summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* update dependenciesKen Raeburn2004-04-248-558/+667
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16273 dc483132-0cff-0310-8789-dd5450dbe970
* Handle the somewhat common fixed case of time value 0 more efficientlyKen Raeburn2004-04-243-16/+36
| | | | | | | | | * asn1_decode.c (asn1_decode_generaltime): If the input string is the magic UNIX time zero, bypass all the arithmetic and return 0. * asn1_encode.c (asn1_encode_generaltime): If the input time value is the UNIX epoch, use a hardcoded string instead of doing the math. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16272 dc483132-0cff-0310-8789-dd5450dbe970
* * conv_creds.c (krb524_init_ets, krb524_convert_creds_kdc): Add forward ↵Ken Raeburn2004-04-242-1/+12
| | | | | | declarations to silence gcc warnings git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16271 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2004-04-2413-155/+169
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16270 dc483132-0cff-0310-8789-dd5450dbe970
* updated dependenciesKen Raeburn2004-04-248-314/+350
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16269 dc483132-0cff-0310-8789-dd5450dbe970
* Added support for library initialization and finalization, and verificationKen Raeburn2004-04-2416-37/+199
| | | | | | | | | | | | | | | | | | | | | | | | | | | that the initializer completed successfully. Delay initialization on POSIX until the first "verification" call. Currently specific to a few platforms, but should still build on others without thread support enabled. Use it to finish creating (if necessary) and destroy mutexes, and free some other storage "permanently" allocated by libraries (currently, libkrb5 cache/keytab type registries only). Change initialization of static mutexes to a two-step operation, a static "partial" initializer and a "finish_init" routine called from a thread-safe environment like library initialization is assumed to be. POSIX will use the former, Windows will use the latter, and the debug support will check that *both* have been used. Added init/fini functions to com_err, profile, krb5, and gssapi libraries. (The profile library one may need to be removed later.) The existing ones, not thread-safe, are still around. Use weak symbol support if available to figure out if the pthread library has been linked in, and avoid calling certain routines if the C library stubs are known not to exist or work. Stub declarations for thread-specific data. Minor bugfixes, whitespace changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16268 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapi_krb5.c (kg_get_ccache_name): Don't test err while it's still known toKen Raeburn2004-04-242-32/+27
| | | | | | | be 0. (kg_set_ccache_name): Likewise. Return after an error rather than continuing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16267 dc483132-0cff-0310-8789-dd5450dbe970
* Delete a couple of symbols that are only defined when krb4 is enabled,Ken Raeburn2004-04-231-2/+0
| | | | | | and which are not directly used from outside the library. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16262 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2004-04-234-96/+136
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16261 dc483132-0cff-0310-8789-dd5450dbe970
* add newline at end of fileKen Raeburn2004-04-231-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16260 dc483132-0cff-0310-8789-dd5450dbe970
* Add files containing the export lists used on UNIX, in each directoryKen Raeburn2004-04-2218-0/+1922
| | | | | | | | | | | | | | where we build a shared library, whether or not it gets installed. These should match the complete AIX export lists for a full build including krb4 support, and will eventually be used on other UNIX platforms, and cut down to just the symbols we actually want to export. We'll also have to add additional information, eventually, for versioning and such, but currently this is just a list of C symbol names. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16259 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_in_tkt ignores lifetimeSam Hartman2004-04-163-5/+17
| | | | | | | | | | John Hascall reports that the emulation of krb5_get_in_tkt is incomplete and does not handle lifetimes set in the input credentials. He provided a patch to fix this. Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16258 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak when not sending to master KDC inSam Hartman2004-04-152-0/+9
