Tom Yu [Thu, 17 Jul 2003 20:50:36 +0000 (20:50 +0000)]
Remove kg_release_defcred and caching of default credential. Rewrite
krb5_gss_init_sec_context() while we're at it to make defcred-related
changes easier, and as a side effect, fix some error condition memory
leaks.
ticket: 1365
target_version: 1.3.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15694
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Jul 2003 12:31:31 +0000 (12:31 +0000)]
Use the old DES encrypt function, not the split versions via macros
* des.c (mit_des_cbc_encrypt): Undef before use.
* enc_dec.c (mit_des_cbc_encrypt): Likewise.
* mac_des_glue.c (mit_des3_cbc_encrypt): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15693
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Jul 2003 12:18:21 +0000 (12:18 +0000)]
Separate the DES encrypt and decrypt operations into separate functions,
since they have almost no code in common.
* f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): New functions
broken out from mit_des_cbc_encrypt.
(mit_des_cbc_encrypt): Call them.
* d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): New functions
broken out from mit_des3_cbc_encrypt.
(mit_des3_cbc_encrypt): Call them.
* des_int.h (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt,
krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): Declare.
(mit_des_cbc_encrypt, mit_des3_cbc_encrypt): New macros.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15692
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Jul 2003 10:36:21 +0000 (10:36 +0000)]
delete ##WIN16## lines from makefiles
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15691
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jul 2003 14:31:40 +0000 (14:31 +0000)]
* krb5_libinit.c: Include autoconf.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15690
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jul 2003 14:28:37 +0000 (14:28 +0000)]
* Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.o
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15689
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jul 2003 14:23:15 +0000 (14:23 +0000)]
* aclocal.m4 (extra_gcc_warn_opts): Don't turn on -pedantic on Darwin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15688
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 15 Jul 2003 00:12:01 +0000 (00:12 +0000)]
* accept_sec_context.c (krb5_gss_accept_sec_context): Call
TREAD_STR with correct arguments. Patch from Emily Ratliff.
ticket: 1015
tags: pullup
target_version: 1.3.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15687
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 11 Jul 2003 22:12:32 +0000 (22:12 +0000)]
Check for NULL realm argument and n not equal to 1. Fill in realm with an empty string on error in case the caller doesn't check the return value
ticket: 1657
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15684
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 11 Jul 2003 21:25:48 +0000 (21:25 +0000)]
RealmsConfig-glue.c: Don't fail when krb5.conf is valid and krb.conf isn't. Also, don't assert v4 realm is in profile unless that realm is a valid v4 realm
ticket: 1657
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15683
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 11 Jul 2003 15:03:59 +0000 (15:03 +0000)]
Rewrote krb_get_lrealm to correctly handle the v4 realms section in the profile and to return KFAILURE in the absence of any config (instead of returning ATHENA.MIT.EDU)
ticket: 1657
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15682
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Jul 2003 22:53:02 +0000 (22:53 +0000)]
* acquire_cred.c (acquire_init_cred): Close the ccache if
krb5_cc_set_flags() fails, as krb5int_cc_default succeeds even if
the file is not there, but krb5_cc_set_flags will fail in turning
off OPENCLOSE mode if the file can't be opened. Thanks to Kent Wu.
ticket: 1656
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15680
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 9 Jul 2003 19:34:17 +0000 (19:34 +0000)]
Export krb5_get_permitted_enctypes and krb5_set_real_time for Samba
ticket: 1655
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15678
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 8 Jul 2003 21:09:11 +0000 (21:09 +0000)]
update for krb5-1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15673
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 8 Jul 2003 15:51:33 +0000 (15:51 +0000)]
This time, use the correct # of arguments for strcpy
ticket: 1651
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15672
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 7 Jul 2003 18:21:57 +0000 (18:21 +0000)]
krb_prof_get_nth() no longer assumes that its retlen argument is correct (call strcpy instead of strncpy) because this argument is a guess for some callers (eg: krb_get_admhst())
ticket: 1651
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15671
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jul 2003 20:49:06 +0000 (20:49 +0000)]
darwin build can't compile util/et test program
The autoconf tests correctly determine that sys_nerr exists, and that
no declaration is needed. The test_et.c code checks the wrong condition,
though, and the system header declaration of sys_nerr conflicts with the
one in that source file. (The native one is const.)
