summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Make it link againZhanna Tsitkov2009-03-111-2/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22076 dc483132-0cff-0310-8789-dd5450dbe970
* Several small fixes to enable the migrate mkey commands to work properly ↵Will Fiveash2009-03-103-46/+6
| | | | | | | | | with a LDAP KDB. See the ticket for more details ticket: 6405 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22073 dc483132-0cff-0310-8789-dd5450dbe970
* Added test for KRB5_NT_UNKNOWN princ typeZhanna Tsitkov2009-03-103-11/+31
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22072 dc483132-0cff-0310-8789-dd5450dbe970
* Rename kdb_setup_lib_handle to krb5_db_setup_lib_handle and export it.Greg Hudson2009-03-104-48/+48
| | | | | | | | | | | | | Make kdb5_ldap_util work again by calling this function to set up dal_handle instead of using one with an uninitialized lib_handle. It is likely that kdb5_ldap_util will only function given a krb5.conf which specifies a realm with an LDAP database module as the default realm. Not sure if that was the case before. ticket: 6403 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22071 dc483132-0cff-0310-8789-dd5450dbe970
* Removed unneeded printf'sZhanna Tsitkov2009-03-091-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22070 dc483132-0cff-0310-8789-dd5450dbe970
* Introduced '-u' option to kvno to enforce KRB5_NT_UNKNOWN princ typeZhanna Tsitkov2009-03-091-6/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22069 dc483132-0cff-0310-8789-dd5450dbe970
* Add "-V" option to klist to print the package name and version, and exitKen Raeburn2009-03-061-3/+13
| | | | | | | | ticket: 4241 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22068 dc483132-0cff-0310-8789-dd5450dbe970
* send_as_req re-encodes the requestSam Hartman2009-03-061-19/+12
| | | | | | | | | | | | | | | | krb5_get_init_creds calls encode_krb5_as_req to produce an encoding for the preauth plugins, then passes the unencoded request structure into the static function send_as_req. That function re-encodes the request. This is an unnecessary call to the encoder. In addition, for the FAST project, it is desirable to encapsulate the unencoded outer request so that krb5_get_init_creds does not need it. * send_as_req is modified to take an encoded request and realm * Remove unused logic to fill in request nonce from send_as_req ticket: 6401 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22067 dc483132-0cff-0310-8789-dd5450dbe970
* Take out of the loop unchangeble assignments. TabulationZhanna Tsitkov2009-03-051-27/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22065 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_merge_authdata should initialize output on failureSam Hartman2009-02-261-0/+1
| | | | | | ticket: 6400 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22057 dc483132-0cff-0310-8789-dd5450dbe970
* Include authenticator and ticket authdata in gss-apiSam Hartman2009-02-264-13/+46
| | | | | | | | | | | | | | | Currently, the GSS-API routines for handling authdata only extract the authorization data from the ticket, not that from the authenticator. This is incorrect. Introduce a new function krb5_merge_authadata to merge two authdata arrays into a newly allocated result array. Use this function in accept_sec_context.c to include both sets of authdata. ticket: 6400 Target_version: 1.7 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22056 dc483132-0cff-0310-8789-dd5450dbe970
* Check return code of encode_krb5_ap_req. Also, tabs vs whitespaceZhanna Tsitkov2009-02-231-134/+135
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22050 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5int_generate_and_save_subkey, check the return value ofGreg Hudson2009-02-231-4/+5
| | | | | | | | krb5_crypto_us_timeofday. It can't really fail in practice, but if it did we'd be passing stack garbage to krb5_c_random_add_entropy. That's harmless, but poor form. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22049 dc483132-0cff-0310-8789-dd5450dbe970
* Check the return value of fseek in two places in kt_file.cGreg Hudson2009-02-231-2/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22047 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the return codeZhanna Tsitkov2009-02-231-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22046 dc483132-0cff-0310-8789-dd5450dbe970
* Kill an odd (but harmless) use of strncpy inGreg Hudson2009-02-231-7/+4
| | | | | | | krb5_get_in_tkt_with_password, by using the construction from krb5_get_init_creds_password. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22045 dc483132-0cff-0310-8789-dd5450dbe970
