summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* make dependKen Raeburn2004-11-161-4/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16875 dc483132-0cff-0310-8789-dd5450dbe970
* Now a kvno invocation will only open the ccache file a small number ofKen Raeburn2004-11-162-2/+23
| | | | | | | | | | | | | | times, but there's still excessive seeking and re-reading of data happening. * cc_retr.c (krb5_cc_retrieve_cred_seq): Temporarily clear the KRB5_TC_OPENCLOSE flag on the credentials cache while reading multiple entries from it. ticket: 2763 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16873 dc483132-0cff-0310-8789-dd5450dbe970
* Create a ccache get-flags operation.Ken Raeburn2004-11-168-1/+94
| | | | | | | | | | | | | | | | | | | | The MSLSA and CCAPI versions are untested! * cc_file.c (krb5_fcc_get_flags): New function. (krb5_fcc_ops, krb5_cc_file_ops): Add it. * cc_memory.c (krb5_mcc_get_flags): New function. (krb5_mcc_ops): Add it. * cc_mslsa.c (krb5_lcc_get_flags): New function. (krb5_lcc_ops): Add it. * ccfns.c (krb5_cc_get_flags): New function. * ccapi/stdcc.c (krb5_stdcc_get_flags): New function. (krb5_cc_stdcc_ops): Add it. * ccapi/stdcc.h (krb5_stdcc_get_flags): Declare. ticket: 2763 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16871 dc483132-0cff-0310-8789-dd5450dbe970
* Convert Yarrow to use AES not 3des. Update test vectorsSam Hartman2004-11-166-11/+20
| | | | | | | ticket: 2410 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16870 dc483132-0cff-0310-8789-dd5450dbe970
* * yarrow.c (krb5int_yarrow_input, krb5int_yarrow_final): Don't check forKen Raeburn2004-11-012-7/+47
| | | | | | | | | | forking here. (yarrow_output_locked): Split out from krb5int_yarrow_output, without locking. (krb5int_yarrow_output): Do locking and call yarrow_output_locked. (yarrow_gate_locked): New function; uses yarrow_output_locked. (krb5int_yarrow_output_Block): Use yarrow_gate_locked. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16853 dc483132-0cff-0310-8789-dd5450dbe970
* push yarrow locking down into the yarrow code to reduce contentionKen Raeburn2004-10-304-17/+29
| | | | | | | | | | | | | | | | | | This seems to speed up creating a krb5_context a little bit, when it happens a lot in multiple threads. * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro, and change to be non-static. (krb5int_prng_init): Call do_yarrow_init here. (krb5_c_random_add_entropy): Don't call it here. Don't lock the mutex, either. (krb5_c_random_make_octets): Don't lock the mutex. * yarrow/ylock.h: Include k5-thread.h. (krb5int_yarrow_lock): Declare. (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16846 dc483132-0cff-0310-8789-dd5450dbe970
* * Initial commit of C CCAPI implementationJeffrey Altman2004-10-2746-0/+10711
| | | | | | ticket: 2753 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16840 dc483132-0cff-0310-8789-dd5450dbe970
* * mk_req_ext.c (krb5_mk_req_extended): Free keyblock beforeTom Yu2004-10-262-0/+10
| | | | | | | | | copying new one in. ticket: 2725 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16837 dc483132-0cff-0310-8789-dd5450dbe970
* Kevin Coffman's patches to support passing gss context state to kernelTom Yu2004-10-267-70/+109
| | | | | | ticket: 2743 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16836 dc483132-0cff-0310-8789-dd5450dbe970
* * locate_kdc.c: Include stdarg.h.Ken Raeburn2004-10-212-52/+40
| | | | | | | | | (Tprintf): New function, prints to stderr or not depending on TEST macro. (add_addrinfo_to_list, krb5int_add_host_to_list, krb5_locate_srv_conf_1, krb5_locate_srv_dns_1, krb5int_locate_server): Call it instead of conditionally calling fprintf. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16833 dc483132-0cff-0310-8789-dd5450dbe970
* * dnssrv.c (krb5int_make_srv_query_realm): Append a dot to the hostname, ifKen Raeburn2004-10-192-0/+10
| | | | | | there's room in the buffer, to avoid domain search paths. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16832 dc483132-0cff-0310-8789-dd5450dbe970
* * dnsglue.c (initparse): Skip query type and class when we lackTom Yu2004-10-192-3/+12
| | | | | | | | ns_initparse(). (krb5int_dns_nextans) [!HAVE_NS_INITPARSE]: Pass correct pointer to dn_skipname(). Actually skip the RR name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16831 dc483132-0cff-0310-8789-dd5450dbe970
* add dependencies for t_*.c test programsKen Raeburn2004-10-192-0/+24
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16829 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2004-10-192-9/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16828 dc483132-0cff-0310-8789-dd5450dbe970
* ignore t_locate_kdcKen Raeburn2004-10-191-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16827 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (TEST_PROGS): Add t_locate_kdc.Ken Raeburn2004-10-192-1/+8
| | | | | | | | | (check-unix): Run t_locate_kdc to test fetching DNS SRV records. We probably don't want this test to be part of this test suite long-term, since it relies on external DNS data rather than being self-contained. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16826 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (install-unix): Install headersTom Yu2004-10-182-0/+12
