git.tremily.us Git - krb5.git/log

Tom Yu [Mon, 2 Nov 2009 19:19:02 +0000 (19:19 +0000)]

Emacs 21 doesn't have custom-variable-p. Also, adjust to use the
correct controlling variables for older incarnations of
whitespace-mode.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23121 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Mon, 2 Nov 2009 18:00:40 +0000 (18:00 +0000)]

Clean up a bunch of signed/unsigned comparison warnings

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23120 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 22:32:47 +0000 (22:32 +0000)]

Simplify krb5int_get_error (and fix a cast-qual warning) by not
worrying so much about system errors longer than 1K.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23118 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 22:14:25 +0000 (22:14 +0000)]

Be a little more const-correct in krb5int_vset_error_fl

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23117 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 21:51:26 +0000 (21:51 +0000)]

Un-constify struct errinfo's msg field because it is the owner of that
memory (even though the memory is intended to be immutable during its
lifetime).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23116 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 15:55:44 +0000 (15:55 +0000)]

In k5-int.h, fix make_data to work with C++

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23115 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 14:13:32 +0000 (14:13 +0000)]

Memory leak fix: in obtain_sam_padata, after claiming the contents of
the scratch data object, free the outer structure before nulling the
pointer to it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23114 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sun, 1 Nov 2009 04:35:20 +0000 (04:35 +0000)]

Rework in an attempt to deal with variant Emacs versions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23113 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 02:47:58 +0000 (02:47 +0000)]

Move the implementations of four deprecated crypto functions to
old_api_glue.c. Move the prototypes of seven deprecated crypto
functions to old_api_glue.c instead of k5-int.h, since we don't use
those functions internally.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23112 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 1 Nov 2009 02:46:36 +0000 (02:46 +0000)]

Stop using deprecated krb5_encrypt_data in preauth code. Use
krb5_encrypt_helper instead. (encrypt_helper takes a key usage
instead of an ivec, but that's okay since the invocations were using
null ivecs anyway.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23111 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sat, 31 Oct 2009 18:08:09 +0000 (18:08 +0000)]

Reformat to avoid parens at beginnings of lines

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23109 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:59:19 +0000 (03:59 +0000)]

In lib/krb5/ccache, ensure that function definition headers have
function names at the beginnings of lines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23107 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:52:01 +0000 (03:52 +0000)]

In lib/krb5/asn.1, ensure that function definition headers have
function names at the beginnings of lines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23106 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:50:54 +0000 (03:50 +0000)]

Reformat lib/krb5/asn.1 internal prototypes to avoid problematic parens
at beginnings of lines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23105 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:37:09 +0000 (03:37 +0000)]

Reformat asn1_make.h prototypes to avoid the problematic parens at
beginnings of lines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23104 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:17:27 +0000 (03:17 +0000)]

In lib/krb5/os, ensure that function definition headers have function
names at the beginnings of lines.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23103 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 03:03:54 +0000 (03:03 +0000)]

In lib/krb5/krb, ensure all function definition headers are in ANSI
style and have the function name at the beginning of a line.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23102 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sat, 31 Oct 2009 02:36:01 +0000 (02:36 +0000)]

Fix indentation in gc_via_tkt.c which was messed up by a malformed #if
0 block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23101 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sat, 31 Oct 2009 00:48:38 +0000 (00:48 +0000)]

make mark-cstyle
make reindent

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ken Raeburn [Fri, 30 Oct 2009 23:08:48 +0000 (23:08 +0000)]

Fixes for Emacs 22 compatibility

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23099 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ken Raeburn [Fri, 30 Oct 2009 23:08:45 +0000 (23:08 +0000)]

If krb5_sname_to_principal returns a null realm for the client
principal name, print an error message.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23098 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ken Raeburn [Fri, 30 Oct 2009 23:08:40 +0000 (23:08 +0000)]

Quote realm name in error message.
If realm name is an empty string, just return an error right away.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23097 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Fri, 30 Oct 2009 21:34:19 +0000 (21:34 +0000)]

