Ezra Peisach [Sun, 11 Feb 1996 01:58:20 +0000 (01:58 +0000)]
Incluide stdlib.h for declaration of malloc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7470
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 10 Feb 1996 23:46:05 +0000 (23:46 +0000)]
* g_glue.c: grab stdlib.h to get NULL
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7469
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 10 Feb 1996 02:45:42 +0000 (02:45 +0000)]
Only display secure_message if encryption actually enabled
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7467
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 10 Feb 1996 02:35:39 +0000 (02:35 +0000)]
Fixed bug in v4 compatability: you don't check
v5 authenticator checksums when v4 is being used.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7466
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 9 Feb 1996 02:19:14 +0000 (02:19 +0000)]
* scc.h scc_gprin.c scc_maybe.c scc_skip.c scc_sseq.c
Store and retrieve the os_context time offset from the
credentials cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7465
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 9 Feb 1996 01:05:50 +0000 (01:05 +0000)]
* pre.in
Install administrative database utilities in sbin, not admin.
Also, define $(transform) to be the sed transformation for program
installation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7464
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 9 Feb 1996 00:52:44 +0000 (00:52 +0000)]
* kinit.c
Only initialize the credentials cache if credentials were obtained.
This means you won't blow away the old cache if an incorrect password
was entered, and it also allows for the os_context time offset to be
set properly in the credentials cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7463
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 9 Feb 1996 00:50:32 +0000 (00:50 +0000)]
* fcc_maybe.c
Only store the os_context time offset if it is valid.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7462
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 9 Feb 1996 00:47:05 +0000 (00:47 +0000)]
* fcc.h fcc_gprin.c fcc_maybe.c fcc_skip.c fcc_sseq.c
Store the time offset from the os_context in the credentials cache.
When applications open the credentials cache, they will set the
os_context time offset if kdc_timesync is set and the os_context
time offset has not yet been set.
Note: The time offset is stored during krb5_cc_initialize, so the os_context
should be set prior to this operation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7461
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 7 Feb 1996 20:33:12 +0000 (20:33 +0000)]
* configure.in: Check for stdlib.h
* secure.c, pclose.c, ruserpass.c, ftp.c: Include stdlib.h if
present for malloc declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7453
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 7 Feb 1996 19:18:40 +0000 (19:18 +0000)]
Need to include stdio.h and errno.h no matter what.
(stderr and ENOMEM needs to be defined)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7452
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 7 Feb 1996 18:38:02 +0000 (18:38 +0000)]
Make clean removes ftpd (not ftp)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7451
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 7 Feb 1996 05:33:25 +0000 (05:33 +0000)]
New files, for danw's changes to allow building Makefiles for the
Macintosh. We now can build MPW makefiles which are interpreted by
CodeWarrior.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7445
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 7 Feb 1996 05:30:24 +0000 (05:30 +0000)]
Folded in danw's changes to allow building Makefiles for the
Macintosh. We now can build MPW makefiles which are interpreted by
CodeWarrior.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7444
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 7 Feb 1996 05:04:58 +0000 (05:04 +0000)]
Commited new snapshot from Roland Schemers at Sun
This snapshot features a BSD-style copyright notice from Sun. It also
includes the code to parse a configuration file and then dlopen the
proper shared library. Miscellaneous cleanup in the mechglue directory.
Namespace uglieness (like get_mechanism) have been cleaned up, to use
things like __gss_get_mechanism instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7442
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 4 Feb 1996 04:21:09 +0000 (04:21 +0000)]
* configure.in, Makefile.in
Berkeley hash db is now a separate library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7437
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 4 Feb 1996 04:20:23 +0000 (04:20 +0000)]
* configure.in, Makefile.in
Better support of alternate db libraries.
Berkeley db is now a separate library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7436
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 4 Feb 1996 04:19:17 +0000 (04:19 +0000)]
* Makefile.in
Support --program-prefix, --program-suffix, --program-transform
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7435
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 4 Feb 1996 04:16:00 +0000 (04:16 +0000)]
* aclocal.m4
Support --program-prefix and --program-suffix
Support different dbm libraries better.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7434
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 1 Feb 1996 22:01:13 +0000 (22:01 +0000)]
Remove check to make sure ticket enctype
is in the tgs enctypes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7431
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 1 Feb 1996 22:00:01 +0000 (22:00 +0000)]
Remove check to make sure cached tickets are in tgs_enctypes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7430
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 1 Feb 1996 05:56:27 +0000 (05:56 +0000)]
* rcp (client mode) now uses rsh -x but still supports the old encryption in
server mode.