* send_tgs.c:Sam Hartman2009-02-231-30/+33
| | | | | | | | | | | | | | * Move generation of subkey into krb5int_send_tgs from construct_authenticator so that it is available for encrypting authorization data. * Initialize rep->message_type and note that rep is touched on unsuccessful calls (this has always been true). * Do not set *subkey until successful return. Thanks to Greg Hudson for pointing out these problems. Ticket: 6393 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22044 dc483132-0cff-0310-8789-dd5450dbe970
* In krcp, check the return value when closing the output file afterGreg Hudson2009-02-201-1/+2
| | | | | | | | successfully writing it. close cannot return an error status on most local filesystems, but can on some network filesystems such as AFS or NFS. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22043 dc483132-0cff-0310-8789-dd5450dbe970
* Also install k5srvutil into PREFIX/bin instead of PREFIX/sbinRuss Allbery2009-02-201-1/+1
| | | | | | | Ticket: 6348 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22042 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust to the return value of isflagset routineZhanna Tsitkov2009-02-201-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22041 dc483132-0cff-0310-8789-dd5450dbe970
* KDC realm referral testZhanna Tsitkov2009-02-2017-0/+701
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22040 dc483132-0cff-0310-8789-dd5450dbe970
* remove obsolete GNU.ORG realm infoKen Raeburn2009-02-191-6/+1
| | | | | | | | | | | | | Our sample krb5.conf has obsolete info on the GNU.ORG realm; the DNS entries named don't exist, and AFAIK this hasn't been accurate in years. (I don't even know if they're currently running a Kerberos realm.) ticket: 6398 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22038 dc483132-0cff-0310-8789-dd5450dbe970
* Fix in handle_referral_paramsZhanna Tsitkov2009-02-191-9/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22037 dc483132-0cff-0310-8789-dd5450dbe970
* Some fixups and stubs for building ccapi on UNIX, and dependencies.Ken Raeburn2009-02-1818-16/+309
| | | | | | | | | (Doesn't make a complete working implementation, but it mostly compiles.) Does *not* include the changes to actually cause the ccapi code to get built in normal UNIX builds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22023 dc483132-0cff-0310-8789-dd5450dbe970
* Revert the fopen part of the previous krb5_kuserok change, but keepGreg Hudson2009-02-171-5/+4
| | | | | | | the string-handling change. It introduced an unwanted behavior change when .k5login was detectable but unreadable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22011 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_kuserok, just try opening .k5login; don't check ahead of timeGreg Hudson2009-02-171-9/+11
| | | | | | | whether it looks accessible. Also rewrite the construction of the .k5login filename to use snprintf instead of strnpy/strncat. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22010 dc483132-0cff-0310-8789-dd5450dbe970
* Be less verbose about routing-socket messagesKen Raeburn2009-02-131-4/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22005 dc483132-0cff-0310-8789-dd5450dbe970
* Correct numerous memory leaks on error conditions in the ASN.1Greg Hudson2009-02-133-299/+1030
| | | | | | decoder functions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22004 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_decode_leak.c, work around the oddity thatGreg Hudson2009-02-131-2/+16
| | | | | | krb5_free_cred_enc_part is a contents-only free function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22003 dc483132-0cff-0310-8789-dd5450dbe970
* In tgs_construct_tgsreq, free scratch even if scratch->data is NULL.Greg Hudson2009-02-131-2/+2
| | | | | | | (Which probably can't happen, but static analyzers don't know that.) Also protect scratch from being freed before initialization. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22002 dc483132-0cff-0310-8789-dd5450dbe970
* Implement TGS authenticator subkey usageSam Hartman2009-02-135-38/+60
| | | | | | | | | | | | | | | | | Implement support for use of a subkey in the TGS req. This is needed by FAST TGS support. The interface to krb5_send_tgs changed in order to gain a subkey output parameter. Since this is a private interface it was renamed to krb5int_send_tgs and removed from the export list. * send_tgs.c: generate a subkey and return to caller * decode_kdc_rep.c: Use subkey keyusage * gc_via_tkt.c: pass in subkey to decode_kdc_rep * send_tgs.c: use subkey for encrypting authorization data ticket: 6393 tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21993 dc483132-0cff-0310-8789-dd5450dbe970
