- Kerberos Version 5, Release 1.3.5
+ Kerberos Version 5, Release 1.4
Release Notes
The MIT Kerberos Team
Unpacking the Source Distribution
---------------------------------
-The source distribution of Kerberos 5 comes in a gzipped tarfile,
-krb5-1.3.5.tar.gz. Instructions on how to extract the entire
-distribution follow.
+The source distribution of Kerberos 5 comes in a tarfile,
+krb5-1.4-signed.tar. The tarfile contains a gzipped tarfile,
+krb5-1.4.tar.gz, and its corresponding PGP signature,
+krb5-1.4.tar.gz.asc.
-If you have the GNU tar program and gzip installed, you can simply do:
+You will need the GNU gzip program, and preferably, the GNU tar
+program, to extract the source distribution.
- gtar zxpf krb5-1.3.5.tar.gz
-
-If you don't have GNU tar, you will need to get the FSF gzip
-distribution and use gzcat:
-
- gzcat krb5-1.3.5.tar.gz | tar xpf -
-
-Both of these methods will extract the sources into krb5-1.3.5/src and
-the documentation into krb5-1.3.5/doc.
+The distribution will extract into a subdirectory "krb5-1.4" of the
+current directory.
Building and Installing Kerberos 5
----------------------------------
and logging in as "guest" with password "guest".
-Major changes in 1.3.5
-----------------------
-
-* [2682] Fix ftpd hang caused by empty PASS command.
-
-* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]
-
-* [2687] Fix denial-of-service vulnerability in ASN.1
- decoder. [MITKRB5-SA-2004-003]
-
-Minor changes in 1.3.5
-----------------------
-
-* [2016] Fix build problem in fake-addrinfo.h by including stdio.h so
- that sprintf() gets prototyped where needed on some platforms.
-
-* [2353] Add missing prototype for gss_krb5int_unseal_token_v3().
-
-* [2607] Fix enctype filtering and some memory leaks in MSLSA ccache.
-
-* [2608] Remove incorrect localization in MSLSA ccache which was
- resulting in crashes.
-
-* [2619] Update MSLSA ccache to support new LSA flag.
-
-* [2623] Update MSLSA ccache to reflect differences in registry layout
- between Windows client and server OSes.
-
-* [2624] Do not ignore the cache when obtaining TGTs from the MSLSA if
- the requested enctype is the NULL enctype.
-
-* [2626] Add Terminal Server compatibility for KfW.
-
-* [2627] Fix cc_mslsa thread safety.
-
-* [2634] Remove the caching of the ccache principal name from
- krb5_context.
-
-* [2643] Fix another problem with krb4 ticket backdating.
-
-* [2675] Add new WiX-based MSI installer for KfW.
-
-* [2677] Add "-c ccache" option to kvno; use consistent memory
- management to avoid crashes on Windows.
-
-* [2689] Misc MSLSA ccache fixes.
-
-* [2691] Improve documentation of ANSI C requirement.
-
-Major changes in 1.3.4
-----------------------
-
-* [2024, 2583, 2584] Fixed buffer overflows in
- krb5_aname_to_localname(). [MITKRB-SA-2004-001]
-
-Minor changes in 1.3.4
-----------------------
-
-* [957] The auth_to_local rules now allow for the client realm to be
- examined.
-
-* [2527, 2528, 2531] Keytab file names lacking a "FILE:" prefix now work
- under Windows.
-
-* [2533] Updated installer scripts for Windows.
-
-* [2534] Fixed memory leak for when an incorrect password is input to
- krb5_get_init_creds_password().
-
-* [2535] Added missing newline to dnssrv.c.
-
-* [2551, 2564] Use compile-time checks to determine endianness.
-
-* [2558] krb5_send_tgs() now correctly sets message_type after
- receiving a KRB_ERROR message.
-
-* [2561, 2574] Fixed memory allocation errors in the MSLSA ccache.
-
-* [2562] The Windows installer works around cases where DLLs cannot be
- unloaded.
-
-* [2585] Documentation correctly describes AES support in GSSAPI.
-
-Major changes in 1.3.3
-----------------------
-
-* [2284] Fixed accept_sec_context to use a replay cache in the
- GSS_C_NO_CREDENTIAL case. Reported by Cesar Garcia.
-
-* [2426] Fixed a spurious SIGPIPE that happened in the TCP sendto_kdc
- code on AIX. Thanks to Bill Dodd.
-
-* [2430] Fixed a crash in the MSLSA ccache.
-
-* [2453] The AES string-to-key function no longer returns a pointer to
- stack memory when given a password longer than 64 characters.
-
-Minor changes in 1.3.3
-----------------------
-
-* [2277] In sendto_kdc, a socket leak on connection failure was fixed.
- Thanks to Bill Dodd.
-
-* [2384] A memory leak in the TCP handling code in the KDC has been
- fixed. Thanks to Will Fiveash.
-
-* [2521] The Windows NSIS installer scripts are in the source tree.
-
-* [2522] The MSLSA ccache now supports Windows 9x.
-
-Major changes in 1.3.2
-----------------------
-
-* [2040, 1471, 2067, 2077, 2079, 2166, 2167, 2220, 2266] Support for
- AES in GSSAPI has been implemented. This corresponds to the
- in-progress work in the IETF (CFX).
-
-* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190, 2202] Added a new
- ccache type "MSLSA:" for read-only access to the MS Windows LSA
- cache.
-
-* [982] On windows, krb5.exe now has a checkbox to request addressless
- tickets.
-
-* [2189, 2234] To avoid compatibility problems, unrecognized TGS
- options will now be ignored. Thanks to Wyllys Ingersoll for finding
- a problem with a previous fix.
-
-* [2218] 128-bit AES has been added to the default enctypes.
-
-* [2223, 2229] AES cryptosystem now chains IVs. This WILL break
- backwards compatibility for the kcmd applications, if they are using
- AES session keys. Thanks to Wyllys Ingersoll for finding a problem
- with a previous fix.
-
-Minor changes in 1.3.2
-----------------------
-
-* [1437] Applied patch from Stephen Grau so kinit returns non-zero
- status under certain failure conditions where it had previously
- returned zero.
-
-* [1586] On Windows, the krb4 CREDENTIALS structure has been changed
- to align with KfW's version of the structure.
-
-* [1613] Applied patch from Dave Shrimpton to avoid truncation of
- dates output from the kadmin CLI when long time zone names are
- used.
-
-* [1622] krshd no longer calls syslog from inside a signal handler, in
- an effort to avoid deadlocks on exit.
-
-* [1649] A com_err test program compiles properly on Darwin now.
-
-* [1692] A new configuration file tag "master_kdc" has been added to
- allow master KDCs to be designated separately from admin servers.
-
-* [1702] krb5_get_host_realm() and krb5_free_host_realm() are no
- longer marked as KRB5_PRIVATE.
-
-* [1711] Applied patch from Harry McGavran Jr to allow fake-addrinfo.h
- to compile on libc5 Linux platforms.
-
-* [1712] Applied patch from Cesar Garcia to fix lifetime computation
- in krb524 ticket conversion.
-
-* [1714] Fixed a 64-bit endianness bug in ticket starttime encoding in
- krb524d. Found by Cesar Garcia.
-
-* [1715] kadmind4 and v5passwdd are no longer installed on Mac OS X.
+Major changes in 1.4
+--------------------
-* [1718] The krb4 library configure script now recognizes
- OpenDarwin/x86. Bug found by Rob Braun.
+* [841] Merged Athena telnetd changes for creating a new option for
+ requiring encryption.
-* [1721] krb5_get_init_creds_password() no longer returns a spurious
- KRB5_REALM_UNKNOWN if DNS SRV record support is turned off.
+* [1349, 2578, 2601, 2606, 2613, 2743, 2775, 2778] Add implementation
+ of the RPCSEC_GSS authentication flavor to the RPC library. Thanks
+ to Kevin Coffman and the CITI group at the University of Michigan.
-* [1730] krb_mk_auth() no longer overzealously clears the key
- schedule.
+* [2061] The kadmind4 backwards-compatibility admin server and the
+ v5passwdd backwards-compatibility password-changing server have been
+ removed.
-* [1731] A double-free related to reading forwarded credentials has
- been fixed. Found by Joseph Galbraith.
+* [1303(inprogress), 2740, 2755, 2781, 2782] Thread safety for krb5
+ libraries.
-* [1770] Applied patch from Maurice Massar to fix a foreachaddr()
- problem that was causing the KDC to segfault on startup.
+* [2410] Yarrow code now uses AES.
-* [1790] The Linux build uses $(CC) to create shared libraries,
- avoiding a libgcc problem when building libdb.
+* [2678] New client commands kcpytkt and kdeltkt for Windows.
-* [1792] The lib/kadm5 unit tests now work around a Solaris 9
- pty-close bug.
+* [2688] New command mit2ms on Windows.
-* [1793] The test suite works around some Tru64 and Irix RPATH
- issues, which previously could prevent tests from running on a build
- with shared libraries enabled.
+* [2762] Merged Athena changes to allow ftpd to require encrypted
+ passwords.
-* [1799] kadmind supports callouts to the Apple password server.
+* [2587] Incorporate gss_krb5_set_allowable_enctypes() and
+ gss_krb5_export_lucid_sec_context(), which are needed for NFSv4,
+ from Kevin Coffman.
-* [1893] KRB-SAFE messages from older releases can now be read
- successfully. Prior 1.3.x releases did not save the encoded
- KRB-SAFE message, and experienced problems when re-encoding. Found
- by Scooter Morris.
+Minor changes in 1.4
+--------------------
-* [1962] MS LSA tickets with short remaining lifetimes will be
- rejected in favor of retrieving tickets bypassing the LSA cache.
+Please see
-* [1973] sendto_kdc.c now closes sockets with closesocket() instead of
- close(), avoiding a descriptor leak on Windows.
+http://krbdev.mit.edu/rt/NoAuth/krb5-1.4/fixed-1.4.html
-* [1979] An erroneously short initial sequence number mask has been
- fixed.
+for a complete list.
-* [2028] KfW now displays a kinit dialog when GSS fails to find
- tickets.
+* [249] Install example config files.
-* [2051] Missing exports have been added to krb4_32.def on Windows.
+* [427] PATH environment variable won't be overwritten by login.krb5
+ if already set.
-* [2058] Some problems with krb4 ticket lifetime backdating have
- fixed.
+* [696] Sample KDC propagation script fixed.
-* [2060] GSSAPI's idea of the default ccache is less sticky now.
+* [868] Fixed search for res_search() and friends.
-* [2068] The profile library includes prof-int.h before conditionals
- that rely on it.
+* [927] Compilation on Tru64 now detects GNU linker and chooses
+ whether to use -oldstyle_liblookup accordingly.
-* [2084] The resolver library is no longer referenced by library code
- if not building with DNS SRV record support.
+* [1044] port-sockets.h explicitly declares h_errno if the declaration
+ is missing.
-* [2085] Updated Windows README file to reflect current compilation
- requirements, etc.
+* [1210] KDC cleans up some per-listener state upon process
+ termination to avoid spurious memory leak indications.
-* [2104] On Windows, only define strcasecmp and strncasecmp
- replacement macros if said functions are missing.
+* [1335] The server side of the Horowitz password-change protocol now
+ checks for minimum password life.
-* [2106] Return an error for unimplemented ccache functions, rather
- than calling through a null pointer.
+* [1345, 2730, 2757] patchlevel.h is now the master version file.
-* [2118] Applied patch from Will Fiveash to use correct parameter for
- KDC TCP listening sockets.
+* [1364] GNU sed is no longer required to make depend on Irix.
-* [2144,2230] Memory management errors in the Windows gss.exe test
- client have been fixed.
+* [1497] A memory leak in the krb5 context serializer has been fixed.
-* [2171] krb5_locate_kpasswd() now correctly calls htons() on the
- kpasswd port number. Found by Arlene Berry.
+* [1570] Some team procedures now documented.
-* [2180] The profile library now includes pthread.h when compiled with
- USE_PTHREADS.
+* [1588] Automatic rebuilding of configure scripts, etc. are only done
+ if --enable-maintainer-mode is passed to configure.
-* [2181, 2224] A timeout has been added to gss-server, and a missing
- parameter to sign_server() has been added.
+* [1623] Memory management in the ftp client has been cleaned up.
-* [2196] config.{guess,sub} have been updated from autoconf-2.59.
+* [1724] DNS SRV record lookup support is unconditionally built on
+ Unix.
-* [2204] Windows gss.exe now has support for specifying credentials
- cache, as well as some minor bugfixes.
+* [1791] Replacement for daemon() is compiled separately each time it
+ is needed, rather than ending up in the krb5 library.
-* [2210] GSSAPI accept_sec_context() no longer unconditionally sets
- INTEG and CONF flags in contradiction to what the initiator sent.
+* [1806] Default to building shared libraries on most platforms that
+ support them.
-* [2212] The GSS sample application has some additional options to
- support testing of SSPI vs GSSAPI.
+* [1847] Fixed daemon() replacement to build on Tru64.
-* [2217] Windows gss.exe has new UI elements to support more flag
- settings.
-
-* [2225] In the gss sample client, some extraneous parameters have
- been removed from client_establish_context().
-
-* [2228] Copyright notices updated in GSS sample apps.
-
-* [2233] On Windows compiles with KRB5_KFW_COMPILE, the lib path for
- krbcc32.lib is now correct.
-
-* [2195, 2236, 2241, 2245] The Solaris 9 pty-close bug, which was
- affecting the test suite, has been worked around by hacking
- scheduler priorities. See the installation notes for details.
- Thanks to Bill Sommerfeld for some useful hints.
-
-* [2258] An incorrect memcpy() statement in fakeka has been fixed.
