krb5.git
29 years agoFixed typo (missing comma) in file
Theodore Tso [Thu, 21 Dec 1995 23:53:58 +0000 (23:53 +0000)]
Fixed typo (missing comma) in file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7247 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoChanged KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED (since the
Theodore Tso [Thu, 21 Dec 1995 23:50:16 +0000 (23:50 +0000)]
Changed KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED (since the
error code is no longer used in sendauth).  Added KRB5_CC_FORMAT for
indicating a problem in the credentials cache format.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7246 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoChange use of KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED
Theodore Tso [Thu, 21 Dec 1995 23:49:52 +0000 (23:49 +0000)]
Change use of KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7245 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIn the case of SCC_OPEN_AND_ERASE, unlink the filename first, in case
Theodore Tso [Thu, 21 Dec 1995 23:39:45 +0000 (23:39 +0000)]
In the case of SCC_OPEN_AND_ERASE, unlink the filename first, in case
there's a symbolic link lurking about.  (We should do an exclusive
open then, but there's no such thing in stdio.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7244 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIn the case of FCC_OPEN_AND_ERASE, unlink the old filename, and then
Theodore Tso [Thu, 21 Dec 1995 23:39:16 +0000 (23:39 +0000)]
In the case of FCC_OPEN_AND_ERASE, unlink the old filename, and then
add the O_EXCL open flag, to prevent O_CREAT from following a symbolic
link.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7243 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* configure.in: Check for the stat call, since profile_update_file
Theodore Tso [Thu, 21 Dec 1995 23:25:19 +0000 (23:25 +0000)]
* configure.in: Check for the stat call, since profile_update_file
needs to know whether it exists.  (It doesn't on the Mac.)

* prof_file.c (profile_update_file): Change use of HAS_STAT to
HAVE_STAT, to confirm with autoconf test.  If the stat() call does not
exist, assume that our in-core memory image is correct, and never
re-read the profile file unless we explicitly close it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7242 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* Makefile.in (t_an_to_ln): Use $(LD) instead of $(CC) to link final
Theodore Tso [Thu, 21 Dec 1995 23:19:13 +0000 (23:19 +0000)]
* Makefile.in (t_an_to_ln): Use $(LD) instead of $(CC) to link final
executables, so that we can more easily use purify.

* hst_realm.c (krb5_get_host_realm): Eliminate memory leak; realm was
already being allocated by the profile library; no reason to
reallocate it again.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7241 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMissing parenthesis meant that wrong number of bytes was being
Theodore Tso [Wed, 20 Dec 1995 02:02:55 +0000 (02:02 +0000)]
Missing parenthesis meant that wrong number of bytes was being
allocated.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7240 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoNew function for doing generic tty input and output. Eventually
Theodore Tso [Wed, 20 Dec 1995 01:50:53 +0000 (01:50 +0000)]
New function for doing generic tty input and output.  Eventually
read_password should use this function.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7239 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoDon't drag in syslog.c if vsyslog() is not defined. Only drag it in
Theodore Tso [Tue, 19 Dec 1995 22:31:31 +0000 (22:31 +0000)]
Don't drag in syslog.c if vsyslog() is not defined.  Only drag it in
if syslog() isn't available.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7238 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoDon't use vsyslog; use syslog instead. Fixed lint flames
Theodore Tso [Tue, 19 Dec 1995 22:30:07 +0000 (22:30 +0000)]
Don't use vsyslog; use syslog instead.  Fixed lint flames

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7237 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAlso include unistd.h, if it's available
Theodore Tso [Tue, 19 Dec 1995 22:17:25 +0000 (22:17 +0000)]
Also include unistd.h, if it's available

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7236 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRemove declaration of LineNbr; no longer exported by kparse.c
Theodore Tso [Tue, 19 Dec 1995 22:12:37 +0000 (22:12 +0000)]
Remove declaration of LineNbr; no longer exported by kparse.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7235 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * keytab.c (krb5_ktkdb_resolve): Fix casting
Ezra Peisach [Mon, 18 Dec 1995 16:46:51 +0000 (16:46 +0000)]
    * keytab.c (krb5_ktkdb_resolve): Fix casting