* test_et.c: Conditionalize sys_nerr declaration on NEED_SYS_ERRLIST, not
HAVE_SYS_ERRLIST.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15670
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 3 Jul 2003 19:46:49 +0000 (19:46 +0000)]
Remove leading spaces in #define and #include in public headers to support K&R C compilers
ticket: 1648
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15667
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 2 Jul 2003 18:04:35 +0000 (18:04 +0000)]
KfM build should inherit CFLAGS and LDFLAGS from parent project
ticket: 1642
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15662
dc483132-0cff-0310-8789-
dd5450dbe970
Jen Selby [Fri, 27 Jun 2003 23:38:43 +0000 (23:38 +0000)]
Fixed filename substitution typos. @LOCALSTATEDIR -> /usr/local/var
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15661
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 27 Jun 2003 23:25:49 +0000 (23:25 +0000)]
update for krb5-1.3-beta5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15657
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2003 20:36:24 +0000 (20:36 +0000)]
This change fixes the problem in the ss directory. It probably won't
get into our 1.3 release, but perhaps in a patch release afterwards.
I'll look and see where else things are getting needlessly rebuilt....
* Makefile.in (HDRS): Remove mit-sipb-copyright.h.
(includes): Depend on copied version of the headers, not local versions. Don't
do any copying; instead, move the copying commands to new targets for each
header.
($(HDRDIR)/timestamp): New target; create the directory here if needed.
(clean-unix): Remove the timestamp file.
ticket: 1631
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15654
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 27 Jun 2003 17:53:42 +0000 (17:53 +0000)]
* gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,
not &keytab, to get_init_creds. Thanks to Herb Lewis.
ticket: 1630
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15653
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Jun 2003 00:48:07 +0000 (00:48 +0000)]
With this patch, things seem to work with a Heimdal client and MIT KDC
* checksum_length.c (krb5_c_checksum_length): Handle trunc_size.
ticket: 1621
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15652
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 25 Jun 2003 21:10:48 +0000 (21:10 +0000)]
clean up ftp client gss memory management
* ftp.c (do_auth): Call gss_release_buffer() on send_tok
immediately after sending it. Call gss_release_name() on
target_name at outer_loop instead of inside the loop.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15651
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Jun 2003 02:41:07 +0000 (02:41 +0000)]
* cksumtypes.c (krb5_cksumtypes_list): Add aes128/256 hmacs, with new
trunc_size field.
* make_checksum.c (krb5_c_make_checksum): If trunc_size is specified, shrink
the computed checksum down to the indicated size.
ticket: 1621
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15650
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 24 Jun 2003 02:29:47 +0000 (02:29 +0000)]
apply patch from jaltman:
* ms2mit.c: Windows Credentials are addressless. Do not store the
credentials in the MIT cache with addresses since they do not
contain addresses in the encrypted portion of the credential.
Instead generate a valid empty address list.
ticket: 1618
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15648
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Jun 2003 02:10:55 +0000 (02:10 +0000)]
* k5-int.h (struct krb5_cksumtypes): Add new field trunc_size
ticket: 1621
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15647
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 20 Jun 2003 21:14:56 +0000 (21:14 +0000)]
* krb5.conf.M: Sync with doc/krb5conf.texinfo
ticket: 1085
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15641
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 20 Jun 2003 20:20:14 +0000 (20:20 +0000)]
* build.texinfo (Installing the Binaries): New node; describe
basic "make install", along with "DESTDIR=...".
ticket: 976
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15639
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 20 Jun 2003 16:47:04 +0000 (16:47 +0000)]
Split out etype_info2 decoder from etype_info decoder. In the
etype_info decoder ignore Heimdal's tag 2.
Ticket: 1619
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15638
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 20 Jun 2003 03:24:07 +0000 (03:24 +0000)]
Delete references to --with-system-db from README
* build.texinfo (HPUX): Fix typo.
(Options to Configure): Note that --with-system-db is unsupported,
concerning possible lossage with loading dumpfiles.
ticket: 1592
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15637
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jun 2003 01:28:49 +0000 (01:28 +0000)]
Put in some IPv6 details.