- Reported by David Thompson.
-
-Notes, Major Changes, and Known Bugs for 1.3.1
-----------------------------------------------
-
-* [1681] The incorrect encoding of the ETYPE-INFO2 preauthentication
- hint is no longer emitted, and the both the incorrect and the
- correct encodings of ETYPE-INFO2 are now accepted. We STRONGLY
- encourage deploying krb5-1.3.1 in preference to 1.3, especially on
- client installations, as the 1.3 release did not conform to the
- internet-draft for the revised Kerberos protocol in its encoding of
- ETYPE-INFO2.
-
-* [1683] The non-caching getaddrinfo() API on Mac OS X, which was
- causing significant slowdowns under some circumstances, has been
- worked around.
-
-Minor changes in 1.3.1
-----------------------
-
-* [1015] gss_accept_sec_context() now passes correct arguments to
- TREAD_STR() when reading options beyond the forwarded credential
- option. Thanks to Emily Ratliff.
-
-* [1365] The GSSAPI initiator credentials are no longer cached inside
- the GSSAPI library.
-
-* [1651] A buffer overflow in krb_get_admhst() has been fixed.
-
-* [1655] krb5_get_permitted_enctypes() and krb5_set_real_time() are
- now exported for use by Samba.
-
-* [1656] gss_init_sec_context() no longer leaks credentials under some
- error conditions.
-
-* [1657] krb_get_lrealm() no longer returns "ATHENA.MIT.EDU"
- inappropriately.
-
-* [1664] The crypto library no longer has bogus dependencies on
- com_err.
-
-* [1665] krb5_init_context() no longer multiply registers error tables
- when called more than once, preventing a memory leak.
-
-* [1666] The GSS_C_NT_* symbols are now exported from gssapi32.dll on
- Windows.
-
-* [1667] ms2mit now imports any tickets with supported enctypes, and
- does not import invalid tickets.
-
-* [1677] krb5_gss_register_acceptor_identity() no longer has an
- off-by-one in its memory allocation.
-
-* [1679] krb5_principal2salt is now exported on all platforms.
-
-* [1684] The file credentials cache is now supported if USE_CCAPI is
- defined, i.e., for KfM and KfW.
-
-* [1691] Documentation for the obsolete kdc_supported_enctypes config
- variable has been removed.
-
-Notes, Major Changes, and Known Bugs for 1.3
---------------------------------------------
-
-* We now install the compile_et program, so other packages can use the
- installed com_err library with their own error tables. (If you use
- our com_err code, that is; see below.)
-
-* The header files we install now assume ANSI/ISO C ('89, not '99).
- We have stopped testing on SunOS 4, even with gcc. Some of our code
- now has C89-based assumptions, like free(NULL) being well defined,
- that will probably frustrate any attempts to run this code under SunOS
- 4 or other pre-C89 systems.
-
-* Some new code, bug fixes, and cleanup for IPv6 support. Most of the
- code should support IPv6 transparently now. The RPC code (and
- therefore the admin system, which is based on it) does not yet
- support IPv6. The support for Kerberos 4 may work with IPv6 in very
- limited ways, if the address checking is turned off. The FTP client
- and server do not have support for the new protocol messages needed
- for IPv6 support (RFC 2428).
-
-* We have upgraded to autoconf 2.52 (or later), and the syntax for
- specifying certain configuration options have changed. For example,
- autoconf 2.52 configure scripts let you specify command-line options
- like "configure CC=/some/path/foo-cc", so we have removed some of
- our old options like --with-cc in favor of this approach.
-
-* The client libraries can now use TCP to connect to the KDC. This
- may be necessary when talking to Microsoft KDCs (domain controllers),
- if they issue you tickets with lots of PAC data.
-
-* If you have versions of the com_err or ss installed locally, you can
- use the --with-system-et and --with-system-ss configure options to
- use them rather than using the versions supplied here. Note that
- the interfaces are assumed to be similar to those we supply; in
- particular, some older, divergent versions of the com_err library
- may not work with the krb5 sources. Many configure-time variables
- can be used to help the compiler and linker find the installed
- packages; see the build documentation for details.
-
-* The AES cryptosystem has been implemented. However, support in the
- Kerberos GSSAPI mechanism has not been written (or even fully
- specified), so it's not fully enabled. See the documentation for
- details.
-
-Major changes listed by ticket ID
----------------------------------
-
-* [492] PRNG breakage on 64-bit platforms no longer an issue due to
- new PRNG implementation.
-
-* [523] Client library is now compatible with the RC4-based
- cryptosystem used by Windows 2000.
-
-* [709] krb4 long lifetime support has been implemented.
-
-* [880] krb5_gss_register_acceptor_identity() implemented (is called
- gsskrb5_register_acceptor_identity() by Heimdal).
-
-* [1087] ftpd no longer requires channel bindings, allowing easier use
- of ftp from behind a NAT.
-
-* [1156, 1209] It is now possible to use the system com_err to build
- this release.
-
-* [1174] TCP support added to client library.
-
-* [1175] TCP support added to the KDC, but is disabled by default.
-
-* [1176] autoconf-2.5x is now required by the build system.
-
-* [1184] It is now possible to use the system Berkeley/Sleepycat DB
- library to build this release.
-
-* [1189, 1251] The KfM krb4 library source base has been merged.
-
-* [1190] The default KDC master key type is now triple-DES. KDCs
- being updated may need their config files updated if they are not
- already specifying the master key type.
-
-* [1190] The default ticket lifetime and default maximum renewable
- ticket lifetime have been extended to one day and one week,
- respectively.
-
-* [1191] A new script, k5srvutil, may be used to manipulate keytabs in
- ways similar to the krb4 ksrvutil utility.
-
-* [1281] The "fakeka" program, which emulates the AFS kaserver, has
- been integrated. Thanks to Ken Hornstein.
-
-* [1343] The KDC now defaults to not answering krb4 requests.
-
-* [1344] Addressless tickets are requested by default now.
-
-* [1372] There is no longer a need to create a special keytab for
- kadmind. The legacy administration daemons "kadmind4" and
- "v5passwdd" will still require a keytab, though.
-
-* [1377, 1442, 1443] The Microsoft set-password protocol has been
- implemented. Thanks to Paul Nelson.
-
-* [1385, 1395, 1410] The krb4 protocol vulnerabilities
- [MITKRB5-SA-2003-004] have been worked around. Note that this will
- disable krb4 cross-realm functionality, as well as krb4 triple-DES
- functionality. Please see doc/krb4-xrealm.txt for details of the
- patch.
-
-* [1393] The xdrmem integer overflows [MITKRB5-SA-2003-003] have
- been fixed.
-
-* [1397] The krb5_principal buffer bounds problems
- [MITKRB5-SA-2003-005] have been fixed. Thanks to Nalin Dahyabhai.
-
-* [1415] Subsession key negotiation has been fixed to allow for
- server-selected subsession keys in the future.
-
-* [1418, 1429, 1446, 1484, 1486, 1487, 1535, 1621] The AES
- cryptosystem has been implemented. It is not usable for GSSAPI,
- though.
-
-* [1491] The client-side functionality of the krb524 library has been
- moved into the krb5 library.
-
-* [1550] SRV record support exists for Kerberos v4.
-
-* [1551] The heuristic for locating the Kerberos v4 KDC by prepending
- "kerberos." to the realm name if no config file or DNS information
- is available has been removed.
-
-* [1568, 1067] A krb524 stub library is built on Windows.
-
-Minor changes listed by ticket ID
----------------------------------
+* [1850] Fixed some 0 vs NULL issues.
-* [90] default_principal_flags documented.
+* [2066] AES-only configuration now tested in test suite.
-* [175] Docs refer to appropriate example domains/IPs now.
+* [2219] Fixed memory leak in KDC preauth handling.
-* [299] kadmin no longer complains about missing kdc.conf parameters
- when it really means krb5.conf parameters.
+* [2256] Use $(CC) rather than ld to build shared libs on Tru64 and
+ Irix.
-* [318] Run-time load path for tcl is set now when linking test
- programs.
+* [2276] Support for the non-standard enctype
+ ENCTYPE_LOCAL_DES3_HMAC_SHA1 has been removed.
-* [443] --includedir honored now.
+* [2285] Test suite checks TCP access to KDC.
-* [479] unused argument in try_krb4() in login.c deleted.
+* [2295] Minor stylistic cleanup in gss-client.
-* [590] The des_read_pw_string() function in libdes425 has been
- aligned with the original krb4 and CNS APIs.
+* [2296, 2370, 2424] krb5_get_init_creds() APIs avoid multiple queries
+ to master KDC.
-* [608] login.krb5 handles SIGHUP more sanely now and thus avoids
- getting the session into a weird state w.r.t. job control.
+* [2379] Remove _XOPEN_EXTENDED hack previously used for HP-UX.
-* [620] krb4 encrypted rcp should work a little better now. Thanks to
- Greg Hudson.
+* [2432] Only sanity-check setutent() API if utmpx.h is not present,
+ as this was preventing recent NetBSD from configuring.
-* [647] libtelnet/kerberos5.c no longer uses internal include files.
+* [2525] kvno.exe installed on Windows.
-* [673] Weird echoing of admin password in kadmin client worked around
- by not using buffered stdio calls to read passwords.
+* [2529] Fix some internal type inconsistencies in gssapi library.
-* [677] The build system has been reworked to allow the user to set
- CFLAGS, LDFLAGS, CPPFLAGS, etc. reasonably.
+* [2530] Fix KRB5_CALLCONV usage in krb5_cc_resolve().
-* [680] Related to [673], rewrite krb5_prompter_posix() to no longer
- use longjmp(), thus avoiding some bugs relating to non-restoration
- of terminal settings.
+* [2537] Apply fix from John Hascall to make krb5_get_in_tkt()
+ emulation actually honor the lifetimes in the input credentials.
-* [697] login.krb5 no longer zeroes out the terminal window size.
+* [2539] Create manpage for krb524d.
-* [710] decomp_ticket() in libkrb4 now looks up the local realm name
- more correctly. Thanks to Booker Bense.
+* [2573] The rcache code no longer attempts to close a negative file
+ descriptor from a failed open.
-* [771] .rconf files are excluded from the release now.
+* [2591] The gssapi library now requires that the initiator's channel
+ bindings match those provided by the acceptor, if the acceptor
+ provides them at all.
-* [772] LOG_AUTHPRIV syslog facility is now usable for logging on
- systems that support it.
+* [2592] Fix some HP-UX 11 compilation issues.
-* [844] krshd now syslogs using the LOG_AUTH facility.
+* [2598] Fix some HP-UX 11 foreachaddr() issues.
-* [850] Berekely DB build is better integrated into the krb5 library
- build process.
+* [2600] gss_accept_sec_context() no longer leaks rcaches.
-* [866] lib/krb5/os/localaddr.c and kdc/network.c use a common source
- for local address enumeration now.
+* [2603] Clean up some issues relating to use of reserved namespace in
+ k5-platform.h.
-* [882] gss-client now correctly deletes the context on error.
+* [2614] Rewrite handling of whitespace in profile library to better
+ handle whitespace around tag names.
-* [919] kdc/network.c problems relating to SIOCGIFCONF have been
- fixed.
+* [2629] Fix double-negation of a preprocessor test in osconf.h.
-* [922] An overflow in the string-to-time conversion routines has been
- fixed.
+* [2637] krb5int_zap_data() uses SecureZeroMemory on Windows instead
+ of memset().
-* [933] krb524d now handles single-DES session keys other than of type
- des-cbc-crc.
+* [2654] krb5_get_init_creds() checks for overflow/underflow on 32-bit
+ timestamps.
-* [935] des-cbc-md4 now included in default enctypes.
+* [2655] krb5_get_init_creds() no longer issues requests where the
+ renew_until time precedes the expiration time.
-* [939] A minor grammatical error has been fixed in a telnet client
- error message.
+* [2656] krb5_get_init_creds() supports ticket_lifetime libdefault.
-* [953] des3 no longer failing on Windows due to SHA1 implementation
- problems.
+* [2657] Default ccache name is evaluated more lazily.
-* [964] kdb_init_hist() no longer fails if master_key_enctype is not
- in supported_enctypes.
+* [2674] libkadm5 acl_init() API renamed to avoid conflict with MacOS
+ X acl API.
-* [970] A minor inconsistency in ccache.tex has been fixed.
+* [2684, 2710, 2728] Use BIND 8 parsing API when available.
-* [971] option parsing bugs rendered irrelevant by removal of unused
- gss mechanism.
+* [2685] The profile library iterators no longer get confused when
+ modifications are made to the in-memory profile.
-* [976] make install mentioned in build documentation.
+* [2694] The krb5-config script now has a manpage.
-* [986] Related to [677], problems with the ordering of LDFLAGS
- initialization rendered irrelevant by use of native autoconf
- idioms.
+* [2704] New ccache API flag to request only information, not actual
+ credentials.
-* [992] Related to [677], quirks with --with-cc no longer relevant as
- AC_PROG_CC is used instead now.
+* [2705] Support for upcoming read/write MSLSA ccache.
-* [999] The kdc_default_options configuration variable is now honored.
- Thanks to Emily Ratliff.
+* [2706] resolv.h is included when searching for res_search() and
+ friends, to account for symbol renaming.
-* [1006] Client library, as well as KDC, now perform reasonable
- sorting of ETYPE-INFO preauthentication data.
+* [2715] The install-strip make target no longer attempts to strip
+ scripts.
-* [1055] NULL pointer dereferences in code calling
- krb5_change_password() have been fixed.
+* [2718] Fix memory leak in arcfour string_to_key. Reported by
+ Derrick Schommer.
