summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* XOR the last byte of weak keys with 0xf0, according to specRichard Basch1995-12-022-2/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970
* Applied patch from Scott Schwartz <schwartz@galapagos.cse.psu.edu>Theodore Tso1995-12-012-0/+67
| | | | | | | | | | | | | | | | | | | | | | Under SunOS, and maybe other systems, there is a a problem with krlogind.c and a similar problem with login.c as distributed with K5.5. The bug is that rlogind forks a child but retains a controlling tty. If the child is in the same process group as the parent, which is will if you don't use a job control shell (chsh /bin/rc), keyboard signals will kill the daemon. telnetd dissociates itself properly, but then login.krb5 waits for the shell to finish, but login.krb5 has the same ctty as the shell and is in the same process group, so it has the same problem. In BSD you used to be able to give up your ctty at will, but SunOS seems to have setsid as the only mechanism to perform that action, and setsid can only succeed in limited circumstances. Rlogind ought to be fixed to behave more like telnetd, but independent of that, login.krb5 needs to be patched if kerberos is to work properly under SunOS. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7154 dc483132-0cff-0310-8789-dd5450dbe970
* Add rule for building shared object filesTheodore Tso1995-12-012-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7153 dc483132-0cff-0310-8789-dd5450dbe970
* Added Changelog fileTheodore Tso1995-12-011-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7152 dc483132-0cff-0310-8789-dd5450dbe970
* Added temporary definition of KRB5_ADM_M_EXTRADATA so that we have aTheodore Tso1995-12-012-0/+8
| | | | | | tree which (mostly) compiles. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7151 dc483132-0cff-0310-8789-dd5450dbe970
* In case of permission problems, don't unlink the old replay cache;Theodore Tso1995-12-012-1/+9
| | | | | | | make it a hard (repeatable) error. This also reduces the chance we accidentally delete valuable data. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7150 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize rcache to zero, so that on cleanup we don't try to freeTheodore Tso1995-12-012-5/+6
| | | | | | stack garbage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7149 dc483132-0cff-0310-8789-dd5450dbe970
* Changed token ID for KG_TOK_WRAP_MSG to match KG_TOK_SEAL_MSG bothTheodore Tso1995-12-012-1/+5
| | | | | | should be 0x0201. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7148 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5_gss_glue.c (gss_inquire_names_for_mech): Added new contextTheodore Tso1995-12-013-2/+12
| | | | | | | | | argument to the call of krb5_gss_inquire_names_for_mech(). * inq_names.c (krb5_gss_inquire_names_for_mech): Added new context argument to the arg list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7147 dc483132-0cff-0310-8789-dd5450dbe970
* Corrected algorithm description at beginning.Richard Basch1995-12-011-16/+26
| | | | | | | Fold input into 168 bits and then expand the result to include odd parity, so as to avoid potentially weakening the key. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7145 dc483132-0cff-0310-8789-dd5450dbe970
* Added 3-DES string translationRichard Basch1995-12-011-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7144 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c: #@&^(!! Ultrix cc sucks. Typedef to functionTom Yu1995-12-012-9/+27
| | | | | | pointer rather than function prototype to avoid lossage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7143 dc483132-0cff-0310-8789-dd5450dbe970
* Removed extra eblock argument from call to krb5_encode_kdc_repTheodore Tso1995-11-292-6/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7142 dc483132-0cff-0310-8789-dd5450dbe970
* Corrected a bug in the wrap-around carry (found bug by comparing test resultsRichard Basch1995-11-291-24/+16
| | | | | | with another implementation). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7141 dc483132-0cff-0310-8789-dd5450dbe970
* Make sure that each DES key is strong. If not, xor first byte with 0xf0Richard Basch1995-11-281-2/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7140 dc483132-0cff-0310-8789-dd5450dbe970
* Corrected bit rotation to match documented algorithmRichard Basch1995-11-281-5/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7139 dc483132-0cff-0310-8789-dd5450dbe970
