summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Require only autoconf 2.52. Try --include argument to autoconf and autoheader,Ken Raeburn2003-04-256-4/+19
| | | | | | | | | | and if the command fails, try it again with --localdir; don't tie it to some previously used version of autoconf. ticket: 1242 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15370 dc483132-0cff-0310-8789-dd5450dbe970
* * kfree.c (krb5_free_pwd_sequences): Correction to previousEzra Peisach2003-04-242-2/+7
| | | | | | | | fix. Free contents of krb5_data - not just the pointer. ticket: 1439 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15369 dc483132-0cff-0310-8789-dd5450dbe970
* errno should never be explicitly declaredKen Raeburn2003-04-2421-31/+39
| | | | | | | | | | | | Remove explicit declarations of errno; include errno.h as needed. (Also, errmsg in krb4, and malloc in compile_et.) ticket: new target_version: 1.3 tags: pullup status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15368 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate explicit declarations of errno; include errno.h as needed.Ken Raeburn2003-04-242-1/+4
| | | | | | (Also errmsg in krb4, and malloc in compile_et.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15367 dc483132-0cff-0310-8789-dd5450dbe970
* * reconf: Drop support for 2.52 and earlierKen Raeburn2003-04-242-27/+9
| | | | | | | ticket: 1242 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15366 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify autoconf compatibility by requiring that we always have a version thatKen Raeburn2003-04-242-4/+8
| | | | | | | | | | | | | | supports --include, instead of assuming that whether the autoconf to be run supports it is the same as whether the autoconf used to generate the current configure scripts supported it. * aclocal.m4: Require autoconf 2.53. (CONFIG_RULES): Always set AUTOCONFINCFLAGS to --include. ticket: 1242 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15365 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_free_pwd_sequences only frees first elementEzra Peisach2003-04-232-7/+18
| | | | | | | | | | | | | | | | * kfree.c (krb5_free_pwd_sequences): Actually free the entire sequence of passwd_phase_elements and not just the first one. In our tree, this code is only used by krb5_free_pwd_data() which is subsequently not used anywhere else. Perhaps all code pertaining to pwd data (asn.1 decoders, encoders, etc. should be removed) ticket: new component: krb5-libs target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15364 dc483132-0cff-0310-8789-dd5450dbe970
* * alt_prof.c (kadm5_get_config_params): Add aes256 to the default supportedKen Raeburn2003-04-192-1/+6
| | | | | | | | | enctypes list. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15362 dc483132-0cff-0310-8789-dd5450dbe970
* Test AES. ** Not all tests pass at present. **Ken Raeburn2003-04-182-15/+57
| | | | | | | | | | | | | | * default.exp: Add passes for testing AES. (start_kerberos_daemons): Add a small delay between starting the "tail -f" processes and appending the markers to their files. (spawn_xterm): Add RLOGIN, RLOGIND, FTP, and FTPD to the list of variables to export to the environment. Check that variables are defined before exporting them. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15361 dc483132-0cff-0310-8789-dd5450dbe970
* Note to self: Save buffers before checkin, not after. GrrKen Raeburn2003-04-181-1/+5
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15360 dc483132-0cff-0310-8789-dd5450dbe970
* fix typoKen Raeburn2003-04-181-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15359 dc483132-0cff-0310-8789-dd5450dbe970
* * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the front of theKen Raeburn2003-04-182-0/+6
| | | | | | | | | list. No 128-bit support by defaut. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15358 dc483132-0cff-0310-8789-dd5450dbe970
* * dk_encrypt.c (krb5int_aes_dk_encrypt): Set output length properlyKen Raeburn2003-04-182-0/+7
| | | | | | | ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15357 dc483132-0cff-0310-8789-dd5450dbe970
* * g_ad_tkt.c: Added support for login library to get_ad_tkt. Support is ↵Alexandra Ellwood2003-04-142-0/+16
| | | | | | copied from Mac Kerberos4 library and conditionalized for USE_LOGIN_LIBRARY to avoid changing get_ad_tkt's behavior for non-Kerberos Login Library builds git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15352 dc483132-0cff-0310-8789-dd5450dbe970