-* [1063] Initial credentials acquisition failures related to client
- host having a large number of local network interfaces should be
- fixed now.
+* [2719] Fix memory leak in rd_cred.c. Reported by Derrick Schommer.
-* [1064] Incorrect option parsing in the gssapi library is no longer
- relevant due to removal of the "v2" mechanism.
+* [2725] Fix memory leak in mk_req_extended(). Reported by Derrick
+ Schommer.
-* [1065, 1225] krb5_get_init_creds_password() should properly warn about
- password expiration.
+* [2729] Add some new version strings for Windows.
-* [1066] printf() argument mismatches in rpc unit tests fixed.
+* [2734] The ticket_lifetime libdefault now uses units of seconds by
+ default, if no units are provided.
-* [1085] The krb5.conf manpage has been re-synchronized with other
- documentation.
+* [2741] The profile library's error tables aren't loaded on MacOS X.
-* [1102] gssapi_generic.h should now work with C++.
+* [2750] Calls to the profile library which set values no longer fail
+ if the file is not writable.
-* [1135] The kadm5 ACL system is better documented.
+* [2751] The profile library has a new API to detect whether the
+ default profile is writable.
-* [1136] Some documentation for the setup of cross-realm
- authentication has been added.
+* [2753] An initial C implementation of CCAPI has been done.
-* [1164] krb5_auth_con_gen_addrs() now properly returns errno instead
- of -1 if getpeername() fails.
+* [2754] fake-addrinfo.h includes errno.h earlier.
-* [1173] Address-less forwardable tickets will remain address-less
- when forwarded.
+* [2756] The profile library calls stat() less frequently on files.
-* [1178, 1228, 1244, 1246, 1249] Test suite has been stabilized
- somewhat.
+* [2760, 2780] The keytab implementation checks for cases where
+ fopen() can return NULL without setting errno. Reported by Roland
+ Dowdeswell.
-* [1188] As part of the modernization of our usage of autoconf,
- AC_CONFIG_FILES is now used instead of passing a list of files to
- AC_OUTPUT.
+* [2770] com_err now creates valid prototypes for generated files.
+ Reported by Jeremy Allison.
-* [1194] configure will no longer recurse out of the top of the source
- tree when attempting to locate the top of the source tree.
+* [2772, 2797] The krb4 library now honors the dns_fallback libdefault
+ setting.
-* [1192] Documentation for the krb5 afs functionality of krb524d has
- been written.
+* [2776, 2779] Solaris patches exist for the pty-close race condition
+ bug. We check for these patches now checked, and don't apply the
+ priocntl hack if they are present.
-* [1195] Example krb5.conf file modified to include all enctypes
- supported by the release.
+* [2783] ftpcmds.y unconditionally defines NBBY to 8.
-* [1202] The KDC no longer rejects unrecognized flags.
+* [2793] locate_kdc.c can compile if KRB5_DNS_LOOKUP isn't defined,
+ though we removed the configure-time option for this.
-* [1203] krb5_get_init_creds_keytab() no longer does a double-free.
-
-* [1211] The ASN.1 code no longer passes (harmless) uninitialized
- values around.
-
-* [1212] libkadm5 now allows for persistent exclusive database locks.
-
-* [1217] krb5_read_password() and des_read_password() are now
- implemented via krb5_prompter_posix().
-
-* [1224] For SAM challenges, omitted optional strings are no longer
- encoded as zero-length strings.
-
-* [1226] Client-side support for SAM hardware-based preauth
- implemented.
-
-* [1229] The keytab search logic no longer fails prematurely if an
- incorrect encryption type is found. Thanks to Wyllys Ingersoll.
-
-* [1232] If the master KDC cannot be resolved, but a slave is
- reachable, the client library now returns the real error from the
- slave rather than the resolution failure from the master. Thanks to
- Ben Cox.
-
-* [1234] Assigned numbers for SAM preauth have been corrected.
- sam-pk-for-sad implementation has been aligned.
-
-* [1237] Profile-sharing optimizations from KfM have been merged.
-
-* [1240] Windows calling conventions for krb5int_c_combine_keys() have
- been aligned.
-
-* [1242] Build system incompatibilities with Debian's chimeric
- autoconf installation have been worked around.
-
-* [1256] Incorrect sizes passed to memset() in combine_keys()
- operations have been corrected.
-
-* [1260] Client credential lookup now gets new service tickets in
- preference to attempting to use expired ticketes. Thanks to Ben
- Cox.
-
-* [1262, 1572] Sequence numbers are now unsigned; negative sequence
- numbers will be accepted for the purposes of backwards
- compatibility.
-
-* [1263] A heuristic for matching the incorrectly encoded sequence
- numbers emitted by Heimdal implementations has been written.
-
-* [1284] kshd accepts connections by IPv6 now.
-
-* [1292] kvno manpage title fixed.
-
-* [1293] Source files no longer explicitly attempt to declare errno.
-
-* [1304] kadmind4 no longer leaves sa_flags uninitialized.
-
-* [1305] Expired tickets now cause KfM to pop up a password dialog.
-
-* [1309] krb5_send_tgs() no longer leaks the storage associated with
- the TGS-REQ.
-
-* [1310] kadm5_get_either() no longer leaks regexp library memory.
-
-* [1311] Output from krb5-config no longer contains spurious uses of
- $(PURE).
-
-* [1324] The KDC no longer logs an inappropriate "no matching key"
- error when an encrypted timestamp preauth password is incorrect.
-
-* [1334] The KDC now returns a clockskew error when the timestamp in
- the encrypted timestamp preauth is out of bounds, rather than just
- returning a preauthentcation failure.
-
-* [1342] gawk is no longer required for building kerbsrc.zip for the
- Windows build.
-
-* [1346] gss_krb5_ccache_name() no longer attempts to return a pointer
- to freed memory.
-
-* [1351] The filename globbing vulnerability [CERT VU#258721] in the
- ftp client's handling of filenames beginning with "|" or "-"
- returned from the "mget" command has been fixed.
-
-* [1352] GSS_C_PROT_READY_FLAG is no longer asserted inappropriately
- during GSSAPI context establishment.
-
-* [1356] krb5_gss_accept_sec_context() no longer attempts to validate
- a null credential if one is passed in.
-
-* [1362] The "-a user" option to telnetd now does the right thing.
- Thanks to Nathan Neulinger.
-
-* [1363] ksu no longer inappropriately syslogs to stderr.
-
-* [1357] krb__get_srvtab_name() no longer leaks memory.
-
-* [1370] GSS_C_NO_CREDENTIAL now accepts any principal in the keytab.
-
-* [1373] Handling of SAM preauth no longer attempts to stuff a size_t
- into an unsigned int.
-
-* [1387] BIND versions later than 8 now supported.
-
-* [1392] The getaddrinfo() wrapper should work better on AIX.
-
-* [1400] If DO_TIME is not set in the auth_context, and no replay
- cache is available, no replay cache will be used.
-
-* [1406, 1108] libdb is no longer installed. If you installed
- krb5-1.3-alpha1, you should ensure that no spurious libdb is left in
- your install tree.
-
-* [1412] ETYPE_INFO handling no longer goes into an infinite loop.
-
-* [1414] libtelnet is now built using the same library build framework
- as the rest of the tree.
-
-* [1417] A minor memory leak in krb5_read_password() has been fixed.
-
-* [1419] A memory leak in asn1_decode_kdc_req_body() has been fixed.
-
-* [1435] inet_ntop() is now emulated when needed.
-
-* [1439] krb5_free_pwd_sequences() now correctly frees the entire
- sequence of elements.
-
-* [1440] errno is no longer explicitly declared.
-
-* [1441] kadmind should now return useful errors if an unrecognized
- version is received in a changepw request.
-
-* [1454, 1480, 1517, 1525] The etype-info2 preauth type is now
- supported.
-
-* [1459] (KfM/KLL internal) config file resolution can now be
- prevented from accessing the user's homedir.
-
-* [1463] Preauth handling in the KDC has been reorganized.
-
-* [1470] Double-free in client-side preauth code fixed.
-
-* [1473] Ticket forwarding when the TGS and the end service have
- different enctypes should work somewhat better now.
-
-* [1474] ASN.1 testsuite memory management has been cleaned up a
- little to allow for memory leak checking.
-
-* [1476] Documentation updated to reflect default krb4 mode.
-
-* [1482] RFC-1964 OIDs now provided using the suggested symbolic
- names.
-
-* [1483, 1528] KRB5_DEPRECATED is now false by default on all
- platforms.
-
-* [1488] The KDC will now return integrity errors if a decryption
- error is responsible for preauthentication failure.
-
-* [1492] The autom4te.cache directories are now deleted from the
- release tarfiles.
-
-* [1501] Writable keytabs are registered by default.
-
-* [1515] The check for cross-realm TGTs no longer reads past the end
- of an array.
-
-* [1518] The kdc_default_options option is now actually honored.
-
-* [1519] The changepw protocol implementation in kadmind now logs
- password changes.
-
-* [1520] Documentation of OS-specific build options has been updated.
-
-* [1536] A missing prototype for krb5_db_iterate_ext() has been
- added.
-
-* [1537] An incorrect path to kdc.conf show in the kdc.conf manpage
- has been fixed.
-
-* [1540] verify_as_reply() will only check the "renew-till" time
- against the "till" time if the RENEWABLE is not set in the request.
-
-* [1547] gssftpd no longer uses vfork(), as this was causing problems
- under RedHat 9.
-
-* [1549] SRV records with a value of "." are now interpreted as a lack
- of support for the protocol.
-
-* [1553] The undocumented (and confusing!) kdc_supported_enctypes
- kdc.conf variable is no longer used.
-
-* [1560] Some spurious double-colons in password prompts have been
- fixed.
-
-* [1571] The test suite tries a little harder to get a root shell.
-
-* [1573] The KfM build process now sets localstatedir=/var/db.
-
-* [1576, 1575] The client library no longer requests RENEWABLE_OK if
- the renew lifetime is greater than the ticket lifetime.
-
-* [1587] A more standard autoconf test to locate the C compiler allows
- for gcc to be found by default without additional configuration
- arguments.
-
-* [1593] Replay cache filenames are now escaped with hyphens, not
- backslashes.
-
-* [1598] MacOS 9 support removed from in-tree com_err.
-
-* [1602] Fixed a memory leak in make_ap_req_v1(). Thanks to Kent Wu.
-
-* [1604] Fixed a memory leak in krb5_gss_init_sec_context(), and an
- uninitialized memory reference in kg_unseal_v1(). Thanks to Kent
- Wu.
-
-* [1607] kerberos-iv SRV records are now documented.
-
-* [1610] Fixed AES credential delegation under GSSAPI.
-
-* [1618] ms2mit no longer inserts local addresses into tickets
- converted from the MS ccache if they began as addressless tickets.
-
-* [1619] etype_info parser (once again) accepts extra field emitted by
- Heimdal.
-
-* [1643] Some typos in kdc.conf.M have been fixed.
-
-* [1648] For consistency, leading spaces before preprocessor
- directives in profile.h have been removed.
-
---[ DELETE BEFORE RELEASE ---changes to unreleased code, etc.--- ]--
-
-* [1054] KRB-CRED messages for RC4 are encrypted now.
-
-* [1177] krb5-1-2-2-branch merged onto trunk.
-
-* [1193] Punted comment about reworking key storage architecture.
-
-* [1208] install-headers target implemented.
-
-* [1223] asn1_decode_oid, asn1_encode_oid implemented
-
-* [1248] RC4 is explicitly excluded from combine_keys.
-
-* [1276] Generated dependencies handle --without-krb4 properly now.
-
-* [1339] An inadvertent change to the krb4 get_adm_hst API (strcpy vs
- strncpy etc.) has been fixed.
-
-* [1384, 1413] Use of autoconf-2.52 in util/reconf will now cause a
- warning.
-
-* [1388] DNS support is turned on in KfM.
-
-* [1391] Fix kadmind startup failure with krb4 vuln patch.
-
-* [1409] get_ad_tkt() now prompts for password if there are no tickets
- (in KfM).
-
-* [1447] vts_long() and vts_short() work now.
-
-* [1462] KfM adds exports of set_pw calls.
-
-* [1477] compile_et output not used in err_txt.c.
-
-* [1495] KfM now exports string_to_key_with_params.
-
-* [1512, 1522] afs_string_to_key now works with etype_info2.
-
-* [1514] krb5int_populate_gic_opt returns void now.
-
-* [1521] Using an afs3 salt for an AES key no longer causes
- segfaults.
-
-* [1533] krb524.h no longer contains invalid Mac pragmas.
-
-* [1546] krb_mk_req_creds() no longer zeros the session key.
-
-* [1554] The krb4 string-to-key iteration now accounts correctly for
- the decrypt-in-place semantics of libdes425.
-
-* [1557] KerberosLoginPrivate.h is now correctly included for the use
- of __KLAllowHomeDirectoryAccess() in init_os_ctx.c (for KfM).
-
-* [1558] KfM exports the new krb524 interface.
-
-* [1563] krb__get_srvtaname() no longer returns a pointer that is
- free()d upon a subsequent call.
-
-* [1569] A debug statement has been removed from krb524init.
-
-* [1592] Document possible file rename lossage when building against
- system libdb.
-
-* [1594] Darwin gets an explicit dependency of err_txt.o on
- krb_err.c.
-
-* [1596] Calling conventions, etc. tweaked for KfW build of
- krb524.dll.
-
-* [1600] Minor tweaks to README to improve notes on IPv6, etc.
-
-* [1605] Fixed a leak of subkeys in krb5_rd_rep().
-
-* [1630] krb5_get_in_tkt_with_keytab() works now; previously borken by
- reimplementation in terms of krb5_get_init_creds().
