Sam Hartman [Sun, 26 May 1996 01:57:43 +0000 (01:57 +0000)]
Use USE_ANAME
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8124
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:36:14 +0000 (23:36 +0000)]
Use KRB5_RUN_FLAGS
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8121
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:35:00 +0000 (23:35 +0000)]
Do not build libgssapi.a on AIX, because it doesnt work
(unresolved symbols) and would be fairly useless anyway.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8120
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:34:05 +0000 (23:34 +0000)]
Use KRB5_RUN_FLAGS in configure.in, and use appropriate run flags for
each test so shared libraries are happy.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8119
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:32:51 +0000 (23:32 +0000)]
Use KRB5_RUN_FLAGS in configure.in, and use appropriate run flags for
each test so shared libraries are happy.
Also, for tests that use weak or zero keys, make sure we link
in enough object modules to allow us to overide parts of libcrypto
even on systems with early binding in shared libs lik AIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8118
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:30:44 +0000 (23:30 +0000)]
* Ignore the error if we cannot make ksu set-uid; we don't want to
abort make install in this situation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8117
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 23 May 1996 23:29:33 +0000 (23:29 +0000)]
Use secure context for login
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8116
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Thu, 23 May 1996 18:35:26 +0000 (18:35 +0000)]
add KRB5_TL_KADM5_E_DATA
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8109
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Thu, 23 May 1996 10:36:20 +0000 (10:36 +0000)]
jik's comments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8107
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 22 May 1996 02:42:20 +0000 (02:42 +0000)]
md4crypto.c:
The incorrect size was being used to compare the computed message
digest and the supplied checksum for the "fixed" md4 case, causing
decryption integrity failures.
[Fixed by epeisach/audited by basch; fixes 'make check']
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8099
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 21 May 1996 01:09:17 +0000 (01:09 +0000)]
Update use of libupdate to use the new command line arguments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8086
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 22:17:27 +0000 (22:17 +0000)]
Remove vestigal ODBM support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8085
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 22:17:00 +0000 (22:17 +0000)]
Remove support for ODBM
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8084
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 22:15:32 +0000 (22:15 +0000)]
Remove vestigal support for ODBM
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8083
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 22:09:09 +0000 (22:09 +0000)]
Update autoconf to version 2.10. This will fix the reported bugs of
the install-sh script getting cached with the wrong values, as well as
bringing us to a more recent version of autoconf.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8078
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 21:27:22 +0000 (21:27 +0000)]
krb5.conf.M: Document kdc_req_checksumtype, as_req_checksum_type, and
safe_checksum_type.
krb5.conf: Remove the tkt_lifetime parameter altogether. We may end
up doing it slightly differently post-Beta 6...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8067
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 21:20:12 +0000 (21:20 +0000)]
md5crypto.c, md5crypto.h: Change use of RSA_MD5_DES_CKSUM_LENGTH to
use OLD_RSA_MD5_DES_CKSUM_LENGTH and NEW_RSA_MD5_DES_CKSUM_LENGTH, as
appropriate.
t_cksum.c (main): Use proper header file constants to get the correct
checksum length for the MD4 and MD5 old-style and new-style checksum
functions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8066
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 21:18:39 +0000 (21:18 +0000)]
Change use of RSA_MD4_DES_CKSUM_LENGTH to use
OLD_RSA_MD4_DES_CKSUM_LENGTH and NEW_RSA_MD4_DES_CKSUM_LENGTH, as
appropriate.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8065
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 20 May 1996 21:16:20 +0000 (21:16 +0000)]
Don't do timing tests; it takes too long!
