summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Don't specify defaults for GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macrosKen Raeburn2004-02-144-26/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16082 dc483132-0cff-0310-8789-dd5450dbe970
* aclocal.m4 (WITH_CC): Add -fno-common to CFLAGS on Darwin, unless -fcommon orKen Raeburn2004-02-142-0/+18
| | | | | | -fno-common is already given. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16081 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4 (TRY_PEER_INT): Deleted.Ken Raeburn2004-02-142-38/+19
| | | | | | | | | (KRB5_GETPEERNAME_ARGS): Map the getpeername arg types to the corresponding getsockname arg types. (KRB5_GETSOCKNAME_ARGS): If nothing matches, assume struct sockaddr and socklen_t. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16080 dc483132-0cff-0310-8789-dd5450dbe970
* * t_encrypt.c (compare_results): New function.Ken Raeburn2004-02-133-8/+57
| | | | | | | | | | | | (main): Use it to check decryption results against the original plaintext. When testing with cipher state, encrypt and then decrypt (and verify) two messages. * Makefile.in (t_encrypt$(EXEEXT)): Depend on CRYPTO_DEPLIB. ticket: 2229 status: resolved tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16079 dc483132-0cff-0310-8789-dd5450dbe970
* * dk_decrypt.c (krb5_dk_decrypt_maybe_trunc_hmac): New argument IVEC_MODE. IfKen Raeburn2004-02-133-11/+48
| | | | | | | | | | | | clear, same old behavior. If set, copy out next to last block for CTS. (krb5_dk_decrypt, krb5int_aes_dk_decrypt): Pass extra argument. * dk_encrypt.c (krb5int_aes_dk_encrypt): For IV, copy out next to last block for CTS. ticket: 2229 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16077 dc483132-0cff-0310-8789-dd5450dbe970
* Change PRIOCNTL_HACK code to use "==" rather than "eq", as "eq" is notTom Yu2004-02-136-9/+24
| | | | | | | | | | available in tcl-8.3. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16071 dc483132-0cff-0310-8789-dd5450dbe970
* Fix logic errorSam Hartman2004-02-132-1/+5
| | | | | | | | Ticket: 2234 Target_Version: 1.3.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16070 dc483132-0cff-0310-8789-dd5450dbe970
* priocntl workaround for Solaris 9 pty-close bugTom Yu2004-02-1322-34/+181
| | | | | | | | | | | | Implement gross hack to use priocntl to work around the Solaris 9 pty-close bug. Run expect at a higher class "FX" priority than spawned processes, which run at a lower class "FX" priority. "make check" needs to start from a process which has FX priority >= 30 and FX priority limit >= 30. Thanks to Bill Sommerfeld for the hints. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16069 dc483132-0cff-0310-8789-dd5450dbe970
* Tru64 and Irix have RPATH issues for test suiteTom Yu2004-02-127-14/+67
| | | | | | | | | | Implement hack for faking up _RLD_ROOT with a shadow of the directory tree up to the installed "lib" directory. This helps with running tests on Tru64 and Irix. ticket: 1793 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16066 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-12 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-122-3/+7
| | | | | | | | | | * Fix libpath for krbcc32.lib (only affects KRB5_KFW_COMPILE builds) ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16065 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing file: gss-misc.h copied from src/appl/gss-sampleJeffrey Altman2004-02-112-0/+64
| | | | | | | | ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16062 dc483132-0cff-0310-8789-dd5450dbe970
* update copyright notices on gss sample appsTom Yu2004-02-116-0/+138
| | | | | | | | | | update copyrights ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16056 dc483132-0cff-0310-8789-dd5450dbe970
* gss-client.c: remove extraneous parameters from client_establish_context()Jeffrey Altman2004-02-102-5/+10
| | | | | | | | ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16052 dc483132-0cff-0310-8789-dd5450dbe970
* * ser_sctx.c (kg_oid_externalize): Check for errors.Ken Raeburn2004-02-102-49/+154
