Richard Basch [Wed, 20 Mar 1996 01:14:10 +0000 (01:14 +0000)]
* kcmd.c (ruserok): declare the function as taking const char *
instead of char * (Solaris 2.5 refuses to compile it, otherwise).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7672
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 20 Mar 1996 01:02:57 +0000 (01:02 +0000)]
* conv_creds.c (krb524_convert_creds_plain):
if the v5 lifetime is greater than the max v4 lifetime, use the max
v4 lifetime (0xff), rather than masking it with 0xff.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7671
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 20 Mar 1996 01:02:32 +0000 (01:02 +0000)]
* kadm_funcs.c: changed all references of des-cbc-md5 to des-cbc-crc
(which is what v4 really uses); also, fixed uninitialized variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7670
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 20 Mar 1996 01:02:02 +0000 (01:02 +0000)]
* ktutil_funcs.c (ktutil_write_srvtab): use any type of des key
in the keytab to create a v4 srvtab
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7669
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 20 Mar 1996 01:01:24 +0000 (01:01 +0000)]
* kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
another des key from the database, which is just as useful in a
v4 srvtab
* dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
v5 to v4 principal translation, instead of having yet another
hard-coded table.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7668
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 16:27:56 +0000 (16:27 +0000)]
* tf_util.c (tf_get_cred): Issue date is written out as a long,
read back in as same.
I have kept the size as a long to be compatible with the Cygnus V4
distribution. The problem was introduced when we changed the include/kerberosIV
structures to use 32 bit ints for timestamps. So, under OSF/1, tf_util would
write out a 64 bit issue date, and then try reading back in a 32 bit one. Since
Cygnus uses sizeof(long) we will too.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7667
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 15:06:08 +0000 (15:06 +0000)]
Put back in the encrypted telnet tests
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7666
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 03:03:57 +0000 (03:03 +0000)]
* configure.in: Add KRB5_RUN_FLAGS
* Makefile.in: Use the run flags.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7665
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 02:58:27 +0000 (02:58 +0000)]
* aclocal.m4 (KRB5_RUN_FLAGS): Allows for setting of proper paths
for executing programs in the build tree with proper
overriding of potentially installed libraries.
* configure.in: Setup for KRB5_RUN_FLAGS
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7664
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Mar 1996 02:39:45 +0000 (02:39 +0000)]
Makefile.in: Added flags which turn on the encryption option
telnetd.c (getterminaltype): If the authentication option which was
negotiated requires that encryption be turned on, then enforce this
here.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7663
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Mar 1996 02:38:56 +0000 (02:38 +0000)]
Makefile.in: Added flags to turn on the encryption option
authenc.c (telnet_spin): Implemented the telnet spin function, which
works by calling the Scheduler with the tty_lockout flag set.
main.c (main): If the -x option is given, set the autologin,
wantencryption, and auth_enable_encrypt flag. They enable
authentication, enforcement of the encryption option, and a flag to
the auth layer to negotiate authentication with mandatory encryption
option.
telnet.c (telnet): If the wantencryption flag is set (because the user
has given the -x option, then we enforce that encryption must be
turned on. The user will not be able to type to the network stream
until encryption is enabled, and if encryption is refused, the client
will print an error message.
(Scheduler): If the tty_lockout flag is set, then don't process
keyboard read events. This prevents the user from typing over the
network until encryption is enabled.
utilities.c (printsub): Added print support for the authentication
must-encrypt option.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7662
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 19 Mar 1996 02:33:21 +0000 (02:33 +0000)]
Mon Mar 18 20:56:37 1996 Theodore Y. Ts'o <tytso@dcl>
* kerberos5.c (kerberos5_send): Send in as input the
authentication type pair (ap->type, ap->way) to be
checksumed in the authenticator.
(kerberos5_is): If the checksum is present in the
authenticator, then validate the authentication type pair
against the checksum.
(kerberos5_reply): If we didn't do mutual authentication,
and we receive a KRB_ACCEPT, then stash away the session
key anyway. This way we have a chance of doing encryption
even if mutual authentication wasn't done.