* Finish implementation of CBC+CTS decryption and truncated HMAC for AES.Ken Raeburn2003-04-139-36/+348
| | | | | | | | | Fix memory management bugs. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15351 dc483132-0cff-0310-8789-dd5450dbe970
* Obscure memory leak in asn1_decode_kdc_req_bodyEzra Peisach2003-04-132-1/+20
| | | | | | | | | | | | * asn1_k_decode.c (asn1_decode_kdc_req_body): Fix memory leak if optional server field is lacking, ticket: new component: krb5-libs target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15350 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid really, really huge cpu time usage caused by iteration count inKen Raeburn2003-04-132-0/+11
| | | | | | | | | | | | | spoofed preauth data. (Merely huge cpu time usage is probably still possible.) * aes_s2k.c (krb5int_aes_string_to_key): Return an error if the supplied iteration count is really, really large. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15349 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in krb5_read_passwordKen Raeburn2003-04-132-6/+8
| | | | | | | | | | | * read_pwd.c (krb5_read_password): Always free temporary storage used for verification version of password. ticket: new target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15348 dc483132-0cff-0310-8789-dd5450dbe970
* build libtelnet with library build frameworkTom Yu2003-04-113-12/+22
| | | | | | | | | | | | | * Makefile.in: Use library build framework. * configure.in: Add support for library build framework. Remove old explicit checks for ranlib, etc. ticket: new target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15341 dc483132-0cff-0310-8789-dd5450dbe970
* back out requirement of autoconf-2.53Tom Yu2003-04-104-1/+15
| | | | | | | | | | | | | Back out requirement of autoconf-2.53, as MacOS X doesn't have it. To compensate, place warning in util/reconf if autoconf-2.52 is discovered. ticket: new status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15339 dc483132-0cff-0310-8789-dd5450dbe970
* Thanks, patch appliedTom Yu2003-04-093-4/+26
| | | | | | | | | | | | | | * kerberos.c (kerberos4_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. * kerberos5.c (kerberos5_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. ticket: 1362 tags: pullup status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15338 dc483132-0cff-0310-8789-dd5450dbe970
* etype info handling infinite loopSam Hartman2003-04-092-2/+9
| | | | | | | | | | | If a request contains no des-cbc-crc enctype bumt des-cbc-crc or des-cbc-md5 existis in the database then an infinite loop is created. Fix etype info handling to avoid this. ticket: new Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15332 dc483132-0cff-0310-8789-dd5450dbe970
* * krshd.c (main): Use LOG_AUTH syslog facility, not LOG_DAEMON, for consistencyKen Raeburn2003-04-082-3/+8
| | | | | | | | | | | with krlogind.c. ticket: 844 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15325 dc483132-0cff-0310-8789-dd5450dbe970
* * fake-addrinfo.h (getaddrinfo) [NUMERIC_SERVICE_BROKEN]: Overwrite the portKen Raeburn2003-04-072-11/+19
| | | | | | | | | | number only if a numeric service port was supplied. ticket: 1392 status: open target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15324 dc483132-0cff-0310-8789-dd5450dbe970
* don't install in-tree libdbTom Yu2003-04-0211-17/+61
| | | | | | | | | | | | | Don't install the in-tree libdb. This requires that libkdb, etc. explicitly pull in the object files of the in-tree libdb if not using the system libdb. ticket: new status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15320 dc483132-0cff-0310-8789-dd5450dbe970
* * fake-addrinfo.h (COPY_FIRST_CANONNAME) [_AIX]: Define.Ken Raeburn2003-04-022-9/+55
| | | | | | | | | | | | | (GET_HOST_BY_NAME) [_AIX]: New version for AIX version of gethostbyname_r. (getaddrinfo) [NUMERIC_SERVICE_BROKEN]: Use "discard" as a dummy service name instead of none at all. Don't check for unsigned value less than zero. (getaddrinfo) [COPY_FIRST_CANONNAME]: Set any ai_canonname fields other than the first one to null. ticket: 1392 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15317 dc483132-0cff-0310-8789-dd5450dbe970
* * unparse.c (krb5_unparse_name_ext): Don't move buffer pointer backwards ifKen Raeburn2003-04-012-1/+5