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8064
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 20 May 1996 15:22:11 +0000 (15:22 +0000)]
update Makefile.in for new libupdate
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8060
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 20 May 1996 15:20:34 +0000 (15:20 +0000)]
fix libupdate and allow it to deal with multiple directories
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8059
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 20 May 1996 06:54:42 +0000 (06:54 +0000)]
Fixes so krb5_seteuid compiles on Ultrix
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8058
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 20 May 1996 06:36:02 +0000 (06:36 +0000)]
Fix up some annoying pre-processor typos
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8057
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 20 May 1996 05:17:57 +0000 (05:17 +0000)]
document changes to libupdate.sh
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8056
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 20 May 1996 05:17:15 +0000 (05:17 +0000)]
* libupdate.sh: do the shift before the assignments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8055
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 20 May 1996 04:14:17 +0000 (04:14 +0000)]
Fix for HPUx
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8054
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 20 May 1996 04:08:27 +0000 (04:08 +0000)]
Do not keep source cache open if we are going to use
it as the target cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8053
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 19 May 1996 18:56:50 +0000 (18:56 +0000)]
As per mail describing the ksu problem, invent a krb5util
function to properly set the euid on all systems where it is possible.
Ksu cannot be used without this function in a secure manner.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8052
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 19 May 1996 18:55:35 +0000 (18:55 +0000)]
Check for uid_t so that new prototype works
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8051
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 19 May 1996 18:54:59 +0000 (18:54 +0000)]
Prototype new function: krb5_seteuid
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8050
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 19 May 1996 18:52:51 +0000 (18:52 +0000)]
Significant security fixes to ksu
* Use source euid all throughout procedure of opening source ccache,
Richard's code had a race condition.
* Use target euid while looking up .k5login and constructing target ccache.
* Avoid chowns completely; they create race conditions. Fchown could
have been used if we wanted to be really careful, but they aren't
necessary and we would have to violate abstractions.
* Clean up several conditions that would allow users to delete
arbitrary files of the user they were ksuing to without authorization.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8049
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 18 May 1996 19:08:50 +0000 (19:08 +0000)]
* kdb_dbm.c: Do not provide prototypes for dbm_error or
dbm_clearerr if they are really macros.
Required for Ultrix...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8048
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 18 May 1996 17:42:15 +0000 (17:42 +0000)]
* des3_sha.c: Add static keywords in function declarartions to
match earlier declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8047
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 18 May 1996 06:07:05 +0000 (06:07 +0000)]
Define $library from the positional arguments before --force uses $library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8046
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 18 May 1996 06:04:00 +0000 (06:04 +0000)]
Fix memory leak. Free tempbuf before returning
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8045
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 18 May 1996 05:55:59 +0000 (05:55 +0000)]
Define MD5_K5BETA_COMPAT and MD5_K5BETA_COMP_DEF so that we continue
doing things the wrong (broken) way. All hail backwards
compatibility.... The code now generates the old checksum, but it
will verify both the old and the correct checksum formats.
Also fixed two bugs in the "correct" MD5_CRYPTO implementation; use a
zero initialization vector, and calculate the confounder at the
beginning of the message, not at the end.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8044
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 18 May 1996 05:55:25 +0000 (05:55 +0000)]
Define MD4_K5BETA_COMPAT and MD4_K5BETA_COMP_DEF so that we continue
doing things the wrong (broken) way. All hail backwards
compatibility.... The code now generates the old checksum, but it
will verify both the old and the correct checksum formats.