* encrypt.c (EncryptStartInput, EncryptStartOutput): Added
conditional around printf so that these two functions can
be called by the server.
(encrypt_is_encrypting): New function which returns true
only if both sides of the telnet stream is encrypted.
Fri Mar 15 18:19:44 1996 Theodore Y. Ts'o <tytso@dcl>
* auth.c: Added new authentication scheme for Krb5 mutual
authentication with mandatory encryption.
(auth_send, auth_send_retry): Split auth_send() so that
the functionality done by auth_send_retry() is separate.
This avoids a really dodgy pointer comparison which was
caused by auth_send() being used for two purposes.
If the client has not requested encryption, then don't
use the authentication systems which require encryption.
(auth_must_encrypt): New function which returns whether
or not encryption must be negotiated.
* auth-proto.h: Added prototype for new option
auth_must_encrypt().
* Makefile.in (ENCRYPTION, DES_ENCRYPTION): Added defines to turn
on encryption and des encryption.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7661
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 02:10:12 +0000 (02:10 +0000)]
Use AC_HEADER_STDARG and use that test to set STDARG.
The old test assumed that either STDARG was defined or __STDC__ - which
is not sufficient.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7660
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 19 Mar 1996 02:08:17 +0000 (02:08 +0000)]
Back out last change and use a cast to avoid warnings.
Richard has indicated that come compilers get upset if you try to
reassign a const char *.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7659
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 22:33:36 +0000 (22:33 +0000)]
* sn2princ.c (krb5_sname_to_principal): Do not assign a const char *
to a non-const char *.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7658
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 18 Mar 1996 19:21:13 +0000 (19:21 +0000)]
Do not try to reassign "const" variables
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7657
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Mon, 18 Mar 1996 05:32:26 +0000 (05:32 +0000)]
detect kadmin failures that are *really* kdc failures
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7656
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Mon, 18 Mar 1996 05:22:00 +0000 (05:22 +0000)]
changelogs entries from cygnus changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7655
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Mon, 18 Mar 1996 02:46:10 +0000 (02:46 +0000)]
malloc the new length, not the old, esp. since we just check that the
old length was zero
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7654
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Mon, 18 Mar 1996 02:39:51 +0000 (02:39 +0000)]
fixes ticket-forwarding crashes on linux..
* copy_addrs.c (krb5_copy_addr): make non-static so we can use it
in mk_cred.
* mk_cred.c (krb5_mk_ncred_basic): copy local_addr and remote_addr
instead of just aliasing them, so we can safely free them ourselves.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7653
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 02:00:35 +0000 (02:00 +0000)]
* configure.in: Change WITH_KDB_DB to USE_KDB5_LIBRARIES and add
KRB5_LIBRARIES.
* Makefile.in: Use libraries as specified by configure. Set
LD_LIBRARY_PATH for tests.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7652
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 01:47:02 +0000 (01:47 +0000)]
configure.in: Add USE_ANAME and KRB5_LIBRARIES
Makefile.in: Change to properly use the libraries as specified by configure
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7651
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 01:40:52 +0000 (01:40 +0000)]
configure.in: Add USE_ANAME and add proper aclocal.m4 functions to properly
tell the makefile which libraries to link to.
Makefile.in: Get the list of libraries to link from configure. Removes a
dependency on layout of build tree and allows for configure to specify
other libraries (as in aname conversion databases..)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7650
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 01:38:20 +0000 (01:38 +0000)]
Add USE_ANAME for aname conversion db
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7649
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 18 Mar 1996 01:20:52 +0000 (01:20 +0000)]
Add USE_ANAME for proper DB
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7648
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 16 Mar 1996 02:40:56 +0000 (02:40 +0000)]
Remove declaration of krb5_kdc_default_options
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7647
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Mar 1996 20:22:26 +0000 (20:22 +0000)]
CLEANLIBS - cleanup libkrb5util.a and libgssapi.a
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7646
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Mar 1996 20:12:08 +0000 (20:12 +0000)]
Add new tests for GSS-API ftp programs
Note: This is using the ftp/$hostname key. If
ftp/ftpd is changed to not allow this service, this
file will need to be changed as well.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7645
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 15 Mar 1996 19:35:51 +0000 (19:35 +0000)]
Corrected several memory leaks and unreferenced memory access conditions
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7644
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 15 Mar 1996 19:31:37 +0000 (19:31 +0000)]
Close the keytab if we opened it, not if the caller opened it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7643
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Mar 1996 19:18:24 +0000 (19:18 +0000)]
* ftpd.c (auth_data): Do not fail if last gss_service is not
present in keytab. If no services present, return a useful
minor error status.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7642
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 15 Mar 1996 06:50:19 +0000 (06:50 +0000)]
* aclocal.m4 (V5_OUTPUT_MAKEFILE): nuke some redundant sed rules
and also make sure that SRCTOP doesn't get a leading "./".