Tweak batch reindent some more. Limit the initial bulk reindent, and
refine the exception list somewhat.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23096 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Fri, 30 Oct 2009 10:49:38 +0000 (10:49 +0000)]

Update the kadm5 design documentation slightly to reflect that MIT
doesn't commit to a stable libkadm5 C API.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23095 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 29 Oct 2009 23:07:33 +0000 (23:07 +0000)]

In process_tgs_req, fully initialize e_data since we may copy it in
prepare_error_tgs.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23093 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 29 Oct 2009 23:00:13 +0000 (23:00 +0000)]

Add a couple of krb5_data convenience constructor functions, to
facilitate properly initializing krb5_data objects. Adjust formatting
of the existing krb5_data convenience functions and remove the #if 0
block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23092 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 29 Oct 2009 21:36:47 +0000 (21:36 +0000)]

Corrected Copyrights and some minor reorganization in openssl impl.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23090 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 29 Oct 2009 18:46:52 +0000 (18:46 +0000)]

Files that were not picked up by svn rev #22995 commit:
Changed the crypto make system to add build flexibility. The update cancels the requirement for the dir structures to be identical in all crypto implementation and supports impl. dependent tests.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23089 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 29 Oct 2009 17:52:21 +0000 (17:52 +0000)]

Restored few symbols in the crypto exports list to satisfy tests.`

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23088 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 29 Oct 2009 16:13:36 +0000 (16:13 +0000)]

Rename api.3 to api.current in the libkadm5 unit tests. This way the
main body of tests won't have to be moved every time the current API
version of libkadm5 changes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23087 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 29 Oct 2009 15:02:23 +0000 (15:02 +0000)]

Rename some lingering krb5_derive_key references

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23086 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Thu, 29 Oct 2009 14:16:55 +0000 (14:16 +0000)]

remove times underflow/overflow checks, they break tests

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23084 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Wed, 28 Oct 2009 19:56:19 +0000 (19:56 +0000)]

New elisp file to mark C styles in files. New top-level Makefile
target "make mark-cstyle". The exception list is not final; it's just
a starting point for discussion.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23082 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Wed, 28 Oct 2009 19:17:35 +0000 (19:17 +0000)]

Bump the accessor version number since we made changes.
Take the opportunity to regularize accessor field names (no krb5 or
krb5int prefixes).
Fix a test program which was still using krb5_hmac.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23081 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Wed, 28 Oct 2009 18:37:18 +0000 (18:37 +0000)]

Restrict libk5crypto.exports list to API and ABI. Also, include functions needed to link kerb libs and tests properly

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23080 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Wed, 28 Oct 2009 18:12:38 +0000 (18:12 +0000)]

Replace krb5_ with krb5Int_ prefix for non-API functions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23079 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Wed, 28 Oct 2009 17:18:04 +0000 (17:18 +0000)]

Update to use heuristics for setting "krb5" style based on file local
variable settings. Improve friendliness of variant loading orders.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23078 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Wed, 28 Oct 2009 17:09:00 +0000 (17:09 +0000)]

Print a "starting..." message on stderr if running in nofork mode, for
consistency with kadmind behavior.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23077 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Wed, 28 Oct 2009 01:06:09 +0000 (01:06 +0000)]

Remove "verify" on make clean

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23076 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Wed, 28 Oct 2009 01:00:34 +0000 (01:00 +0000)]

Add variable DB_VERSION to Makefile.in. Generate deps so that
configure will work.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23075 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 27 Oct 2009 14:24:01 +0000 (14:24 +0000)]

Heimdal DB bridge plugin for KDC back end

Merge Luke's users/lhoward/heimmig branch to trunk. Implements a
KDC back-end plugin which interfaces to a Heimdal HDB plugin.

ticket: 6578

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23073 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Tue, 27 Oct 2009 02:13:31 +0000 (02:13 +0000)]

Add "reindent" target to top-level Makefile.in.  Add
krb5-batch-indent.el.  These perform a batch reindent based upon the
Emacs file-local variable settings, taking care to distinguish between
files that are supposed to conform to the coding style versus those
that are marked as being exceptions.  A later commit will explicitly
mark the files that we expect to conform to our coding standards.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23061 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Tue, 27 Oct 2009 00:26:10 +0000 (00:26 +0000)]