        * t_kdb.c (add_principal): Remove mkvno

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7234 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd a blank line to work around a misfeature in DecUnix 3.2's fgrep where
Ezra Peisach [Mon, 18 Dec 1995 00:57:37 +0000 (00:57 +0000)]
Add a blank line to work around a misfeature in DecUnix 3.2's fgrep where
there is a line limit. autoheader (which is only used by developers)
tries to put together a very long line with is then parsed - but due
to fgreps line length limitation this breaks. By adding the blank line
autoheader divides the work into multiple sections and wins.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7233 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMerge in changes between 1.4 and 1.5 in RCS file; this delta is Mark
Sam Hartman [Thu, 14 Dec 1995 20:03:10 +0000 (20:03 +0000)]
Merge in changes between 1.4 and 1.5 in RCS file; this delta is Mark
Eichin's patch to fall back to /usr/adm/wtmp.  Somehow, this was lost
in 1.6.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7232 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * t_verify.c: Added an n-fold test
Richard Basch [Thu, 14 Dec 1995 00:50:25 +0000 (00:50 +0000)]
* t_verify.c: Added an n-fold test

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7231 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kadmin.exp: test that kadmin_modify doesn't corrupt key entries
Mark Eichin [Wed, 13 Dec 1995 20:29:45 +0000 (20:29 +0000)]
* kadmin.exp: test that kadmin_modify doesn't corrupt key entries

(I think proven's changes fix this, but this will help keep it fixed.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7230 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * configure.in : Remove subdirectory db
Chris Provenzano [Wed, 13 Dec 1995 12:13:56 +0000 (12:13 +0000)]
    * configure.in : Remove subdirectory db

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7225 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * Makefile.in : Move db keytab routines to lib/kdb
Chris Provenzano [Wed, 13 Dec 1995 12:13:36 +0000 (12:13 +0000)]
    * Makefile.in : Move db keytab routines to lib/kdb

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7224 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * Makefile.in, keytab.c : Move db keytab routines here
Chris Provenzano [Wed, 13 Dec 1995 12:11:09 +0000 (12:11 +0000)]
* Makefile.in, keytab.c : Move db keytab routines here

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7223 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_mkdums.c : Remove mkvno from krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 09:03:37 +0000 (09:03 +0000)]
    * kdb5_mkdums.c : Remove mkvno from krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7222 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_verify.c : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 09:02:16 +0000 (09:02 +0000)]
    * kdb5_verify.c : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7221 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb_xdr.c : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 09:00:23 +0000 (09:00 +0000)]
    * kdb_xdr.c : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7220 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kerberos_v4.c : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 08:58:43 +0000 (08:58 +0000)]
    * kerberos_v4.c : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7219 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kadm_funcs.c : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 08:57:15 +0000 (08:57 +0000)]
    * kadm_funcs.c : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7218 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * adm_funcs.c : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 08:56:00 +0000 (08:56 +0000)]
    * adm_funcs.c : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7217 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb.h : Remove mkvno for krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 08:53:35 +0000 (08:53 +0000)]
* kdb.h : Remove mkvno for krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7216 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
Chris Provenzano [Wed, 13 Dec 1995 08:49:20 +0000 (08:49 +0000)]
    * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
Remove mkvno from krb5_db_entry.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7215 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_create.c : Remove mkvno from krb5_db_entry
Chris Provenzano [Wed, 13 Dec 1995 08:48:33 +0000 (08:48 +0000)]
* kdb5_create.c : Remove mkvno from krb5_db_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7214 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdc.conf: Added examples of "supported_enctypes" and "master_key_type"
Richard Basch [Tue, 12 Dec 1995 19:47:52 +0000 (19:47 +0000)]
* kdc.conf: Added examples of "supported_enctypes" and "master_key_type"