| | | | | | | | | | | | | | | | (kg_oid_internalize): Check for errors. Free allocated storage on error. (kg_queue_externalize): Check for errorrs. (kg_queue_internalize): Check for errors. Free allocated storage on error. (kg_ctx_size): Update for new context data. (kg_ctx_externalize): Update for new context data. Check for error storing trailer. (kg_ctx_internalize): Update for new context data. Check for errors in a few more cases. ticket: 2166 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16050 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapi.exp (doit): Run server with additional options to export and re-importKen Raeburn2004-02-102-1/+7
| | | | | | | | | the GSSAPI context, and log info to a file in tmpdir. ticket: 2166 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16049 dc483132-0cff-0310-8789-dd5450dbe970
* Call htons for default port of password serverSam Hartman2004-02-092-1/+5
| | | | | | | Ticket: 2171 Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16047 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c (init_realm): Apply patch from Will Fiveash to useTom Yu2004-02-092-1/+6
| | | | | | | | | correct TCP listening ports. ticket: 2118 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16042 dc483132-0cff-0310-8789-dd5450dbe970
* Update from autoconf 2.59Tom Yu2004-02-094-774/+1167
| | | | | | | | ticket: 2196 version_reported: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16041 dc483132-0cff-0310-8789-dd5450dbe970
* * util_ordering.c (g_queue_externalize, g_queue_internalize): Check forKen Raeburn2004-02-092-0/+9
| | | | | | | | | sufficient buffer space. ticket: 2166 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16040 dc483132-0cff-0310-8789-dd5450dbe970
* * t_cts.c (test_cts): Process encryption and decryption IVs separately, makeKen Raeburn2004-02-092-3/+33
| | | | | | | | | sure they match, and display the value. ticket: 2223 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16039 dc483132-0cff-0310-8789-dd5450dbe970
* * aes.c (krb5int_aes_encrypt, krb5int_aes_decrypt): Copy out value for new IVKen Raeburn2004-02-092-0/+10
| | | | | | | ticket: 2223 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16038 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Check for sys/time.h and time.hKen Raeburn2004-02-092-0/+6
| | | | | | | ticket: 2224 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16034 dc483132-0cff-0310-8789-dd5450dbe970
* no license on k5sealv3.cKen Raeburn2004-02-081-2/+28
| | | | | | | | | | Updated copyright notice to include standard license for release. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16028 dc483132-0cff-0310-8789-dd5450dbe970
* * update usage() for gss-clientJeffrey Altman2004-02-073-1/+7
| | | | | | ticket: 2212 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16027 dc483132-0cff-0310-8789-dd5450dbe970
* Enable aes128-cts for clientSam Hartman2004-02-062-0/+5
| | | | | | | | | | | | | Currently we support aes128-cts but do not enable it by default. It looks like interoperability problems will be created by this decision. So add aes128-cts to the default list of enctypes for client configuration and for permitted_enctypes. Ticket: new Target_Version: 1.3.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16026 dc483132-0cff-0310-8789-dd5450dbe970
* Do not consider TGS options to be critical; ignore unknown optionsSam Hartman2004-02-062-6/+7
| | | | | | | Ticket: 2189 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16025 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-06 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-066-25/+80
| | | | | | | | | | | | | * Add new UI components to the gss.exe client to support the use of GSS_C_SEQUENCE_FLAG or to disable the use of either GSS_C_MUTUAL_FLAG or GSS_C_REPLAY_FLAG ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16024 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-06 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-063-14/+36
| | | | | | | | | | | * Add new command line switches to the gss-client to support the use of GSS_C_SEQUENCE_FLAG or to disable the use of either GSS_C_MUTUAL_FLAG or GSS_C_REPLAY_FLAG ticket: 2212 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16023 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-05 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-064-7/+24