Do not include com_err.h - not used here

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23060 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Tue, 27 Oct 2009 00:22:50 +0000 (00:22 +0000)]

with an uninitialized entry on error exit

k5_hmac_md5_hash_iov: Initialize keyblock.length - so we do not invoke zapfree

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23059 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Mon, 26 Oct 2009 19:08:43 +0000 (19:08 +0000)]

Fix missing emacs file variable markers. Add krb5-c-style.el: the
emacs lisp settings for the standard coding style.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23049 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Mon, 26 Oct 2009 15:10:00 +0000 (15:10 +0000)]

Fix printf argument type mismatches related to pw_max_fail in
kadmin.c.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23044 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Mon, 26 Oct 2009 02:58:06 +0000 (02:58 +0000)]

Remove the libkadm5 api.2 unit tests which don't pertain to the cpol,
mpol, or gpol operations.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23043 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Mon, 26 Oct 2009 02:56:34 +0000 (02:56 +0000)]

Remove the telnet-to-localhost sanity check in start_servers_local, as
the system telnet will not necessarily run correctly with
LD_LIBRARY_PATH pointing at the Kerberos libraries from the build
tree.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23042 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sun, 25 Oct 2009 23:31:02 +0000 (23:31 +0000)]

not try to free random stack garbage on error

kdc_return_preauth: Set enc.ciphertext.data to null to ensure we do

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23040 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 25 Oct 2009 20:27:54 +0000 (20:27 +0000)]

Reformat function definition headers in gss-krb5's util_crypt.c to
meet coding standards.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23039 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Sun, 25 Oct 2009 16:55:12 +0000 (16:55 +0000)]

Account lockout

Merge Luke's users/lhoward/lockout2 branch to trunk. Implements
account lockout policies for preauth-using principals using existing
principal metadata fields and new policy fields. The kadmin API
version is bumped from 2 to 3 to compatibly extend the policy_ent_rec
structure.

ticket: 6577

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23038 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sun, 25 Oct 2009 01:10:33 +0000 (01:10 +0000)]

Set up an INIT-CMD to set CRYPTO_IMPL in config.status so that
rebuilding Makefiles in lib/crypto works correctly.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23034 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sun, 25 Oct 2009 00:15:11 +0000 (00:15 +0000)]

make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23030 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sat, 24 Oct 2009 23:50:23 +0000 (23:50 +0000)]

Resurrect deleted test files. Adjust Makefile.in files to correctly
define RUN_SETUP.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23029 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Fri, 23 Oct 2009 21:18:47 +0000 (21:18 +0000)]

Comment out empty definition of krb5_gss_set_sec_context_option_ops and its
usage, because ISO C apparently forbids empty array initializers

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23002 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Fri, 23 Oct 2009 21:16:20 +0000 (21:16 +0000)]

Remove #define DEBUG 1 that slipped in in S4U merge

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23001 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Fri, 23 Oct 2009 19:45:48 +0000 (19:45 +0000)]

Changed the crypto make system to add build flexibility. The update cancels the requirement for the dir structures to be identical in all crypto implementation and supports impl. dependent tests. Also, minor libk5crypto.exports list reduction ( from f_tables)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22995 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Thu, 22 Oct 2009 21:00:19 +0000 (21:00 +0000)]

When iterating through the keytab in krb5_rd_req(), do not
return success if we did not find any matching keytab entries,
otherwise we will crash upon accessing ticket->enc_part2.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22974 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Thu, 22 Oct 2009 20:58:37 +0000 (20:58 +0000)]

Ensure that a GSS_C_BOTH acquired for GSS_C_NO_NAME still passes
a NULL server principal to krb5_rd_req(). Without this the name
canonicalisation support in 1.7 was broken for GSS_C_BOTH
credentials, because cred->name would always be set.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22973 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 18:21:50 +0000 (18:21 +0000)]

Allow the constrained delegation authorization method to use the evidence ticket client name as input to the authorization decision