* krshd will work in encrypting mode even when the port for stderr is null.
* rcp will work if stdin isn't not a socket, but is a pipe in remote mode
* krshd destroys forwarded credentials properly
* For rsh, the secure_message got moved to the client; if you use a new client
with an old server, you get secure_message twice, but it should be a
useful change long-term.
* Fixed typo in rcp man page.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7423
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 31 Jan 1996 22:26:17 +0000 (22:26 +0000)]
* krshd: Make sure KRB5CCNAME gets set for forward creds; code could be much cleaner.
* forward.c: give caller handle to ccache so it can be destroyed.
* krshd: destroy the ccache if it is non-null.
* krlogind: Fix call, but don't destroy cache, as
login.krb5 should do that any year now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7422
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 31 Jan 1996 00:22:23 +0000 (00:22 +0000)]
Several changes to the db rename feature.
Renaming locks the target lock file.
If the target lock file doesn't exist, create it.
Check the return value of krb5_dbm_db_set_name and set the
context accordingly if the target didn't exist.
Only unlink the source lock file if one could be computed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7418
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 30 Jan 1996 23:30:23 +0000 (23:30 +0000)]
* dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
to fprintf correctly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7417
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 30 Jan 1996 23:28:18 +0000 (23:28 +0000)]
* kdb_dbm.c (krb5_dbm_db_rename): O_EXCL is meaningless without
O_CREAT.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7416
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 30 Jan 1996 18:04:30 +0000 (18:04 +0000)]
Don't update the utmp file unless update_utmp is true
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7414
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sun, 28 Jan 1996 19:36:35 +0000 (19:36 +0000)]
* dump.c (process_k5_record): t2..t9 is only 8 vars, not 9
make check is useful, gang...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7412
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 28 Jan 1996 00:20:31 +0000 (00:20 +0000)]
Fix quoting problem
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7411
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 27 Jan 1996 23:50:53 +0000 (23:50 +0000)]
Fixes to build on Linux;
never call fcntl(F_SETOWN)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7410
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 27 Jan 1996 06:40:36 +0000 (06:40 +0000)]
Fix bug in finding the tgs key;
we really really want to avoid encrypting v4 tickets in DES3 keys.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7407
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 27 Jan 1996 06:39:40 +0000 (06:39 +0000)]
Implement -e option for keytabs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7406
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:14:24 +0000 (06:14 +0000)]
* void_assoc.c (ptyint_void_association): if we don't have
TIOCNOTTY (HP/UX 9 for example) don't try to use it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7405
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:13:02 +0000 (06:13 +0000)]
* krb5.conf: use host:portnum in example files, not host,portnum
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7404
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:11:33 +0000 (06:11 +0000)]
* kadmin.exp: use a longer password for kadmin_modify test to meet
password quality constraints.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7403
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:09:40 +0000 (06:09 +0000)]
fix indentation
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7402
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:06:22 +0000 (06:06 +0000)]
* kuserok.c: use HAVE_SETEUID and HAVE_SETRESUID to figure out how
to emulate seteuid instead of assuming hpux.
* configure.in: test for seteuid as well; fold some tests into a
single AC_HAVE_FUNCS.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7401
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 06:03:26 +0000 (06:03 +0000)]
* t_kdb.c: wrap db_dbm decls and berkely_dispatch in ifdefs
BERK_DB_DBM.
(do_testing): wrap references as well.
* keytab.c (krb5_ktkdb_get_entry): use KRB5_PROTOTYPE.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7400
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 05:57:22 +0000 (05:57 +0000)]
* t_cksum.c (main): use proper old-style definition
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7399
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Sat, 27 Jan 1996 05:55:04 +0000 (05:55 +0000)]
* network.c (setup_network): strtol is good enough for port
number, and sunos doesn't have strtoul (and nothing else in the
tree uses it.)
(add_port): use proper old-style definition.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7398
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 27 Jan 1996 02:58:54 +0000 (02:58 +0000)]
Oops; I accidentally comitted a version of krlogin
that didn't even compile.
(I tested the binary in the wrong build tree.)