-
-* [1642] KfM build now inherits CFLAGS and LDFLAGS from parent project.
+* [2795] Fixed some addrinfo problems that affected Irix.
Copyright Notice and Legal Administrivia
----------------------------------------
in respect of any properties, including, but not limited to, correctness
and fitness for purpose.
-
-
-Acknowledgements
-----------------
+---- The implementation of the RPCSEC_GSS authentication flavor in
+src/lib/rpc has the following copyright:
+
+ Copyright (c) 2000 The Regents of the University of Michigan.
+ All rights reserved.
+
+ Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
+ All rights reserved, all wrongs reversed.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Acknowledgments
+---------------
Appreciation Time!!!! There are far too many people to try to thank
them all; many people have contributed to the development of Kerberos
V5. This is only a partial listing....
-Thanks to Paul Vixie and the Internet Software Consortium for funding
-the work of Barry Jaspan. This funding was invaluable for the OV
-administration server integration, as well as the 1.0 release
-preparation process.
-
-Thanks to John Linn, Scott Foote, and all of the folks at OpenVision
-Technologies, Inc., who donated their administration server for use in
-the MIT release of Kerberos.
-
-Thanks to Jeff Bigler, Mark Eichin, Marc Horowitz, Nancy Gilman, Ken
-Raeburn, and all of the folks at Cygnus Support, who provided
-innumerable bug fixes and portability enhancements to the Kerberos V5
-tree. Thanks especially to Jeff Bigler, for the new user and system
-administrator's documentation.
-
-Thanks to Doug Engert from ANL for providing many bug fixes, as well
-as testing to ensure DCE interoperability.
-
-Thanks to Ken Hornstein at NRL for providing many bug fixes and
-suggestions, and for working on SAM preauthentication.
-
-Thanks to Matt Crawford at FNAL for bugfixes and enhancements.
-
-Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for
-their many suggestions and bug fixes.
+Thanks to Kevin Coffman and the CITI group at the University of
+Michigan for providing patches for implementing RPCSEC_GSS
+authentication in the RPC library.
-Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and
-providing patches for numerous buffer overruns.
+Thanks to Derrick Schommer for reporting multiple memory leaks.
-Thanks to Christopher Thompson and Marcus Watts for discovering the
-ftpd security bug.
+Thanks to Quanah Gibson-Mount of Stanford University for helping
+exercise the thread support code.
-Thanks to Paul Nelson of Thursby Software Systems for implementing the
-Microsoft set password protocol.
+[...]
Thanks to the members of the Kerberos V5 development team at MIT, both
past and present: Danilo Almeida, Jeffrey Altman, Jay Berkenbilt,
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * build.texinfo (Solaris 9): Document Solaris patches for pty
+ close bug.
+
2004-10-06 Ken Raeburn <raeburn@mit.edu>
* implementor.texinfo, thread-safe.txt, threads.txt: Various
as root, where @code{nnnn} is the pid of the shell whose priority
limit you wish to raise.
+Sun has released kernel patches for this race condition. Apply patch
+117171-11 for sparc, or patch 117172-11 for x86. Later revisions of
+the patches should also work. It is not necessary to run ``make
+check'' from a shell with elevated priority limits once the patch has
+been applied.
+
@node SGI Irix 5.X, Ultrix 4.2/3, Solaris 9, OS Incompatibilities
@subsection SGI Irix 5.X
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * aclocal.m4 (KRB5_AC_PRIOCNTL_HACK): Check for Solaris patch
+ 117171-11 (sparc) or 117172-11 (x86), which fixes the Solaris 9
+ bug which can cause final pty output to be on close.
+
+2004-11-18 Tom Yu <tlyu@mit.edu>
+
+ * Makefile.in (install-headers-mkdirs): Create KRB5_INCDIR/gssrpc.
+
2004-10-06 Tom Yu <tlyu@mit.edu>
* Makefile.in (INSTALLMKDIRS): Add EXAMPLEDIR.
install-headers-mkdirs:
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssapi
+ $(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssrpc
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/kerberosIV
install-headers-prerecurse: install-headers-mkdirs
dnl
dnl
AC_DEFUN([KRB5_AC_PRIOCNTL_HACK],
+[AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([AC_LANG_COMPILER_REQUIRE])dnl
+AC_CACHE_CHECK([whether to use priocntl hack], [krb5_cv_priocntl_hack],
[case $krb5_cv_host in
*-*-solaris2.9*)
- PRIOCNTL_HACK=1
+ if test "$cross_compiling" = yes; then
+ krb5_cv_priocntl_hack=yes
+ else
+ # Solaris patch 117171-11 (sparc) or 117172-11 (x86)
+ # fixes the Solaris 9 bug where final pty output
+ # gets lost on close.
+ if showrev -p | $AWK 'BEGIN { e = 1 }
+/Patch: 11717[[12]]/ { x = index[]([$]2, "-");
+if (substr[]([$]2, x + 1, length([$]2) - x) >= 11)
+{ e = 0 } else { e = 1 } }
+END { exit e; }'; then
+ krb5_cv_priocntl_hack=no
+ else
+ krb5_cv_priocntl_hack=yes
+ fi
+ fi
;;
*)
- PRIOCNTL_HACK=0
+ krb5_cv_priocntl_hack=no
;;
-esac
+esac])
+if test "$krb5_cv_priocntl_hack" = yes; then
+ PRIOCNTL_HACK=1
+else
+ PRIOCNTL_HACK=0
+fi
AC_SUBST(PRIOCNTL_HACK)])
dnl
dnl
+2004-11-26 Sam Hartman <hartmans@mit.edu>
+
+ * ftpcmd.y: nbby should be 8 for anything platform we care about.
+ The previous test broke on Debian BSD, so the test has been
+ removed.
+
+2004-11-03 Tom Yu <tlyu@mit.edu>
+
+ * ftpcmd.y (getline): Merge Athena change to reject MICed
+ password.
+
+ * ftpd.M: Document '-E'.
+
+ * ftpd.c (main): Merge Athena's '-E' changes to prohibit
+ unencrypted passwords.
+
2004-09-22 Tom Yu <tlyu@mit.edu>
* Makefile.in (ftpd): Use UTIL_LIB.
$(KRB_ERR_H_DEP) $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \
$(srcdir)/../arpa/ftp.h
$(OUTPRE)getdtablesize.$(OBJEXT): $(srcdir)/../../bsd/getdtablesize.c
+$(OUTPRE)setenv.$(OBJEXT): $(srcdir)/../../bsd/setenv.c
#endif
#ifndef NBBY
-#ifdef linux
#define NBBY 8
#endif
-#ifdef __pyrsoft
-#ifdef MIPSEB
-#define NBBY 8
-#endif
-#endif
-#endif
static struct sockaddr_in host_port;
extern int timeout;
extern int maxtimeout;
extern int pdata;
+extern int authlevel;
extern char hostname[], remotehost[];
extern char proctitle[];
extern char *globerr;
}
#endif /* GSSAPI */
/* Other auth types go here ... */
+
+ /* A password should never be MICed, but the CNS ftp
+ * client and the pre-6/98 Krb5 client did this if you
+ * authenticated but didn't encrypt.
+ */
+ if (authlevel && mic && !strncmp(s, "PASS", 4)) {
+ lreply(530, "There is a problem with your ftp client. Password refused.");
+ reply(530, "Enable encryption before logging in, or update your ftp program.");
+ *s = 0;
+ return s;
+ }
+
}
#if defined KRB5_KRB4_COMPAT || defined GSSAPI /* or other auth types */
else { /* !auth_type */
ftpd \- DARPA Internet File Transfer Protocol server
.SH SYNOPSIS
.B ftpd
-[\fB\-A \fP|\fB -a\fP] [\fB\-C\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB\-l\fP]
-[\fB\-v\fP] [\fB\-T\fP \fImaxtimeout\fP] [\fB\-t\fP \fItimeout\fP]
+[\fB\-A \fP|\fB -a\fP] [\fB\-C\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB-E\fP]
+[\fB\-l\fP] [\fB\-v\fP] [\fB\-T\fP \fImaxtimeout\fP] [\fB\-t\fP \fItimeout\fP]
[\fB\-p\fP \fIport\fP] [\fB\-U\fP \fIftpusers-file\fP] [\fB\-u\fP \fIumask\fP]
[\fB\-r\fP \fIrealm-file\fP] [\fB\-s\fP \fIsrvtab\fP]
[\fB\-w\fP{\fBip\fP|\fImaxhostlen\fP[\fB,\fP{\fBstriplocal\fP|\fBnostriplocal\fP}]}]
.B \-d
Debugging information is written to the syslog. (Identical to -v)
.TP
+.B \-E
+Don't allow passwords to be typed across unencrypted connections.
+.TP
.B \-l
Each
.IR ftp (1)
extern char *optarg;
extern int optopt;
#ifdef KRB5_KRB4_COMPAT
- char *option_string = "AaCcdlp:r:s:T:t:U:u:vw:";
+ char *option_string = "AaCcdElp:r:s:T:t:U:u:vw:";
#else /* !KRB5_KRB4_COMPAT */
- char *option_string = "AaCcdlp:r:T:t:U:u:vw:";
+ char *option_string = "AaCcdElp:r:T:t:U:u:vw:";
#endif /* KRB5_KRB4_COMPAT */
ftpusers = _PATH_FTPUSERS_DEFAULT;
debug = 1;
break;
+ case 'E':
+ if (!authlevel)
+ authlevel = AUTHLEVEL_AUTHENTICATE;
+ break;
+
case 'l':
logging ++;
break;
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * auth-proto.h, auth.c: Merge Athena changes for requiring
+ encrypted connections.
+
2004-06-04 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (LIBBASE): Renamed from LIB.
void auth_is (unsigned char *, int);
void auth_reply (unsigned char *, int);
void auth_finished (Authenticator *, int);
-int auth_wait (char *);
+void auth_wait (char *);
+int auth_check (char *);
int auth_must_encrypt (void);
void auth_disable_name (char *);
void auth_gen_printsub (unsigned char *, int, unsigned char *, unsigned int);
int auth_debug_mode = 0;
int auth_has_failed = 0;
int auth_enable_encrypt = 0;
+int auth_client_non_unix = 0;
static char *Name = "Noname";
static int Server = 0;
static Authenticator *authenticated = 0;
authenticating = 1;
while (ap->type) {
if (i_support & ~i_wont_support & typemask(ap->type)) {
- if (auth_debug_mode) {
- printf(">>>%s: Sending type %d %d\r\n",
- Name, ap->type, ap->way);
+ if (ap->type == AUTHTYPE_KERBEROS_V4 ||
+ !auth_client_non_unix) {
+ if (auth_debug_mode) {
+ printf(">>>%s: Sending type %d %d\r\n",
+ Name, ap->type, ap->way);
+ }
+ *e++ = ap->type;
+ *e++ = ap->way;
}
- *e++ = ap->type;
- *e++ = ap->way;
}
++ap;
}
+ if (auth_client_non_unix) {
+ ap = authenticators;
+ while (ap->type) {
+ if (i_support & ~i_wont_support & typemask(ap->type)) {
+ *e++ = ap->type;
+ *e++ = ap->way;
+ }
+ ++ap;
+ }
+ }
*e++ = IAC;
*e++ = SE;
net_write(str_request, e - str_request);
auth_finished(0, AUTH_REJECT);
}
- int
+ void
auth_wait(name)
char *name;
{
printf(">>>%s: in auth_wait.\r\n", Name);
if (Server && !authenticating)
- return(0);
+ return;
(void) signal(SIGALRM, auth_intr);
alarm(30);
break;
alarm(0);
(void) signal(SIGALRM, SIG_DFL);
+}
+ int
+auth_check(name)
+ char *name;
+{
/*
* Now check to see if the user is valid or not
*/
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * ext.h: New variable "must_encrypt".
+
+ * telnetd.8: Update for changed command-line options.
+
+ * telnetd.c (getterminaltype): Merge Athena changes to require
+ encrypted connections.
+
+ * utility.c (ttsuck): Merge Athena changes to work around some
+ client timing bugs.
+
2004-09-22 Tom Yu <tlyu@mit.edu>
* Makefile.in (telnetd): Use UTIL_LIB.
extern int pty, net;
extern int SYNCHing; /* we are in TELNET SYNCH mode */
+#ifdef ENCRYPTION
+extern int must_encrypt;
+#endif
+
extern void
_termstat (void),
add_slc (int, int, int),
.SH SYNOPSIS
.B /usr/libexec/telnetd
[\fB\-a\fP \fIauthmode\fP] [\fB\-B\fP] [\fB\-D\fP] [\fIdebugmode\fP]
-[\fB\-edebug\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP]
+[\fB\-e\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP]
[\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
[\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
[\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
.B ptydata
Displays data written to the pty.
.TP
+.B encrypt
+Enables encryption debugging code.
+.TP
.B exercise
Has not been implemented yet.
.RE
in
.IR socket (2)).
.TP
-.B \-edebug
-If
+.B \-e
+This option causes
.B telnetd
-has been compiled with support for data encryption, then the
-.B edebug
-option may be used to enable encryption debugging code.
+to refuse unencrypted connections.