Mention db4 compatibility is untested.
ticket: 1600
status: open
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15636
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 18 Jun 2003 23:00:41 +0000 (23:00 +0000)]
* dnssrv.texinfo: Add note about _kerberos-iv._udp SRV records
ticket: 1607
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15635
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 17 Jun 2003 01:00:45 +0000 (01:00 +0000)]
Update for krb5-1.3-beta4. Fix note on [999]. Move notes re
addressless tickets and NAT-friendliness to "major changes". Still
need to fill out the TODO for IPv6.
ticket: 1600
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15630
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 16 Jun 2003 22:34:50 +0000 (22:34 +0000)]
Set use_conf_ktypes to 1 while looking up the tgt to use for
forwarding.
Ticket: 1610
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15627
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 16 Jun 2003 19:02:01 +0000 (19:02 +0000)]
* ftp.c (recvrequest): Add new argument indicating whether "-" and "|..."
special treatment should be disabled.
* ftp_var.h (recvrequest): Update declaration.
* cmds.c (remglob, ls, mls): Pass 0 as the extra argument.
(mget): Pass 1.
(getit): Pass 1 iff only one filename was supplied.
ticket: 1351
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15626
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 13 Jun 2003 22:30:59 +0000 (22:30 +0000)]
* server_kdb.c (kdb_init_hist): Force history principal's key to
be of the same enctype as the master key, as searches for it later
on explicitly specify the enctype.
ticket: 964
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15621
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 13 Jun 2003 21:45:30 +0000 (21:45 +0000)]
krb5_rd_rep leaks subkeys
* rd_rep.c (krb5_rd_rep): Free subkeys before replacing them, if
needed. This avoids a memory leak.
ticket: new
target_version: 1.3
component: krb5-libs
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15620
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 13 Jun 2003 21:43:07 +0000 (21:43 +0000)]
libgss leaks, UMRs
* init_sec_context.c (krb5_gss_init_sec_context): Free
default_enctypes to avoid leaking returned value from
krb5_get_tgs_ktypes.
* k5unseal.c (kg_unseal_v1): Explicitly set token.value to NULL if
token.length == 0, to avoid spurious uninitialized memory
references when calling memcpy() with a zero length.
ticket: new
target_version: 1.3
tags: pullup
component: krb5-libs
cc: Kent_Wu@trendmicro.com
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15619
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 13 Jun 2003 05:17:41 +0000 (05:17 +0000)]
make_ap_req_v1 leaks memory
* init_sec_context.c (make_ap_req_v1): Free checksum_data if
needed, to avoid leaking memory. Found by Kent Wu.
ticket: new
target_version: 1.3
tags: pullup
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15618
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 12 Jun 2003 21:48:52 +0000 (21:48 +0000)]
* krb5.hin: krb524_init_ets() takes one argument
* krb524.c (krb524_convert_creds_kdc, krb524_init_ets): Mark as
KRB5_CALLCONV_WRONG.
(krb524_init_ets): Takes a krb5_context.
ticket: 1596
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15615
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 12 Jun 2003 21:15:52 +0000 (21:15 +0000)]
* error_table.h, et_c.awk, et_c.pl, et_h.awk, et_c.awk: Removed Mac OS support because it prevents darwin builds from getting com error strings via the initialize_*_error_table function
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15613
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 12 Jun 2003 19:51:38 +0000 (19:51 +0000)]
Removed Mac OS 9 support because it prevents darwin builds from getting com error strings via the initialize_*_error_table function
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15612
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 11 Jun 2003 21:19:43 +0000 (21:19 +0000)]
Darwin libkrb4/err_txt.o needs dependency on krb_err.c
* Makefile.in (KRB_ERR_C): New variable; Darwin needs err_txt.o to
have a dependency on krb_err.c so that krb_err.c will be generated
first.