Compiled and tested this time.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7397
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 21:45:46 +0000 (21:45 +0000)]
Implement -e option to list that
shows enctypes associated with a key.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7396
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 20:21:15 +0000 (20:21 +0000)]
Require DES for credentials
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7395
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 07:03:43 +0000 (07:03 +0000)]
Fix bug in call to shared library macros
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7394
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 07:03:22 +0000 (07:03 +0000)]
Telnet really wants a DES key; have it ask for one
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7393
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 07:02:51 +0000 (07:02 +0000)]
Fix delay in ^C processing
caused by my OOB fix.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7392
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 05:23:19 +0000 (05:23 +0000)]
Disable resetting of tgs_enctypes
until I hear a good reason for it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7391
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 05:22:37 +0000 (05:22 +0000)]
Convert the kvno to a char before writing it out. (The previous code
tried, but casting from (int *) to (char *) is not the same as casting
from int to char.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7390
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 05:20:55 +0000 (05:20 +0000)]
Removed outdated comment about mapping
etypes to ktypes--it's a one to one mapping
now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7389
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 05:20:17 +0000 (05:20 +0000)]
Fixed to check enctype of retrieved keys
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7388
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 26 Jan 1996 05:19:21 +0000 (05:19 +0000)]
Fixed extraction of keytabs to extract all keys
not just the first one.
Fixed v4 extraction to find the v4 key.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7387
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 25 Jan 1996 20:06:28 +0000 (20:06 +0000)]
* cnv_tkt_skey.c (krb524_convert_tkt_skey): Take both a v5 and v4
service key. Use the v5 service key to decrypt the v5 ticket, and
the v4 service key to encrypt the v4 ticket.
* krb524d.c (do_connection): Use a separate v5 and v4 service key
so that if the KDC chooses to encrypt the v5 ticket in something
besides ENCTYPE_DES_CBC_CRC, we don't lose. Also, make sure we
free keyblock contents and tickets on error.
(lookup_service_key): Pass enctype to kdc_get_server_key
(kdc_get_server_key): Only try for v4 salt if the enctype is
DES_CRC. Take enctype as an argument. This creates a problem
if the server key has a normal and v4 salt of ENCTYPE_DES_CBC_CRC
but I can't think of a good answer to this.
* k524init.c (main): Use crc32 not md5.
Wed Jan 24 20:05:47 1996 Sam Hartman <hartmans@tertius.mit.edu>
* krb524d.c (kdc_get_server_key): Try to find a v4 salt type key,
else try any des_crc32 key, else fail.
(do_connection): Lookup a crc32 key not an md5 key.
(init_master): Handle reading kdc profile.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7386
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 25 Jan 1996 20:04:58 +0000 (20:04 +0000)]
get_creds.c: Only match on enctype if in_creds.keyblock
has non-null enctype. (I.E. implement as documented)
gc_via_tkt.c: If the in_creds.keyblock.enctype !=0 then don't call
send_tgs with a null ktypes paramater; instead, explicitally allow only
increds.keyblock.enctype.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7385
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 25 Jan 1996 20:01:45 +0000 (20:01 +0000)]
Previously, ktype_match only made sure that the enctype was valid
and in the set of default tgs enctypes.
Now, if matching on keytype, do an exact match, else
use ktype_reasonable (renamed ktype_match) to make
sure the ticket is in the default tgs enctypes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7384
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 25 Jan 1996 02:30:18 +0000 (02:30 +0000)]
Remove superfluous link line
from configure.in
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7380
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 25 Jan 1996 01:57:37 +0000 (01:57 +0000)]
No change from prior revision, just corrected log message:
* gssapi.h: Added definition of NPROTOTYPE to dtrt with Ultrix,
etc. Also added special case for Ultrix (limited
prototype support).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7379
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 25 Jan 1996 01:55:50 +0000 (01:55 +0000)]
* g_compare_name.c, g_delete_sec_context.c, g_dsp_status.c,
g_exp_sec_context.c, g_imp_sec_context.c, g_rel_buffer.c,
g_rel_cred.c, g_rel_name.c, g_rel_oid_set.c, get_mechanism.c,
get_mtype.c: Include stdlib.h and string.h as needed
* mglueP.h: Add many invocations of NPROTOTYPE and PROTOTYPE to
prevent breakage.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7378
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 25 Jan 1996 01:54:53 +0000 (01:54 +0000)]
* pname_to_uid.c (krb5_pname_to_uid): Changed def'n of
krb5principalname to static so K&R compilers won't lose on
automatic aggregate initialization.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7377
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 24 Jan 1996 23:50:19 +0000 (23:50 +0000)]
* Makefile.in: Remove spurious @DEFS@
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7376
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 24 Jan 1996 19:57:24 +0000 (19:57 +0000)]
Update man pages with new options
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7375
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 24 Jan 1996 19:23:54 +0000 (19:23 +0000)]
Added lines to adm.h which Chris had removed while working on the
kadmin revisions. This allows the existing code to compile.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7374
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 24 Jan 1996 18:24:27 +0000 (18:24 +0000)]
Don't assume that the input_name_buffer is null terminated, when it
contains a string. Fix gcc warnings.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7373
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 24 Jan 1996 08:56:24 +0000 (08:56 +0000)]
* Add checksum support to klogind making sure encrypted authenticators
cannot be replayed against unencrypted connections.