| | | | | | | | | | | | | | | | | | * gssapiP_krb5.h: remove KG_IMPLFLAGS macro * init_sec_context.c (init_sec_context): Expand KG_IMPLFLAGS macro with previous macro definition * accept_sec_context.c (accept_sec_context): Replace KG_IMPLFLAGS macro with new definition. As per 1964 the INTEG and CONF flags are supposed to indicate the availability of the services in the client. By applying the previous definition of KG_IMPLFLAGS the INTEG and CONF flags are always on. This can be a problem because some clients such as Microsoft's Kerberos SSPI allow CONF and INTEG to be used independently. By forcing the flags on, we would end up with inconsist state with the client. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16022 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for specifying the credential cache to be used as wellJeffrey Altman2004-02-057-37/+160
| | | | | | | | | | as fix a few minor user interface bugs ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16021 dc483132-0cff-0310-8789-dd5450dbe970
* Remove reference to the ntstatus.h header in cc_mslsa.cJeffrey Altman2004-02-042-1/+6
| | | | | | | | | | | This header is not present in the August 2001 Platform SDK which is the current minimum SDK version. ticket: new tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16020 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-02-02 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-02-032-1/+22
| | | | | | | | | | | | | | | | | | * cc_msla.c: GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the value to assign to TicketRequest->TicketFlags. This field is blindly inserted into the kdc-options[0] field of the TGS_REQ. If there are bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result in an unknown TGS_OPTION being processed by the KDC. This has been fixed by mapping the Ticket Flags to KDC options. We only map Forwardable, Forwarded, Proxiable, and Renewable. The others should not be used. ticket: 2190 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16013 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c: the MSLSA code was crashing on Pismere machines whenJeffrey Altman2004-02-022-10/+36
| | | | | | | | | | | | | | | | | | | | logging on with cross realm credentials. On these machines there are 8 tickets within the LSA cache from two different realms. One of the krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe processes. The attempt to access the ticket returns a SubStatus code of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that the logon attempt was invalid due to bad authentication information. kerbtray has no problem listing this ticket. The other seven tickets in the cache including the Initial Ticket are accessible. Modified krb5_lcc_next_cred() to skip to the next ticket if an attempt to read a single ticket fails. ticket: 2184 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15997 dc483132-0cff-0310-8789-dd5450dbe970
* * Update README to describe the new PreserveInitialTicketIdentityJeffrey Altman2004-02-022-0/+41
| | | | | | | | registry key. ticket: 2139 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15996 dc483132-0cff-0310-8789-dd5450dbe970
* missing headerJeffrey Altman2004-02-011-0/+3
| | | | | | ticket: 2183 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15995 dc483132-0cff-0310-8789-dd5450dbe970
* * Do not perform ticket importing if the initial TGT is not availableJeffrey Altman2004-02-012-2/+48
| | | | | | | | | | | from the MSLSA krb5_ccache. This will be the case if the session key enctype is NULL. (AllowTGTSessionKey regkey = 0) ticket: new target: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15994 dc483132-0cff-0310-8789-dd5450dbe970
* * cc_mslsa.c: optimize the get_next logic by storing a handle to theJeffrey Altman2004-02-012-18/+30
| | | | | | | | | | MS TGT in the lcc_cursor data structure ticket:new tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15993 dc483132-0cff-0310-8789-dd5450dbe970
* * gss-misc.c: Include sys/time.h or time.h, to get struct timeval declarationKen Raeburn2004-01-312-14/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15992 dc483132-0cff-0310-8789-dd5450dbe970
* Do not export tickets from the LSA if they contain NULL session keys.Jeffrey Altman2004-01-312-6/+19
| | | | | | | | | | This is primarily to prevent unusable TGTs from being imported into the MIT Credential Cache ticket: 2153 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15991 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-01-30 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-01-312-20/+98