| | | | | | | | nothing has been put into the buffer yet. ticket: 1397 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15314 dc483132-0cff-0310-8789-dd5450dbe970
* Red Hat's krb5_princ_size fixesKen Raeburn2003-04-0116-15/+73
| | | | | | | | ticket: 1397 status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15312 dc483132-0cff-0310-8789-dd5450dbe970
* If the auth context does not have the DO_TIME flag set and no replaySam Hartman2003-04-012-1/+8
| | | | | | | | | cache is available, do not generate one. ticket: 1400 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15311 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4: Require autoconf-2.53, since 2.52 generatesTom Yu2003-04-012-1/+6
| | | | | | | | | | | configure scripts that NetBSD /bin/sh doesn't like. ticket: 1384 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15310 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (start_kerberos_daemons): If we get a timeoutTom Yu2003-03-282-0/+9
| | | | | | | looking for the mark, log out the last 10 lines of the kdc logfile. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15309 dc483132-0cff-0310-8789-dd5450dbe970
* * kcmd.c (kcmd_connect): Log errors if a connect to port 0 is attempted.Ken Raeburn2003-03-282-3/+35
| | | | | | | Report port number in connection failure. (setup_secondary_channel): Use socklen_t for socket address length. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15307 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc_preauth.c (verify_enc_timestamp): Save decryption error, inTom Yu2003-03-282-1/+20
| | | | | | | | | | | | | case we get NO_MATCHING_KEY later. This allows us to log a more sane error if an incorrect password is used for encrypting the enc-timestamp preauth. ticket: 1324 status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15306 dc483132-0cff-0310-8789-dd5450dbe970
* fix test suite to reflect loss of des3-krb4Tom Yu2003-03-266-86/+42
| | | | | | | | | | | | | | Fix a few things broken by fix for MITKRB5-SA-2003-004, since kiniting to a des3 TGT intentionally no longer works. Remove code to set up kadmind srvtab, as it's not needed anymore. ticket: new status: open target_version: 1.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15303 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2003-003: xdrmem int overflowsTom Yu2003-03-242-6/+21
| | | | | | | | | | | | | * xdr_mem.c (xdrmem_create): Perform some additional size checks. (xdrmem_getlong, xdrmem_putlong, xdrmem_getbytes): Check x_handy prior to decrementing it. ticket: new status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15300 dc483132-0cff-0310-8789-dd5450dbe970
* fix kadmind startup failure with krb4 vuln patchTom Yu2003-03-192-8/+15
| | | | | | | | | | | * keytab.c (krb5_ktkdb_get_entry): Do not perform the enctype comparison if the requested enctype is a wildcard. ticket: new status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15295 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Use KRB5_AC_NEED_BIND_8_COMPAT to check for bind 9 and ↵Alexandra Ellwood2003-03-182-0/+9
| | | | | | higher. When bind 9 is present, BIND_8_COMPAT needs to be defined to get bind 8 types git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15290 dc483132-0cff-0310-8789-dd5450dbe970
* * aclocal.m4: Define KRB5_AC_NEED_BIND_8_COMPAT to check for bind 9 and ↵Alexandra Ellwood2003-03-182-0/+26
| | | | | | higher. When bind 9 is present, BIND_8_COMPAT needs to be defined to get bind 8 types git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15289 dc483132-0cff-0310-8789-dd5450dbe970
* Turned on DNS supportAlexandra Ellwood2003-03-181-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15288 dc483132-0cff-0310-8789-dd5450dbe970
* Added configure.in and aclocal.m4 to the PB project so we can edit themAlexandra Ellwood2003-03-181-22/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15287 dc483132-0cff-0310-8789-dd5450dbe970
* Disable krb4 cross-realm in krb524d and krb5kdc. Provide an option toSam Hartman2003-03-179-81/+190
| | | | | | | | | | | | | | | | | | | reenable (-X) which prints a warning that you are creating a security hole. Remove support for generating krb4 tickets encrypted using 3DES service keys as it is insecure. They are still accepted however. The KDc is much more strict about accepting only tickets that it would have issued in the current configuration. In particular if the KDC would choose some enctype for writing a TGT, other enctypes will not be accepted when using a TGT. Ticket: 1385 Target_Version: 1.3 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15286 dc483132-0cff-0310-8789-dd5450dbe970