| | | | | | | ticket: 2743 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16824 dc483132-0cff-0310-8789-dd5450dbe970
* * t_deltat.c (main): Unadorned integer no longer fails now that weTom Yu2004-10-142-1/+6
| | | | | | | | default to seconds. ticket: 2734 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16819 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_string_to_deltat should default to seconds if no unit is provided. If ↵Alexandra Ellwood2004-10-135-721/+541
| | | | | | | | the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL) ticket: 2734 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16816 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the forced setting of the Initial Ticket Flag on Win2000 andJeffrey Altman2004-10-082-1/+21
| | | | | | | | add the functionality to XP and 2003 SP1. ticket: 2735 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16814 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (print_addr): If getnameinfo returns EAI_SYSTEM, report what theKen Raeburn2004-10-062-5/+10
| | | | | | | | system error is. Also fix a fencepost error in the last change. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16809 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (foreach_localaddr): Be more careful not to walk past the end ofKen Raeburn2004-10-062-6/+13
| | | | | | | the ifreq array. (get_ifreq_array): Return 0 in success case, not errno. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16808 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (get_ifreq_array): Split out from foreach_localaddr generalKen Raeburn2004-10-062-27/+50
| | | | | | | version. (foreach_localaddr): Call it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16807 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (foreach_localaddr) [HAVE_STRUCT_IF_LADDRCONF && 0]: FixKen Raeburn2004-10-052-2/+9
| | | | | | | if_laddrreq.iflr_name field name not properly adjusted. The iflr_addr field is an HP-UX specific sockaddr_ext with sa_ field name prefixes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16804 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (get_if_laddrconf, foreach_localaddr): New implementation forKen Raeburn2004-10-012-0/+205
| | | | | | | HP-UX 11, based on Solaris support and information from Doug Engert. Disabled for now, until it can be tested. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16801 dc483132-0cff-0310-8789-dd5450dbe970
* * hst_realm.c: provide definition for MAXDNAME ifJeffrey Altman2004-10-012-1/+11
| | | | | | | | KRB5_DNS_LOOKUP is not defined. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16795 dc483132-0cff-0310-8789-dd5450dbe970
* * vbaxam.doc: File deletedKen Raeburn2004-09-282-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16793 dc483132-0cff-0310-8789-dd5450dbe970
* Make patchlevel.h be the master version fileTom Yu2004-09-255-9/+76
| | | | | | | ticket: 1345 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16790 dc483132-0cff-0310-8789-dd5450dbe970
* * xdr_rec.c (LAST_FRAG): Use 1L in case int is smallKen Raeburn2004-09-242-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16786 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2004-09-241-7/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16785 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in: Delete @SHARED_RULE@ line.Ken Raeburn2004-09-232-3/+6
| | | | | | (thisconfigdir): Fix. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16781 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (T_STD_CONF_OBJS): Include dnsglue.oKen Raeburn2004-09-232-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16780 dc483132-0cff-0310-8789-dd5450dbe970
* * libgssrpc.exports: Export svc_maxfdTom Yu2004-09-222-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16775 dc483132-0cff-0310-8789-dd5450dbe970
* Don't assume that presence of res_nsearch() means we have ns_initparse()Tom Yu2004-09-212-6/+15
| | | | | | ticket: 2710 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16773 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in rd_cred.cTom Yu2004-09-212-1/+10
| | | | | | | | | * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid leak. Reported by Derrick Schommer. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16772 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in arcfour string_to_keySam Hartman2004-09-212-0/+6
| | | | | | | | | | | Derrick Schommer reports that arcfour's string_to_key function leaks memory. This is true; it copies the password to convert to utf16 and never frees the copy. It does memset the copy to 0 when done. ticket: new requestors: schommer@gmail.com git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16771 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Check for sockaddr_in.sin_len andTom Yu2004-09-2113-117/+186
| | | | | | | | | | | | | | | | | | | | | | sockaddr.sa_len. Check for sys/param.h in case we need NBBY somewhere. * auth.h, svc_auth.h: Namespace cleanup. * svc.h, rpc_commondata.c: New global svc_maxfd. * svc.c (svc_getreqset): Break inner part of loop out into local function svc_do_xprt(). Don't use rpc_dtablesize(); instead, use svc_maxfd. * svc_run.c: Don't use rpc_dtablesize(). * clnt_generic.c, clnt_simple.c, getrpcport.c: * svc_tcp.c, svc_udp.c: Set sockaddr_in.sin_len when available. * ovsec_kadmd.c (kadm_svc_run): Don't use rpc_dtablesize(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16770 dc483132-0cff-0310-8789-dd5450dbe970