Also fixed two bugs in the "correct" MD4_CRYPTO implementation; use a
zero initialization vector, and calculate the confounder at the
beginning of the message, not at the end.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8043
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Fri, 17 May 1996 21:38:25 +0000 (21:38 +0000)]
update randkey to return an array of keyblocks, not key_data; update
get_principal to take pointer to struct, not pointer to pointer to
struct
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8041
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 17 May 1996 18:21:41 +0000 (18:21 +0000)]
Correctly implement getsockname(), so it does getsockname(), not
getpeername(), and add the function getpeername().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8040
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Fri, 17 May 1996 15:42:30 +0000 (15:42 +0000)]
define USE_KADM5_API_VERSION_n
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8039
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Thu, 16 May 1996 19:28:04 +0000 (19:28 +0000)]
separate from server and tools information, rename into separate document
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8034
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Thu, 16 May 1996 19:19:39 +0000 (19:19 +0000)]
define KADM5_API_VERSION_2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8033
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 16 May 1996 02:33:38 +0000 (02:33 +0000)]
Interim checkin of most of jhawks comments. Still a few more to do
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8032
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Wed, 15 May 1996 15:03:13 +0000 (15:03 +0000)]
first, rough cut at OV -> kadm5 naming
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8031
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 15 May 1996 01:58:21 +0000 (01:58 +0000)]
(AC_CHECK_DBM_PROTOS): If the test had already been run and the result
cached, arguments $3 and $4 were never executed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8030
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:05:28 +0000 (01:05 +0000)]
* k5seal.c k5unseal.c util_cksum.c:
setup krb5_checksum "contents" and "length" field prior to
calling krb5_calculate_checksum().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8029
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:04:37 +0000 (01:04 +0000)]
Fixed changelog to reflect previous checkin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8028
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:03:37 +0000 (01:03 +0000)]
* des_crc.c des_md5.c:
set the length field of the cksum structure.
* des3_sha.c:
Increase the confounder length to 24 bytes.
Set the length of the cksum structure.
* cryptoconf.c:
sha-des3 cksum has been replaced by hmac-sha
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8027
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:01:41 +0000 (01:01 +0000)]
* .Sanitize: reflect current files
* Makefile.in: added hmac-sha
* hmac_sha.c: implement HMAC-SHA
* sha_crypto.c: use hmac-sha
* sha_glue.c: sanity check the passed in checksum length
* shs.h: replaced sha-des3 with hmac-sha
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8026
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)]
* md5crypto.c md5glue.c:
ensure the cksum content length is sufficient.
* t_cksum.c: initialize cksum.length
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8025
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 01:00:03 +0000 (01:00 +0000)]
* md4crypto.c md4glue.c:
ensure the cksum content length is sufficient
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8024
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 00:59:30 +0000 (00:59 +0000)]
* des_int.h: the cs_entry routines in cbc_cksum.c are now static
* Makefile.in: removed cs_entry.c
* cbc_cksum.c:
caller is responsible for allocating cksum->contents
and indicate the allocated amount in cksum->length.
the cs_entry routines are now static and the cs_entry
structure is now in this file to enforce proper use.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8023
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 00:58:34 +0000 (00:58 +0000)]
crc.c: ensure the cksum length is sufficient
crc-test.c: set the cksum length field
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8022
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 00:57:15 +0000 (00:57 +0000)]
* mk_req_ext.c mk_safe.c send_tgs.c:
set the length field of the krb5_checksum structure before
calling krb5_calculate_checksum.
* str_conv.c: replaced sha-des3 cksum with hmac-sha.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8021
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 15 May 1996 00:55:47 +0000 (00:55 +0000)]
replaced CKSUMTYPE_SHA_DES3 with CKSUMTYPE_HMAC_SHA
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8020
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 14 May 1996 08:51:15 +0000 (08:51 +0000)]
Remove old, outdated library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8019
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 14 May 1996 08:42:56 +0000 (08:42 +0000)]
Change call to krb5_auth_con_setcksumtype to use
krb5_auth_con_set_req_cksumtype by default instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8018
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 14 May 1996 08:41:32 +0000 (08:41 +0000)]
ser_ctx.c (krb5_context_size, krb5_context_externalize,
krb5_context_internalize): Add missing fields from the serialized
context: clockskew, default_kdc_req_sumtype, default_ap_req_sumtype,
default_safe_sumtype, kdc_default_options, library_options,
profile_secure, fcc_default_format, scc_default_format.
ser_actx.c (krb5_auth_context_size, krb5_auth_context_externalize,
krb5_auth_context_internalize): Serialize the two fields req_cksumtype
and safe_cksumtype, instead of the one cksumtype field.
mk_safe.c (krb_mk_safe): Use safe_cksumtype instead of cksumtype in
the auth context.
mk_req_ext.c (krb5_mk_req_extended): Use req_cksumtype instead of
cksumtype in the auth context.
