summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Use krb5_free_default_realm instead of free on the results ofEzra Peisach2009-12-311-2/+2
| | | | | | krb5_get_default_realm(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23555 dc483132-0cff-0310-8789-dd5450dbe970
* Fix spelling and hyphen errors in man pagesRuss Allbery2009-12-314-7/+7
| | | | | | | | | | | Fix spelling errors in man pages detected by Debian's Lintian program. Also escape some -'s that are intended to be literal ASCII dashes and not Unicode hyphens so that groff won't change them into true hyphens. ticket: 6616 component: krb5-doc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23554 dc483132-0cff-0310-8789-dd5450dbe970
* NetBSD 5.0.1 uses an OpenSSL snapshot that describes itself as 0.9.9,Ken Raeburn2009-12-311-1/+1
| | | | | | | and has the EVP_PKEY_decrypt API change that was already being worked around for OpenSSL 1.0.0. Work around it for 0.9.9 too. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23553 dc483132-0cff-0310-8789-dd5450dbe970
* format %p wants void*Ken Raeburn2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23552 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize hash_iov, in case of premature error exitKen Raeburn2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23551 dc483132-0cff-0310-8789-dd5450dbe970
* Convert C++ style comments into traditional C commentsKen Raeburn2009-12-311-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23550 dc483132-0cff-0310-8789-dd5450dbe970
* No comma at end of enumerator listKen Raeburn2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23549 dc483132-0cff-0310-8789-dd5450dbe970
* No comma at end of enumerator listKen Raeburn2009-12-311-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23548 dc483132-0cff-0310-8789-dd5450dbe970
* Include os-proto.h for _krb5_conf_boolean prototype before declarationEzra Peisach2009-12-301-0/+2
| | | | | | of function. (gcc warning) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23547 dc483132-0cff-0310-8789-dd5450dbe970
* Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a ↵Zhanna Tsitkov2009-12-305-62/+68
| | | | | | helper in kdc code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23546 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the krb5_set_default_in_tkt_ktypes andGreg Hudson2009-12-301-7/+0
| | | | | | | krb5_set_default_tgs_ktypes during context initialization, as they weren't doing anything. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23545 dc483132-0cff-0310-8789-dd5450dbe970
* Create a separate file for krb5_copy_context for better code modularityZhanna Tsitkov2009-12-293-63/+141
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23538 dc483132-0cff-0310-8789-dd5450dbe970
* Combine the related code into one fileZhanna Tsitkov2009-12-295-143/+55
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23537 dc483132-0cff-0310-8789-dd5450dbe970
* Remove an inoperable error check in return_pkinit_kxGreg Hudson2009-12-291-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23536 dc483132-0cff-0310-8789-dd5450dbe970
* Functions in enc_helper.c serve different code blocks. Split themZhanna Tsitkov2009-12-293-27/+70
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23535 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2009-003 CVE-2009-3295 KDC null deref in referralsTom Yu2009-12-292-1/+4
| | | | | | | | | | | | | On certain error conditions, prep_reprocess_req() calls kdc_err() with a null pointer as the format string, causing a null dereference and denial of service. Legitimate protocol requests can trigger this problem. ticket: 6608 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23533 dc483132-0cff-0310-8789-dd5450dbe970
* Add dejagnu test suite support for finding the preauth modules in theGreg Hudson2009-12-282-0/+3
| | | | | | | fake install. Not yet tested, except to verify that it doesn't break the existing test suite. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23532 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new profile variable preauth_module_dir, which specifiesGreg Hudson2009-12-282-5/+49
| | | | | | | | directories to look for preauth plugins in prior to the hardcoded locations. Undocumented for now since, like db_module_dir, this is mostly intended for the test suite. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23531 dc483132-0cff-0310-8789-dd5450dbe970
* Move krb5_get_profile back to init_os_ctx.c for now and revert r23519.Greg Hudson2009-12-284-8/+9