.TP
.B \-h
Disables the printing of host-specific information before login has been
'D', ':',
#endif
#ifdef ENCRYPTION
- 'e', ':',
+ 'e',
#endif
#if defined(CRAY) && defined(NEWINIT)
'I', ':',
diagnostic |= TD_PTYDATA;
} else if (!strcmp(optarg, "options")) {
diagnostic |= TD_OPTIONS;
+ } else if (!strcmp(optarg, "encrypt")) {
+ extern int encrypt_debug_mode;
+ encrypt_debug_mode = 1;
} else {
usage();
/* NOT REACHED */
#ifdef ENCRYPTION
case 'e':
- if (strcmp(optarg, "debug") == 0) {
- extern int encrypt_debug_mode;
- encrypt_debug_mode = 1;
- break;
- }
- usage();
- /* NOTREACHED */
+ must_encrypt = 1;
break;
#endif /* ENCRYPTION */
static void encrypt_failure()
{
- char *lerror_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
+ char *lerror_message;
+
+ if (auth_must_encrypt())
+ lerror_message = "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
+ else
+ lerror_message = "Unencrypted connection refused. Goodbye.\r\n\r\n";
netputs(lerror_message);
netflush();
settimer(baseline);
#if defined(AUTHENTICATION)
+ ttsuck();
/*
* Handle the Authentication option before we do anything else.
*/
while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
ttloop();
if (his_state_is_will(TELOPT_AUTHENTICATION)) {
- retval = auth_wait(name);
+ auth_wait(name);
}
#endif
if (his_state_is_will(TELOPT_ENCRYPT)) {
encrypt_wait();
}
- if (auth_must_encrypt()) {
+ if (must_encrypt || auth_must_encrypt()) {
time_t timeout = time(0) + 60;
if (my_state_is_dont(TELOPT_ENCRYPT) ||
- my_state_is_wont(TELOPT_ENCRYPT))
+ my_state_is_wont(TELOPT_ENCRYPT) ||
+ his_state_is_wont(TELOPT_AUTHENTICATION))
encrypt_failure();
- if (!EncryptStartInput() || !EncryptStartOutput())
- encrypt_failure();
+ while (!EncryptStartInput()) {
+ if (time (0) > timeout)
+ encrypt_failure();
+ ttloop();
+ }
+
+ while (!EncryptStartOutput()) {
+ if (time (0) > timeout)
+ encrypt_failure();
+ ttloop();
+ }
while (!encrypt_is_encrypting()) {
if (time(0) > timeout)
}
}
}
- return(retval);
+#ifdef AUTHENTICATION
+ return(auth_check(name));
+#else
+ return(-1);
+#endif
} /* end of getterminaltype */
static void
}
} /* end of ttloop */
+/*
+ * ttsuck - This is a horrible kludge to deal with a bug in
+ * HostExplorer. HostExplorer thinks it knows how to do krb5 auth, but
+ * it doesn't really. So if you offer it krb5 as an auth choice before
+ * krb4, it will sabotage the connection. So we peek ahead into the
+ * input stream to see if the client is a UNIX client, and then
+ * (later) offer krb5 first only if it is. Since no Mac/PC telnet
+ * clients do auto switching between krb4 and krb5 like the UNIX
+ * client does, it doesn't matter what order they see the choices in
+ * (except for HostExplorer).
+ *
+ * It is actually not possible to do this without looking ahead into
+ * the input stream: the client and server both try to begin
+ * auth/encryption negotiation as soon as possible, so if we let the
+ * server process things normally, it will already have sent the list
+ * of supported auth types before seeing the NEW-ENVIRON option. If
+ * you change the code to hold off sending the list of supported auth
+ * types until after it knows whether or not the remote side supports
+ * NEW-ENVIRON, then the auth negotiation and encryption negotiation
+ * race conditions won't interact properly, and encryption negotiation
+ * will reliably fail.
+ */
+
+ void
+ttsuck()
+{
+ extern int auth_client_non_unix;
+ int nread;
+ struct timeval tv;
+ fd_set fds;
+ char *p, match[] = {IAC, WILL, TELOPT_NEW_ENVIRON};
+
+ if (nfrontp-nbackp) {
+ netflush();
+ }
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ FD_SET(net, &fds);
+
+ while (select(net + 1, &fds, NULL, NULL, &tv) == 1)
+ {
+ nread = read(net, netibuf + ncc, sizeof(netibuf) - ncc);
+ if (nread <= 0)
+ break;
+ ncc += nread;
+ }
+
+ auth_client_non_unix = 1;
+ for (p = netibuf; p < netibuf + ncc; p++)
+ {
+ if (!memcmp(p, match, sizeof(match)))
+ {
+ auth_client_non_unix = 0;
+ break;
+ }
+ }
+
+ if (ncc > 0)
+ telrcv();
+}
+
/*
* Check a descriptor to see if out of band data exists on it.
*/
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * pre.in (KRB5_INCSUBDIRS): Add KRB5_INCDIR/gssrpc.
+
2004-10-06 Tom Yu <tlyu@mit.edu>
* pre.in (datadir, EXAMPLEDIR): Add directory for examples.
KRB5_INCDIR = @includedir@
KRB5_INCSUBDIRS = \
$(KRB5_INCDIR)/gssapi \
- $(KRB5_INCDIR)/kerberosIV
+ $(KRB5_INCDIR)/kerberosIV \
+ $(KRB5_INCDIR)/gssrpc
#
# Macros used by the KADM5 (OV-based) unit test system.
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * k5-int.h (KRB5INT_ACCESS_STRUCT_VERSION): Bump to 9.
+ (struct _krb5int_access): Add function pointer field use_dns_kdc.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * fake-addrinfo.h: Include errno.h earlier.
+
2004-10-28 Ken Raeburn <raeburn@mit.edu>
* k5-thread.h (return_after_yield, k5_mutex_lock) [__GNUC__]: Add
#include "k5-thread.h"
#include <stdio.h> /* for sprintf */
+#include <errno.h>
#ifdef S_SPLINT_S
/*@-incondefs@*/
}
#ifdef NEED_FAKE_GETNAMEINFO
-#include <errno.h>
static inline int
fake_getnameinfo (const struct sockaddr *sa, socklen_t len,
char *host, socklen_t hostlen,
}
#endif
-#include <errno.h>
#if defined(HAVE_FAKE_GETADDRINFO) || defined(NEED_FAKE_GETNAMEINFO)
static inline
/* To keep happy libraries which are (for now) accessing internal stuff */
/* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 8
+#define KRB5INT_ACCESS_STRUCT_VERSION 9
#ifndef ANAME_SZ
struct ktext; /* from krb.h, for krb524 support */
const char *protocol,
struct srv_dns_entry **answers);
void (*free_srv_dns_data)(struct srv_dns_entry *);
+ int (*use_dns_kdc)(krb5_context);
/* krb4 compatibility stuff -- may be null if not enabled */
krb5_int32 (*krb_life_to_time)(krb5_int32, int);
+2004-11-17 Ken Raeburn <raeburn@mit.edu>
+
+ * prng.c (do_yarrow_init): Move mutex initialization here.
+ (krb5int_prng_init): Don't do it here.
+
+2004-11-15 Sam Hartman <hartmans@mit.edu>
+
+ * t_prng.expected t_prng.reseedtest-expected : Update expected
+ PRNG test output and confirm that reseeds and gates happen correctly.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro,
+ and change to be non-static.
+ (krb5int_prng_init): Call do_yarrow_init here.
+ (krb5_c_random_add_entropy): Don't call it here. Don't lock the
+ mutex, either.
+ (krb5_c_random_make_octets): Don't lock the mutex.
+
2004-06-16 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (MAC_SUBDIRS): Don't set.
#include "yarrow.h"
static Yarrow_CTX y_ctx;
static int inited, init_error;
-static k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+#define yarrow_lock krb5int_yarrow_lock
+k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
/* Helper function to estimate entropy based on sample length
* and where it comes from.
return (0);
}
+static void do_yarrow_init(void);
int krb5int_prng_init(void)
{
- return k5_mutex_finish_init(&yarrow_lock);
+ do_yarrow_init();
+ if (init_error)
+ return KRB5_CRYPTO_INTERNAL;
+ return 0;
}
static void do_yarrow_init(void)
unsigned i;
int yerr;
+ yerr = k5_mutex_finish_init(&yarrow_lock);
+ if (yerr) {
+ init_error = yerr;
+ return;
+ }
+
yerr = krb5int_yarrow_init (&y_ctx, NULL);
if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED)) {
init_error = yerr;
if (yerr)
return yerr;
/* Now, finally, feed in the data. */
- yerr = k5_mutex_lock(&yarrow_lock);
- if (yerr)
- return yerr;
- if (!inited)
- do_yarrow_init();
- if (init_error) {
- k5_mutex_unlock(&yarrow_lock);
- return KRB5_CRYPTO_INTERNAL;
- }
yerr = krb5int_yarrow_input (&y_ctx, randsource,
data->data, data->length,
entropy_estimate (randsource, data->length));
- k5_mutex_unlock(&yarrow_lock);
if (yerr != YARROW_OK)
- return (KRB5_CRYPTO_INTERNAL);
+ return (KRB5_CRYPTO_INTERNAL);
return (0);
}
{
int yerr;
assert (inited);
- yerr = k5_mutex_lock(&yarrow_lock);
- if (yerr)
- return yerr;
yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
if (yerr == YARROW_NOT_SEEDED) {
yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL);
if (yerr == YARROW_OK)
yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
}
- k5_mutex_unlock(&yarrow_lock);
if ( yerr != YARROW_OK)
return (KRB5_CRYPTO_INTERNAL);
return(0);
-18086b1e91f730facb2d6e1b
-c562653b24814eb3651b1e68301a3c14b96302bb
-6d017f7aef74662ed8dd51eef14281eaad223298db370bfaca
-30c04231cb3de404e4b8a5359a74066fd963291d7986be835834ab07870c097682a953bfff38784780eef844de47fb36c34f8e034c96cfa64d9cb5decee472138236e9fb79e9fe1fba6b7757b970f22477d167832206900473f09f3e8c822db6d9a8273340ed6743d99638d6cf192d821b6f33d23278b1a929f303a80865c426d01add11b2f2416babd13e70b44d8eeb731c09c7163af9d1a23cbe20ddb08b0f67ecaa2eed511263a67e9c12e59ef113f0b9e4e4e140b43896078a7571c61826ba099b3dd8c4b096a9785b4434e97ea99e662ba6fdb60a41547ccae4c67d3e1f3ef515198e91f009c75c9e80fda90d13ee29d8aad5d87cc2437ce60e6ce55700837fb0815bfd2495f8aa1a33fe67c1ae28a885506a78ca6257f5a5f2a8042e28680acc83b1aecb3a9cb51911126f2f0deaf14fcfa5f165e9a5c3f8f2d1c3f4683b2d75927a7bc802d63b680a5e22768cc0439854ccd49e58a002794f541bddd6ef6fbd4f9869843a72d0ae9d438c90353a46c0c9863a16b1de206c717ab7ce6ea6f648a38efa12b70bbe3388b35adec7a789ea98de217520d7d6ce699841e17e5946bf5a8b3c7a2c3e2d6767422baf3159ff08d913ec78011ab7d34bc24af26c24a8d46f7261c7705a7b270e27590c29583c659a0df8dada4e7a0532f115040165d18f74a55a4f39bb1dcfd865e94a488ca910cc447e121b2a19450239e75d24
+d2f8fbd707a8ece5cb11a02f
+eb4cb6e06236ea1c0529f7acbfca8d78cb85bb1d
+a244005ae870604342b0386025874ec4306c1dd483c118621b
+63e6408afdf9fd225839a7afcc6da6ae494fb4f82bd21ea06bb17ca0848bdae8cea671f545aac52699951caba960c536024b4102f47d61d61fd7b17582a4cf50ba7d215062558f71483249e079689893f3bf25def7f45f9e852281269904d401d6719e3115f6410088c6c5171e878494362684d2116633bb9ea8d9ed5faec73cb076c44d5d639bc2c8ae3de54f0e1e092d5ea439e607e9cd73053bbdf40723f5b48f298fdeeef845e22e06f2f6362fc67fba366e638a7988999d456dcc3d53b23388d685620a7c446d28cd94b13049761b64779db5412e78ac4bab2aacf103fd1b9ceb7213d43710d6a46fd4223fa20e0a68d3e16a82cbadea650ba815dc9ee99b4eb8e2acdac866a05d90ab9de3246db0560fb4b36633bb642c3ea9bf358937dda743f9cef1148791c2cac58995b8eb8fdb1c0cce1686e04ebef5ae7aae36691faafbe8920d3c013f125b687eb019faefa70fc750c52e2e2e33f426824bf1da31268a9bb8d9501f2290375755f8bf77b46639346b4011b78ce9d81105c7791ec5991a2f1eab037488b604df1a21c5c4e36a7c76dca5884d36e30fe8d30d0e7d93fab72062219390655eace2b434b0e2cd21ec9c5a8aa13e783afadcdf386fc43b960c518acb38d7e3da2f67695c1c1c25c4f251b40f4c2e42e89f6f642c32e66159f6ce24aa910fb5d95e3a899a4de5efcf570996e1a662d14362b65d00524df79cd56be93bd572526e4dfd1cf9f7586bc021105cf5456b28c1f45a6d354d000a113e15f64aa0b5253830c07afc8fa47b58dbba8bbae1645b2093035f2387036229dec6f7141b444b8bb7d0382a742bd5c746ba2d7af3af1cadb2dd90bda87d5daed2d2eebd243c7b2d06955d0cc7fe1061d4cfa3b061aaeb97084d9f9a7ec9dbe9e642f4f090d57b5ea1bd8b393f00896d3dc7089e1fc4c2fed7336c2a8c6d119a682c6cc4ae1ccedd30292f2c5570bf4d6287ce8e20b8b34e7fc38e87273f588cd33b8c913defaee5f6bf8fdeda72531c845a6f97a84d5e9b9a6497d4c48614dee7693df35faedc008fded852be8d4bffd475476336e54ed48a827b99d3f0e39019a40d43aef5ae522ec6e280f6a8e7d2713f3c3188bed2476a84af5a5afefa0fa178ed07de0e073693e8790f8bbd0cf9183e48f140b556e723565c382cf7a4c186748189a14e603e4ac70e2b80c266334231207721d16d834a973b48cfec584620624686603cfd66d55dbf8dd8eccd99d85f041c624ec3a7bec314af95d2313afd43cc5cc19249cf85b7ab0b5a4530b597341e7477b249fef1a07eb0d8fa790e9bce752e8b2f7086e98ab44751e0a1b37f29682ce67c0de7a2fd036f26ed719fc343bbf49432aec651d884c99c24d5943c747f7ec3b48d4c2236a8cb6151794daeda073774cc88ff121fdd423b81ef2f34c8f281ca2e5366faee87ff7a623484f2937cc0680ed76ead32b43cb6c67a21f8089b435f38a404d267397c6435cfac16591a3573d9e92f8c4a8028719c22662b903ddb16e08ea7bb2d6b8938c06bdddb4d174c7f2c5d812ed3a34ba8859a1ae841b3b9d5522372018c9aa55b048df826f05a087f185808cb66899f320783a1c4aa2dcd5f2665405ba7e5726e122b67559a39da30956e49fe7711d1b2506e159c5ea42ce0a1ad497220ee3b3e5ebcb73db975bd08e8be56e5f4533b8295b10d4b0fef466de6540f8fe10530c9716d83a12f5ffbba5b4dbc50ed89388d04e7a15d3d9d251041ed5303efa2525bc62a5aeb821f7838676811784584534be8a7fc667f09c3fe1bbf7d0aad29324f562086ecb8326829413867
-7a2f63cdd9b0bfae94b75ee554be49ff8e7bc82e
+fd543f42aded9bd725c9b05682cd0f504c1b33d1
de 7c f0 c5 6a 37 0b 34 f4 0c 3a 19 31 eb 66 f1
ae 5f c6 a3 64 3f 2e a9 76 e1 87 93 df b6 94 86
bd 96 57 3f 31 e6 88 8c
-512
+1290
+2004-11-22 Ken Raeburn <raeburn@mit.edu>
+
+ * yarrow.c (yarrow_input_maybe_locking): Renamed from
+ yarrow_input_maybe_locking, made static. New argument indicates
+ whether or not to do locking.