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7212 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb524d.c: Changed krb5_db_fetch_mkey() such that it will only try
Richard Basch [Tue, 12 Dec 1995 19:45:23 +0000 (19:45 +0000)]
* krb524d.c: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7211 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * fetch_mkey: Changed krb5_db_fetch_mkey() such that it will only try
Richard Basch [Tue, 12 Dec 1995 19:45:13 +0000 (19:45 +0000)]
* fetch_mkey: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7210 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * main.c: Changed krb5_db_fetch_mkey() such that it will only try
Richard Basch [Tue, 12 Dec 1995 19:45:01 +0000 (19:45 +0000)]
* main.c: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7209 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * d3_str2ky.c: Updated to include some of the randomness throughout
Richard Basch [Tue, 12 Dec 1995 19:32:56 +0000 (19:32 +0000)]
* d3_str2ky.c: Updated to include some of the randomness throughout
the entire key.  The second 3-DES CBC encryption of the block
should use an ivec of the last cipher block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7208 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * 3-des.txt: Updated to include some of the randomness throughout
Richard Basch [Tue, 12 Dec 1995 19:32:45 +0000 (19:32 +0000)]
* 3-des.txt: Updated to include some of the randomness throughout
the entire key.  The second 3-DES CBC encryption of the block
should use an ivec of the last cipher block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7206 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoClean up repository - don't check in configure add .Sanitize and .cvsignore
Ezra Peisach [Tue, 12 Dec 1995 13:26:13 +0000 (13:26 +0000)]
Clean up repository - don't check in configure add .Sanitize and .cvsignore

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7205 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * TODO: Done: keytab routines to access to database.
Chris Provenzano [Tue, 12 Dec 1995 06:44:09 +0000 (06:44 +0000)]
* TODO: Done: keytab routines to access to database.
Todo: Create a real krb5_db_context after 1.0

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7204 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoNew directory for the kdb keytab functions. Currently there is only get and
Chris Provenzano [Tue, 12 Dec 1995 06:30:11 +0000 (06:30 +0000)]
New directory for the kdb keytab functions. Currently there is only get and
resolve but these are sufficient to remove the ugly hack where the key is
passed to krb5_rd_req() in the user-to-user field of the auth_context.
These functions do NOT need to be built on the Macintosh or Windows systems.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7203 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * configure.in : Added subdirectory db
Chris Provenzano [Tue, 12 Dec 1995 06:27:13 +0000 (06:27 +0000)]
* configure.in : Added subdirectory db

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7202 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb_dbm.c : Move the krb5_db_context to include/krb5/kdb_dbc.h.
Chris Provenzano [Tue, 12 Dec 1995 06:24:26 +0000 (06:24 +0000)]
* kdb_dbm.c : Move the krb5_db_context to include/krb5/kdb_dbc.h.
* kdb_dbm.c krb5_dbm_db_set_mkey(), krb5_dbm_db_get_mkey():
Functions for associating a master key (krb5_encrypt_block *)
to a krb5_db_context. Currently it associates it to the
krb5_context and will be fixed once the krb5_db_context
is better defined (Post 1.0).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7201 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * extern.h: Added a krb5_keytab to the realm context. The keytab
Chris Provenzano [Tue, 12 Dec 1995 06:18:53 +0000 (06:18 +0000)]
* extern.h: Added a krb5_keytab to the realm context. The keytab
should be associated with a krb5_db_context which will
make having a krb5_context unnecessary in the realm context.
* kdc_util.c kdc_process_tgs_req(): Use the realm keytab instead
of faking up a user-to-user key to pass to krb5_rd_req_decode().
* main.c: Added code to use the new database keytab routines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7200 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * adm.h: Added principal flag keywords KRB5_ADM_KW_SETFLAGS and
Chris Provenzano [Tue, 12 Dec 1995 06:09:05 +0000 (06:09 +0000)]
* adm.h: Added principal flag keywords KRB5_ADM_KW_SETFLAGS and
KRB5_ADM_KW_UNSETFLAGS because relative flag modification
is just a good idea.
* kdb.h: typedef kdb5_dispatch_table so prototypes that need it
compile even if KDB5_DISPATCH isn't defined.
* kdb_dbc.h: The start of the database context, which should be
removed from the krb5_context.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7199 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * main.c: Use the master key enctype from the stash file if none
Richard Basch [Tue, 12 Dec 1995 02:34:56 +0000 (02:34 +0000)]
* main.c: Use the master key enctype from the stash file if none
is specified (set the keyblock enctype to NULL).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7198 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_edit.c: Use the master key enctype from the stash file if none
Richard Basch [Tue, 12 Dec 1995 02:34:40 +0000 (02:34 +0000)]
* kdb5_edit.c: Use the master key enctype from the stash file if none
is specified (set the keyblock enctype to NULL).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7197 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * fetch_mkey.c: If the keyblock is initialized with an enctype of
Richard Basch [Tue, 12 Dec 1995 02:32:05 +0000 (02:32 +0000)]
* fetch_mkey.c: If the keyblock is initialized with an enctype of
NULL, simply read in the enctype from the stash file and
don't try to check it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7196 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb524d.c: Rely on stashed master key enctype instead of hardcoding
Richard Basch [Tue, 12 Dec 1995 02:31:12 +0000 (02:31 +0000)]
* krb524d.c: Rely on stashed master key enctype instead of hardcoding

