Ezra Peisach [Thu, 11 Jan 1996 13:01:13 +0000 (13:01 +0000)]
* profile.hin: Add profile_init_path prototype
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7307
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Jan 1996 12:05:07 +0000 (12:05 +0000)]
Set the enctype to ENCTYPE_UNKNOWN when the enctype should be determined from
the stash file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7306
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:24:27 +0000 (04:24 +0000)]
Add an #ifdef for enabling lower case realm (for use with DCE)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7305
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:17:54 +0000 (04:17 +0000)]
When obtaining tickets, we make them forwardable by default. XXX This
should really a configurable option in the UI.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7304
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:06:30 +0000 (04:06 +0000)]
Added documentation for the DCE compat options, plus the capaths
section.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7303
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:06:02 +0000 (04:06 +0000)]
scc.h (KRB5_SCC_DEFAULT_VNO): Remove KRB5_SCC_DEFAULT_VNO; now set in
init_ctx.c.
scc_maybe.c (krb5_scc_open_file):
scc_gennew.c (krb5_scc_generate_new): Use context->scc_default_format
to determine the credentials ccache type.
scc_read.c (krb5_scc_read_keyblock): If reading in a version 3
credentials cache, ignore the second enctype stored in the ccache;
just read it into a dummy variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7302
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:05:22 +0000 (04:05 +0000)]
fcc.h (KRB5_FCC_DEFAULT_VNO): Remove KRB5_FCC_DEFAULT_VNO; now set in
init_ctx.c.
fcc_maybe.c (krb5_fcc_open_file):
fcc_gennew.c (krb5_fcc_generate_new): Use context->fcc_default_format
to determine the credentials cache type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7301
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 04:03:06 +0000 (04:03 +0000)]
Added checking of profile for DCE compatability options (ccache type,
and checksum type).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7300
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 03:47:57 +0000 (03:47 +0000)]
Add fields for fcc_default_format and scc_default_format in
krb5_context structure.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7299
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 03:33:24 +0000 (03:33 +0000)]
Added ##DOS statements after gssapi_err_generic.$(OBJECT) to get it
added to library on Windows. (Patch from Doug Engbert).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7298
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 03:29:50 +0000 (03:29 +0000)]
Fix return type for mit_des3_string_to_key()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7297
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 03:29:24 +0000 (03:29 +0000)]
Added hack by Doug Engbert to get util/pty to work under Solaris. We
should double check to make sure this is a correct fix.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7296
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 03:14:46 +0000 (03:14 +0000)]
kcmd.c (getport): Clear the sin structure to be zero. (From Doug Engbert.)
krsh.c (main): Added code to default port to 544 if service not found.
(From Doug Engbert.)
krlogin.c (main): Added code to default port to 543 or 2105 if service
not found. (From Doug Engbert.)
login.c (main): Save KRB5CCNAME environment variable, which may have
been set by forward.c. Add code for SGI to set environment for its
/etc/TIMEZONE (untested). Don't print MOTD twice on Suns, added
#ifdef NO_MOTD. (Patches from Doug Engbert).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7295
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:57:32 +0000 (02:57 +0000)]
Initialize addrs to 0 so that we don't try to free stack garbage on an
error.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7294
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:32:24 +0000 (02:32 +0000)]
Remove #if statement that used sizeof(xxx), since that won't work for
most C compilers/C preprocessors!
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7293
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:28:21 +0000 (02:28 +0000)]
Removed extern global of krb5_kdc_req_sumtype, which wasn't being used
anyway.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7292
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:27:35 +0000 (02:27 +0000)]
krbconfig.c, Makefile.in: Removed krbconfig.c; it contained global
variables which are no longer used.
recvauth.c: Removed the global extern of krb5_kdc_default_options,
which wasn't being used anyway.
mk_req.c (krb5_mk_req): Replace use of krb5_kdc_default_options with
context->kdc_default_options.
gc_frm_kdc.c: Remove the global extern of krb5_kdc_req_sumtype, which
wasn't being used anymore anyway.