* configure.in: Set KRB_ERR_C to krb_err.c on Darwin.
ticket: new
target_version: 1.3
tags: pullup
component: krb5-build
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15610
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 11 Jun 2003 20:32:22 +0000 (20:32 +0000)]
Don't escape rcache filename characters with backslash
* srv_rcache.c (krb5_get_server_rcache): Octal escapes begin with
hyphen now, since backslash is a pathname separator on DOS.
ticket: new
target_version: 1.3
component: krb5-libs
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15609
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jun 2003 22:40:08 +0000 (22:40 +0000)]
update for krb5-1.3-beta3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15605
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jun 2003 20:36:17 +0000 (20:36 +0000)]
oops, fix up ChangeLog attribution
ticket: 1568
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15601
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jun 2003 20:31:56 +0000 (20:31 +0000)]
* krb524.c: Fix copyright notice
ticket: 1568
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15600
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 9 Jun 2003 19:19:46 +0000 (19:19 +0000)]
fix bug: would return krb.conf entries plus dns info
* RealmsConfig-glue.c (krb_get_krbhst): Don't fall back to DNS if entries were
found in krb.conf, and just not enough to fill the request.
ticket: 1550
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15599
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 7 Jun 2003 00:45:41 +0000 (00:45 +0000)]
Checkpoint some working code.
A better solution is in the works, but may or may not make the deadline for
the next beta...
* RealmsConfig-glue.c: Include k5-int.h.
(dnscache): New variable.
(DNS_CACHE_TIMEOUT): New macro.
(krb_get_krbhst) [KRB5_DNS_LOOKUP]: If no krb.conf info is found, try DNS SRV
records for "kerberos-iv". Cache results in case they're immediately requested
again.
ticket: 1550
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15598
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 6 Jun 2003 23:07:55 +0000 (23:07 +0000)]
* locate_kdc.c (struct srv_dns_entry): Moved to k5-int.h.
(krb5int_make_srv_query_realm): Renamed from make_srv_query_realm.
(krb5int_free_srv_dns_data): New function.
(krb5_locate_srv_dns_1): Use it.
* accessor.c (krb5int_accessor): Fill in make_srv_query_realm and
free_srv_dns_data fields.
ticket: 1550
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15596
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 6 Jun 2003 22:48:34 +0000 (22:48 +0000)]
Export hooks for looking up SRV records, so we can avoid duplicating the code
* k5-int.h (struct srv_dns_entry): Declare.
(krb5int_make_srv_query_realm, krb5int_free_srv_dns_data): Declare.
(struct _krb5int_access): Add make_srv_query_realm and free_srv_dns_data fields.
ticket: 1550
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15595
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 6 Jun 2003 19:30:40 +0000 (19:30 +0000)]
Don't allow renewable_ok to be set if the renew liftime is greater
than the ticket lifetime.
Ticket: 1576
Tags: pullup
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15590
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 6 Jun 2003 14:44:33 +0000 (14:44 +0000)]
* g_cnffile.c (krb__get_srvtabname): Make retname be a static
array rather than a static pointer, to avoid callers' possible
retention of free()d pointers. Yes, this may cause difficulty
with making this function thread-safe.
ticket: 1563
target_version: 1.3
version_fixed: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15589
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 6 Jun 2003 14:34:17 +0000 (14:34 +0000)]
--localstatedir=/var/db for KfM builds
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15586
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 6 Jun 2003 06:06:01 +0000 (06:06 +0000)]
Static function krb5_generate_authenticator should take unsigned sequence number argument
* mk_req_ext.c (krb5_generate_authenticator): Sequence numbers are
unsigned now.
Ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15585
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 5 Jun 2003 23:43:30 +0000 (23:43 +0000)]
be more flexible in handling failures getting root access in test suite
* default.exp (setup_root_shell): Check for "not authorized". Map eof to
unsupported.
ticket: new
target_version: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15582
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 5 Jun 2003 23:17:23 +0000 (23:17 +0000)]
Use fork not vfork in ftp
Ticket: 1547
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15581
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 5 Jun 2003 22:01:16 +0000 (22:01 +0000)]
pullup of changes previously committed to branch first
ticket: 1568
version_fixed: 1.3
target_version: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15578
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 5 Jun 2003 21:39:59 +0000 (21:39 +0000)]
document team procedures
* procedures.txt: New file. Draft of current procedures.
Currently mostly contains a few email messages from Sam. More
clarification should follow later.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15577
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 5 Jun 2003 20:14:11 +0000 (20:14 +0000)]
If krb5_c_string_to_key is
called with an afs3 salt length for a non-DES enctype, return
KRB5_CRYPTO_INTERNAL.