* Add DNS resolver glue layer. Use itTom Yu2004-09-216-327/+565
| | | | | | ticket: 2710 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16769 dc483132-0cff-0310-8789-dd5450dbe970
* * libgssrpc.exports: Don't export internalsTom Yu2004-09-1743-912/+697
| | | | | | | | | | | | | | | | | | | | | | | * svc.c (svc_getreqset): * svc_tcp.c (readtcp): Don't intersperse preprocessor conditionals with braces. * auth_gssapi.c, auth_gssapi_misc.c, auth_none.c: * auth_unix.c, authunix_prot.c, bindresvport.c: * clnt_generic.c, clnt_perror.c, clnt_raw.c * clnt_simple.c, clnt_tcp.c, clnt_udp.c, get_myaddress.c: * getrpcent.c, getrpcport.c, pmap_clnt.c: * pmap_getmaps.c, pmap_getport.c, pmap_prot.c, pmap_prot2.c: * pmap_rmt.c, rpc_callmsg.c, rpc_prot.c: * svc.c, svc_auth.c, svc_auth_gss.c: * svc_auth_gssapi.c, svc_auth_unix.c, svc_raw.c: * svc_run.c, svc_simple.c, svc_tcp.c: * svc_udp.c, xdr.c, xdr_alloc.c, xdr_array.c: * xdr_float.c, xdr_mem.c, xdr_rec.c, xdr_reference.c: * xdr_stdio.c: Protoize, to avoid potential problems when fixed-width types are not ints on some platforms. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16768 dc483132-0cff-0310-8789-dd5450dbe970
* Fix error code returned for empty sequences and check the errorJeffrey Altman2004-09-172-2/+10
| | | | | | | | | in krb5_lcc_initialize ticket: 2705 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16760 dc483132-0cff-0310-8789-dd5450dbe970
* * dnssrv.c:Tom Yu2004-09-144-0/+10
| | | | | | | | * hst_realm.c: * locate_kdc.c: Include netinet/in.h as a prerequisite for resolv.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16753 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c: Implement krb5_lcc_initialize()Jeffrey Altman2004-09-102-6/+35
| | | | | | | | | Remove all tickets from the cache which have a client principal that matches the input principal. ticket: 2705 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16737 dc483132-0cff-0310-8789-dd5450dbe970
* cc_mslsa.c: Correct test for KerbQueryTicketCacheEx2MessageJeffrey Altman2004-09-102-3/+6
| | | | | | ticket: 2705 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16736 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-09-10 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-09-102-8/+374
| | | | | | | | | | | | | | * cc_mslsa.c: The following functionality is being committed but commented out because it is not presently available in public Microsoft SDKs - support for KerbSubmitTicket which allows a KERB_CRED message to be forwarded to the LSA. (KERB_SUBMIT_TICKET) - support for the KerbQueryTicketCacheEx2Message which adds the Session Key Enctype to the contents of the response from KerbQueryTicketCacheExMessage. (HAVE_CACHE_INFO_EX2) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16735 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c:Jeffrey Altman2004-09-022-23/+246
| | | | | | | | | | | | | | | | | | | | | | | | | | - Fix MITPrincToMSPrinc to prevent writing to the output buffer if the input won't fit. - Add internal UnicodeStringToMITPrinc function - Rename internal MSPrincToMITPrinc to ExternalNameToMITPrinc - Rename internal PurgeMSTGT to PurgeAllTickets - Add internal PurgeTicket2000 - Add internal PurgeTicketXP - Since tickets can only be requested via KDC Opt Flags it is not possible to specifically request the Initial ticket. If more than one ticket exists which matching service names, enctypes, and ticket flags the initial ticket flag may not be set. If the caller requested the initial ticket, set the flag manually. - Add preliminary support for krb5_lcc_set_flags - Modify krb5_lcc_initialize to return success - Modify krb5_lcc_get_principal to support an LSA cache which does not contain a TGT when krb5_lcc_resolve is called. - Implement krb5_lcc_remove_cred ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16714 dc483132-0cff-0310-8789-dd5450dbe970
* oops, forgot changelogTom Yu2004-08-311-0/+5
| | | | | | ticket: 2686 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16703 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2004-003Tom Yu2004-08-312-0/+4
| | | | | | | | | | Fix for ASN.1 decoder denial-of-service. [MITKRB5-SA-2004-003] ticket: new target_version: 1.3.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16702 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2004-002Tom Yu2004-08-315-2/+25
| | | | | | | | | | Fix double-free vulnerabilities [MITKRB5-SA-2004-002]. ticket: new target_version: 1.3.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16701 dc483132-0cff-0310-8789-dd5450dbe970
* * init_sec_context.c (make_ap_req_v1): Free checksum dataTom Yu2004-08-283-4/+14
| | | | | | | | | allocated by make_gss_checksum() to avoid leak. * k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after checksum is verified, to avoid leak. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16696 dc483132-0cff-0310-8789-dd5450dbe970
* move last patch down a little so it applies to tcp sockets as well as udpKen Raeburn2004-08-281-14/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16695 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-13 23:53:51 +0000