+ (krb5int_yarrow_input): New wrapper function.
+ (yarrow_input_locked): New wrapper function.
+ (Yarrow_detect_fork): Call yarrow_input_locked.
+
+2004-11-15 Sam Hartman <hartmans@mit.edu>
+
+ * ycipher.h: Use AES256 not 3des
+
+2004-11-01 Ken Raeburn <raeburn@mit.edu>
+
+ * yarrow.c (krb5int_yarrow_input, krb5int_yarrow_final): Don't
+ check for forking here.
+ (yarrow_output_locked): Split out from krb5int_yarrow_output,
+ without locking.
+ (krb5int_yarrow_output): Do locking and call yarrow_output_locked.
+ (yarrow_gate_locked): New function; uses yarrow_output_locked.
+ (krb5int_yarrow_output_Block): Use yarrow_gate_locked.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * ylock.h: Include k5-thread.h.
+ (krb5int_yarrow_lock): Declare.
+ (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros.
+
2004-06-04 Ken Raeburn <raeburn@mit.edu>
* yarrow.c (yarrow_str_error): Now const.
PRNG state */
#ifdef YARROW_DETECT_FORK
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+ const void *sample,
+ size_t size, size_t entropy_bits );
+
static int Yarrow_detect_fork(Yarrow_CTX *y)
{
pid_t newpid;
* Then we reseed. This doesn't really increase entropy, but does make the
* streams distinct assuming we already have good entropy*/
y->pid = newpid;
- TRY (krb5int_yarrow_input (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (krb5int_yarrow_input (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL));
- }
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL));
+ }
CATCH:
EXCEP_RET;
EXCEP_RET;
}
-YARROW_DLL
-int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
- const void* sample,
- size_t size, size_t entropy_bits )
+static
+int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id,
+ const void* sample,
+ size_t size, size_t entropy_bits,
+ int do_lock )
{
EXCEP_DECL;
int ret;
size_t estimate;
if (!y) { THROW( YARROW_BAD_ARG ); }
- TRY( Yarrow_detect_fork( y ) );
if (source_id >= y->num_sources) { THROW( YARROW_BAD_SOURCE ); }
THROW( YARROW_BAD_SOURCE );
}
- TRY( LOCK() );
- locked = 1;
+ if (do_lock) {
+ TRY( LOCK() );
+ locked = 1;
+ }
/* hash in the sample */
EXCEP_RET;
}
+YARROW_DLL
+int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
+ const void* sample,
+ size_t size, size_t entropy_bits )
+{
+ return yarrow_input_maybe_locking(y, source_id, sample, size,
+ entropy_bits, 1);
+}
+
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+ const void *sample,
+ size_t size, size_t entropy_bits )
+{
+ return yarrow_input_maybe_locking(y, source_id, sample, size,
+ entropy_bits, 0);
+}
+
YARROW_DLL
int krb5int_yarrow_new_source(Yarrow_CTX* y, unsigned* source_id)
{
if (y->out_count >= y->Pg)
{
y->out_count = 0;
- TRY( krb5int_yarrow_gate( y ) );
+ TRY( yarrow_gate_locked( y ) );
/* require new seed after reaching gates_limit */
EXCEP_RET;
}
+static int yarrow_output_locked(Yarrow_CTX*, void*, size_t);
+
YARROW_DLL
int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size )
{
EXCEP_DECL;
- int locked = 0;
+ TRY( LOCK() );
+ TRY( yarrow_output_locked(y, out, size));
+CATCH:
+ UNLOCK();
+ EXCEP_RET;
+}
+
+static
+int yarrow_output_locked( Yarrow_CTX* y, void* out, size_t size )
+{
+ EXCEP_DECL;
size_t left;
char* outp;
size_t use;
left = size;
outp = out;
- TRY( LOCK() );
-
if (y->out_left > 0)
{
use = min(left, y->out_left);
}
CATCH:
- if ( locked ) { TRY( UNLOCK() ); }
+ EXCEP_RET;
+}
+
+static int yarrow_gate_locked(Yarrow_CTX* y)
+{
+ EXCEP_DECL;
+ byte new_K[CIPHER_KEY_SIZE];
+
+ if (!y) { THROW( YARROW_BAD_ARG ); }
+ TRACE( printf( "GATE[" ); );
+
+ /* K <- Next k bits of PRNG output */
+
+ TRY( yarrow_output_locked(y, new_K, CIPHER_KEY_SIZE) );
+ mem_copy(y->K, new_K, CIPHER_KEY_SIZE);
+
+ /* need to resetup the key schedule as the key has changed */
+
+ TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K));
+
+ CATCH:
+ TRACE( printf( "]," ); );
+ mem_zero(new_K, sizeof(new_K));
EXCEP_RET;
}
int locked = 0;
if (!y) { THROW( YARROW_BAD_ARG ); }
- TRY( Yarrow_detect_fork(y) );
TRY( LOCK() );
locked = 1;
* call the enc_provider function to get the info.
*/
-#define yarrow_enc_provider krb5int_enc_des3
+#define yarrow_enc_provider krb5int_enc_aes256
-#define CIPHER_BLOCK_SIZE 8
-#define CIPHER_KEY_SIZE 21
+#define CIPHER_BLOCK_SIZE 16
+#define CIPHER_KEY_SIZE 32
#if defined( YARROW_NO_MATHLIB )
/* see macros at end for functions evaluated */
-#define POW_CIPHER_KEY_SIZE 72057594037927936.0
-#define POW_CIPHER_BLOCK_SIZE 18446744073709551616.0
+#define POW_CIPHER_KEY_SIZE 115792089237316195423570985008687907853269984665640564039457584007913129639936.0
+#define POW_CIPHER_BLOCK_SIZE 340282366920938463463374607431768211456.0
#endif
* and YARROW_LOCKING on failure
*/
-
+#if 0
static int LOCK( void ) { return (YARROW_OK); }
static int UNLOCK( void ) { return (YARROW_OK); }
+#else
+#include "k5-thread.h"
+extern k5_mutex_t krb5int_yarrow_lock;
+#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#endif
#endif /* YLOCK_H */
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * RealmsConfig-glue.c (krb_get_krbhst): Check if DNS should be
+ used for getting KDC names before actually using it.
+
2004-07-16 Ken Raeburn <raeburn@mit.edu>
* macsock.c: Deleted.
if (err)
break;
- realmdat.data = realm;
- realmdat.length = strlen(realm);
- err = k5.make_srv_query_realm(&realmdat, "_kerberos-iv", "_udp", &srv);
- if (err)
- break;
+ if (k5.use_dns_kdc(krb5__krb4_context)) {
+ realmdat.data = realm;
+ realmdat.length = strlen(realm);
+ err = k5.make_srv_query_realm(&realmdat, "_kerberos-iv", "_udp",
+ &srv);
+ if (err)
+ break;
- if (srv == 0)
- break;
+ if (srv == 0)
+ break;
- if (dnscache.srv)
- k5.free_srv_dns_data(dnscache.srv);
- dnscache.srv = srv;
- strncpy(dnscache.realm, realm, REALM_SZ);
- dnscache.when = now;
- goto get_from_dnscache;
+ if (dnscache.srv)
+ k5.free_srv_dns_data(dnscache.srv);
+ dnscache.srv = srv;
+ strncpy(dnscache.realm, realm, REALM_SZ);
+ dnscache.when = now;
+ goto get_from_dnscache;
+ }
} while (0);
#endif
return KFAILURE;
+2004-11-26 Ken Raeburn <raeburn@mit.edu>
+
+ * kt_file.c (krb5_ktfile_wresolve): Initialize mutex here too.
+
+2004-11-23 Ken Raeburn <raeburn@mit.edu>
+
+ * kt_file.c (struct _krb5_ktfile_data): Add mutex and buffer.
+ (KTFILEBUFP, KTLOCK, KTUNLOCK, KTCHECKLOCK): New macros.
+ (krb5_ktfile_resolve): Initialize mutex.
+ (krb5_ktfile_close): Zap data buffer before freeing.
+ (krb5_ktfile_get_entry, krb5_ktfile_start_seq_get,
+ krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add,
+ krb5_ktfile_remove): Lock and unlock the mutex.
+ (krb5_ktfileint_open): Check that the mutex is locked. Set the
+ stdio buffer to the new buffer in the ktfile data.
+ (krb5_ktfileint_write_entry, krb5_ktfileint_find_slot): Check that
+ the mutex is locked. Don't call setbuf. Flush the stdio buffer
+ after writing.
+
+2004-11-23 Tom Yu <tlyu@mit.edu>
+
+ * kt_file.c (krb5_ktfileint_open): Update previous change by
+ explicitly setting errno=0 prior to calling fopen(). Also, return
+ EMFILE, not ENFILE, for compatibility with Solaris 8, which does
+ set errno when out of file descriptors.
+
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * kt_file.c (krb5_ktfileint_open): Patch from Roland Dowdeswell to
+ return ENFILE when fopen() returns NULL but doesn't set errno.