| | | | | | | | At this time we link t_etypes against init_ctx.so during "make check", which breaks if init_ctx contains reference to the profile library. More general solutions to this problem are under discussion. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23530 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixes for new anonymous supportGreg Hudson2009-12-2815-134/+167
| | | | | | ticket: 6607 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970
* Anonymous support for KerberosSam Hartman2009-12-2828-284/+731
| | | | | | | | | | | | | | | | | | | | | | This ticket implements Project/Anonymous pkinit from k5wiki. Provides support for completely anonymous principals and untested client support for realm-exposed anonymous authentication. * Introduce kinit -n * Introduce kadmin -n * krb5_get_init_creds_opt_set_out_ccache aliases the supplied ccache * No longer generate ad-initial-verified-cas in pkinit * Fix pkinit interactions with non-TGT authentication Merge remote branch 'anonymous' into trunk Conflicts: src/lib/krb5/krb/gic_opt.c ticket: 6607 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23527 dc483132-0cff-0310-8789-dd5450dbe970
* Remove libpty referencesKen Raeburn2009-12-281-4/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23525 dc483132-0cff-0310-8789-dd5450dbe970
* The "comment" field of prf_data_t was never actually set nor used, soKen Raeburn2009-12-282-8/+0
| | | | | | delete it and all references. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23524 dc483132-0cff-0310-8789-dd5450dbe970
* Performance testing programs for krb5_init_context and profile data fetchKen Raeburn2009-12-283-1/+580
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23523 dc483132-0cff-0310-8789-dd5450dbe970
* allow testing when offlineKen Raeburn2009-12-282-1/+12
| | | | | | | | | | Define new make variable OFFLINE to "no"; if it's set to "yes", skip the testing of t_locate_kdc, which requires access to mit.edu SRV records. ticket: 6606 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23520 dc483132-0cff-0310-8789-dd5450dbe970
* Include prof_int.h in init_ctx.c instead of init_os_ctx.c,Ken Raeburn2009-12-284-3/+2
| | | | | | corresponding to the moved use of profile_copy in r23484. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23519 dc483132-0cff-0310-8789-dd5450dbe970
* Code modularity related updatesZhanna Tsitkov2009-12-2313-316/+383
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23484 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_ prefix from some static func namesZhanna Tsitkov2009-12-229-102/+111
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23483 dc483132-0cff-0310-8789-dd5450dbe970
* Add a set_cred_option handler for SPNEGO which forwards to theGreg Hudson2009-12-212-1/+25
| | | | | | | | | | | | underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and copying of SPNEGO initiator creds in both 1.7 and trunk. Patch provided by nalin@redhat.com. ticket: 6594 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a cleanup handler in the store_creds code; krb5_cc_close doesn'tGreg Hudson2009-12-171-2/+2
| | | | | | handle NULL arguments, so we have to check. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23480 dc483132-0cff-0310-8789-dd5450dbe970
* Add GSS extensions to store credentials, generate random bitsGreg Hudson2009-12-1717-8/+939
| | | | | | | | | Merge /users/lhoward/gssextras-no-cqa to trunk. Adds gss_pseudo_random and gss_store_cred. ticket: 6597 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23479 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixesGreg Hudson2009-12-161-7/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23477 dc483132-0cff-0310-8789-dd5450dbe970
* On Luke's advice, remove krb5_init_creds_store_creds. It is not aGreg Hudson2009-12-153-16/+0
| | | | | | | Heimdal API and its functionality is covered by krb5_get_init_creds_opt_set_out_ccache. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23469 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of the requirement of defining MAX_ENCTYPE inGreg Hudson2009-12-151-36/+56
| | | | | | | krb5int_parse_enctype_list, at the cost of making repeated realloc() calls during parsing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23468 dc483132-0cff-0310-8789-dd5450dbe970
* Formatining enhancementZhanna Tsitkov2009-12-152-18/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23467 dc483132-0cff-0310-8789-dd5450dbe970
* fast negotiation projecSam Hartman2009-12-1422-163/+790