* Removed debugging assert() statementRichard Basch1995-11-281-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7138 dc483132-0cff-0310-8789-dd5450dbe970
* f_ecb.c, des_int.h (mit_des_ecb_encrypt): Add const declaration to inputEzra Peisach1995-11-283-2/+7
| | | | | | cblock. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7137 dc483132-0cff-0310-8789-dd5450dbe970
* The output block of n-fold should not be a "const"Richard Basch1995-11-281-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7136 dc483132-0cff-0310-8789-dd5450dbe970
* Added 3-DES MD5 mode constantsRichard Basch1995-11-281-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7135 dc483132-0cff-0310-8789-dd5450dbe970
* Compile 3-DES MD5 routineRichard Basch1995-11-281-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7134 dc483132-0cff-0310-8789-dd5450dbe970
* Added 3-DES MD5 checksum mode switchRichard Basch1995-11-281-0/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7133 dc483132-0cff-0310-8789-dd5450dbe970
* Added 3-DES MD5 checksum modeRichard Basch1995-11-281-0/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7132 dc483132-0cff-0310-8789-dd5450dbe970
* Added Triple-DES function prototypes and structuresRichard Basch1995-11-281-1/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7131 dc483132-0cff-0310-8789-dd5450dbe970
* Compile in Triple-DES routinesRichard Basch1995-11-281-2/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7130 dc483132-0cff-0310-8789-dd5450dbe970
* Triple DES shares the same random key initialization routineRichard Basch1995-11-281-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7129 dc483132-0cff-0310-8789-dd5450dbe970
* Triple DES support routinesRichard Basch1995-11-281-0/+173
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7128 dc483132-0cff-0310-8789-dd5450dbe970
* Triple-DES support routinesRichard Basch1995-11-287-0/+637
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7127 dc483132-0cff-0310-8789-dd5450dbe970
* * state.c: use P properly so it won't break non-ansi compilersTom Yu1995-11-272-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7126 dc483132-0cff-0310-8789-dd5450dbe970
* * rc_dfl.c (krb5_rc_dfl_init): default lifespan toTom Yu1995-11-272-1/+8
| | | | | | | context->clockskew in case some app can't get at the internals of the context struct. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7125 dc483132-0cff-0310-8789-dd5450dbe970
* * k5-int.h: Ultrix is broken. Hacked around by redefining theTom Yu1995-11-272-20/+28
| | | | | | | | | typedefs of preauth_obtain_data_proc and preauth_process_proc to be pointers to the functions rather than the functions themselves. Also made some things KRB5_NPROTOTYPE. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7124 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth.c: Ultrix is broken. Prototype obtain_enc_ts_padata()Tom Yu1995-11-272-2/+41
| | | | | | | | and process_pw_salt() explicitly rather than using the typedef in k5-int.h becaus that typedef is to a function pointer now. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7123 dc483132-0cff-0310-8789-dd5450dbe970
* Added missing prototype for krb5_encode_kdcTheodore Tso1995-11-181-8/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7121 dc483132-0cff-0310-8789-dd5450dbe970
* Removed extra eblock argument from call to krb5_encode_kdc_repTheodore Tso1995-11-182-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7120 dc483132-0cff-0310-8789-dd5450dbe970
* Moved prototype of krb5_encode_kdc to k5-int.hTheodore Tso1995-11-181-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7119 dc483132-0cff-0310-8789-dd5450dbe970
* Moved prototype for encode_kdc_rep to k5-int.h, and remove the eblockTheodore Tso1995-11-182-0/+13
| | | | | | argument. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7118 dc483132-0cff-0310-8789-dd5450dbe970
* get_in_tkt.c (decrypt_as_reply):Theodore Tso1995-11-184-10/+22
| | | | | | | | | | | preauth.c (process_pw_salt): When fetching the key to decrypting the encrypted kdc reply, use the etype associated with the etype reply, not the etype associated with the included ticket. encode_kdc.c: Remove eblock argument from krb5_encode_kdc_rep; set the eblock type from the client_key's enctype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7117 dc483132-0cff-0310-8789-dd5450dbe970
* Makefile.in, ChangeLog: Add support to compile shared librariesTheodore Tso1995-11-184-3/+29