+
2004-06-22 Ken Raeburn <raeburn@mit.edu>
* kt_file.c (krb5_ktf_keytab_externalize,
typedef struct _krb5_ktfile_data {
char *name; /* Name of the file */
FILE *openf; /* open file, if any. */
+ char iobuf[BUFSIZ]; /* so we can zap it later */
int version; /* Version number of keytab */
+ k5_mutex_t lock; /* Protect openf, version */
} krb5_ktfile_data;
/*
#define KTPRIVATE(id) ((krb5_ktfile_data *)(id)->data)
#define KTFILENAME(id) (((krb5_ktfile_data *)(id)->data)->name)
#define KTFILEP(id) (((krb5_ktfile_data *)(id)->data)->openf)
+#define KTFILEBUFP(id) (((krb5_ktfile_data *)(id)->data)->iobuf)
#define KTVERSION(id) (((krb5_ktfile_data *)(id)->data)->version)
+#define KTLOCK(id) k5_mutex_lock(&((krb5_ktfile_data *)(id)->data)->lock)
+#define KTUNLOCK(id) k5_mutex_unlock(&((krb5_ktfile_data *)(id)->data)->lock)
+#define KTCHECKLOCK(id) k5_mutex_assert_locked(&((krb5_ktfile_data *)(id)->data)->lock)
extern const struct _krb5_kt_ops krb5_ktf_ops;
extern const struct _krb5_kt_ops krb5_ktf_writable_ops;
krb5_ktfile_resolve(krb5_context context, const char *name, krb5_keytab *id)
{
krb5_ktfile_data *data;
+ krb5_error_code err;
if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL)
return(ENOMEM);
return(ENOMEM);
}
+ err = k5_mutex_init(&data->lock);
+ if (err) {
+ krb5_xfree(*id);
+ return err;
+ }
+
if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) {
+ k5_mutex_destroy(&data->lock);
krb5_xfree(data);
krb5_xfree(*id);
return(ENOMEM);
*/
{
krb5_xfree(KTFILENAME(id));
+ zap(KTFILEBUFP(id), BUFSIZ);
+ k5_mutex_destroy(&((krb5_ktfile_data *)id->data)->lock);
krb5_xfree(id->data);
id->ops = 0;
krb5_xfree(id);
*/
krb5_error_code KRB5_CALLCONV
-krb5_ktfile_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry)
+krb5_ktfile_get_entry(krb5_context context, krb5_keytab id,
+ krb5_const_principal principal, krb5_kvno kvno,
+ krb5_enctype enctype, krb5_keytab_entry *entry)
{
krb5_keytab_entry cur_entry, new_entry;
krb5_error_code kerror = 0;
krb5_boolean similar;
int kvno_offset = 0;
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+
/* Open the keyfile for reading */
- if ((kerror = krb5_ktfileint_openr(context, id)))
+ if ((kerror = krb5_ktfileint_openr(context, id))) {
+ KTUNLOCK(id);
return(kerror);
+ }
/*
* For efficiency and simplicity, we'll use a while true that
}
if (kerror) {
(void) krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
krb5_kt_free_entry(context, &cur_entry);
return kerror;
}
if ((kerror = krb5_ktfileint_close(context, id)) != 0) {
+ KTUNLOCK(id);
krb5_kt_free_entry(context, &cur_entry);
return kerror;
}
+ KTUNLOCK(id);
*entry = cur_entry;
return 0;
}
krb5_error_code retval;
long *fileoff;
- if ((retval = krb5_ktfileint_openr(context, id)))
+ retval = KTLOCK(id);
+ if (retval)
return retval;
+ if ((retval = krb5_ktfileint_openr(context, id))) {
+ KTUNLOCK(id);
+ return retval;
+ }
+
if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) {
krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return ENOMEM;
}
*fileoff = ftell(KTFILEP(id));
*cursorp = (krb5_kt_cursor)fileoff;
+ KTUNLOCK(id);
return 0;
}
krb5_keytab_entry cur_entry;
krb5_error_code kerror;
- if (fseek(KTFILEP(id), *fileoff, 0) == -1)
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+ if (fseek(KTFILEP(id), *fileoff, 0) == -1) {
+ KTUNLOCK(id);
return KRB5_KT_END;
- if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry)))
+ }
+ if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry))) {
+ KTUNLOCK(id);
return kerror;
+ }
*fileoff = ftell(KTFILEP(id));
*entry = cur_entry;
+ KTUNLOCK(id);
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_ktfile_end_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)
{
+ krb5_error_code kerror;
+
krb5_xfree(*cursor);
- return krb5_ktfileint_close(context, id);
+ KTLOCK(id);
+ kerror = krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
+ return kerror;
}
/*
krb5_ktfile_wresolve(krb5_context context, const char *name, krb5_keytab *id)
{
krb5_ktfile_data *data;
+ krb5_error_code err;
if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL)
return(ENOMEM);
return(ENOMEM);
}
+ err = k5_mutex_init(&data->lock);
+ if (err) {
+ krb5_xfree(*id);
+ return err;
+ }
+
if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) {
+ k5_mutex_destroy(&data->lock);
krb5_xfree(data);
krb5_xfree(*id);
return(ENOMEM);
{
krb5_error_code retval;
- if ((retval = krb5_ktfileint_openw(context, id)))
+ retval = KTLOCK(id);
+ if (retval)
return retval;
- if (fseek(KTFILEP(id), 0, 2) == -1)
+ if ((retval = krb5_ktfileint_openw(context, id))) {
+ KTUNLOCK(id);
+ return retval;
+ }
+ if (fseek(KTFILEP(id), 0, 2) == -1) {
+ KTUNLOCK(id);
return KRB5_KT_END;
+ }
retval = krb5_ktfileint_write_entry(context, id, entry);
krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return retval;
}
krb5_error_code kerror;
krb5_int32 delete_point;
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+
if ((kerror = krb5_ktfileint_openw(context, id))) {
+ KTUNLOCK(id);
return kerror;
}
if (kerror) {
(void) krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return kerror;
}
} else {
kerror = krb5_ktfileint_close(context, id);
}
-
+ KTUNLOCK(id);
return kerror;
}
krb5_kt_vno kt_vno;
int writevno = 0;
+ KTCHECKLOCK(id);
+ errno = 0;
KTFILEP(id) = fopen(KTFILENAME(id),
(mode == KRB5_LOCKMODE_EXCLUSIVE) ?
fopen_mode_rbplus : fopen_mode_rb);
if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) {
/* try making it first time around */
krb5_create_secure_file(context, KTFILENAME(id));
+ errno = 0;
KTFILEP(id) = fopen(KTFILENAME(id), fopen_mode_rbplus);
if (!KTFILEP(id))
- return errno;
+ return errno ? errno : EMFILE;
writevno = 1;
} else /* some other error */
- return errno;
+ return errno ? errno : EMFILE;
}
if ((kerror = krb5_lock_file(context, fileno(KTFILEP(id)), mode))) {
(void) fclose(KTFILEP(id));
return kerror;
}
/* assume ANSI or BSD-style stdio */
- setbuf(KTFILEP(id), NULL);
+ setbuf(KTFILEP(id), KTFILEBUFP(id));
/* get the vno and verify it */
if (writevno) {
{
krb5_error_code kerror;
+ KTCHECKLOCK(id);
if (!KTFILEP(id))
return 0;
kerror = krb5_unlock_file(context, fileno(KTFILEP(id)));
krb5_int32 len;
char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
if (fseek(KTFILEP(id), delete_point, SEEK_SET)) {
return errno;
}
char *tmpdata;
krb5_data *princ;
+ KTCHECKLOCK(id);
memset(ret_entry, 0, sizeof(krb5_keytab_entry));
ret_entry->magic = KV5M_KEYTAB_ENTRY;
krb5_int32 size_needed;
krb5_int32 commit_point;
int i;
- char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
retval = krb5_ktfileint_size_entry(context, entry, &size_needed);
if (retval)
return retval;
if (retval)
return retval;
- setbuf(KTFILEP(id), iobuf);
-
/* fseek to synchronise buffered I/O on the key table. */
-
+ /* XXX Without the weird setbuf crock, can we get rid of this now? */
if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0)
{
return errno;
if (!xfwrite(&count, sizeof(count), 1, KTFILEP(id))) {
abend:
- setbuf(KTFILEP(id), 0);
return KRB5_KT_IOERR;
}
size = krb5_princ_realm(context, entry->principal)->length;
}
if (!xfwrite(entry->key.contents, sizeof(krb5_octet),
entry->key.length, KTFILEP(id))) {
- memset(iobuf, 0, sizeof(iobuf));
- setbuf(KTFILEP(id), 0);
- return KRB5_KT_IOERR;
+ goto abend;
}
+ if (fflush(KTFILEP(id)))
+ goto abend;
+
retval = krb5_sync_disk_file(context, KTFILEP(id));
- (void) memset(iobuf, 0, sizeof(iobuf));
- setbuf(KTFILEP(id), 0);
if (retval) {
return retval;
if (!xfwrite(&size_needed, sizeof(size_needed), 1, KTFILEP(id))) {
goto abend;
}
+ if (fflush(KTFILEP(id)))
+ goto abend;
retval = krb5_sync_disk_file(context, KTFILEP(id));
return retval;
krb5_boolean found = FALSE;
char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
/*
* Skip over file version number
*/
/*
* Hit the end of file, reserve this slot.
*/
- setbuf(KTFILEP(id), 0);
size = 0;
/* fseek to synchronise buffered I/O on the key table. */
-
+ /* XXX Without the weird setbuf hack, can we nuke this now? */
if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0)
{
return errno;
* Make sure we zero any trailing data.
*/
zero_point = ftell(KTFILEP(id));
- setbuf(KTFILEP(id), iobuf);
while ((size = xfread(iobuf, 1, sizeof(iobuf), KTFILEP(id)))) {
if (size != sizeof(iobuf)) {
remainder = size % sizeof(krb5_int32);
memset(iobuf, 0, (size_t) size);
xfwrite(iobuf, 1, (size_t) size, KTFILEP(id));
+ fflush(KTFILEP(id));
if (feof(KTFILEP(id))) {
break;
}
}
}
- setbuf(KTFILEP(id), 0);
if (fseek(KTFILEP(id), zero_point, SEEK_SET)) {
return errno;
}
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * accessor.c (krb5int_accessor): Set new field use_dns_kdc.
+
+2004-12-06 Tom Yu <tlyu@mit.edu>
+
+ * locate_kdc.c (krb5_locate_srv_dns_1): Don't compile if
+ KRB5_DNS_LOOKUP is not defined.
+
+2004-11-19 Ken Raeburn <raeburn@mit.edu>
+
+ * locate_kdc.c (krb5int_add_host_to_list): If debugging, log the
+ requested family and socket type. If AI_NUMERICSERV is defined,
+ set it in ai_flags. If getaddrinfo returns an error with
+ debugging enabled, log the error.
+ (krb5_locate_srv_conf_1): When logging an error from
+ add_host_to_list, include the corresponding error string.
+
+ * t_locate_kdc.c: Include port-sockets.h, instead of sys/socket.h,
+ netdb.h, netinet/in.h, and arpa/inet.h.
+ * Makefile.in ($(OUTPRE)t_locate_kdc.exe): New target.
+
2004-10-20 Ken Raeburn <raeburn@mit.edu>
* locate_kdc.c: Include stdarg.h.
$(CC_LINK) $(ALL_CFLAGS) -o t_locate_kdc t_locate_kdc.o \
$(KRB5_BASE_LIBS)
t_locate_kdc.o: t_locate_kdc.c locate_kdc.c
+$(OUTPRE)t_locate_kdc.exe: $(OUTPRE)t_locate_kdc.obj \
+ $(OUTPRE)dnssrv.obj $(OUTPRE)dnsglue.obj \
+ $(KLIB) $(PLIB) $(CLIB) $(SLIB)
+ link $(EXE_LINKOPTS) -out:$@ $** ws2_32.lib $(DNSLIBS)
LCLINT=lclint
LCLINTOPTS= -warnposix \
t_an_to_ln.so t_an_to_ln.po $(OUTPRE)t_an_to_ln.$(OBJEXT): t_an_to_ln.c $(BUILDTOP)/include/krb5.h \
$(COM_ERR_DEPS)
t_gifconf.so t_gifconf.po $(OUTPRE)t_gifconf.$(OBJEXT): t_gifconf.c
-t_locate_kdc.so t_locate_kdc.po $(OUTPRE)t_locate_kdc.$(OBJEXT): t_locate_kdc.c $(COM_ERR_DEPS) \
- locate_kdc.c $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/port-sockets.h \
- $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/socket-utils.h \
+t_locate_kdc.so t_locate_kdc.po $(OUTPRE)t_locate_kdc.$(OBJEXT): t_locate_kdc.c $(SRCTOP)/include/port-sockets.h \
+ $(BUILDTOP)/include/krb5/autoconf.h $(COM_ERR_DEPS) \
+ locate_kdc.c $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/socket-utils.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \
$(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \
#ifdef KRB5_DNS_LOOKUP
internals_temp.make_srv_query_realm = krb5int_make_srv_query_realm;
internals_temp.free_srv_dns_data = krb5int_free_srv_dns_data;
+ internals_temp.use_dns_kdc = _krb5_use_dns_kdc;
#else
internals_temp.make_srv_query_realm = 0;
internals_temp.free_srv_dns_data = 0;
+ internals_temp.use_dns_kdc = 0;
#endif
#ifdef KRB5_KRB4_COMPAT
internals_temp.krb_life_to_time = krb5int_krb_life_to_time;
int err;
char portbuf[10], secportbuf[10];
- Tprintf ("adding hostname %s, ports %d,%d\n", hostname,
- ntohs (port), ntohs (secport));
+ Tprintf ("adding hostname %s, ports %d,%d, family %d, socktype %d\n",
+ hostname, ntohs (port), ntohs (secport),
+ family, socktype);
memset(&hint, 0, sizeof(hint));
hint.ai_family = family;
hint.ai_socktype = socktype;
+#ifdef AI_NUMERICSERV
+ hint.ai_flags = AI_NUMERICSERV;
+#endif
sprintf(portbuf, "%d", ntohs(port));
sprintf(secportbuf, "%d", ntohs(secport));
err = getaddrinfo (hostname, portbuf, &hint, &addrs);
- if (err)
+ if (err) {
+ Tprintf ("\tgetaddrinfo(\"%s\", \"%s\", ...)\n\treturns %d: %s\n",
+ hostname, portbuf, err, gai_strerror (err));
return translate_ai_error (err);
+ }
anext = 0;
for (a = addrs; a != 0 && err == 0; a = anext) {
anext = a->ai_next;
SOCK_STREAM, family);
}
if (code) {
- Tprintf ("error %d returned from add_host_to_list\n", code);
+ Tprintf ("error %d (%s) returned from add_host_to_list\n", code,
+ error_message (code));
if (hostlist)
profile_free_list (hostlist);
if (masterlist)
}
#endif
+#ifdef KRB5_DNS_LOOKUP
static krb5_error_code
krb5_locate_srv_dns_1 (const krb5_data *realm,
const char *service,
(strcmp("_tcp", protocol)
? SOCK_DGRAM
: SOCK_STREAM), family);
- if (code)
+ if (code) {
break;
+ }
if (entry == head) {
free(entry->host);
free(entry);
krb5int_free_srv_dns_data(head);
return code;
}
+#endif
/*
* Wrapper function for the two backends
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
+#include "port-sockets.h"
#include <com_err.h>
#define TEST
+2004-11-18 Tom Yu <tlyu@mit.edu>
+
+ * Makefile.in (install-unix): Install into KRB5_INCDIR/gssrpc,
+ rather than just KRB5_INCDIR.