* Don't pass negative numbers to strerrorKen Raeburn2009-02-121-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21988 dc483132-0cff-0310-8789-dd5450dbe970
* Don't apply 'const' twice. Make kg_arcfour_l40 staticKen Raeburn2009-02-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21987 dc483132-0cff-0310-8789-dd5450dbe970
* Don't apply 'const' twiceKen Raeburn2009-02-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21986 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_get_in_tkt_with_password, free opte before returning the errorGreg Hudson2009-02-121-1/+1
| | | | | | from krb5_unparse_name, not after. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21985 dc483132-0cff-0310-8789-dd5450dbe970
* Make output parameter of krb5_generate_subkey_extended well-defined onGreg Hudson2009-02-121-7/+15
| | | | | | error, and reformat function to fit coding standards. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21984 dc483132-0cff-0310-8789-dd5450dbe970
* Remove useless unsigned >=0 testsKen Raeburn2009-02-121-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21983 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_rc_io_open_internal, d->fn is always set for the cleanupGreg Hudson2009-02-121-6/+4
| | | | | | handler, so do not check it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21982 dc483132-0cff-0310-8789-dd5450dbe970
* Modify asn12krb5_buf and asn1_do_full_encode to make output parameterGreg Hudson2009-02-122-18/+27
| | | | | | | values well-defined on error. Clean up memory handling and an unused variable in asn1_do_full_encode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21981 dc483132-0cff-0310-8789-dd5450dbe970
* Fix allocation failure check in walk_rtreeGreg Hudson2009-02-121-1/+1
| | | | | | | | | | | Check the correct variable for null after allocating the server string in rtree_capath_vals. ticket: 6392 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21980 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new test harness to facilitate memory leak detection in theGreg Hudson2009-02-113-3/+678
| | | | | | ASN.1 decoder routines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21970 dc483132-0cff-0310-8789-dd5450dbe970
* Ensure we have a free function for every data type we have an ASN.1Greg Hudson2009-02-113-7/+50
| | | | | | | | | decoder for. Export the new free functions, but only declare them in k5-int.h since they shouldn't be needed by applications. Also export a couple of encoder and decoder functions not previously exported. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21969 dc483132-0cff-0310-8789-dd5450dbe970
* --disable-rpath is not workingEzra Peisach2009-02-111-1/+1
| | | | | | | | | | | AC_ARG_ENABLE returns its value in enableval not withval. --disable-rpath was not working - or dependent on some previous setting... ticket: 6390 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21968 dc483132-0cff-0310-8789-dd5450dbe970
* Add test for krb5_cc_get_principal and ensure returned value correctEzra Peisach2009-02-111-1/+22
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21967 dc483132-0cff-0310-8789-dd5450dbe970
* Install ktutil and kadmin into CLIENT_BINDIR instead of ADMIN_BINDIRRuss Allbery2009-02-112-2/+2
| | | | | | | | | since both are useful for users other than the system administrator. Ticket: 6348 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21966 dc483132-0cff-0310-8789-dd5450dbe970
* remove local objects from list for windowsKen Raeburn2009-02-111-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21965 dc483132-0cff-0310-8789-dd5450dbe970
* remove des425 syms; add some new dce,iov syms needed for gssapiKen Raeburn2009-02-111-9/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21964 dc483132-0cff-0310-8789-dd5450dbe970
* Updates for current CCAPI code; build krb5 unicode supportKen Raeburn2009-02-111-8/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21963 dc483132-0cff-0310-8789-dd5450dbe970
* Some updates to compile and link on Windows, with recent CCAPI changesKen Raeburn2009-02-116-11/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21962 dc483132-0cff-0310-8789-dd5450dbe970
* pull in unicode stuff on windowsKen Raeburn2009-02-111-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21961 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-10 02:42:51 +0000