| | | | | | | | | | | | | | | | | | | | * cc_mslsa.c: As per extensive conversations with Doug Engert we have concluded that MS is not specifying a complete set of domain information when it comes to service tickets other than the initial TGT. What happens is the client principal domain cannot be derived from the fields they export. Code has now been added to obtain the domain from the initial TGT and use that when constructing the client principals for all tickets. This behavior can be turned off by setting a registry either on a per-user or a system-wide basis: {HKCU,HKLM}\Software\MIT\Kerberos5 PreserveInitialTicketIdentity = 0x0 (DWORD) ticket: 2139 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15990 dc483132-0cff-0310-8789-dd5450dbe970
* Add support for Addressless Ticket Checkbox. Applied patch from Doug EngertJeffrey Altman2004-01-317-4/+29
| | | | | | | | ticket: 982 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15989 dc483132-0cff-0310-8789-dd5450dbe970
* 2004-01-30 Jeffrey Altman <jaltman@mit.edu>Jeffrey Altman2004-01-312-2/+42
| | | | | | | | | | Update the README file to include details on the new Windows registry key necessary to access the TGT session key when importing from MSLSA. Also, include compatibility details regarding the gss sample client and the Microsoft Platform SDK distributed versions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15988 dc483132-0cff-0310-8789-dd5450dbe970
* A near complete re-write of the gss sample client on windows. Supports theJeffrey Altman2004-01-318-386/+1295
| | | | | | | | | | | | | | | | | current protocol implemented in the Unix gss sample applications as well as a new User Interface making this one neat testing tool. There are still many little kinks to get out in a future version. The sliders for the Call Count and the Message Count do not have text strings indicating their current value. They slide from 1 to 20. And the known Mechanism strings should be accessible in the drop down list. A documentation file on how to use the tool would be a good addition. ticket: 2144 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15987 dc483132-0cff-0310-8789-dd5450dbe970
* Address issues discovered while testing updated Windows gss sample client.Jeffrey Altman2004-01-303-145/+161
| | | | | | | | | | | A Missing parameter to a sign_server call in gss-server.c and the need for a select() call in read_all() to prevent blocking indefinitely. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15986 dc483132-0cff-0310-8789-dd5450dbe970
* prof-int.h should include pthread.h when USE_PTHREADS is definedAlexandra Ellwood2004-01-302-0/+11
| | | | | | ticket: 2180 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15985 dc483132-0cff-0310-8789-dd5450dbe970
* Updated for new source files in krb5Alexandra Ellwood2004-01-301-916/+962
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15984 dc483132-0cff-0310-8789-dd5450dbe970
* need more testing support for MSKen Raeburn2004-01-273-3/+43
| | | | | | | | | | | | | | | | | | This should allow use of the CFX_EXERCISE code to better check interoperability of MS and MIT code with regard to future extensibility. * init_sec_context.c (make_gss_checksum) [CFX_EXERCISE]: Don't crash on null pointer in debugging code. (new_connection): Disable CFX_EXERCISE unknown-token-id case detection. * accept_sec_context.c (krb5_gss_accept_sec_context) [CFX_EXERCISE]: Log to /tmp/gsslog whether delegation or extra option bytes were present. ticket: new target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15983 dc483132-0cff-0310-8789-dd5450dbe970
* fix typosJeffrey Altman2004-01-073-5/+5
| | | | | | | ticket: 2106 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15975 dc483132-0cff-0310-8789-dd5450dbe970
* Add stub function implementations to support krb5_cc_remove_cred() whichJeffrey Altman2004-01-066-5/+57
| | | | | | | | | | | would cause a null pointer dereference if called. The new KRB5_CC_NOSUPP error is returned to indicate the lack of implementation. ticket: 2106 target_version: 1.3.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15974 dc483132-0cff-0310-8789-dd5450dbe970
* Only backdate the ticket that is created. The KDC reply must containSam Hartman2004-01-052-5/+10
| | | | | | | | | | | the time from the client's request or the client will fail its clockskew check if the request is backdated too far. Ticket: 2058 Target_Version: 1.3.2 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15965 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-24 06:55:22 +0000