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7195 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * d3_str2ky.c: Revised 3-DES String-To-Key algorithm to encrypt the
Richard Basch [Tue, 12 Dec 1995 02:29:45 +0000 (02:29 +0000)]
* d3_str2ky.c: Revised 3-DES String-To-Key algorithm to encrypt the
    folded result twice in the folded key. [Courtesy Uri Blumenthal]

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7194 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * 3-des.txt: Revised 3-DES String-To-Key algorithm to encrypt the
Richard Basch [Tue, 12 Dec 1995 02:29:33 +0000 (02:29 +0000)]
* 3-des.txt: Revised 3-DES String-To-Key algorithm to encrypt the
    folded result twice in the folded key. [Courtesy Uri Blumenthal]

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7193 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdc_preauth.c return_padata(): Initialize local variable "size"
Chris Provenzano [Mon, 11 Dec 1995 22:01:07 +0000 (22:01 +0000)]
* kdc_preauth.c return_padata(): Initialize local variable "size"
to 0 before using it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7192 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * adm_proto.h: Moved many string conversion functions to libkrb5
Richard Basch [Mon, 11 Dec 1995 18:30:09 +0000 (18:30 +0000)]
* adm_proto.h: Moved many string conversion functions to libkrb5
for better support of multiple encryption type selection

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7191 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb5.hin: Moved string conversion functions from libkadm
Richard Basch [Mon, 11 Dec 1995 18:29:16 +0000 (18:29 +0000)]
* krb5.hin: Moved string conversion functions from libkadm
for better support of multiple encryption type selection

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7190 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb5.conf.M: describe new option default_tgs_enctypes
Richard Basch [Mon, 11 Dec 1995 17:25:28 +0000 (17:25 +0000)]
* krb5.conf.M: describe new option default_tgs_enctypes
for specifying the default session key types.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7189 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_edit.M: Document that modent exists
Ezra Peisach [Sun, 10 Dec 1995 16:22:10 +0000 (16:22 +0000)]
* kdb5_edit.M: Document that modent exists

* kdb5_edit.c (modent): Add usage as suggested by jhawk@mit.edu.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7188 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd new routine krb5_input_flag_to_string to allow an application to
Ezra Peisach [Sun, 10 Dec 1995 16:19:38 +0000 (16:19 +0000)]
Add new routine krb5_input_flag_to_string to allow an application to
loop over the input flag strings for displaying help messages (i.e.
modent in krb5_edit).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7187 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * adm_proto.h: Add prototype for krb5_input_flag_to_string
Ezra Peisach [Sun, 10 Dec 1995 16:17:10 +0000 (16:17 +0000)]
* adm_proto.h: Add prototype for krb5_input_flag_to_string

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7186 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5.conf Added example use of default_tgs_enctypes
Richard Basch [Wed, 6 Dec 1995 15:49:04 +0000 (15:49 +0000)]
* krb5.conf Added example use of default_tgs_enctypes
* krb5.conf.M Described new configuration option "default_tgs_enctypes"

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7179 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * configure.in: Use krb5util library
Ezra Peisach [Wed, 6 Dec 1995 02:04:10 +0000 (02:04 +0000)]
* configure.in: Use krb5util library