send_tgs.c (krb5_send_tgs_basic): Remove use of the global variable
krb5_kdc_req_sumtype, and use the kdc_req_sumtype in the context
structure instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7291
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:17:17 +0000 (02:17 +0000)]
If reading in a version 3 credentials cache, ignore the second enctype
stored in the ccache; just read it into a dummy variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7290
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 11 Jan 1996 02:03:41 +0000 (02:03 +0000)]
Applied patch submitted by Doug Engbert, so that the configurable
authentication patch takes into account the null entry at the end of
the list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7289
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 11 Jan 1996 00:22:43 +0000 (00:22 +0000)]
* locate_kdc.c (krb5_locate_kdc): Add parrentheses for assignment
in conditional. (gcc -Wall)
* init_os_ctx.c (krb5_os_init_context): Remove unused variables
* an_to_ln.c (aname_do_match): Initialize local variable before
referenced.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7288
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 11 Jan 1996 00:16:49 +0000 (00:16 +0000)]
Take care of a gcc warnign about shufting two far
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7287
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 04:07:38 +0000 (04:07 +0000)]
Added defintion for KRB5_GSS_FOR_CREDS_OPTION
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7286
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:56:23 +0000 (03:56 +0000)]
forward.c (get_for_creds): Removed no longer used function
kerberos5.c (kerberos5_forward): Convert from using get_for_creds()
from forward.c to using the official library routine,
krb5_fwd_tgt_creds(). Misc. lint cleanups.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7285
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:53:09 +0000 (03:53 +0000)]
forward.c (get_for_creds): Removed no longer used function
kcmd.c (kcmd): Convert from using get_for_creds() from forward.c to
using the official library routine, krb5_fwd_tgt_creds().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7284
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:24:32 +0000 (03:24 +0000)]
Added error table code KRB5_FWD_BAD_PRINCIPAL
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7283
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:24:10 +0000 (03:24 +0000)]
krb5.hin (krb5_fwd_tgt_creds, krb5_os_hostaddr): Added new function
prototypes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7282
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:13:49 +0000 (03:13 +0000)]
gssapiP_krb5.h (KRB5_GSS_FOR_CREDS_OPTION): New constant added for
delegation (forwarding) of credentials.
init_sec_context.c (make_ap_req): Add support for sending delegated
credentials. Misc lint cleanups.
accept_sec_context.c (krb5_gss_accept_sec_context): Add support for
accepting delegated credentials. Misc lint cleanups.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7281
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Jan 1996 03:08:30 +0000 (03:08 +0000)]
fwd_tgt.c (krb5_fwd_tgt_creds): New function which handles all of the
dirty work of forwarding TGT's.
rd_cred.c (krb5_rd_cred_basic): Clean up memory allocation discpline
to remove memory leaks.
mk_cred.c (krb5_mk_ncred_basic, krb5_mk_ncred, krb5_mk_1cred): Clean
up memory allocation discpline to remove memory leaks.
init_ctx.c (krb5_get_tgs_ktypes): Clean up parsing of the etype list.
Don't overrun the string containing the etype list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7280
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 5 Jan 1996 03:50:32 +0000 (03:50 +0000)]
krb5.hin: Added support for KRB5_INT16_MAX, which tells us the
limitations of using 16 bit ints.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7278
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 5 Jan 1996 03:24:36 +0000 (03:24 +0000)]
hostaddr.c (krb5_os_hostaddr): New function which takes a hostname and
returns a list of krb5 addresses. (This is basically a glue routine
that converts the result of gethostbyname() to krb5 addresses.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7277
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 5 Jan 1996 02:43:19 +0000 (02:43 +0000)]
gssapiP_generic.h (TWRITE_INT16, TREAD_INT16): Added new macros
to read and write two byte integers from the wire.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7276
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 5 Jan 1996 02:35:16 +0000 (02:35 +0000)]
gssapiP_generic.h: Don't include <sys/types.h> since it's already
included by gssapi.h.
gssapi.h: Add a #ifndef _MACINTOSH around include of <sys/types.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7275
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:59:31 +0000 (05:59 +0000)]
Removed check for sys/fcntl.h; the source now always includes <fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7273
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:51:18 +0000 (05:51 +0000)]
Removed #undef NEED_SYS_FCNTL_H since we now always use <fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7272
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:50:07 +0000 (05:50 +0000)]
Always include <fcntl.h> instead of checking for <sys/fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7271
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:47:12 +0000 (05:47 +0000)]
Removed checking for <sys/fcntl.h>; always use <fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7270
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:41:38 +0000 (05:41 +0000)]
Always include <fcntl.h> instead of checking for <sys/fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7269
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:39:37 +0000 (05:39 +0000)]
Removed sys/fcntl.h checking (always use fcntl.h instead)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7268
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 4 Jan 1996 05:33:35 +0000 (05:33 +0000)]
* aclocal.m4, acconfig.h
Removed sys/fcntl.h checking (always use fcntl.h instead)
* TODO
Documented that sys/fcntl.h checks have been removed.