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7641
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 15 Mar 1996 06:28:23 +0000 (06:28 +0000)]
Added shadow password support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7640
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 14 Mar 1996 07:14:45 +0000 (07:14 +0000)]
* aclocal.m4 (V5_OUTPUT_MAKEFILE): most seds don't deal with
"s/\(regex\)*/foo/", so use a loop instead to get rid of
extraneous "./" occurences. Do we want srctop and
buildtop to have leading "./"s? They do currently. Is
this a bug?
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7639
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 05:36:12 +0000 (05:36 +0000)]
more specific check for kadmin failure message
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7638
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 04:02:52 +0000 (04:02 +0000)]
include missing entry for earlier fix
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7637
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:44:34 +0000 (00:44 +0000)]
fix some whitespace
clear use_master and use_keytab on failures that don't leave the
relevant bits initialized
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7636
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:42:43 +0000 (00:42 +0000)]
nuke RCS cruft
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7635
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:41:51 +0000 (00:41 +0000)]
clean up whitespace
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7634
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:40:54 +0000 (00:40 +0000)]
print an error when dsize test fails
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7633
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:40:13 +0000 (00:40 +0000)]
nuke rcs cruft
fix typo in copyright
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7632
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:38:50 +0000 (00:38 +0000)]
fix some of the names..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7631
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Thu, 14 Mar 1996 00:38:11 +0000 (00:38 +0000)]
telnet needs USE_ANAME because libtelnet/kerberos.c isn't split
if setupterm is in curses, grab it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7630
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 22:48:00 +0000 (22:48 +0000)]
use AC_HEADER_STDARG
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7629
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 22:38:20 +0000 (22:38 +0000)]
use AC_HEADER_STDARG
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7628
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 22:23:36 +0000 (22:23 +0000)]
use AC_HEADER_STDARG
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7627
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 22:19:37 +0000 (22:19 +0000)]
use PROTOTYPE macro in mechglue.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7626
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 13 Mar 1996 21:09:29 +0000 (21:09 +0000)]
replace KRBTEST.COM with $REALMNAME. Now you can change the realm name the
tests use by "runtest --tool krb --srcdir whatever REALMNAME=WHITEHOUSE.GOV"
also added -- to kadmin tests so they work with any getopt
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7625
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 13 Mar 1996 20:09:54 +0000 (20:09 +0000)]
variable HE is a name collision with an hp/ux register mask in the hp/ux
header files. Sigh. rename to HEstr.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7624
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 13 Mar 1996 20:06:46 +0000 (20:06 +0000)]
minor hp fix
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7623
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 13 Mar 1996 20:05:52 +0000 (20:05 +0000)]
update from cygnus sources. Get local hostname in a consistent manner,
so we ask for the right local service name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7622
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 13 Mar 1996 18:12:17 +0000 (18:12 +0000)]
Include string.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7621
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 13 Mar 1996 18:11:13 +0000 (18:11 +0000)]
* str_conv.c (krb5_timestamp_to_string): Handle statement not
reached warning.
* ser_addr.c (krb5_address_internalize): Add magic numbers
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7620
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 13 Mar 1996 18:08:23 +0000 (18:08 +0000)]
* krb5_decode.c (decode_krb5_ticket, decode_krb5_enc_tkt_part,
decode_krb5_authenticator, decode_krb5_error,
decode_krb5_ap_req, decode_krb5_ap_rep,
decode_krb5_ap_rep_enc_part, decode_krb5_safe,
decode_krb5_priv, decode_krb5_enc_priv_part,
decode_krb5_cred, decode_krb5_enc_part): Add magic values.