* Updated checksumming in kshd to be compatible with klogind so they
use the same client code. CVS:
* Fixed Makefile to install kshd and klogind not kr*d
* Updated option process in krlogind and kshd per messages to c.p.k.
----------------------------------------------------------------------
automatically CVS: CVS: Committing in . CVS: CVS: Modified Files:
----------------------------------------------------------------------
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7372
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 23 Jan 1996 18:26:09 +0000 (18:26 +0000)]
Check for stdlib.h, include stdlib.h, string.h, cast to handle gcc warning
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7371
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 23 Jan 1996 18:25:05 +0000 (18:25 +0000)]
Check for stdlib.h (configure.in)
Include stdlib.h and string.h for declarations of such items like malloc,
strlen, memmove...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7370
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 23 Jan 1996 17:20:45 +0000 (17:20 +0000)]
* Makefile.in (SRCS): Remove extraneous line with only a tab.
(SHLIB_LDFLAGS): Declare that krb5_gss_initialize is to be
unresolved.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7368
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 23 Jan 1996 17:20:25 +0000 (17:20 +0000)]
* Makefile.in (SHLIB_LIBS): Add lines for shared library building
depending on libkrb5, crypto, and com_err.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7367
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 09:07:27 +0000 (09:07 +0000)]
Add support for building GSSAPI as a shared library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7366
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 08:37:04 +0000 (08:37 +0000)]
configure.in: Add the mechglue directory as a subdir
Makefile.in (libgssapi_krb5.a): Include the object files in the
mechglue directory as well.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7365
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 08:36:27 +0000 (08:36 +0000)]
gssapiP_generic.h: Removed prototypes of functions that have been
moved to the mechglue layer.
Makefile.in: Removed gssapi_generic.c, oid_ops.c, rel_buffer.c, and
rel_oid_set.c --- these functions are now done in the mechglue layer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7364
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 08:35:38 +0000 (08:35 +0000)]
rel_oid.c (krb5_gss_internal_release_oid): Add the new interface for
the mechglue layer.
inq_cred.c (krb5_gss_inquire_cred): Call gss_release_oid_set() instead
of generic_gss_release_oid_set().
gssapiP_krb5.h: Added prototype for krb5_gss_internal_release_oid
Makefile.in (CCSRCS): Removed the file krb5_gss_glue.c and added the
file k5mech.c and pname_to_uid.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7363
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 08:34:12 +0000 (08:34 +0000)]
Added Sun's changes (from Roland), as fixed by Ted, to finally have a
fully working mechglue layer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7362
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 23 Jan 1996 05:13:24 +0000 (05:13 +0000)]
New files for Sun's multi-mechanism GSSAPI
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7361
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 22 Jan 1996 23:18:33 +0000 (23:18 +0000)]
Check for prototypes so that KRB5_STDARG_P works
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7360
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 22 Jan 1996 22:37:04 +0000 (22:37 +0000)]
* configure.in: Use KRB5_CHECK_PROTOS instead of inlining
prototype checking.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7359
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 22 Jan 1996 22:35:33 +0000 (22:35 +0000)]
Move the prototype checking code from include/krb5/configure.in into
KRB5_CHECK_PROTOS.
This is for applications that wish to use KRB5_PROTOTYPE, are not STDC,
do not want to include k5-int.h but need to know if prototypes work on
the system.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7358
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 22 Jan 1996 20:48:29 +0000 (20:48 +0000)]
* configure.in: Merge in berk_db library if needed
* Makefile.in (LIB_SUBDIRS): Get location of berk_db from
configure if needed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7357
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 22 Jan 1996 13:10:40 +0000 (13:10 +0000)]
* configure.in: Add in WITH_ANAME_DB and WITH_KDB_DB so that top
level configure --help lists options.
* aclocal.m4 (CHECK_DB): Fix m4 quoting to allow for the autoconf
rules to insert the required CPP determination rules
automatically.
(WITH_ANAME_DB): Add missing comma. Fix up spacing so
configure --help looks pretty.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7356
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 05:00:18 +0000 (05:00 +0000)]
If there is no DES key with a V4 salttype, simply return any DES key.