Added a KDC bug that needs to be investigated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7267
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 4 Jan 1996 03:31:14 +0000 (03:31 +0000)]
* configure.in: Check for presense of setenv(), unsetenv(), and
getenv() from the C library.
* Makefile.in: New file: setenv.c --- provides routines for
setting the environment.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7266
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 4 Jan 1996 03:00:07 +0000 (03:00 +0000)]
* gss-client.c (main, client_establish_context): If the -d flag is
given to the client, then try to delegate credentials when
establishing the context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7265
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 4 Jan 1996 02:44:21 +0000 (02:44 +0000)]
* rd_cred.c (krb5_rd_cred_basic): When the keyblock is NULL, assume
we're being called from the gssapi code, which doesn't have access to
the sender or receive address information, don't check the sender
address, since it won't be available.
* rd_cred.c (decrypt_credencdata): When calling krb5_rd_credd(), if
the keyblock is null, just copy the encoded structure from the
"ciphertext" part of the structure and decode it.
* mk_cred.c (encrypt_credencpart): When calling krb5_mk_cred(), if the
keyblock is NULL, don't encrypt it; just encode it and leave it in the
ciphertext area of the structure.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7264
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 25 Dec 1995 15:05:30 +0000 (15:05 +0000)]
ktutil.c (ktutil_write_v4): Call ktutil_write_srvtab not ktutil_write_keytab
ktutil_funcs.c (ktutil_write_srvtab): Clear malloced memory.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7250
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 22 Dec 1995 22:43:27 +0000 (22:43 +0000)]
If HAVE_SHADOW is defined, and no shadow password entry is availble,
try using the password entry in the password file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7249
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:55:22 +0000 (23:55 +0000)]
Use KRB5_CC_FORMAT as an error code instead of KRB5_CCACHE_BADVNO,
when it's really a format error in the credentials cache file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7248
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:53:58 +0000 (23:53 +0000)]
Fixed typo (missing comma) in file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7247
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:50:16 +0000 (23:50 +0000)]
Changed KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED (since the
error code is no longer used in sendauth). Added KRB5_CC_FORMAT for
indicating a problem in the credentials cache format.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7246
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:49:52 +0000 (23:49 +0000)]
Change use of KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7245
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:39:45 +0000 (23:39 +0000)]
In the case of SCC_OPEN_AND_ERASE, unlink the filename first, in case
there's a symbolic link lurking about. (We should do an exclusive
open then, but there's no such thing in stdio.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7244
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:39:16 +0000 (23:39 +0000)]
In the case of FCC_OPEN_AND_ERASE, unlink the old filename, and then
add the O_EXCL open flag, to prevent O_CREAT from following a symbolic
link.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7243
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:25:19 +0000 (23:25 +0000)]
* configure.in: Check for the stat call, since profile_update_file
needs to know whether it exists. (It doesn't on the Mac.)
* prof_file.c (profile_update_file): Change use of HAS_STAT to
HAVE_STAT, to confirm with autoconf test. If the stat() call does not
exist, assume that our in-core memory image is correct, and never
re-read the profile file unless we explicitly close it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7242
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 21 Dec 1995 23:19:13 +0000 (23:19 +0000)]
* Makefile.in (t_an_to_ln): Use $(LD) instead of $(CC) to link final
executables, so that we can more easily use purify.