* Do not claim GSS_C_PROT_READY_FLAG since we don't support itSam Hartman2003-03-144-1/+14
| | | | | | | | | | | | | Our code does not currently support GSS_C_PROT_READY_FLAG so only return that flag after context establishment. A potential future addition is to support that flag and return GAP_TOKEN if the initiator processes a message token before the final context token. Ticket: 1352 Tags: pullup Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15280 dc483132-0cff-0310-8789-dd5450dbe970
* * default.exp (setup_root_shell): If we get connection refused messages,Ken Raeburn2003-03-142-1/+16
| | | | | | | followed by no unrecognized errors and then eof, report it as an unsupported test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15279 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (AWK): Default to awk, not gawk. User can overrideTom Yu2003-03-132-1/+7
| | | | | | | | | | on make's command line if necessary. Still, only really useful for building kerbsrc.zip, etc. ticket: 1342 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15277 dc483132-0cff-0310-8789-dd5450dbe970
* Fix unaligned access found in alpha-linux testing:Ken Raeburn2003-03-122-2/+7
| | | | | | | * cnv_tkt_skey.c (krb524_convert_tkt_skey): Extract source IP address in its proper size, not as 'long'. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15275 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite asn1_get_tag interface to use a structure pointer rather than severalKen Raeburn2003-03-127-203/+246
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pointer variables for the returned data. Use the structure in the caller when straightforward; in cases where macros use different but overlapping sets of automatic scalar variables in one file, copy the values out of the structures for now, until they can be analyzed more carefully. * asn1_get.c (asn1_get_tag): Deleted. (asn1_get_tag_2): Renamed from asn1_get_tag_indef, now uses a pointer to taginfo rather than a bunch of pointer args. (asn1_get_id, asn1_get_length): Folded into asn1_get_tag_2. (asn1_get_sequence): Call asn1_get_tag_2. * asn1_get.h (taginfo): New structure. (asn1_get_tag_indef, asn1_get_tag, asn1_get_id, asn1_get_length): Declarations deleted. (asn1_get_tag_2): Declare. * asn1_decode.c (setup): Declare only a taginfo variable. (asn1class, construction, tagnum, length): New macros. (tag): Call asn1_get_tag_2. * asn1_k_decode.c (next_tag, get_eoc, apptag, end_sequence_of, end_sequence_of_no_tagvars, asn1_decode_krb5_flags): Call asn1_get_tag_2; if no error, copy out values into scalar variables. (asn1_decode_ticket): Call asn1_get_tag_2. * asn1buf.c (asn1buf_skiptail): Call asn1_get_tag_2. * krb5_decode.c (check_apptag, next_tag, get_eoc): Call asn1_get_tag_2; if no error, copy out values into scalar variables. (decode_krb5_enc_kdc_rep_part): Call asn1_get_tag_2. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15274 dc483132-0cff-0310-8789-dd5450dbe970
* Oops. Forgot the leading underscoreAlexandra Ellwood2003-03-101-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15272 dc483132-0cff-0310-8789-dd5450dbe970
* * t_kerb.c: Only include krb.h if krb4 support compiled in,Ezra Peisach2003-03-092-0/+12
| | | | | | otherwise define ANAME_SZ, INST_SZ and REALM_SZ. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15271 dc483132-0cff-0310-8789-dd5450dbe970
* Yet another attempt at cross-directory dependencies. Seems to fix the parallelKen Raeburn2003-03-082-8/+46
| | | | | | | | | | | build, and hasn't broken the out-of-date case so far as I can tell, so far... Added a bunch of comments describing the cases that need to be handled. * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h, generic/gssapi.h, generic/gssapi_err_generic.h, krb5/gssapi_err_krb5.h): Comment out old rules and dependencies; depend on all-recurse and supply a no-op rule. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15270 dc483132-0cff-0310-8789-dd5450dbe970
* Added krb5_principal2saltAlexandra Ellwood2003-03-071-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15269 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-25 11:47:48 +0000