Ticket: 1521
Status: open
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15576
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 5 Jun 2003 20:12:27 +0000 (20:12 +0000)]
remove debugging printf accidentally left in krb524init
* k524init.c (main): Remove debugging printf.
ticket: new
target_version: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15575
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 5 Jun 2003 20:05:37 +0000 (20:05 +0000)]
* locate_kdc.c (make_srv_query_realm): Punt if strdup fails. Always return
what data we can, even if memory allocation or other problems prevent us from
returning more.
(krb5_locate_srv_dns_1): Always return what data we can. Fix memory leak.
Free up temporary storage as quickly as possible, while building up address
list to return.
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15574
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 5 Jun 2003 00:20:28 +0000 (00:20 +0000)]
* password_to_key.c (mit_passwd_to_key, afs_passwd_to_key): Delete
spurious space from prompt.
ticket: 1560
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15569
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 4 Jun 2003 15:22:52 +0000 (15:22 +0000)]
* default.exp (setup_root_shell): Don't try to use the procedure
"-" when handling error messages from rlogin.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15563
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 4 Jun 2003 04:19:04 +0000 (04:19 +0000)]
* Makefile.in (kdb_check): Remove uses of "dump -old", etc., since
it doesn't work anymore given the new default for triple-DES
master keys.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15562
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 03:06:29 +0000 (03:06 +0000)]
Put krb5int_locate_server back in the accessor "export" list
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15561
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 02:57:11 +0000 (02:57 +0000)]
Handle SRV RR target of "." by returning a new error code.
May have memory leaks -- needs checking before pullup.
* locate_kdc.c (struct srv_dns_entry): Move to top level.
(make_srv_query_realm): Separate from krb5_locate_srv_dns_1; just do query and
return results.
(krb5_locate_srv_dns_1): Call it, and build addlist entries. Check for one RR
with a target of ".", and return an error.
(krb5_locate_srv_dns): Deleted.
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15560
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 02:55:47 +0000 (02:55 +0000)]
* t_locate_kdc.c (main): Call krb5_locate_srv_dns_1
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15559
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 02:43:46 +0000 (02:43 +0000)]
* locate_kdc.c (get_port): Revert last change
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15558
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 02:40:26 +0000 (02:40 +0000)]
* changepw.c (krb5_locate_kpasswd): Check specifically for certain errors
before using fallback heuristics.
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15557
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2003 02:38:41 +0000 (02:38 +0000)]
* krb5_err.et (KRB5_ERR_NO_SERVICE): New error code
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15556
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2003 23:27:01 +0000 (23:27 +0000)]
* default.exp (start_kerberos_daemons): "cannont" => "cannot"
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15555
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2003 23:21:17 +0000 (23:21 +0000)]
* locate_kdc.c (get_port): Replace function with macro
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15554
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2003 22:55:52 +0000 (22:55 +0000)]
* RealmsConfig-glue.c (get_krbhst_default): Deleted.
(krb_get_krbhst): Don't call it.
ticket: 1551
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15553
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 3 Jun 2003 21:45:03 +0000 (21:45 +0000)]
Yet more double colon password prompts
More places in the code with password prompts needing fixing to not
include colon.
Ticket: new
Target_Version: 1.3
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15552
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 3 Jun 2003 21:36:00 +0000 (21:36 +0000)]
Save a copy of the ciphertext from the kdc rather than trying to
decrypt the already decrypted text each time through the loop.
Ticket: 1554
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15551
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 3 Jun 2003 17:46:20 +0000 (17:46 +0000)]
Moved krb524_convert_creds_kdc into libkrb5 and krb5.h. Also export new krb5_524_convert_creds
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15549
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 3 Jun 2003 17:27:30 +0000 (17:27 +0000)]
* init_os_ctx.c: Included header to get __KLAllowHomeDirectoryAccess()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15547
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2003 12:50:59 +0000 (12:50 +0000)]
* default.exp (setup_root_shell): Handle error messages indicating "-x" isn't
supported.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15545
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 3 Jun 2003 04:32:41 +0000 (04:32 +0000)]
Drop default_kdc_enctypes and all related code
ticket: 1553
target_version: 1.3
status: open
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15544
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 3 Jun 2003 03:18:41 +0000 (03:18 +0000)]
* change_password.c (krb_change_password): Explicitly zero the
session key. Zero the key derived from the new password.