* hst_realm.c (krb5_get_host_realm): Eliminate memory leak; realm was
already being allocated by the profile library; no reason to
reallocate it again.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7241
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 20 Dec 1995 02:02:55 +0000 (02:02 +0000)]
Missing parenthesis meant that wrong number of bytes was being
allocated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7240
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 20 Dec 1995 01:50:53 +0000 (01:50 +0000)]
New function for doing generic tty input and output. Eventually
read_password should use this function.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7239
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Dec 1995 22:31:31 +0000 (22:31 +0000)]
Don't drag in syslog.c if vsyslog() is not defined. Only drag it in
if syslog() isn't available.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7238
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Dec 1995 22:30:07 +0000 (22:30 +0000)]
Don't use vsyslog; use syslog instead. Fixed lint flames
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7237
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Dec 1995 22:17:25 +0000 (22:17 +0000)]
Also include unistd.h, if it's available
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7236
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Dec 1995 22:12:37 +0000 (22:12 +0000)]
Remove declaration of LineNbr; no longer exported by kparse.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7235
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Dec 1995 16:46:51 +0000 (16:46 +0000)]
* keytab.c (krb5_ktkdb_resolve): Fix casting
* t_kdb.c (add_principal): Remove mkvno
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7234
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Dec 1995 00:57:37 +0000 (00:57 +0000)]
Add a blank line to work around a misfeature in DecUnix 3.2's fgrep where
there is a line limit. autoheader (which is only used by developers)
tries to put together a very long line with is then parsed - but due
to fgreps line length limitation this breaks. By adding the blank line
autoheader divides the work into multiple sections and wins.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7233
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 14 Dec 1995 20:03:10 +0000 (20:03 +0000)]
Merge in changes between 1.4 and 1.5 in RCS file; this delta is Mark
Eichin's patch to fall back to /usr/adm/wtmp. Somehow, this was lost
in 1.6.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7232
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 14 Dec 1995 00:50:25 +0000 (00:50 +0000)]
* t_verify.c: Added an n-fold test
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7231
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 13 Dec 1995 20:29:45 +0000 (20:29 +0000)]
* kadmin.exp: test that kadmin_modify doesn't corrupt key entries
(I think proven's changes fix this, but this will help keep it fixed.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7230
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 12:13:56 +0000 (12:13 +0000)]
* configure.in : Remove subdirectory db
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7225
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 12:13:36 +0000 (12:13 +0000)]
* Makefile.in : Move db keytab routines to lib/kdb
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7224
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 12:11:09 +0000 (12:11 +0000)]
* Makefile.in, keytab.c : Move db keytab routines here
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7223
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 09:03:37 +0000 (09:03 +0000)]
* kdb5_mkdums.c : Remove mkvno from krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7222
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 09:02:16 +0000 (09:02 +0000)]
* kdb5_verify.c : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7221
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 09:00:23 +0000 (09:00 +0000)]
* kdb_xdr.c : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7220
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:58:43 +0000 (08:58 +0000)]
* kerberos_v4.c : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7219
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:57:15 +0000 (08:57 +0000)]
* kadm_funcs.c : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7218
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:56:00 +0000 (08:56 +0000)]
* adm_funcs.c : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7217
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:53:35 +0000 (08:53 +0000)]
* kdb.h : Remove mkvno for krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7216
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:49:20 +0000 (08:49 +0000)]
* dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
Remove mkvno from krb5_db_entry.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7215
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Wed, 13 Dec 1995 08:48:33 +0000 (08:48 +0000)]
* kdb5_create.c : Remove mkvno from krb5_db_entry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7214
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:47:52 +0000 (19:47 +0000)]
* kdc.conf: Added examples of "supported_enctypes" and "master_key_type"
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7212
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:45:23 +0000 (19:45 +0000)]
* krb524d.c: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7211
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:45:13 +0000 (19:45 +0000)]
* fetch_mkey: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7210
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:45:01 +0000 (19:45 +0000)]
* main.c: Changed krb5_db_fetch_mkey() such that it will only try
to set the enctype of the keyblock if the keyblock had it
set to ENCTYPE_UNKNOWN.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7209
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:32:56 +0000 (19:32 +0000)]
* d3_str2ky.c: Updated to include some of the randomness throughout
the entire key. The second 3-DES CBC encryption of the block
should use an ivec of the last cipher block.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7208
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 19:32:45 +0000 (19:32 +0000)]
* 3-des.txt: Updated to include some of the randomness throughout
the entire key. The second 3-DES CBC encryption of the block
should use an ivec of the last cipher block.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7206
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 12 Dec 1995 13:26:13 +0000 (13:26 +0000)]
Clean up repository - don't check in configure add .Sanitize and .cvsignore
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7205
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:44:09 +0000 (06:44 +0000)]
* TODO: Done: keytab routines to access to database.
