summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* General code consistency pass in kdb_db2.c.Greg Hudson2010-05-051-136/+56
| | | | | | | Removes some pointless null checks. Frees the DB context when a DB is finalized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23973 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust for removal of krb5_ldap_set_option in r23965Tom Yu2010-05-041-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23972 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of some kdb5_util load code which is no longer useful afterGreg Hudson2010-05-041-32/+1
| | | | | | the introduction of the DAL. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23971 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unused format string definitions from kdb5_util's dump.cGreg Hudson2010-05-041-14/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23970 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unused fields from kadm5_config_params. Bump the clientGreg Hudson2010-05-044-10/+2
| | | | | | and server sonames. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23969 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the unused realm_dbname field from krb5_realm_paramsGreg Hudson2010-05-045-10/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23968 dc483132-0cff-0310-8789-dd5450dbe970
* Remove a stray comment from r23966Greg Hudson2010-05-041-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23967 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor the kdb_db2.c code which processes db_args and profileGreg Hudson2010-05-042-305/+134
| | | | | | | variables to configure a DB context, to avoid repeating that code three times in open/create/destroy. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23966 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_db_set_option and the associated DAL entry. It was notGreg Hudson2010-05-048-93/+0
| | | | | | used. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23965 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the DAL documentation for db_createGreg Hudson2010-05-031-3/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23964 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate some uses of variables as format strings. Based on a patchGreg Hudson2010-05-036-14/+7
| | | | | | | | from Guillaume Rousse <Guillaume.Rousse@inria.fr>. ticket: 6714 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23963 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the use of variables for format strings in kdb5_util. ManyGreg Hudson2010-05-038-140/+8
| | | | | | | | | | | were unused, and localization will probably be done through _() macros, not collecting all the strings together. Elminates a number of format-security static analysis defects. ticket: 6714 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23962 dc483132-0cff-0310-8789-dd5450dbe970
* Fix some bugs in the IAKERB code discovered by Coverity. Also trimGreg Hudson2010-05-013-28/+18
| | | | | | | down iakerb_initiator_step() a little using krb5_data constructors and avoiding vertical function arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23961 dc483132-0cff-0310-8789-dd5450dbe970
* Add IAKERB mechanism and gss_acquire_cred_with_passwordGreg Hudson2010-04-3043-318/+2850
| | | | | | | | | | | | | | Merge branches/iakerb to trunk. Includes the following: * New IAKERB mechanism. * New gss_acquire_cred_with_password mechglue function. * ASN.1 encoders and decoders for IAKERB structures (with tests). * New shortcuts in gss-sample client and server. * Tests to exercise SPNEGO and IAKERB using gss-sample application. ticket: 6712 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23960 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in process_tgs_req in r23724Tom Yu2010-04-301-1/+3
| | | | | | | | | | | Fix a KDC memory leak that was introduced by r23724 that could leak the decoded request. ticket: 6711 tags: pullup target_version: 1.8.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23959 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a backwards check in get_cached_tgt() in the TGS codeGreg Hudson2010-04-271-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23945 dc483132-0cff-0310-8789-dd5450dbe970
* Squash some warnings in the old crypto API glue. Use make_data()Greg Hudson2010-04-261-42/+20
| | | | | | where appropriate so that magic fields get initialized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23942 dc483132-0cff-0310-8789-dd5450dbe970
* Add a Python test script to exercise the GSS sample appGreg Hudson2010-04-242-0/+43
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23937 dc483132-0cff-0310-8789-dd5450dbe970
* Add a sentinel line to sim_server after the socket is ready, and useGreg Hudson2010-04-242-2/+6
