krb5.git - MIT Kerberos patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix invalid JSON handling in KDC OTP module	Greg Hudson	2014-05-19	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \|	If the OTP configuration for a principal contains invalid JSON, the KDC OTP module calls k5_json_get_tid on a null pointer, causing the KDC process to crash. Fix this bug by checking the return value of k5_json_decode in decode_config_json. ticket: 7912 (new) target_version: 1.12.2 tags: pullup
*	Move OTP sockets to KDC_RUN_DIR	Nathaniel McCallum	2014-02-06	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	Some system configurations expect Unix-domain sockets to live under /run or /var/run, and not other parts of /var where persistent application state lives. Define a new directory KDC_RUN_DIR using $runstatedir (new in autoconf 2.70, so fall back to $localstatedir/run if it's not set) and use that for the default socket path. [ghudson@mit.edu: commit message, otp.rst formatting fix] ticket: 7859 (new)
*	make depend	Tom Yu	2013-12-10	1	-13/+15
\|
*	Fix OTP KDC module get_string error handling	Greg Hudson	2013-07-17	1	-2/+4
\| \| \| \| \| \|	If cb->get_string returns 0 with no result in otp_edata, make sure we set retval to avoid sending an empty OTP hint. If cb->get_string returns an error code in otp_verify, avoid masking that code.
*	Use k5calloc instead of k5alloc where appropriate	Greg Hudson	2013-07-11	1	-2/+2
\| \| \| \| \|	Wherever we use k5alloc with a multiplication in the size parameter,, use the new k5calloc helper function instead.
*	Add server-side otp preauth plugin	Nathaniel McCallum	2013-07-11	6	-0/+1145
	This plugin implements the proposal for providing OTP support by proxying requests to RADIUS. Details can be found inside the provided documentation as well as on the project page. http://k5wiki.kerberos.org/wiki/Projects/OTPOverRADIUS ticket: 7678