+
2004-10-25 Tom Yu <tlyu@mit.edu>
* auth_gss.c (authgss_get_private_data): New function.
install-unix::
for i in $(SRC_HDRS); do \
- (set -x; $(INSTALL_DATA) $(srcdir)/$$i $(DESTDIR)$(KRB5_INCDIR)$(S)$$i) ; \
+ (set -x; $(INSTALL_DATA) $(srcdir)/$$i $(DESTDIR)$(KRB5_INCDIR)$(S)gssrpc$(S)$$i) ; \
done
for i in $(BUILD_HDRS); do \
- (set -x; $(INSTALL_DATA) $$i $(DESTDIR)$(KRB5_INCDIR)$(S)$$i) ; \
+ (set -x; $(INSTALL_DATA) $$i $(DESTDIR)$(KRB5_INCDIR)$(S)gssrpc$(S)$$i) ; \
done
BUILD_HDRS = types.h
#
_GSS_KRB5_NT_PRINCIPAL_NAME
+
+#
+# GSS-API krb5 symbols from gssapi_krb5.h
+#
+
+_gss_mech_krb5
+_gss_mech_krb5_old
+_gss_mech_set_krb5
+_gss_mech_set_krb5_both
+_gss_mech_set_krb5_old
+
+_gss_nt_krb5_name
+_gss_nt_krb5_principal
+_krb5_gss_oid_array
refType = 4;
sourceTree = "<group>";
};
+ A14E78E90725B12A00A025E3 = {
+ fileRef = F517327003F1B65901120114;
+ isa = PBXBuildFile;
+ settings = {
+ };
+ };
A166BCC3040D36F8004AA618 = {
fileEncoding = 4;
isa = PBXFileReference;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/lib/crypto/des $(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = KerberosDES;
REZ_EXECUTABLE = YES;
buildActionMask = 2147483647;
files = (
A1AB1DEF05DDC40100526345,
+ A14E78E90725B12A00A025E3,
);
isa = PBXHeadersBuildPhase;
runOnlyForDeploymentPostprocessing = 0;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../Sources/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = KerberosProfile;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosDebug/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/include/kerberosIV $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosDebug/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = Kerberos4;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(SRCROOT)/../Sources/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/ $(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/lib/crypto/aes $(SRCROOT)/../Sources/lib/crypto $(SRCROOT)/../Sources/lib/crypto/arcfour $(SRCROOT)/../Sources/lib/crypto/enc_provider $(SRCROOT)/../Sources/lib/crypto/crc32 $(SRCROOT)/../Sources/lib/crypto/des $(SRCROOT)/../Sources/lib/crypto/dk $(SRCROOT)/../Sources/lib/crypto/hash_provider $(SRCROOT)/../Sources/lib/crypto/keyhash_provider $(SRCROOT)/../Sources/lib/crypto/md4 $(SRCROOT)/../Sources/lib/crypto/md5 $(SRCROOT)/../Sources/lib/crypto/old $(SRCROOT)/../Sources/lib/crypto/raw $(SRCROOT)/../Sources/lib/crypto/sha1 $(SRCROOT)/../Sources/lib/crypto/yarrow $(SRCROOT)/../Sources/lib/krb5/os $(SRCROOT)/../Sources/lib/krb5/keytab $(SRCROOT)/../Sources/lib/krb5/rcache $(SRCROOT)/../Sources/lib/krb5/ccache $(SRCROOT)/../Sources/lib/krb5/ccache/ccapi $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../Sources/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = Kerberos5;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/lib/gssapi $(SRCROOT)/../Sources/lib/gssapi/krb5 $(SRCROOT)/../Sources/lib/gssapi/generic $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/gssapi $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = GSS;
REZ_EXECUTABLE = YES;
_profile_init_path
_FSp_profile_init
_FSp_profile_init_path
+_profile_is_writable
+_profile_is_modified
_profile_flush
+_profile_flush_to_file
+_profile_flush_to_buffer
+_profile_free_buffer
_profile_abandon
_profile_release
_profile_get_values
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 4
#define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "prerelease"
+#define KRB5_RELTAIL "beta2"
/* #undef KRB5_RELDATE */
-/* #undef KRB5_RELTAG */
+#define KRB5_RELTAG "krb5-1-4-beta2"
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * telnet.exp (telnet_test): Work around possible race condition
+ with client's resetting of terminal mode when returning from
+ interactive command mode. Test whether requiring encryption
+ works.
+
2004-03-14 Ken Raeburn <raeburn@mit.edu>
* rlogin.exp (start_rlogin_daemon, rlogin_test): Use portbase to
# A procedure to start up the telnet daemon.
-proc start_telnet_daemon { } {
+proc start_telnet_daemon { args } {
global REALMNAME
global TELNETD
global LOGINKRB5
# we don't need to use inetd. The portbase+8 is the port to listen at.
# Note that tmppwd here is a shell variable, which is set in
# setup_root_shell, not a TCL variable.
- send -i $rlogin_spawn_id "sh -c \"$TELNETD -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap -X KERBEROS_V4 [expr 8 + $portbase]\" &\r"
+ send -i $rlogin_spawn_id "sh -c \"$TELNETD $args -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap -X KERBEROS_V4 [expr 8 + $portbase]\" &\r"
expect {
-i $rlogin_spawn_id
-re "$ROOT_PROMPT" { }
set testname "simple telnet"
expect {
- "ogin:" {
+ "ogin: " {
pass $testname
}
}
set testname "telnet command mode"
send "\035"
expect {
- "telnet>" {
+ "telnet> " {
pass $testname
}
}
}
set testname "back to command mode"
+
+ # For some reason, the telnet client doesn't necessarily reset the
+ # terminal mode back to raw after exiting command mode.
+ # Kick it somewhat by sending a CR.
+ send "\r"
+ expect "ogin: "
+
send "\035"
expect {
- "telnet>" {
+ "telnet> " {
pass $testname
}
}
}
expect_after
+ catch "expect eof"
# We can't use check_exit_status, because we expect an exit status
# of 1.
# Move back to telnet command mode and check the encryption status.
set testname "encryption status"
send "\035"
- expect "telnet>"
+ expect "telnet> "
send "status\r"
expect {
-re "Currently encrypting output with DES_CFB64.*Currently decrypting input with DES_CFB64" {
expect "Connection closed by foreign host.\r"
expect_after
+ catch "expect eof"
# We can't use check_exit_status, because we expect an exit status
# of 1.
# The telnet daemon should have stopped, but we have no easy way
# of checking whether it actually did. Kill it just in case.
stop_telnet_daemon
+
+ set testname "reject unencrypted telnet"
+ # Check rejection of unencrypted client when encryption is required
+ start_telnet_daemon -e
+
+ # unencrypted, unauthenticated
+ spawn $TELNET -- $hostname -[expr 8 + $portbase]
+ expect_after {
+ timeout {
+ fail $testname
+ catch "expect_after"
+ return
+ }
+ eof {
+ fail $testname
+ catch "expect_after"
+ return
+ }
+ }
+
+ expect {
+ -re "Unencrypted connection refused.*\n" {
+ pass $testname
+ }
+ }
+ catch "expect_after"
+ catch "expect eof"
+ catch wait
+
+ # The telnet daemon should have stopped, but we have no easy way
+ # of checking whether it actually did. Kill it just in case.
+ stop_telnet_daemon
}
# Run the test. Logging in sometimes takes a while, so increase the
+2004-10-31 Tom Yu <tlyu@mit.edu>
+
+ * mkrel: Rework quoting for RELTAIL check. Don't check RELTAIL if
+ doing a "-current" snapshot.
+
2004-09-24 Tom Yu <tlyu@mit.edu>
* mkrel: Rework somewhat to handle patchlevel.h being the new
+2004-11-05 Ken Raeburn <raeburn@mit.edu>
+
+ * et_h.awk: Declare initialize_*_error_table as taking no
+ arguments.
+ * et_h.pl: Regenerated.
+
2004-10-07 Tom Yu <tlyu@mit.edu>
* et_c.awk, et_h.awk: Fix off-by-one error.
print "" > outfile
print "#if !defined(_WIN32)" > outfile
print "/* for compatibility with older versions... */" > outfile
- print "extern void initialize_" table_name "_error_table () /*@modifies internalState@*/;" > outfile
+ print "extern void initialize_" table_name "_error_table (void) /*@modifies internalState@*/;" > outfile
print "#else" > outfile
print "#define initialize_" table_name "_error_table()" > outfile
print "#endif" > outfile
&Pick('>', $outfile) &&
(print $fh 'extern void initialize_' . $table_name .
- '_error_table () /*@modifies internalState@*/;');
+ '_error_table (void) /*@modifies internalState@*/;');
&Pick('>', $outfile) &&
(print $fh '#else');
&Pick('>', $outfile) &&
if test "$KRB5_RELTAG" != $reltag; then
echo "WARNING: patchlevel.h '$KRB5_RELTAG' != $reltag"
fi
- if test "$KRB5_MAJOR_RELEASE" != $relmajor || \
- test "$KRB5_MINOR_RELEASE" != $relminor || \
- test "$KRB5_PATCHLEVEL" != $relpatch || \
- test "$KRB5_RELTAIL" != $reltail; then
+ if test "$KRB5_MAJOR_RELEASE" != "$relmajor" || \
+ test "$KRB5_MINOR_RELEASE" != "$relminor" || \
+ test "$KRB5_PATCHLEVEL" != "$relpatch" || \
+ ( test -n "$reltail" && \
+ test "$KRB5_RELTAIL" != "$reltail" ); then
echo "WARNING: patchlevel.h $KRB5_MAJOR_RELEASE.$KRB5_MINOR_RELEASE.$KRB5_PATCHLEVEL${KRB5_RELTAIL+-$KRB5_RELTAIL} != $relmajor.$relminor.$relpatch${reltail+-$reltail}"
fi
+2004-11-04 Alexandra Ellwood <lxs@mit.edu>
+
+ * prof_init.c, profile.hin: added profile_is_modified
+ and profile_is_writable so that callers can check to see
+ if profile_release() will fail before calling it.
+
+2004-11-04 Alexandra Ellwood <lxs@mit.edu>
+
+ * prof_set.c: profile calls which set values should not fail
+ if file is not writable. You can now write to a different
+ file with profile_flush_to_file() or buffer with
+ profile_flush_to_buffer().
+
+2004-10-30 Ken Raeburn <raeburn@mit.edu>
+
+ * prof_int.h (STAT_ONCE_PER_SECOND): Define.
+ (struct _prf_data_t) [STAT_ONCE_PER_SECOND]: New field LAST_STAT.
+ * prof_file.c (scan_shared_trees_locked,
+ scan_shared_trees_unlocked): Redefine to do nothing for now.
+ (profile_update_file_data) [STAT_ONCE_PER_SECOND]: If the current
+ time is the same time as the last stat of the file, just return;
+ otherwise, save away the current time.
+
2004-10-26 Ken Raeburn <raeburn@mit.edu>
Permit exporting profile file data into a buffer.
static void profile_free_file_data(prf_data_t);
+#if 0
+
#define scan_shared_trees_locked() \
{ \
prf_data_t d; \
k5_mutex_unlock(&g_shared_trees_mutex); \
}
+#else
+
+#define scan_shared_trees_locked() { ; }
+#define scan_shared_trees_unlocked() { ; }
+
+#endif
+
static int rw_access(const_profile_filespec_t filespec)
{
#ifdef HAVE_ACCESS
errcode_t retval;
#ifdef HAVE_STAT
struct stat st;
+#ifdef STAT_ONCE_PER_SECOND
+ time_t now;
+#endif
#endif
FILE *f;
return retval;
#ifdef HAVE_STAT
+#ifdef STAT_ONCE_PER_SECOND
+ now = time(0);
+ if (now == data->last_stat) {
+ k5_mutex_unlock(&data->lock);
+ return 0;
+ }
+#endif
if (stat(data->filespec, &st)) {
retval = errno;
k5_mutex_unlock(&data->lock);
return retval;
}
+#ifdef STAT_ONCE_PER_SECOND
+ data->last_stat = now;
+#endif
if (st.st_mtime == data->timestamp) {
k5_mutex_unlock(&data->lock);
return 0;
return retval;
}
+errcode_t KRB5_CALLCONV
+profile_is_writable(profile_t profile, int *writable)
+{
+ if (!profile || profile->magic != PROF_MAGIC_PROFILE)
+ return PROF_MAGIC_PROFILE;
+
+ if (!writable)
+ return EINVAL;
+
+ if (profile->first_file)
+ *writable = (profile->first_file->data->flags & PROFILE_FILE_RW);
+
+ return 0;
+}
+
+errcode_t KRB5_CALLCONV
+profile_is_modified(profile_t profile, int *modified)
+{
+ if (!profile || profile->magic != PROF_MAGIC_PROFILE)
+ return PROF_MAGIC_PROFILE;
+
+ if (!modified)
+ return EINVAL;
+
+ if (profile->first_file)
+ *modified = (profile->first_file->data->flags & PROFILE_FILE_DIRTY);
+
+ return 0;
+}
+
errcode_t KRB5_CALLCONV
profile_flush(profile_t profile)
{
#include "com_err.h"
#include "profile.h"
+#define STAT_ONCE_PER_SECOND
+
#if defined(_WIN32)
#define SIZEOF_INT 4
#define SIZEOF_SHORT 2
k5_mutex_t lock;
char *comment;
struct profile_node *root;
+#ifdef STAT_ONCE_PER_SECOND
+ time_t last_stat;
+#endif
time_t timestamp; /* time tree was last updated from file */
int flags; /* r/w, dirty */
int upd_serial; /* incremented when data changes */
file = profile->first_file;
- if (!(file->data->flags & PROFILE_FILE_RW))
- return PROF_READ_ONLY;
-
retval = profile_lock_global();
if (retval)
return retval;
void KRB5_CALLCONV profile_free_buffer
(profile_t profile, char *buf);
+long KRB5_CALLCONV profile_is_writable
+ (profile_t profile, int *writable);
+long KRB5_CALLCONV profile_is_modified
+ (profile_t profile, int *modified);
+
void KRB5_CALLCONV profile_abandon
(profile_t profile);
projects / krb5.git / commitdiff