* asn1_k_decode.c (asn1_decode_passwdsequence): Set magic values
in structures.
(asn1_decode_kdc_req_body): Set magic in
authorization_data if not sent OTW.
I believe all magic number fields now being properly initialized in the
asn.1 layer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7619
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 13 Mar 1996 18:06:52 +0000 (18:06 +0000)]
* kv5m_err.et: Add KV5M_PASSWD_PHRASE_ELEMENT
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7618
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 04:56:22 +0000 (04:56 +0000)]
* pre.in (SRCTOP, BUILDTOP): Don't define
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7617
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 04:55:41 +0000 (04:55 +0000)]
* aclocal.m4 (V5_MAKE_SHARED_LIB): If the cache variables for
selecting shared v. archive library support haven't been set,
complain, instead of generating a broken Makefile.
(WITH_CC): Default to value from cache, if available. If it
differs from name supplied on command line, complain. When not
using a value from the cache, verify that it's a working compiler
before proceeding. At end, use AC_PROG_CC to see if it's gcc
we're using.
(SubdirLibraryRule): Make DONE depend on Makefile.in, so it
doesn't keep getting regenerated in the case of no object files.
(CHECK_WAIT_TYPE): Make sure that union wait is acceptable to
WEXITSTATUS if that macro is defined.
Permit a single configure.in to build multiple makefiles, e.g., when a
subtree contains a program that must be considered a single package, and might
as well get configured that way. (The Cygnus tree handles xdm this way.)
Should be more efficient.
* aclocal.m4 (V5_SET_TOPDIR): Don't substitute BUILDTOP, SRCTOP.
(CONFIG_RULES): In makefile dependencies, use $(thisconfigdir).
(V5_AC_OUTPUT_MAKEFILE): If arguments are given, treat as
directories and build pre/Makefile/post in each. Set
thisconfigdir, SRCTOP, BUILDTOP separately in each directory.
Tweak Makefile dependencies appropriately.
Permit compilation on hpux, where stdarg.h exists, but the use of "..." in
new-style definitions does not work. (Needs changes to configure.in files.)
* aclocal.m4 (AC_HEADER_STDARG): New macro. Try compiling some
sources with variadic functions; set HAVE_STDARG_H or
HAVE_VARARGS_H, or bomb.
* acconfig.h (HAVE_STDARG_H, HAVE_VARARGS_H): Undef.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7616
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 04:48:12 +0000 (04:48 +0000)]
* gss-server.c (timeval_subtract): Use old-style function definition
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7615
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 04:35:37 +0000 (04:35 +0000)]
remove cvs conflict marker, wrap some long lines
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7614
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Mar 1996 04:32:43 +0000 (04:32 +0000)]
regenerated
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7613
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 13 Mar 1996 02:53:21 +0000 (02:53 +0000)]
New telnet authentication type pair to indicate whether we should be
encrypting.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7612
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 12 Mar 1996 23:06:52 +0000 (23:06 +0000)]
Check in ChangeLog for last change..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7611
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 12 Mar 1996 23:03:58 +0000 (23:03 +0000)]
* krshd.c (doit): For encrypted rcp, fix logic in determining
executable to run.