(Service keys only need to be DES for V4 requests to work.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7355
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:56:49 +0000 (04:56 +0000)]
Allow for the use of other K/M encryption types. Try to look it up in
the stash file if it is being invoked in non-interactive mode.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7354
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:55:26 +0000 (04:55 +0000)]
Don't syslog if the child exited normally
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7353
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:53:48 +0000 (04:53 +0000)]
A couple more tasks have been completed (use dbm, and kdc locking)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7352
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:52:28 +0000 (04:52 +0000)]
Fixed three problems in the database rename function:
1. Added a missing call to krb5_dbm_db_end_update to ensure the lock file
timestamp is updated.
2. Corrected the test for a valid lock file handle to be >=0 not non-zero.
3. Use the lock file of the target name, since the source will shortly
disappear and another process may already be checking for the lock
file of the target. (For example, a kdb5_edit db load will use
a temporary name and rename the db to the proper name when it is
done, and krb5kdc will be testing for the target lock file.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7351
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:42:57 +0000 (04:42 +0000)]
Simplified to simply require the use of WITH_ANAME or USE_KDB5_LIBRARY
to specify the need for dbm inclusion/testing/compilation flags.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7350
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:37:00 +0000 (04:37 +0000)]
* aclocal.m4
Added several macros and restructures to allow for testing of
which dbm type to use and to override with
--with-kdb-db=DBM
--with-aname-db=DBM
Added USE_ANAME macro to specify a module requires the aname db.
USE_KDB5_LIBRARIES now checks the --with-kdb-* flags.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7349
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 22 Jan 1996 04:34:09 +0000 (04:34 +0000)]
* gc_via_tkt.c (krb5_kdcrep2creds): Set is_skey so get_creds won't
break trying to match is_skey in the ccache. This way we
won't end up with many copies of user-to-user tickets.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7348
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Jan 1996 04:34:05 +0000 (04:34 +0000)]
* configure.in
Only build Berkeley db, if it is being used.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7347
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 20 Jan 1996 04:24:26 +0000 (04:24 +0000)]
krb5_get_credentials does not use the same flags as kdc_options
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7346
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 20 Jan 1996 04:21:38 +0000 (04:21 +0000)]
krb5_get_credentials does not take the same flags as kdc_options. Set to
0.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7345
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 20 Jan 1996 04:20:00 +0000 (04:20 +0000)]
krb5_get_credentials does not take kdc_options flags
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7344
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 20 Jan 1996 04:04:06 +0000 (04:04 +0000)]
Remove use of krb5_kdc_default_options
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7343
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 20 Jan 1996 04:00:25 +0000 (04:00 +0000)]
Fix a memory leak and reversed arguments
in my previous commit.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7342
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 20 Jan 1996 00:55:45 +0000 (00:55 +0000)]
In the client, construct a checksum from the command line
and remote user and encode them in the authenticator. In the daemon,
if a checksum is present, verify it.
This change *should* make it possible to use rsh in a secure
fassion provided that you always use a client that has
checksumming.
If you do not use encrypted rsh, then the command line cannot be
spoofed,
but the standard input and output can still be spoofed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7341
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 19 Jan 1996 19:50:54 +0000 (19:50 +0000)]
Add check for DBM/db libraries
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7340
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Jan 1996 15:52:55 +0000 (15:52 +0000)]
In des_read, check to see if read returns 0 and report
a closed connection if it does.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7339
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Jan 1996 01:33:08 +0000 (01:33 +0000)]
Mainline utmp and login cleanups from hartmans_pty_utmp:
* Fix utmp handling on Solaris for wtmpx records
* Replace krlogin's SIGURG handler with a call to select squashing Solaris ctrl-c bug
* Fix utmp on systems without pututline so ttyslot is only used when it works
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7338
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Jan 1996 00:01:30 +0000 (00:01 +0000)]
Deal with sys_errlist
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7337
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Jan 1996 00:00:42 +0000 (00:00 +0000)]
Portability fixes: don't declare errno ever
and don't declare sys_errlist unless you need to.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7336
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 18 Jan 1996 20:52:03 +0000 (20:52 +0000)]
Fix loop so that a ftp/host@REALM is not required,
but host/host@REALM will also work.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7334
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 18 Jan 1996 20:51:23 +0000 (20:51 +0000)]
Include sys/select.h for AIX
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7333
dc483132-0cff-0310-8789-
dd5450dbe970