | | | | | | | Fix a number of warnning suggesting parenthesis. Fix a signed/unsigned warning. Update dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21627 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceTom Yu2008-12-2812-628/+633
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21619 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up krb5_get_fallback_host_realm in two respects:Greg Hudson2008-12-242-20/+10
| | | | | | | | | | | | 1. It isn't exported from libkrb5 (and no one seems to complain about that). So give it a krb5int_ name and move its declaration to k5-int.h. Also stop exporting it from the collected client lib. 2. It returned a list of realms, but its only caller assumes that the list contains exactly one realm. So just make it return a single realm. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21589 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new fallback host-to-realm heuristic to try the components of theGreg Hudson2008-12-241-56/+127
| | | | | | | | | | | hostname as domains. The heuristic is off by default and is controlled by the realm_try_domains variable under libdefaults. Based on a patch submitted by Mark Phalan from Sun. ticket: 6031 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21588 dc483132-0cff-0310-8789-dd5450dbe970
* Signed/unsigned fix. The function is called with a sizeof - so unsigned isEzra Peisach2008-12-191-1/+1
| | | | | | fine. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21553 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb524, lib/des425, lib/krb4, and include/kerberosIV.Greg Hudson2008-12-18132-21815/+124
| | | | | | | | | | Remove krb4 build system references and conditionals. Move des425 header stuff referenced by des_int.h into des_int.h. Remove krb4 test cases. ticket: 6303 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21544 dc483132-0cff-0310-8789-dd5450dbe970
* Mem leak fixZhanna Tsitkov2008-12-181-1/+2
| | | | | | Ticket: 6285 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21542 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for kadm5_init_iprop. FOr the client - adds a dummy argument Ezra Peisach2008-12-162-1/+3
| | | | | | which is ignored. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21480 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb4 code in libkrb5Greg Hudson2008-12-156-526/+4
| | | | | | | ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21452 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed memory leak in krb5_stdccv3_removeZhanna Tsitkov2008-12-131-1/+5
| | | | | | Ticket: 6299 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21362 dc483132-0cff-0310-8789-dd5450dbe970
* Release default credentials before exiting krb5_gss_init_sec_context routineZhanna Tsitkov2008-12-091-1/+3
| | | | | | Ticket: 6294 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21298 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some lingering Saber C cruftGreg Hudson2008-12-051-4/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21293 dc483132-0cff-0310-8789-dd5450dbe970
* When storing info into cred cache, remove any dups. Zhanna Tsitkov2008-12-051-4/+9
| | | | | | Ticket: 6291 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21292 dc483132-0cff-0310-8789-dd5450dbe970
* Merge in fix from ms-krb-integ branch to avoid modifying input data on ↵Sam Hartman2008-12-051-4/+15
| | | | | | | | | aead_decrypt_compat ticket: 6274 Status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21287 dc483132-0cff-0310-8789-dd5450dbe970
* Fix from Marcus Watts for glob-to-regexp conversion bug.Ken Raeburn2008-12-041-1/+2
| | | | | | | | Tweaked test case to exercise the bug. ticket: 5667 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970
* Cleanup warningsSam Hartman2008-12-044-19/+19
| | | | | | | ticket: 6274 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21280 dc483132-0cff-0310-8789-dd5450dbe970
* Merge R21122 from mskrb-integSam Hartman2008-12-046-60/+60
| | | | | | | | | Namespace cleanup ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21279 dc483132-0cff-0310-8789-dd5450dbe970
* Merge r21120 from mskrb-integSam Hartman2008-12-046-39/+210
| | | | | | | | | | | | Refactor code such that an AEAD provider does not need to implement the older, non-IOV SPIs. Instead, the older APIs will implement their behaviour on top of the AEAD SPIs, using the wrapper functions in aead.c. ticket: 6274 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21278 dc483132-0cff-0310-8789-dd5450dbe970
* make dependSam Hartman2008-12-027-18/+119
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21266 dc483132-0cff-0310-8789-dd5450dbe970
* Crypto IOV API per Projects/AEAD encryption APISam Hartman2008-12-0233-50/+2561
| | | | | | | | | | | | | | Merge in the mskrb-crypto-iov branch at r21259 in order to move an implementation of http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the trunk. This branch contains a subset of the commits on the mskrb-integ branch that implement the krb5 library part of the crypto IOV API. ticket: new Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21263 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded LEAN_CLIENT #define'sZhanna Tsitkov2008-12-021-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21261 dc483132-0cff-0310-8789-dd5450dbe970
* add k5-platform.h for asprintfTom Yu2008-12-021-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21260 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-018-16/+13
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* make dependEzra Peisach2008-12-011-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21206 dc483132-0cff-0310-8789-dd5450dbe970
* Move cc_mutex code from k5-int.h - where it is globally available to cc-int.hEzra Peisach2008-12-012-1/+31
| | | | | | | where it is declared and used. The functions are not exported by the library - nor are they used outside lib/krb5/ccache... For cc_file.h - include cc-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21205 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify memory management a bit in places, by allocating and freeingKen Raeburn2008-11-241-139/+107
| | | | | | | | | | | separately, instead of reallocating arrays of pointers to themselves be reallocated. Do a better job of initializing arrays of which we only use a variable-sized part. Use a temp var instead of lots of long macro invocations. Fix some overrun-by-one errors in buffer copying. Clean up some possible leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21182 dc483132-0cff-0310-8789-dd5450dbe970
* Use profile_free_list as appropriate. Fix memory leaksKen Raeburn2008-11-241-20/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak caught by valgrindKen Raeburn2008-11-241-23/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-10 16:35:28 +0000