| | | | | | | | | | | | | | | | Merge branches/fast-negotiate into trunk. This implements http://k5wiki.kerberos.org/wiki/Projects/Fast_negotiation Additional changes: * krb5_c_make_checksum with checksum type 0 uses mandatory checksum for given key enctype Conflicts: src/lib/crypto/krb/make_checksum.c ticket: 6595 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23465 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use sizeof(pointertype) to get the length of an allocated arrayTom Yu2009-12-101-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23464 dc483132-0cff-0310-8789-dd5450dbe970
* Add comments to make it slightly clearer howGreg Hudson2009-12-101-1/+2
| | | | | | krb5int_confounder_checksum works. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23463 dc483132-0cff-0310-8789-dd5450dbe970
* Restructure the crypto checksum implementation to minimizeGreg Hudson2009-12-1046-1299/+864
| | | | | | | | | | | | | | | | | | | | | dependencies on the internals of modules. * Keyhash providers are gone. * The cksumtypes table contains checksum and verify functions, similar to the etypes encrypt and decrypt functions. New checksum functions parallel the old keyhash providers, and there are also functions for unkeyed and derived-key HMAC checksums. * The flags field is now used to indicate whether a checksum is unkeyed, but not whether it is a derived-key HMAC checksum. * The descbc checksum is handled through a new enc_provider function which calculates a CBC MAC. The OpenSSL module does not implement the CBC MAC function (it didn't implement descbc before). builtin/des could probably get rid of f_cksum.c (the old DES CBC routine) with some alterations to string2key.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23462 dc483132-0cff-0310-8789-dd5450dbe970
* Change file holder for krb5int_check_clockskew. Minor Style changes per code ↵Zhanna Tsitkov2009-12-092-41/+40
| | | | | | practices git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23460 dc483132-0cff-0310-8789-dd5450dbe970
* Remove dependency on /bin/csh in test suiteEzra Peisach2009-12-081-2/+14
| | | | | | | | | | | | The libdb2 test suite would fail if /bin/csh was not present. The tests did not execute /bin/csh - but used the contents as data to put into the test database. Iterate over a few "known" files until one is found that could be used for it... Tests for /bin/csh, /bin/cat, /usr/bin/cat, /bin/ls, /usr/bin/ls. If none of these exist - then fail. ticket: 6593 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23458 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent lib/gssapi, with some exceptionsTom Yu2009-12-0865-312/+318
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23457 dc483132-0cff-0310-8789-dd5450dbe970
* Mark lib/apputilsTom Yu2009-12-072-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23456 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent util, with some exceptionsTom Yu2009-12-0753-3413/+3472
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23455 dc483132-0cff-0310-8789-dd5450dbe970
* handle negative enctypes betterTom Yu2009-12-072-4/+5
| | | | | | | | | | | krb5_dbe_def_search_enctype and krb5int_parse_enctype_list were making assumptions that enctype numbers are positive. Potentially more code makes this assumption, but these appear to be the major ones. ticket: 6592 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23454 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize ihash_iov in case fall through to cleanup handler and tryEzra Peisach2009-12-061-1/+1
| | | | | | to free garbarge. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23453 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the ivec parameters from the keyhash provider functions, asGreg Hudson2009-12-0611-35/+26
| | | | | | they are never used by callers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23452 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2009-12-062-52/+64
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23451 dc483132-0cff-0310-8789-dd5450dbe970
* Make the libk5crypto hash_provider interface take crypto_iov listsGreg Hudson2009-12-0629-490/+297
| | | | | | | instead of lists of krb5_data. Make the base HMAC APIs take crypto_iov lists and drop the _iov variants. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23450 dc483132-0cff-0310-8789-dd5450dbe970
* In the built-in des3 provider, remove the unused version ofGreg Hudson2009-12-061-29/+3
| | | | | | | validate_and_schedule, and drop the _iov suffix from the one we do use. (Cleanup from r23444.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23449 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-07 11:40:46 +0000