* login.c (main): Change two-argument call to syslog to three
arguments to handle screw cases in hostnames.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7178 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMove compat_recvauth to this library so that krb4 can depend on krb5
Ezra Peisach [Wed, 6 Dec 1995 02:02:51 +0000 (02:02 +0000)]
Move compat_recvauth to this library so that krb4 can depend on krb5
(for configurable paths support).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7177 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoCommit the removal or compat_recv.o
Ezra Peisach [Wed, 6 Dec 1995 02:00:43 +0000 (02:00 +0000)]
Commit the removal or  compat_recv.o

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7176 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMove compat_recv.c to krb5util
Ezra Peisach [Wed, 6 Dec 1995 01:59:16 +0000 (01:59 +0000)]
Move compat_recv.c to krb5util

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7175 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRemoved krb4 dependency in building shared library
Ezra Peisach [Wed, 6 Dec 1995 01:58:05 +0000 (01:58 +0000)]
Removed krb4 dependency in building shared library

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7174 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * Makefile.in: Shared library depends on krb5 library now
Ezra Peisach [Wed, 6 Dec 1995 01:55:03 +0000 (01:55 +0000)]
* Makefile.in: Shared library depends on krb5 library now

* configure.in: Pass krb5 library version number to Makefile.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7173 dc483132-0cff-0310-8789-dd5450dbe970

29 years agokrb5 is built before krb4. Add krb5util library
Ezra Peisach [Wed, 6 Dec 1995 01:53:00 +0000 (01:53 +0000)]
krb5 is built before krb4. Add krb5util library

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7172 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd USE_KRB5UTIL_LIBRARY. Change library link order to -lkrb4 -lkrb5
Ezra Peisach [Wed, 6 Dec 1995 01:51:08 +0000 (01:51 +0000)]
Add USE_KRB5UTIL_LIBRARY. Change library link order to -lkrb4 -lkrb5

compat_recvauth is moving to a new library and krb4 now depends on krb5
anyways for the configurable path support.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7171 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded support for matching against a supported app. session key type
Richard Basch [Tue, 5 Dec 1995 03:48:32 +0000 (03:48 +0000)]
Added support for matching against a supported app. session key type

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7170 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoWhen searching for cached credentials, make sure we are also looking for
Richard Basch [Tue, 5 Dec 1995 03:47:34 +0000 (03:47 +0000)]
When searching for cached credentials, make sure we are also looking for
credentials that are matching a supported application keytype.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7169 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded two new routines for multiple encryption type support:
Richard Basch [Tue, 5 Dec 1995 03:45:06 +0000 (03:45 +0000)]
Added two new routines for multiple encryption type support:
   krb5_set_default_tgs_ktypes(context, ktypes)
This routine sets the default application session key types to be used.
   krb5_get_tgs_ktypes(context, principal, &ktypes)
This routine gets the session key types to be used with "principal".
At the moment, this only uses the krb5_set_default_tgs_ktypes values
or those specified in libdefaults/default_tgs_enctypes (krb5.conf).
It is envisioned that this may later support per-host/per-realm lookup.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7168 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded prototypes for two new routines:
Richard Basch [Tue, 5 Dec 1995 03:41:31 +0000 (03:41 +0000)]
Added prototypes for two new routines:
krb5_set_default_tgs_ktypes - sets default app. session key types.
krb5_get_tgs_ktypes - gets app. session key types.
Also added a new flag for testing credential matches (match supported keytype)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7167 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoSerialize / de-serialize the context structure, which now includes both
Richard Basch [Tue, 5 Dec 1995 03:39:28 +0000 (03:39 +0000)]
Serialize / de-serialize the context structure, which now includes both
TGT session key types and application session key types.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7166 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoInstead of using the TGT session key type, use the application session
Richard Basch [Tue, 5 Dec 1995 03:38:02 +0000 (03:38 +0000)]
Instead of using the TGT session key type, use the application session
key type.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7165 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoExtended the context structure to support differing tgt and application
Richard Basch [Tue, 5 Dec 1995 03:36:11 +0000 (03:36 +0000)]
Extended the context structure to support differing tgt and application
session keys.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7164 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoThe BSD application suite only understands using 1-DES as a session key type
Richard Basch [Tue, 5 Dec 1995 03:34:22 +0000 (03:34 +0000)]
The BSD application suite only understands using 1-DES as a session key type