The real bug was that for encrypted rcp, it was checking (with stat) if
"-x ....../rcp" existed instead of "..../rcp"
Another change is so that freed memory is not accessed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7610
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Mar 1996 19:04:45 +0000 (19:04 +0000)]
* kprop.c: Write a byte to the last-prop file to ensure the file
modtime is updated. Simply opening the file isn't sufficient.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7609
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 12 Mar 1996 19:04:14 +0000 (19:04 +0000)]
Additional bugs needing to be addressed
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7608
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 12 Mar 1996 10:43:00 +0000 (10:43 +0000)]
use KRB5_PROTOTYPE
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7607
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 12 Mar 1996 10:22:59 +0000 (10:22 +0000)]
convert __gss_get_mechanism to k&r style definition
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7606
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 12 Mar 1996 10:16:23 +0000 (10:16 +0000)]
use PROTOTYPE and K&R style definitions, per krb5 style
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7605
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Mon, 11 Mar 1996 21:59:39 +0000 (21:59 +0000)]
Fixed mispelling of Doug Engert's name
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7604
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Mon, 11 Mar 1996 04:51:50 +0000 (04:51 +0000)]
* aclocal.m4 (KRB5_SIGTYPE): quote the body correctly, so the test
happens when it should.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7603
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 9 Mar 1996 02:37:38 +0000 (02:37 +0000)]
Change sizeof(long) to sizeof(krb5_int32)
Yet another piece of code that was assuming that longs are 32 bits...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7602
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 8 Mar 1996 14:44:23 +0000 (14:44 +0000)]
Add comments about the DejaGnu tests
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7599
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 6 Mar 1996 21:41:22 +0000 (21:41 +0000)]
* kprop.c: The credentials cache should be destroyed after any error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7598
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 6 Mar 1996 21:39:17 +0000 (21:39 +0000)]
POSIX requires a file be opened read-write for locking
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7597
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Wed, 6 Mar 1996 21:37:24 +0000 (21:37 +0000)]
* dumpv4.c:
The V4 master key & schedule was never initialized,
so the dump created by dump_v4db was garbage. Read the V4
master key from /.k or prompt for the V4 master key password.
If there is no V4-salt key in the database, but there is a DES
key, include it in the V4 dump, in case it is merely a random
service key for which there is no associated password.
Skip over K/M in the V5 database (use the entered V4 master key).
Both krbtgt and afs keys often have domain-qualifed instances.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7596
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 5 Mar 1996 17:31:01 +0000 (17:31 +0000)]
* kprop.c: Call krb5_sname_to_principal rather than doing the OS calls.
Removed a trailing ; that caused a spurious message to be printed
even upon success.
* kpropd.c: Call krb5_sname_to_principal rather than doing the OS calls.
Open the lock file read-write, as required by POSIX.
Downgrade the lock to a shared lock prior to the execution
of kdb5_edit (it also tries to place a shared lock on the dump file).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7595
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 5 Mar 1996 17:28:52 +0000 (17:28 +0000)]
kdb5_edit has been moved to PREFIX/sbin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7594
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 5 Mar 1996 07:33:42 +0000 (07:33 +0000)]
* kdb5_edit.c: new command line option -f stashfile.
* kdb5_edit.M: document stashfile option.
(also fixed some indentation, diff -w shows no difference.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7593
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 5 Mar 1996 07:29:29 +0000 (07:29 +0000)]
now the keys actually *work* when you load an old dump (a real one,
not the fake one the test case creates.)
* dump.c (process_k5beta_record): since V4 salt type has no data
either, only set key_data_ver to 1 for data_type 0 with 0-length
salt. Also, don't include alternate key if akey has all-zero type
and length in both fields.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7592
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 5 Mar 1996 01:51:23 +0000 (01:51 +0000)]
* default.exp: Log krb5kdc to stderr so that test can detect
properly when server has started. Change
start_kerberos_daemons to take advantage of this.
Before, every time the server was started, the test would have to wait
for the standard timeout (100 sec) before continuing with the test.
The standalone tests used to take 15.5 min and now take 4.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7591
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 21:01:45 +0000 (21:01 +0000)]
Changes to start up kshd (not krshd) with new arguments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7590
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 21:00:57 +0000 (21:00 +0000)]
Change to execute with new program name and arguments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7589
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 18:14:54 +0000 (18:14 +0000)]
* krb5_decode_test.c (main): In krb5_enc_tkt_part (optionals NULL)
test, set starttime to authtime. Matches change to
lib/krb5/asn.1/krb5_decode.c.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7588
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 17:55:45 +0000 (17:55 +0000)]
* srv_main.c: Move inclusion of k5-int.h before testing if
HAVE_STDARG_H is defined.