* mk_req.c (krb_mk_req): Explicitly zero the session key.
(krb_mk_req_creds_prealm): Don't zero the session key, in case the
caller wants to make use of it.
ticket: 1546
status: open
target_version: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15543
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 2 Jun 2003 05:49:05 +0000 (05:49 +0000)]
* api.2/init-v2.exp (test117): Update lifetime expected for new defaults
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15542
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 1 Jun 2003 20:24:02 +0000 (20:24 +0000)]
* default.exp: Default RLOGIN_FLAGS to "-x".
(start_kerberos_daemons): Watch for "Cannot bind server socket" and log it.
Watch for "no sockets set up" and report an error.
(setup_root_shell): Watch for "Cannot assign requested address", log it and
give up.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15541
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 04:06:02 +0000 (04:06 +0000)]
More visible notes on incompleteness of AES support.
Note master key type change.
Note default lifetime changes.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15540
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 03:56:54 +0000 (03:56 +0000)]
* alt_prof.c (kadm5_get_config_params): Change default max_life to one day
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15539
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 03:35:42 +0000 (03:35 +0000)]
* kdc.conf: Delete supported and master key type specs
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15538
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 03:34:24 +0000 (03:34 +0000)]
* krb5.conf: Delete commented-out enctype specs
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15537
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 03:33:22 +0000 (03:33 +0000)]
* krb5.conf: Delete Athena KDC specifications. Delete Cygnus realm info.
Replace CLUB.CC.CMU.EDU info with ANDREW.CMU.EDU, which has SRV records and
thus doesn't need KDC specs. Provide a commented-out example of a [logging]
spec.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15536
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 31 May 2003 03:29:59 +0000 (03:29 +0000)]
* krb5.conf.M: Remove "kdc =" lines from "realms" section example, and
recommend not using it unless DNS info isn't available.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15535
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:58:13 +0000 (23:58 +0000)]
* definitions.texinfo (DefaultTktLifetime): Updated for code changes
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15534
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:56:57 +0000 (23:56 +0000)]
* get_in_tkt.c (krb5_get_init_creds): Change hardcoded default ticket lifetime
from 10 hours to 24 hours.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15533
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:53:16 +0000 (23:53 +0000)]
* main.c (init_realm): Use KRB5_KDB_MAX_RLIFE, not KRB5_KDB_MAX_LIFE, as
default for realm's max renewable lifetime.
(KRB5_KDB_MAX_RLIFE is currently one week)
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15532
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:41:08 +0000 (23:41 +0000)]
* definitions.texinfo (DefaultCcacheType, DefaultKDCTimesync,
DefaultMasterKeyType): Updated for code changes.
(DefaultCcacheTypeMac, DefaultKDCTimesyncMac): Deleted.
* admin.texinfo (libdefaults): Update kdc_timesync and ccache_type descriptions
to not separate Mac case.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15531
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:39:19 +0000 (23:39 +0000)]
* definitions.texinfo (DefaultCcacheType, DefaultKDCTimesync,
DefaultTktLifetime, DefaultMasterKeyType): Updated for code changes.
(DefaultCcacheTypeMac, DefaultKDCTimesyncMac): Deleted.
* admin.texinfo (libdefaults): Update kdc_timesync and ccache_type descriptions
to not separate Mac case.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15530
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:36:00 +0000 (23:36 +0000)]
* init_ctx.c (DEFAULT_KDC_TIMESYNC): Define as 1 always.
(DEFAULT_CCACHE_TYPE): Define as 4 always.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15529
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:35:00 +0000 (23:35 +0000)]
* osconf.h (DEFAULT_KDC_ENCTYPE): Default to des3 now
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15528
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 30 May 2003 23:31:40 +0000 (23:31 +0000)]
update kinit krb4 fallback lifetime default
* kinit.c (KRB4_BACKUP_DEFAULT_LIFE_SECS): Update to one day.
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15527
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 30 May 2003 20:01:31 +0000 (20:01 +0000)]
Document that we support AES and the constraints on that support
Ticket: 1535
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15526
dc483132-0cff-0310-8789-
dd5450dbe970
projects / krb5.git / log