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7163 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoUse symbolic names for the encryption types.
Richard Basch [Tue, 5 Dec 1995 03:32:11 +0000 (03:32 +0000)]
Use symbolic names for the encryption types.
Support 3-DES, too.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7162 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoThe wrong encryption system was being initialized. The response to the mk_req
Richard Basch [Tue, 5 Dec 1995 03:30:58 +0000 (03:30 +0000)]
The wrong encryption system was being initialized.  The response to the mk_req
should be done using the session key and its encryption system, not the
ticket's encryption system.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7161 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoThere is no longer a dependency on libkadm
Richard Basch [Tue, 5 Dec 1995 03:27:55 +0000 (03:27 +0000)]
There is no longer a dependency on libkadm

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7160 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMoved most string-type conversion routines from libkadm to libkrb5 to
Richard Basch [Tue, 5 Dec 1995 03:24:44 +0000 (03:24 +0000)]
Moved most string-type conversion routines from libkadm to libkrb5 to
reduce the dependencies on libkadm and for better support of multiple
encryption type lookup in krb5.conf.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7159 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMoved most string-type conversion routines from libkadm to libkrb5 to
Richard Basch [Tue, 5 Dec 1995 03:13:14 +0000 (03:13 +0000)]
Moved most string-type conversion routines from libkadm to libkrb5 to
reduce the dependencies on libkadm and for better support of multiple
encryption type lookup in krb5.conf.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7158 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFixed the description of the algorithm in the comment
Richard Basch [Sat, 2 Dec 1995 16:35:47 +0000 (16:35 +0000)]
Fixed the description of the algorithm in the comment

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7157 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoXOR the last byte of weak keys with 0xf0, according to spec
Richard Basch [Sat, 2 Dec 1995 16:33:40 +0000 (16:33 +0000)]
XOR the last byte of weak keys with 0xf0, according to spec

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoXOR the last octet with 0xf0, not the first, analagous to 1-DES
Richard Basch [Sat, 2 Dec 1995 16:30:09 +0000 (16:30 +0000)]
XOR the last octet with 0xf0, not the first, analagous to 1-DES

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7155 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoApplied patch from Scott Schwartz <schwartz@galapagos.cse.psu.edu>
Theodore Tso [Fri, 1 Dec 1995 22:35:35 +0000 (22:35 +0000)]
Applied patch from Scott Schwartz <schwartz@galapagos.cse.psu.edu>

Under SunOS, and maybe other systems, there is a a problem with
krlogind.c and a similar problem with login.c as distributed with
K5.5.

The bug is that rlogind forks a child but retains a controlling tty.
If the child is in the same process group as the parent, which is will
if you don't use a job control shell (chsh /bin/rc), keyboard signals
will kill the daemon.  telnetd dissociates itself properly, but then
login.krb5 waits for the shell to finish, but login.krb5 has the same
ctty as the shell and is in the same process group, so it has the same
problem.