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22963 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 17:24:37 +0000 (17:24 +0000)]

simplify logic fix introduced in r22960 for S4U2Self

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22962 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 16:03:40 +0000 (16:03 +0000)]

remove some unneeded extensions from the Novell backend authdata SPI

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22961 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 16:00:08 +0000 (16:00 +0000)]

ensure that forwardable flag is propagated along S4U2Self referral path

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22960 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 00:53:47 +0000 (00:53 +0000)]

Increment authdata SPI to V2 (V1 was experimental) to account for additional
krbtgt key parameter.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22959 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Wed, 21 Oct 2009 00:50:08 +0000 (00:50 +0000)]

Increment authdata SPI to V2 (V1 was experimental) to account
for additional krbtgt key parameter. This was at Sam's suggestion.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22958 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Tue, 20 Oct 2009 15:40:47 +0000 (15:40 +0000)]

For naming extensions draft compliance, s/mspac:/urn:mspac:/

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22957 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 20 Oct 2009 14:23:32 +0000 (14:23 +0000)]

Make some gss-krb5 utility functions take enctypes instead of keys,
and adjust callers. Fixes a bug where kg_arcfour_docrypt_iov was
passing a keyblock instead of a key to kg_translate_iov after the
enc-perf merge.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22956 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Tue, 20 Oct 2009 14:14:46 +0000 (14:14 +0000)]

use ANSI prototypes for acquire_XXX_cred, and fix cast to calling acquire_accept_cred()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22955 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Tue, 20 Oct 2009 13:51:40 +0000 (13:51 +0000)]

correct indirection of minor status code when calling displayStatus()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22954 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 20 Oct 2009 13:49:48 +0000 (13:49 +0000)]

In k5_hmac_md5_hash_iov, initialize keyblock.contents so that we don't
free it prior to initialization if krb5_hmac fails.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22953 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 20 Oct 2009 13:47:40 +0000 (13:47 +0000)]

In krb5_k_make_checksum, check for a null key passed with a keyed
checksum instead of just crashing.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22952 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Tue, 20 Oct 2009 10:56:21 +0000 (10:56 +0000)]

Clean up memory leaks by releasing key at end

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22951 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Tue, 20 Oct 2009 10:21:01 +0000 (10:21 +0000)]

Include des_int.h for mit_des_fixup_key_parity prototype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22950 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 20 Oct 2009 02:07:22 +0000 (02:07 +0000)]

Fix memory leaks in enc-perf work

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22949 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Luke Howard [Tue, 20 Oct 2009 00:48:46 +0000 (00:48 +0000)]

fix some Coverity reported defects in naming extensions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22948 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Mon, 19 Oct 2009 20:04:21 +0000 (20:04 +0000)]

Implement new APIs to allow improved crypto performance

Merge branches/enc-perf to trunk. Adds the krb5_key opaque type, the
krb5_k_* APIs to use them, and caching of derived keys when krb5_k_*
functions are used. Updates the krb5 auth context and GSS id-rec to
use krb5_keys.

ticket: 6576

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22944 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Mon, 19 Oct 2009 18:14:35 +0000 (18:14 +0000)]

Update prototype files to conform with newer whitespace rules

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22937 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sun, 18 Oct 2009 11:55:53 +0000 (11:55 +0000)]

Include des_int.h for mit_des_fixup_key_parity prototype. Adjust Makefile.in
to find the proper header.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22912 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sun, 18 Oct 2009 11:22:22 +0000 (11:22 +0000)]

Remove adb.h as it is not used in the source tree

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22911 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Fri, 16 Oct 2009 17:32:15 +0000 (17:32 +0000)]

Properly handle ivec for chaining ops

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22906 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Fri, 16 Oct 2009 17:14:14 +0000 (17:14 +0000)]

Fix the value of ivec in aes_decrypt_iov

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22905 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 15 Oct 2009 19:57:29 +0000 (19:57 +0000)]

Enable t_cts test

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22902 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 15 Oct 2009 16:27:19 +0000 (16:27 +0000)]

Fixed aes to handle the input buffers of the various sizes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22900 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 13 Oct 2009 19:43:17 +0000 (19:43 +0000)]