init_ctx.c (krb5_init_context): Add support for new profile
relations libdefaults/tkt_lifetime, libdefaults/kdc_req_checksum_type,
libdefaults/ap_req_cksumtype, libdefaults/safe_checksumtype, and
libdefaults/kdc_default_options.
auth_con.h: Remove old cksumtype element, and replace it with
req_cksumtype and safe_cksumtype.
auth_con.c (krb5_auth_con_init): Initialize the req_cksumtype and
safe_cksumtype from the context's default req_cksumtype and
safe_cksumtype. (krb5_auth_con_set_req_cksumtype,
krb5_auth_con_set_safe_cksumtype): New functions, to replace old
krb5_auth_con_setcksumtype
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8017
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 14 May 1996 08:39:27 +0000 (08:39 +0000)]
k5-int.h: Added new field values for ap_req_sumtype and safe_sumtype.
Added new convenience function for verifying magic numbers:
KRB5_VERIFY_MAGIC.
krb5.hin (krb5_auth_con_set_req_cksumtype, rb5_auth_con_set_safe_cksumtype):
Added prototypes of new functions, to replace old
krb5_auth_con_setcksumtype.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8016
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 14 May 1996 00:43:00 +0000 (00:43 +0000)]
Change the default ticket lifetime to something reasonable (10 hours,
instead of 10 minutes). Also change the label of this parameter to be
tkt_lifetime.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8015
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 13 May 1996 19:30:26 +0000 (19:30 +0000)]
* Makefile.in (SHLIB_LIBS): For shared library, add dependency on
libkrb5.so
* configure.in (CRYPTO_SH_VERS): Pass krb5 shared library version
to Makefile.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8014
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 13 May 1996 11:54:07 +0000 (11:54 +0000)]
configure.in heuristic.c:
Change the euid before opening the source ccache, so we don't use
someone else's ccache.
authorization.c:
users only in /.k5login were not permitted to use the '-e cmd' feature.
The man page does not indicate that this should not be permitted...
Also, lots of indentation cleanup was done... I couldn't read the code before.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8013
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 May 1996 11:47:13 +0000 (11:47 +0000)]
Back out change to libupdate.sh.
The problem is that for directories containing multiple subdirs, the
current procedure is to do a foreach and invoke libupdate --force for
each one. This is broken as it caused the library to be removed each time.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8012
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 11 May 1996 21:41:12 +0000 (21:41 +0000)]
When invoked with --force, do not use variable before being set
NetBSD complained about trying to use the command "rm -f"
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7980
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 11 May 1996 21:38:18 +0000 (21:38 +0000)]
Copy sizeof(mit_des_cblock), not sizeof(key) so that we are getting the
full DES key.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7979
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 11 May 1996 14:13:50 +0000 (14:13 +0000)]
configure.in: Need to include sys/types.h before regexp.h in test to
see if regcomp works.
NetBSD required this so that size_t is defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7978
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 22:50:32 +0000 (22:50 +0000)]
removed des3-cbc-md5 support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7977
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 10 May 1996 16:55:07 +0000 (16:55 +0000)]
* shs.c (longReverse): Remove extraneous \.