| | | | | | | | | | get_init_creds_password path. Ticket: 2534 Tags: pullup Target_Version: 1.3.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16255 dc483132-0cff-0310-8789-dd5450dbe970
* Since we must reserve the single letter prefixes on all platformsJeffrey Altman2004-04-134-8/+12
| | | | | | | | anyway, make the mapping apply on all platforms ticket: 2531 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16247 dc483132-0cff-0310-8789-dd5450dbe970
* Treat keytab and ccache names without prefixes as type FILE:Jeffrey Altman2004-04-134-17/+50
| | | | | | | | | | on Windows if there is a drive letter found at the beginning of the name. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16246 dc483132-0cff-0310-8789-dd5450dbe970
* * ccbase.c: the krb5_cc_resolve() function pointer ccresolverJeffrey Altman2004-04-132-3/+11
| | | | | | | | must be of type KRB5_CALLCONV ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16245 dc483132-0cff-0310-8789-dd5450dbe970
* * k5unseal.c: gss_krb5int_unseal_token_v3() takes a pointer toJeffrey Altman2004-04-133-2/+10
| | | | | | | | | | | krb5_context * import_sec_context.c: krb5_gss_ser_init() contains a function pointer table. this table must use pointers to functions of type KRB5_CALLCONV. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16244 dc483132-0cff-0310-8789-dd5450dbe970
* ktbase.c - restore the thread safety changes which were accidentlyJeffrey Altman2004-04-082-16/+44
| | | | | | | | removed in revision 5.29 ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16241 dc483132-0cff-0310-8789-dd5450dbe970
* On Windows, a single letter followed by colon is used to identifyJeffrey Altman2004-04-082-36/+27
| | | | | | | | | | a drive. Therefore, do not assume that finding a colon in a string indicates that we have found a keytab prefix label unless the length of the potential prefix is not equal to one. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16240 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c:Jeffrey Altman2004-04-062-0/+20
| | | | | | | | | | | | | | | | In at least one case on Win2003 it appears that it is possible for the logon session to be authenticated via NTLM and yet for there to be Kerberos credentials obtained by the LSA on behalf of the logged in user. Therefore, we are removing the test for IsKerberosLogon() within krb5_lcc_resolve() which was meant to avoid the need to perform GetMSTGT() when there was no possibility of credentials being found. ticket: new tags: pullup target_version: next git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16235 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/helpers.exp (expect_kadm_ok): Check for "ERROR" messages and report themKen Raeburn2004-04-032-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16232 dc483132-0cff-0310-8789-dd5450dbe970
* * svc_auth_gssapi.c (destroy_client): Don't call purify_watch_n even if PURIFYKen Raeburn2004-04-032-1/+6
| | | | | | | is defined. (makes the monitoring much too noisy) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16231 dc483132-0cff-0310-8789-dd5450dbe970
* * t_kdb.c (add_principal): Delete unused argument 'rseed'.Ken Raeburn2004-04-032-10/+9
| | | | | | (do_testing): Update callers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16230 dc483132-0cff-0310-8789-dd5450dbe970
* * keytab.c (krb5_ktkdb_get_entry): Don't use local variable "context" untilKen Raeburn2004-04-032-1/+8
| | | | | | after it's been set. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16229 dc483132-0cff-0310-8789-dd5450dbe970
* * string2key.c: Replaced with a new implementation.Ken Raeburn2004-04-032-199/+205
| | | | | | (Smaller and faster, at least on gcc for x86.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16227 dc483132-0cff-0310-8789-dd5450dbe970
* Delay load the ADVAPI32.DLL and SECUR32.DLL libraries within KRB5_32.DLLJeffrey Altman2004-03-314-10/+106
| | | | | | | | | | | | | Then modify the MSLSA implementation to ensure that none of the APIs loaded from those DLLs are executed on Windows platforms prior to Windows 2000. This ensures that the DLLs will never be loaded enabling KRB5_32.DLL to continue to be used on Windows 9x. ticket: new target_version: 1.3.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16217 dc483132-0cff-0310-8789-dd5450dbe970
