| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12079 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
from Matt Crawford
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12077 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12076 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12075 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
* network.c: Conditionally include sys/sockio.h for SIOC* if
necessary.
(process_packet): Bracket AF_INET6 branch of a switch statement
with an ifdef.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12074 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12073 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12072 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
This is why things weren't working without the loopback addresses,
which showed up last in the list, after the address my client was
trying to use, thus hiding the error.
(I tried to abort the previous checkin, but cvs went ahead with it
despite the "editor session failed" report...hm.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12071 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
KDC respond to requests from the same IP address that the requests were sent
to.
**N.B. This will perform worse in the case of addresses dynamically added
and removed after the KDC has started, since it will be incapable of using
any new addresses.
I'm unclear on why the loopback interface address needs to be included in
the list of addresses. Apparently, on NetBSD-current, if it's not, packets
sent to other local addresses but over the loopback interface are queued but
not received?? Needs further investigation; could just be a NetBSD bug.
* configure.in: Invoke KRB5_SOCKADDR_SA_LEN.
* network.c: Include <sys/ioctl.h>, <syslog.h>, <net/if.h>.
(foreach_localaddr): New function, copied from
lib/krb5/os/localaddr.c. Tweaked to not exclude loopback
interface.
(NEED_SOCKETS): Define before including k5-int.h.
(n_sockets): New variable.
(setup_port): New function; creates listening udp ports given an
address.
(setup_network): Call foreach_localaddr to set up listening
sockets on each local address, so we can always respond from the
receiving address.
(listen_and_process): Use n_sockets as upper bound of loop.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12070 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
* localaddr.c (foreach_localaddr): Broken out from old krb5_os_localaddr.
Iterates over all active interface addresses, invoking callback functions;
knows nothing about Kerberos.
(count_addrs, allocate, add_addr): New callback functions.
(krb5_os_localaddr): Use the above.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12069 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
* destest.c: Declare zeroblock as krb5_octet * instead of char * as
argument to mit_des_cbc_encrypt.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12068 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12067 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
is not compiled in.
Linking with des425 is not required when krb4 is not compiled in. This
cleans up the configure.in as we use WITH_KRB4 already
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12066 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12065 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
setup script. If this isn't here, it is possible that the initial
change of pol2's password may happen too soon.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12064 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12063 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12062 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
* fetch_mkey.c (krb5_db_fetch_mkey): Don't attempt to override type of key read
from stash file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12061 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
* alt_prof.c (krb5_read_realm_params): Permit realm supported enctypes to be
unspecified, letting the KDC produce defaults. Don't look up enctypes at all
if an error is to be returned.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12060 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
* telnetd.c (doit): Provide a more useful error message than
"authentication failed" if no authentication was even attempted.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12059 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Format attribute declarations for gcc.
Deleting some unused variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12058 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
* ovsec_kadmd.c (log_badverf): Update proc_names.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12057 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(kadmin_keytab_add): Update to deal with explicit keysalt lists.
(add_principal): Update to deal with explicit keysalt lists.
* kadmin.c (kadmin_cpw): Add support for new api.
(kadmin_parse_princ_args): Add support for new api, particularly
-keepold to keep old keys around and -e to explicitly specify
key-salt tuples.
(kadmin_addprinc_usage): Update usage accordingly.
(kadmin_addprinc): Add support for new api.
(kadmin_modprinc): Update to call new parse_princ_args reasonably.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12056 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
(xdr_chrand3_arg): Fix up calls to xdr_array.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12055 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
(krb5_dbe_cpw): Fix to actually save old keys.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12054 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
setkey_principal3_1, and chrand_principal3_1 to do the obvious
things.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12053 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
call_arg on error, since svc_getargs should do that now.
* svc_udp.c (svcudp_getargs): Free args on xdr decode error to
avoid leaks.
* svc_tcp.c (svctcp_getargs): Free args on xdr decode error to
avoid leaks.
* svc_raw.c (svcraw_getargs): Free args on xdr decode error to
avoid leaks.
* auth_gssapi.c (auth_gssapi_create): Don't explicitly free
call_res anymore, since clnt_call should deal now.
* clnt_udp.c (clntudp_call): Free stuff on error from
xdr_replymsg() to prevent leaking.
* clnt_tcp.c (clnttcp_call): Free stuff on error from
xdr_replymsg() to avoid leaking.
* clnt_raw.c (clntraw_call): Free stuff on error from
xdr_replymsg() to avoid leaking.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12052 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
xdr_authgssapi_init_res can potentially allocate memory. Perhaps
clnt_call should really deal with this, though. It is not at all
clear whether clnt_call or svc_getargs should actually end up
freeing allocated memory themselves.
* svc_auth_gssapi.c (_svcauth_gssapi): Call gssrpc_xdr_free() if
xdr_authgssapi_creds() or xdr_authgssapi_init_arg() fails.
* auth_gssapi_misc.c (xdr_authgssapi_creds):
(xdr_authgssapi_init_arg):
(xdr_authgssapi_init_res): Revert prior change. The caller should
be the one dealing. Additionally, it was probably wrong to
unconditionally free the object regardless of whether the mode is
XDR_DECODE.
(auth_gssapi_unwrap_data): Use temp_xdrs rather than in_xdrs to
force XDR_FREE operation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12051 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12050 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
options. Do not output error when doing Kerberos 4 if we will be
trying 524 afterwards. Add hooks for future support for
specifying the Kerberos 4 cache name. Fix GET_PROGNAME macro to
properly return program name under Win32. Re-indent, turning
spaces that should be tabs into tabs.
* kinit.M: Document new Kerberos 4 kinit behavior.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12049 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
name under Win32. Re-indent, turning spaces that should be tabs
into tabs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12048 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
under Win32. Re-indent, turning spaces that should be tabs into
tabs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12047 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
prototype for auth_cmd()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12046 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
and generate a salt from the principal name if found; use the password and salt
to generate a key. Provide timestamp if nonce is zero, regardless of preauth
mode. (Patch from Chas Williams.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12045 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
until it appears to have been big enough. Dynamically grow internal address
pointer array as needed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12044 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
which were previously missing.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12043 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
others so that purify will actually generate memory leak reports.
* configure.in: Add CHECK_SIGNALS.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12042 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
* auth_gssapi_misc.c (xdr_authgssapi_creds):
(xdr_authgssapi_init_arg):
(xdr_authgssapi_init_res):
(auth_gssapi_unwrap_data): If xdr_gss_buf or xdr_bytes fails, call
again with XDR_FREE set so that allocated memory doesn't leak.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12041 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
take key_salt_tuples and optionally keep old keys around. Add
server-side functionality for setkey with key_salt_tuple and "keepold"
functionality. Update rpc stubs and xdr functions/headers
appropriately.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12040 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Patches from jik to make gss-sample more versatile.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12039 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
removed at a later date
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12037 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12036 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12035 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12034 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12033 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12032 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Basch.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12031 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12030 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Application Support folder as a location for the krb5 configuration file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12027 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
the Mac added
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12026 dc483132-0cff-0310-8789-dd5450dbe970
|