Fix preauth looping in krb5_get_init_creds

In 1.7, krb5_get_init_creds will continue attempting the same built-in
preauth mechanism (e.g. encrypted timestamp) until the loop counter
maxes out. Until the preauth framework can remember not to retry
built-in mechanisms, only continue with preauth after a PREAUTH_FAILED
error resulting from optimistic preauth.

ticket: 6573
tags: pullup
target_version: 1.7.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22890 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 13 Oct 2009 19:38:16 +0000 (19:38 +0000)]

Revert a small part of r22736 which incorrectly fixed a preauth
looping bug in krb5_get_init_creds. A more correct fix will follow.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22888 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sat, 10 Oct 2009 11:33:01 +0000 (11:33 +0000)]

Fix memory leak and init those magic number fields to prevent compiler warning
when structure copied.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22879 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sat, 10 Oct 2009 11:32:25 +0000 (11:32 +0000)]

Clean nfold.o on make clean

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22878 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Tom Yu [Sat, 10 Oct 2009 03:57:45 +0000 (03:57 +0000)]

Move destest to builtin/des, because it depends on overriding some
internals.

Make depend.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Ezra Peisach [Sat, 10 Oct 2009 01:49:38 +0000 (01:49 +0000)]

Remove krb5.conf, bigendian.o, and bigendian on make clean

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22876 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Fri, 9 Oct 2009 18:29:34 +0000 (18:29 +0000)]

Implement GSS naming extensions and authdata verification

Merge Luke's users/lhoward/authdata branch to trunk. Implements GSS naming
extensions and verification of authorization data.

ticket: 6572

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22875 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Fri, 9 Oct 2009 17:18:50 +0000 (17:18 +0000)]

Get aes-gen to build again (for the default back end, at least)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22873 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Fri, 9 Oct 2009 14:21:04 +0000 (14:21 +0000)]

In asn1_decode_enc_kdc_rep_part, don't leak the enc_padata field on
invalid representations.

ticket: 6571
tags: pullup
target_version: 1.7.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22872 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Thu, 8 Oct 2009 16:11:01 +0000 (16:11 +0000)]

In anticipation of a new version of OpenSSL 1.0.0, support renamed API: EVP_PKEY_decrypt -> EVP_PKEY_decrypt_old

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22871 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 8 Oct 2009 12:59:33 +0000 (12:59 +0000)]

In krb5_c_verify_checksum, avoid the structure copy of *data since we
don't care about data->magic. Squashes a bunch of unimportant
Coverity defects. (May not be the correct long-term solution.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22868 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Thu, 8 Oct 2009 12:58:56 +0000 (12:58 +0000)]

In krb5_calculate_checksum (a compatibility routine), initialize
key.enctype to ENCTYPE_NULL. This will predictably fail to match a
keyed hash's enctype, which may not be the best behavior, but is
better than unpredictably failing to match it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22867 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Wed, 7 Oct 2009 18:14:49 +0000 (18:14 +0000)]

In krb5_c_make_checksum, avoid the structure copy of *input since we
don't care about input->magic. Squashes a bunch of unimportant
Coverity defects.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22866 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Wed, 7 Oct 2009 18:13:29 +0000 (18:13 +0000)]

Fix krb5_c_weak_enctype in the case of invalid enctypes; r22839
simplified it a bit too much.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22865 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Wed, 7 Oct 2009 16:39:54 +0000 (16:39 +0000)]

Remove an outdated parenthetical comment about master_kdc; we actually
do check if the response came from the master KDC now.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22864 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Greg Hudson [Tue, 6 Oct 2009 16:36:34 +0000 (16:36 +0000)]

In krb5_encrypt_helper, return ENOMEM instead of 0 if we can't
allocate the ciphertext buffer.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22860 dc483132-0cff-0310-8789-dd5450dbe970

commit | commitdiff | tree

Zhanna Tsitkov [Tue, 6 Oct 2009 16:20:19 +0000 (16:20 +0000)]

Crypto modularity proj: Populate openssl/aes dir

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22859 dc483132-0cff-0310-8789-dd5450dbe970

MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.

RSS Atom