| | | | | | it in simple.exp in the dejagnu test suite instead of sleeping. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23936 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the use of tail -f in the dejagnu test suite. Instead, useGreg Hudson2010-04-241-139/+7
| | | | | | | the sentinel lines printed by krb5kdc and kadmind to detect when the listening sockets are ready. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23935 dc483132-0cff-0310-8789-dd5450dbe970
* Add a sentinel to the sample gss-server after the socket is ready, andGreg Hudson2010-04-242-1/+6
| | | | | | use it in gssapi.exp in the dejagnu test suite instead of sleeping. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23934 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify how k5test scripts get run by importing runenv by pathnameGreg Hudson2010-04-242-10/+16
| | | | | | (using the imp module) instead of by module name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23933 dc483132-0cff-0310-8789-dd5450dbe970
* Run Python tests as individual rule commands (friendlier to make -k)Greg Hudson2010-04-246-39/+30
| | | | | | | | | instead of in a loop. Build runenv.py as part of make fake-install; it's harmless if Python is unavailable. Import runenv later in k5test so that we get a beter error message if make fake-install hasn't been run. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23932 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the actual python command to match the displayed one in theGreg Hudson2010-04-241-2/+4
| | | | | | check-pytests-yes rule in r23913. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23931 dc483132-0cff-0310-8789-dd5450dbe970
* Adapted patch from Arlene Berry to handle dlerror() returning a nullTom Yu2010-04-231-0/+4
| | | | | | | | | | pointer. ticket: 6697 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23929 dc483132-0cff-0310-8789-dd5450dbe970
* Adapted patch from Jason Rogers. It wasn't complete, so this commitTom Yu2010-04-232-19/+28
| | | | | | | | | | | | | fixes the other instances of the 64-bit problem. Also fix krb5_deltat_to_str(), which would previously always return an empty string. ticket: 6698 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23928 dc483132-0cff-0310-8789-dd5450dbe970
* From Luke: fix the post-canonicalization cache check logic inGreg Hudson2010-04-221-5/+11
| | | | | | krb5_get_credentials_for_user(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23927 dc483132-0cff-0310-8789-dd5450dbe970
* In kg_new_connection(), make sure k_cred is freed in all failureGreg Hudson2010-04-221-3/+2
| | | | | | cases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23926 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to cease freeing error tokens output byTom Yu2010-04-221-3/+0
| | | | | | | | | | | accept_sec_context, allowing them to actually be sent to the initiator. ticket: 6696 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23925 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate a non-useful NULL check in the KDC's dispatch() function.Greg Hudson2010-04-221-1/+1
| | | | | | | | If process_as_req or process_tgs_req return successfully, they will always fill in *response. (If they didn't, the subsequence (*response)->length check would crash anyway.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23922 dc483132-0cff-0310-8789-dd5450dbe970
* In kpasswd_sendto_msg_callback(), properly compare against theGreg Hudson2010-04-221-1/+2
| | | | | | wildcard IPv6 address instead of comparing an array address to 0. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23921 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory leak in get_creds.c's try_fallback_realm()Greg Hudson2010-04-211-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23920 dc483132-0cff-0310-8789-dd5450dbe970
* In the kdc5_hammer test program, simplify the cleanup logic ofGreg Hudson2010-04-211-19/+10
| | | | | | | | get_server_key. Fixes a memory leak where the result of krb5_get_credentials() didn't get freed if krb5_mk_req_extended() failed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23919 dc483132-0cff-0310-8789-dd5450dbe970
* Amend r23917 to correct some uses of *out_creds which should now useGreg Hudson2010-04-211-3/+2
| | | | | | the local variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23918 dc483132-0cff-0310-8789-dd5450dbe970
* In the get_credentials() helper of the gss-krb5 init_sec_context code,Greg Hudson2010-04-211-2/+8
| | | | | | ensure that *out_creds is only filled in on successful return. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23917 dc483132-0cff-0310-8789-dd5450dbe970
* In t_inetd, zero out l_inaddr before filling it in, as is relativelyGreg Hudson2010-04-211-0/+2
| | | | | | common in networking code. Silences a Coverity defect. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23916 dc483132-0cff-0310-8789-dd5450dbe970