(expand): Start #define in first column.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7976
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:35:16 +0000 (07:35 +0000)]
added des3_raw.c and sha..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7975
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:34:24 +0000 (07:34 +0000)]
replaced des3_md5.c with des3_sha.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7974
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:26:30 +0000 (07:26 +0000)]
removed des3-md5 support (replaced with des3-sha)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7973
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:26:03 +0000 (07:26 +0000)]
replaced des3-md5 with des3-sha
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7972
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:22:20 +0000 (07:22 +0000)]
Removed des3-md5 support
Added support for sha cksum types and des3-sha.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7971
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:21:04 +0000 (07:21 +0000)]
Replaced des3-md5 with des3-sha (also added sha cksumtype)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7970
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:20:07 +0000 (07:20 +0000)]
Obsolete file (replaced des3-md5 with des3-sha)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7969
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:19:22 +0000 (07:19 +0000)]
Replaced des3-md5 with des3-sha
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7968
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:18:21 +0000 (07:18 +0000)]
Replace des3-md5 with des3-sha
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7967
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 10 May 1996 07:16:28 +0000 (07:16 +0000)]
NIST-SHA support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7966
dc483132-0cff-0310-8789-
dd5450dbe970
Barry Jaspan [Thu, 9 May 1996 19:33:49 +0000 (19:33 +0000)]
add new function ovsec_kadm_flush
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7964
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 9 May 1996 18:33:59 +0000 (18:33 +0000)]
Remove unused file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7956
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 9 May 1996 16:02:10 +0000 (16:02 +0000)]
Better handling of the principal max_life..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7952
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 9 May 1996 16:01:08 +0000 (16:01 +0000)]
krlogind.c krshd.c:
Use the default service principal as the basis for the rcache name.
login.c:
SVR4 systems typically do not do mail/motd checks in login; they
do it in the profiles (/etc/profile). Follow that convention...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7951
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 9 May 1996 15:59:11 +0000 (15:59 +0000)]
Use the default service principal (don't assume it is "host") as the
basis for the replay cache name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7950
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 9 May 1996 15:57:58 +0000 (15:57 +0000)]
Don't skip keytab entries with kvno=0
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7949
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 8 May 1996 20:55:36 +0000 (20:55 +0000)]
convert has been removed
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7946
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 8 May 1996 20:48:45 +0000 (20:48 +0000)]
Removing unbuilt directory from source tree. The functionality was
merged with kdb5_edit August 1995.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7944
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 8 May 1996 01:05:41 +0000 (01:05 +0000)]
des425 needs to be compiled after krb5 as des425 depends on krb5_free_keyblock
Turns out that link order in aclocal.m4 already assumed this.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7924
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 7 May 1996 23:53:23 +0000 (23:53 +0000)]
Handle compiling with BERK_DB without dbm available. (Linux when
the option --with-kdb-db=db)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7923
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 23:22:02 +0000 (23:22 +0000)]
Don't do more than the necessary encryptions for a single cblock length
random key. Only the larger cblocks need a second wrap-around cbc encrypt
to prevent leaking a codebook.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7922
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 23:07:03 +0000 (23:07 +0000)]
We are providing 3des routines in libcrypto..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7921
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 23:06:19 +0000 (23:06 +0000)]
Somehow I missed this file during my previous checkin... New 3des random
function support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7920
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 7 May 1996 22:23:12 +0000 (22:23 +0000)]
Mark's changes for ticket validation
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7918
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 20:39:22 +0000 (20:39 +0000)]
Pass the eblock to the init_random_key and finish_random_key functions
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7914
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 20:19:59 +0000 (20:19 +0000)]
Use the revamped random number routines
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7913
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 20:18:41 +0000 (20:18 +0000)]
Use the new 3des random number generator
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7912
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 7 May 1996 20:17:36 +0000 (20:17 +0000)]
New DES random number generation. For regular DES, it is nearly equivalent
(an extra DES encryption now happens). For 3des, it is a substantially
better setup (the original one was a placeholder); it may not be the final
one, but at least it is not as weak as the previous version. (This checkin
does not include the proposed API changes.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7911
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 7 May 1996 01:35:05 +0000 (01:35 +0000)]
(clean-unix): Remove libgssapi_krb5.stamp
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7909
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 7 May 1996 01:14:09 +0000 (01:14 +0000)]
Use a wrapper script for the rcp started from kshd. This change cleans up the
test as written.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7908
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 6 May 1996 16:25:53 +0000 (16:25 +0000)]
Fixed the abstraction violation, where the code knew the details about the
cryptosystem structure.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7907
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 6 May 1996 16:22:15 +0000 (16:22 +0000)]
The fallback to slave kdc's wasn't working because the code did not handle
the error return "KRB524_NOTRESP".
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7906
dc483132-0cff-0310-8789-
dd5450dbe970