In BSD you used to be able to give up your ctty at will, but SunOS
seems to have setsid as the only mechanism to perform that action, and
setsid can only succeed in limited circumstances.  Rlogind ought to be
fixed to behave more like telnetd, but independent of that, login.krb5
needs to be patched if kerberos is to work properly under SunOS.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7154 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd rule for building shared object files
Theodore Tso [Fri, 1 Dec 1995 22:28:06 +0000 (22:28 +0000)]
Add rule for building shared object files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7153 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded Changelog file
Theodore Tso [Fri, 1 Dec 1995 22:24:32 +0000 (22:24 +0000)]
Added Changelog file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7152 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded temporary definition of KRB5_ADM_M_EXTRADATA so that we have a
Theodore Tso [Fri, 1 Dec 1995 22:16:42 +0000 (22:16 +0000)]
Added temporary definition of KRB5_ADM_M_EXTRADATA so that we have a
tree which (mostly) compiles.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7151 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIn case of permission problems, don't unlink the old replay cache;
Theodore Tso [Fri, 1 Dec 1995 22:15:32 +0000 (22:15 +0000)]
In case of permission problems, don't unlink the old replay cache;
make it a hard (repeatable) error.  This also reduces the chance we
accidentally delete valuable data.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7150 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoInitialize rcache to zero, so that on cleanup we don't try to free
Theodore Tso [Fri, 1 Dec 1995 22:14:52 +0000 (22:14 +0000)]
Initialize rcache to zero, so that on cleanup we don't try to free
stack garbage.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7149 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoChanged token ID for KG_TOK_WRAP_MSG to match KG_TOK_SEAL_MSG both
Theodore Tso [Fri, 1 Dec 1995 22:14:10 +0000 (22:14 +0000)]
Changed token ID for KG_TOK_WRAP_MSG to match KG_TOK_SEAL_MSG both
should be 0x0201.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7148 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5_gss_glue.c (gss_inquire_names_for_mech): Added new context
Theodore Tso [Fri, 1 Dec 1995 22:13:07 +0000 (22:13 +0000)]
* krb5_gss_glue.c (gss_inquire_names_for_mech): Added new context
argument to the call of krb5_gss_inquire_names_for_mech().

* inq_names.c (krb5_gss_inquire_names_for_mech): Added new context
argument to the arg list.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7147 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoDescription of 3-DES algorithms
Richard Basch [Fri, 1 Dec 1995 21:25:08 +0000 (21:25 +0000)]
Description of 3-DES algorithms

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7146 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoCorrected algorithm description at beginning.
Richard Basch [Fri, 1 Dec 1995 19:21:07 +0000 (19:21 +0000)]
Corrected algorithm description at beginning.
Fold input into 168 bits and then expand the result to include odd parity,
so as to avoid potentially weakening the key.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7145 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded 3-DES string translation
Richard Basch [Fri, 1 Dec 1995 19:10:04 +0000 (19:10 +0000)]
Added 3-DES string translation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7144 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdc_preauth.c: #@&^(!! Ultrix cc sucks. Typedef to function
Tom Yu [Fri, 1 Dec 1995 02:00:33 +0000 (02:00 +0000)]
* kdc_preauth.c: #@&^(!! Ultrix cc sucks.  Typedef to function
pointer rather than function prototype to avoid lossage.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7143 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRemoved extra eblock argument from call to krb5_encode_kdc_rep
Theodore Tso [Wed, 29 Nov 1995 18:32:37 +0000 (18:32 +0000)]
Removed extra eblock argument from call to krb5_encode_kdc_rep

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7142 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoCorrected a bug in the wrap-around carry (found bug by comparing test results
Richard Basch [Wed, 29 Nov 1995 06:08:41 +0000 (06:08 +0000)]
Corrected a bug in the wrap-around carry (found bug by comparing test results
with another implementation).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7141 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMake sure that each DES key is strong. If not, xor first byte with 0xf0
Richard Basch [Tue, 28 Nov 1995 20:08:53 +0000 (20:08 +0000)]
Make sure that each DES key is strong.  If not, xor first byte with 0xf0

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7140 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoCorrected bit rotation to match documented algorithm
Richard Basch [Tue, 28 Nov 1995 19:50:53 +0000 (19:50 +0000)]
Corrected bit rotation to match documented algorithm

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7139 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRemoved debugging assert() statement
Richard Basch [Tue, 28 Nov 1995 16:38:53 +0000 (16:38 +0000)]
Removed debugging assert() statement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7138 dc483132-0cff-0310-8789-dd5450dbe970

29 years agof_ecb.c, des_int.h (mit_des_ecb_encrypt): Add const declaration to input
Ezra Peisach [Tue, 28 Nov 1995 16:35:30 +0000 (16:35 +0000)]
f_ecb.c, des_int.h (mit_des_ecb_encrypt): Add const declaration to input
cblock.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7137 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoThe output block of n-fold should not be a "const"
Richard Basch [Tue, 28 Nov 1995 13:18:57 +0000 (13:18 +0000)]
The output block of n-fold should not be a "const"

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7136 dc483132-0cff-0310-8789-dd5450dbe970