* Only create runenv.py at BUILDTOP. Fix bugs in k5test.py relating toTom Yu2010-04-203-17/+32
| | | | | | environment initialization, also so that "make testrealm" works again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23913 dc483132-0cff-0310-8789-dd5450dbe970
* Fix CVE-2010-1230 (MITKRB5-SA-2010-004) double-free in KDC triggeredTom Yu2010-04-203-0/+41
| | | | | | | | | | | | | | by ticket renewal. Add a test case. See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490 Thanks to Joel Johnson and Brian Almeida for the reports. ticket: 6702 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23912 dc483132-0cff-0310-8789-dd5450dbe970
* When setting up to get a TGT for the service realm in the TGS code,Greg Hudson2010-04-201-5/+5
| | | | | | | | | | | | get the cached local TGT before setting up the realm path. Prior to this change, calling krb5_get_credentials() with an empty ccache would result in KRB5_CC_NOTFOUND for a foreign server principal, but would result in KRB5_NO_TKT_IN_REALM (generated by krb5_walk_realm_tree) for a local server principal. With this change, KRB5_CC_NOTFOUND is returned in both cases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23909 dc483132-0cff-0310-8789-dd5450dbe970
* Add KRB5_INIT_CREDS_STEP_FLAG_CONTINUE for parity with Heimdal.Greg Hudson2010-04-204-18/+17
| | | | | | | | Rename KRB5_TKT_CREDS_CONTINUE to KRB5_TKT_CREDS_STEP_FLAG_CONTINUE for consistency. Adjust init_creds context to be less confusing in light of the above. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23906 dc483132-0cff-0310-8789-dd5450dbe970
* Build runenv.py, holding environment variable settings required forTom Yu2010-04-166-22/+41
| | | | | | | | running programs out of the build tree during python-based tests. Also updates shilb.conf to set RUN_VARS to make it easier to generate this sort of thing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23905 dc483132-0cff-0310-8789-dd5450dbe970
* Introduce new krb5_tkt_creds APIGreg Hudson2010-04-147-1495/+1206
| | | | | | | | | | | | Merged from branches/iakerb: add new asynchronous krb5_tkt_creds APIs, which allow a caller to take responsibility for transporting requests to the KDC and getting responses back. Rewrite the existing krb5_get_credentials API in terms of the new functions. Get rid of krb5_get_cred_from_kdc and friends, since they are no longer used. ticket: 6700 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23900 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5_get_credentials in ksu instead of krb5_get_cred_from_kdc, soGreg Hudson2010-04-141-28/+2
| | | | | | we can get rid of the latter. (Also simplifies the code.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23899 dc483132-0cff-0310-8789-dd5450dbe970
* Validate and renew should work on non-TGT credsGreg Hudson2010-04-133-151/+197
| | | | | | | | | | | | | The validate and renew APIs were using get_cred_from_kdc, which always presents a TGT to get credentials. Instead, they should present the ticket they are trying to validate or renew. This is most easily done with krb5_get_cred_via_tkt(). Move the relevant code into a new file since it now has nothing in common with the other APIs implemented in get_creds.c. ticket: 6699 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23891 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5int_send_tgs(); it is unused as of r23358Greg Hudson2010-04-083-90/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23881 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_cc_dup() to make it possible to copy ccache handlesGreg Hudson2010-04-082-0/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23874 dc483132-0cff-0310-8789-dd5450dbe970
* Assume lstat in Unix code, specifically clients/ksu/ccache.c. Fix badGreg Hudson2010-04-082-101/+93
| | | | | | indentation caused by an #ifdef HAVE_LSTAT block. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23870 dc483132-0cff-0310-8789-dd5450dbe970
* In testrealm.py, add ksu and kvno to the list of build directoriesGreg Hudson2010-04-041-1/+3
| | | | | | containing programs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23858 dc483132-0cff-0310-8789-dd5450dbe970
* Fix backwards flag output in krb5_init_creds_step()Greg Hudson2010-03-291-2/+2
| | | | | | | | | | | | krb5_init_creds_step() is taken from Heimdal, which sets *flags to 1 for "continue" and 0 for "stop". Unfortunately, we got it backwards in 1.8; fix it for 1.8.1. ticket: 6693 tags: pullup target_version: 1.8.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23844 dc483132-0cff-0310-8789-dd5450dbe970
* Always pass -W option to kdb5_util create in testingKen Raeburn2010-03-274-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23838 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-10-09 12:27:22 +0000