| | | | | | | gssapi.h: Include sys/types.h, since that's where POSIX says size_t is defined. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7116 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed token type numbers so they conform with the protocol spec. PaulTheodore Tso1995-11-182-3/+11
| | | | | | | Park didn't realize that he wasn't allowed to change these willy-nilly... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7115 dc483132-0cff-0310-8789-dd5450dbe970
* Renamed filenames so they would be unique in an 8.3 filesystem. AddedTheodore Tso1995-11-1829-100/+239
| | | | | | GSSAPI V2 functions to mechglueP.h (now mglueP.h) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7114 dc483132-0cff-0310-8789-dd5450dbe970
* Fix bogus duplication of codeSam Hartman1995-11-171-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7112 dc483132-0cff-0310-8789-dd5450dbe970
* Add IEXTEN to lflagsSam Hartman1995-11-173-2/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7111 dc483132-0cff-0310-8789-dd5450dbe970
* (krb5_get_server_rcache): Use krb5_rc_default_type instead of assumingEzra Peisach1995-11-172-1/+7
| | | | | | default rcache type is "dfl". git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7110 dc483132-0cff-0310-8789-dd5450dbe970
* * *.c (*): initialize lock_arg to a copy of a staticMark Eichin1995-11-1611-0/+50
| | | | | | | | | | | | | | (thus zero) struct flock, to avoid panic'ing sunos 4.1.4. If you call fcntl F_SETLKW with l_type == F_UNLCK and l_xxx == 15 (GRANT_LOCK_FLAG) you'll panic sunos 4.1.4 with assertion failed: ld->l_xxx != GRANT_LOCK_FLAG, file: ../../ufs/ufs_lockf.c, line: 995 Since automatic structs like these have random values in uninitialized fields, we initialize from a static struct (since using memset in this case is abhorrent, and naming l_xxx is non POSIX.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7109 dc483132-0cff-0310-8789-dd5450dbe970
* * ktest_equal.c (ktest_equal_krb5_etype_info_entry()) :Chris Provenzano1995-11-152-2/+9
| | | | | | Only do emecmp() if ref->length > 0 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7108 dc483132-0cff-0310-8789-dd5450dbe970
* Initial checkin of Sun's (Derek's) multi-mechanism GSSAPI supportTheodore Tso1995-11-1531-0/+2356
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7107 dc483132-0cff-0310-8789-dd5450dbe970
* Added ANL changes to support configuration authentication pathsTheodore Tso1995-11-152-0/+137
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7106 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_util.h: Added new prototypes for return_padata() and check_padata()Theodore Tso1995-11-144-110/+214
| | | | | | | | | | | | | | * kdc_preauth.c (return_padata): New function which calls out to each preauth type to see if it is necessary to return preauth data or not. (return_pw_salt): New function responsible for returning the KRB5_PW_SALT preauth information. * do_as_req.c (process_as_req): Move creation of the PW_SALT preauthentication step into kdc_preauth.c. Call return_pdata() which is responsible for all padata info which is returned by the KDC in the KRB_AS_REP message. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7103 dc483132-0cff-0310-8789-dd5450dbe970
* * preauth.c (krb5_process_padata): Added generalized processing forTheodore Tso1995-11-133-76/+121
| | | | | | | | | | | | | | | preauth information which is returned by the KDC. This should be general enough to support the AFS3_SALT preauth type, the SNK4 preauth type, and the public-key mods to Kerberos. (process_pw_salt): New function for processing the KRB5_PW_SALT preauthentication type. * get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for processing the PW_SALT preauth type; that's now done in preauth.c (krb5_get_in_tkt): Call krb5_process_padata with new arguments so that the preauth code can set the decryption_key if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7102 dc483132-0cff-0310-8789-dd5450dbe970
* Added typedef for krb5_preauth_proces_proc, and changed the prototypeTheodore Tso1995-11-132-5/+33
| | | | | | | | | of krb5_process_padata() to take additional arguments for returning the decryption key to use for decrypting the as_reply, as well as passing in the decrypt_proc procedure in case some preauth types want to call decrypt_proc themselves. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7101 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 08:59:47 +0000