* Remove t_file.c as it is mostly redundant, does not build and cannotSam Hartman2004-03-264-229/+7
| | | | | | | | be made to build because functions it depends on are now static. Remove duplication between cc_file.c and fcc.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16215 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_fcc_generate_new should use mkstempSam Hartman2004-03-262-2/+12
| | | | | | | | | Change krb5_fcc_generate_new to use mkstemp rather than mktemp. Ticket: new Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16214 dc483132-0cff-0310-8789-dd5450dbe970
* * pbkdf2.c (hmac1): Make a local copy of the supplied keyblock structure, inKen Raeburn2004-03-222-0/+8
| | | | | | | | | case we want to modify it. ticket: 2453 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16202 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (get_so_error): New function.Ken Raeburn2004-03-222-21/+36
| | | | | | | | | (service_tcp_fd): Call it for write fds as well as exception fds. ticket: 2426 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16199 dc483132-0cff-0310-8789-dd5450dbe970
* * sendto_kdc.c (krb5int_sendto): Initialize select_state.end_timeKen Raeburn2004-03-222-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16198 dc483132-0cff-0310-8789-dd5450dbe970
* * t_crc.c (timetest): Free 'block' before returning.Ken Raeburn2004-03-222-1/+7
| | | | | | (verify): Fix minor type error in call to gethexstr. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16197 dc483132-0cff-0310-8789-dd5450dbe970
* * rel_cred.c (krb5_gss_release_cred): Create and destroy a local krb5 context.Ken Raeburn2004-03-214-8/+34
| | | | | | | * rel_name.c (krb5_gss_release_name): Likewise. * val_cred.c (krb5_gss_validate_cred): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16196 dc483132-0cff-0310-8789-dd5450dbe970
* log for export/import_name changes I accidentally checked in with another changeKen Raeburn2004-03-191-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16194 dc483132-0cff-0310-8789-dd5450dbe970
* back out a change I didn't mean to check inKen Raeburn2004-03-191-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16193 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred.c: revert previous change, it breaks the test suiteKen Raeburn2004-03-195-30/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16192 dc483132-0cff-0310-8789-dd5450dbe970
* * acquire_cred.c (krb5_gss_acquire_cred): Create and destroy a local krb5Ken Raeburn2004-03-199-22/+92
| | | | | | | | | | | | | | | context. * add_cred.c (krb5_gss_add_cred): Likewise. * compare_name.c (krb5_gss_compare_name): Likewise. * copy_ccache.c (gss_krb5_copy_ccache): Likewise. * disp_name.c (krb5_gss_display_name): Likewise. * duplicate_name.c (krb5_gss_duplicate_name): Likewise. * inq_cred.c (krb5_gss_inquire_cred): Likewise. * context_time.c (krb5_gss_context_time): Use the krb5 context in the GSS security context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16187 dc483132-0cff-0310-8789-dd5450dbe970
* Return ERROR_FCC_NOFILE when the principal cannot be determined duringJeffrey Altman2004-03-192-0/+8
| | | | | | | | calls to krb5_lcc_resolve() ticket: 2430 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16186 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c:Jeffrey Altman2004-03-194-2/+53
| | | | | | | | | | | | | | | Add missing return statements in krb5_lcc_start_seq_get() * cc-int.h: New file - Add prototypes for cc internal functions * cc_retr.c - include cc-int.h ticket: new target_version: 1.3.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16185 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_sendto_kdc passing improper argument to krb5_locate_kdcEzra Peisach2004-03-182-1/+6
| | | | | | | | | | | | | * sendto_kdc.c (krb5_sendto_kdc): Change passing pointer to value of use_master parameter to krb5_locate_kdc. Error was introduced in 2/26 code change. ticket: new tags: pullup target_version: next git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16184 dc483132-0cff-0310-8789-dd5450dbe970
* * derive.c (krb5_random2key): Don't compile.Ken Raeburn2004-03-183-0/+12
| | | | | | * dk.h (krb5_derive_random): Declare. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16180 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (krb5int_prng_cleanup): Renamed from prng_cleanup.Ken Raeburn2004-03-183-2/+10