Todo: Create a real krb5_db_context after 1.0
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7204
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:30:11 +0000 (06:30 +0000)]
New directory for the kdb keytab functions. Currently there is only get and
resolve but these are sufficient to remove the ugly hack where the key is
passed to krb5_rd_req() in the user-to-user field of the auth_context.
These functions do NOT need to be built on the Macintosh or Windows systems.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7203
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:27:13 +0000 (06:27 +0000)]
* configure.in : Added subdirectory db
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7202
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:24:26 +0000 (06:24 +0000)]
* kdb_dbm.c : Move the krb5_db_context to include/krb5/kdb_dbc.h.
* kdb_dbm.c krb5_dbm_db_set_mkey(), krb5_dbm_db_get_mkey():
Functions for associating a master key (krb5_encrypt_block *)
to a krb5_db_context. Currently it associates it to the
krb5_context and will be fixed once the krb5_db_context
is better defined (Post 1.0).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7201
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:18:53 +0000 (06:18 +0000)]
* extern.h: Added a krb5_keytab to the realm context. The keytab
should be associated with a krb5_db_context which will
make having a krb5_context unnecessary in the realm context.
* kdc_util.c kdc_process_tgs_req(): Use the realm keytab instead
of faking up a user-to-user key to pass to krb5_rd_req_decode().
* main.c: Added code to use the new database keytab routines.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7200
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Tue, 12 Dec 1995 06:09:05 +0000 (06:09 +0000)]
* adm.h: Added principal flag keywords KRB5_ADM_KW_SETFLAGS and
KRB5_ADM_KW_UNSETFLAGS because relative flag modification
is just a good idea.
* kdb.h: typedef kdb5_dispatch_table so prototypes that need it
compile even if KDB5_DISPATCH isn't defined.
* kdb_dbc.h: The start of the database context, which should be
removed from the krb5_context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7199
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:34:56 +0000 (02:34 +0000)]
* main.c: Use the master key enctype from the stash file if none
is specified (set the keyblock enctype to NULL).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7198
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:34:40 +0000 (02:34 +0000)]
* kdb5_edit.c: Use the master key enctype from the stash file if none
is specified (set the keyblock enctype to NULL).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7197
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:32:05 +0000 (02:32 +0000)]
* fetch_mkey.c: If the keyblock is initialized with an enctype of
NULL, simply read in the enctype from the stash file and
don't try to check it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7196
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:31:12 +0000 (02:31 +0000)]
* krb524d.c: Rely on stashed master key enctype instead of hardcoding
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7195
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:29:45 +0000 (02:29 +0000)]
* d3_str2ky.c: Revised 3-DES String-To-Key algorithm to encrypt the
folded result twice in the folded key. [Courtesy Uri Blumenthal]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7194
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Dec 1995 02:29:33 +0000 (02:29 +0000)]
* 3-des.txt: Revised 3-DES String-To-Key algorithm to encrypt the
folded result twice in the folded key. [Courtesy Uri Blumenthal]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7193
dc483132-0cff-0310-8789-
dd5450dbe970
Chris Provenzano [Mon, 11 Dec 1995 22:01:07 +0000 (22:01 +0000)]
* kdc_preauth.c return_padata(): Initialize local variable "size"
to 0 before using it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7192
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 11 Dec 1995 18:30:09 +0000 (18:30 +0000)]
* adm_proto.h: Moved many string conversion functions to libkrb5
for better support of multiple encryption type selection
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7191
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 11 Dec 1995 18:29:16 +0000 (18:29 +0000)]
* krb5.hin: Moved string conversion functions from libkadm
for better support of multiple encryption type selection
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7190
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 11 Dec 1995 17:25:28 +0000 (17:25 +0000)]
* krb5.conf.M: describe new option default_tgs_enctypes
for specifying the default session key types.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7189
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 10 Dec 1995 16:22:10 +0000 (16:22 +0000)]
* kdb5_edit.M: Document that modent exists
* kdb5_edit.c (modent): Add usage as suggested by jhawk@mit.edu.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7188
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 10 Dec 1995 16:19:38 +0000 (16:19 +0000)]
Add new routine krb5_input_flag_to_string to allow an application to
loop over the input flag strings for displaying help messages (i.e.
modent in krb5_edit).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7187
dc483132-0cff-0310-8789-
dd5450dbe970