This is because configure.in does not test for stdarg.h, but autoconf.h does have it defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7587
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 17:50:13 +0000 (17:50 +0000)]
* g_imp_sec_context.c, g_exp_sec_context.c: Include string.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7586
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 17:25:22 +0000 (17:25 +0000)]
* gss-server.c (test_import_export_context): Add second argument
to gettimeofday.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7585
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 3 Mar 1996 15:42:17 +0000 (15:42 +0000)]
configure.in: Change WITH_DB to WITH_KDB_DB
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7584
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 2 Mar 1996 08:08:14 +0000 (08:08 +0000)]
gss-server.c (sign_server): Do better import/export security checking.
If the received message to be signed is not printable (at least the
first two characters are not), display the message in hex. Print the
hex values of the incoming and outcoming packets, for your
information.
gss-misc.c (print_token, display_buffer): Two new tokens for
displaying GSSAPI buffers, either has hex or as a printable string.
gss-client.c (call_server): Add option to support reading in the
message to be signed from a file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7583
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Sat, 2 Mar 1996 08:02:16 +0000 (08:02 +0000)]
k5mech.c (krb5_gss_get_context): Initialize the serializers here,
instead of in export and import security context. This will speed
things up a little.
export_sec_context.c (krb5_gss_export_sec_context):
import_sec_context.c (krb5_gss_import_sec_context): Don't create
a serialization context just for importing/exporting credentials.
Use the passed-in gssapi context. This speeds things up
significantly. Assume the serializers are initialized in
krb5_gss_get_context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7582
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 05:06:19 +0000 (05:06 +0000)]
g_glue.c (__gss_get_mech_type): Fix code to properly parse token
headers. It was working only by serendipity....
g_accept_sec_context.c (gss_accept_sec_context): Add error checking
and memory cleanup. Make gss_accept_sec_context work for mechanisms
that use multiple token roundtrips.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7581
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 05:04:46 +0000 (05:04 +0000)]
Use NEED_SOCKETS instead of #including <netdb.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7580
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 05:04:16 +0000 (05:04 +0000)]
Add closeoscket() call so that program properly cleans up the socket
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7579
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 00:45:51 +0000 (00:45 +0000)]
Added note: Note that calls to WSAStartup and WSACleanup must be in
matched pairs. If there is a missing WSACleanup call when a program
exits, under Lan Workplace, the name resolver will stop working.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7578
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 00:42:29 +0000 (00:42 +0000)]
Take out calls to SOCKET_INITIALIZE and SOCKET_CLEANUP. This gets
done in win_glue.c, and we only need to do this once. (XXX What about
Macintosh?)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7577
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 1 Mar 1996 00:40:43 +0000 (00:40 +0000)]
Fix to work on 16-bit platforms (we don't allow greater than 64k
tokens on these platforms).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7576
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 29 Feb 1996 21:50:45 +0000 (21:50 +0000)]
Make sure WSACleanup() is called when the DLL exits
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7575
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 29 Feb 1996 06:27:31 +0000 (06:27 +0000)]
mglueP.h: For MS-DOS, add #include of malloc.h
g_acquire_cred.c (gss_acquire_cred): Fix so that the call works when
desired_name is NULL (meaning use the default credentials).
g_imp_sec_context.c (gss_import_sec_context):
g_exp_sec_context.c (gss_export_sec_context): Fix to import/export the
framing security context (so that this call actually works!).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7574
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Thu, 29 Feb 1996 06:25:11 +0000 (06:25 +0000)]
Added support for users to enter the GSSAPI target name into the
combobox. The syntax is: "host port gssapi_target_name"
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7573
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 28 Feb 1996 18:08:51 +0000 (18:08 +0000)]
Move com_err.h after k5-int.h include so that autoconf.h is included
which handles the varargs issue.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7571
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 28 Feb 1996 16:44:07 +0000 (16:44 +0000)]
Get the nametype OID from gss_display_name, print it, and then release
the nametype OID. This tests gss_display_name()'s ability to return a
valid nametype, which can then be freed successfully.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7570
dc483132-0cff-0310-8789-
dd5450dbe970