| | | | | | | * crypto_libinit.c: Include k5-int.h. (cryptoint_cleanup_library): Updated call. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16179 dc483132-0cff-0310-8789-dd5450dbe970
* * k5seal.c (kg_seal): Extract the krb5 context from the security contextKen Raeburn2004-03-1517-96/+109
| | | | | | | | | | | | | | | | | | | | | | | | | instead of requiring it be passed in as an argument. * k5unseal.c (kg_unseal): Likewise. * gssapiP_krb5.h (kg_seal, kg_unseal): Declarations updated. * delete_sec_context.c, process_context_token.c, seal.c, sign.c, unseal.c, verify.c: Callers changed. * inq_context.c (krb5_gss_inquire_context): Use krb5 context contained in security context instead of calling kg_get_context. * wrap_size_limit.c (krb5_gss_wrap_size_limit): Likewise. * import_sec_context.c (krb5_gss_ser_init): New function. (krb5_gss_import_sec_context): Create a krb5 context locally to use for the import. * export_sec_context.c (krb5_gss_export_sec_context): Use the krb5 context in the security context. * gssapiP_krb5.h (krb5_gss_ser_init): Declare. * gssapi_krb5.c (kg_get_context): Don't call krb5 serialization initialization code here. * accept_sec_context.c (krb5_gss_accept_sec_context): Free the new krb5 context in an error case not caught before. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16171 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Add a krb5 context object.Ken Raeburn2004-03-155-22/+72
| | | | | | | | | | | | * init_sec_context.c (krb5_gss_init_sec_context): Create a new krb5 context, and store it in the security context if successful. If there's already a security context, use the krb5 context in it. * accept_sec_context.c (krb5_gss_accept_sec_context): Create a new krb5 context, and store it in the security context if successful. * delete_sec_context.c (krb5_gss_delete_sec_context): If the security context has a krb5 context, free it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16170 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete fields init_token andKen Raeburn2004-03-143-65/+11
| | | | | | | | | | testing_unknown_tokid. * init_sec_context.c (new_connection): Drop support (already inside "#if 0") for them. (krb5_gss_init_sec_context): Drop support for testing_unknown_tokid. (mutual_auth): Don't let major_status be used uninitialized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16168 dc483132-0cff-0310-8789-dd5450dbe970
* Add a mutex to protect the set manipulationsKen Raeburn2004-03-143-21/+87
| | | | | | | | | | * gssapiP_generic.h: Include k5-thread.h. (g_set): Add a mutex. (G_SET_INIT): Initialize it. * util_validate.c (g_save, g_validate, g_delete): Lock the mutex while working on the set. (BDB version untested.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16167 dc483132-0cff-0310-8789-dd5450dbe970
* Make the set type separate from the set-element (linked list node) typeKen Raeburn2004-03-146-29/+50
| | | | | | | | | | | | | | | | | * generic/gssapiP_generic.h (g_set): New struct type. (G_SET_INIT): New macro. * generic/util_validate.c (g_save, g_validate, g_delete): Change first argument to take a g_set * rather than void **; use the address of the void pointer from the structure. (g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name, g_validate_cred_id, g_validate_ctx_id, g_delete_name, g_delete_cred_id, g_delete_ctx_id): Updated first argument type. * genericgssapiP_generic.h: Declarations updated. * krb5/gssapi_krb5.c (kg_vdb): Change type to g_set and initialize. * krb5/gssapiP_krb5.h (kg_vdb): Declaration updated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16166 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h (struct _g_set_elt, g_set_elt): Renamed from non-_eltKen Raeburn2004-03-144-21/+27
| | | | | | | versions. * util_set.c, util_validate.c: Uses updated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16165 dc483132-0cff-0310-8789-dd5450dbe970
* Fix missing case for get_init_creds API changeKen Hornstein2004-03-092-1/+7
| | | | | | | | Fix a case I missed in my original patch for the krb5_get_init_creds API change. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16162 dc483132-0cff-0310-8789-dd5450dbe970
* Missing prototype for gss_krb5int_unseal_token_v3Ezra Peisach2004-03-082-0/+12
| | | | | | | | | gssapiP_krb5.h: Add prototype for gss_krb5int_unseal_token_v3. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16159 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-15 06:29:51 +0000