Ken Raeburn [Wed, 1 May 1996 03:17:43 +0000 (03:17 +0000)]
Merge ... Cygnus sources, changes from Mark Eichin, Marc Horowitz, Chris
Provenzano and me:
* Makefile.in (install): Install correct set of man pages, and check for
failures.
* kshd.M, klogind.M: Renamed from kr*.M versions.
* login.M: New file. Man page for login with some description of new features.
* rlogin.M: Remove references to using program with target hostname as argv[0].
* rsh.M: Ditto. Also document -f, -F, -x options.
* login.c: Massive changes. Split much functionality out of main and into
separate file sections: terminal flag settings, Kerberos 4 and 5 support, UNIX
password support, mail check, signal handler handling, some other support
routines. Revamp controlling tty and process group handling. For AFS
configuration, use setpag and run aklog. Try validating password using krb5.
Always set tty flags, not just for rlogin session. When validating tickets,
treat an existing key file that doesn't contain the key we think we want
(possibly because DNS was spoofed) as an error condition.
* Makefile.in (LOGINLIBS): List libkrb524.a here.
(LIBOBJS): Not here.
(login.krb5): Reverse the order of LIBOBJS and LOGINLIBS.
* configure.in: Check for --with-afs. Add AFS libs and define SETPAG if
supplied.
* login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new macros
selecting single signon options. krb5.conf profile support for control over
authentication options, above the compile time selection.
(conf_affirmative): new function, recognize yes/no in profile value.
(login_get_kconf): new function, look for all [login] flags and set them in
appropriate globals (via login_conf_set array.)
(main, sleepexit, destroy_tickets): Check the new login_* flags.
(main): rename KRB4_USE_524 to KRB4_CONVERT.
* configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid.
* krlogind.c (control): Use tcgetpgrp if it's available.
* loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04 versions,
conditionalized on __hpux and !hpux.
* login.c and configure.in: instead of checking _IBMR2 and __sgi__, write
configure tests to check for the existence of /etc/environment and
/etc/TIMEZONE files, respectively.
* forward.c (rd_and_store_for_creds) : If chown fails then only pass failure
back if owner is different than intended owner. This is to make rsh.exp test
work without requiring root privlidges.
* login.c (main): Don't set TERM to an empty value.
(stypeof) [__hpux]: Return null if unknown.
* krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix.
(speeds): test __hpux for hpux speed list.
(main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN
(USE_TERMIO): test __hpux for bsdtty/ptyio headers.
* krlogind.c: test __hpux for bsdtty/ptyio headers.
(doit): test __hpux for use of setpgrp2.
* krcp.c (main): test __hpux as well for remsh vs. rsh.
* krcp.c (des_write): Make sure the buffer for the encrypted data is large
enough. Only return an error in malloc fails.
* krsh.c (main): Always turn on anyport -A option.
* krlogind.c (ptsname): Declare if it's going to be used.
* krshd.c (main): Use basename of argv[0] for progname.
* login.c (dofork): On linux, TIOCNOTTY causes us to die on a SIGHUP, so don't
even try it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7881
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 May 1996 01:50:53 +0000 (01:50 +0000)]
hpux is unix. really, it is
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7880
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 May 1996 00:21:05 +0000 (00:21 +0000)]
previously checked-in changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7879
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Tue, 30 Apr 1996 23:49:37 +0000 (23:49 +0000)]
Removed duplicate #include <fcntl.h>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7878
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 23:27:19 +0000 (23:27 +0000)]
clean up configure output style
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7877
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 23:17:33 +0000 (23:17 +0000)]
* Makefile.in (libkrb5.$(STEXT)): Set a variable with or without "--force" and
use it, instead of duplicating the rest of the code. Use LIBDONE as list to
process, so berk_db will be skipped when not in use. Check exit status of
LIBUPDATE invocation. Remove library before creating as workaround for
libupdate bug.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7876
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 22:25:26 +0000 (22:25 +0000)]
* t_ser.c (stuff): New variable.
(ser_acontext_test, ser_eblock_test, ser_cksum_test): Use it, instead of
assuming it's valid to treat &FUNCTION as a data pointer.
* conv_princ.c (sconv_list): Now const.
(krb5_*_conv_principal): Use pointer to const for it.
Tue Apr 23 19:39:59 1996 Mark Eichin <eichin@cygnus.com>
* get_creds.c (krb5_get_credentials): this isn't the kernel, so don't return
negative errno values.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7875
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 21:54:16 +0000 (21:54 +0000)]
* configure.in: Test that regcomp actually works
* Makefile.in (check-unix): Use $(RM).
* t_an_to_ln.c (main): Print principal name when an error is detected.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7874
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 21:19:02 +0000 (21:19 +0000)]
log for mark's sam changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7873
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 21:17:46 +0000 (21:17 +0000)]
* configure.in: Invoke AC_C_CROSS before AC_TRY_RUN to pretty up output format
* Makefile.in (autoconf.h): Use timestamp file to prevent repeated rebuilding
if file timestamp is out of date but contents wouldn't change.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7872
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 20:55:20 +0000 (20:55 +0000)]
log for mark's sam changes of 4/9
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7871
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 30 Apr 1996 19:05:06 +0000 (19:05 +0000)]
Added compile/link lines to build a PowerPC CFM shared libraries
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7870
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 30 Apr 1996 19:03:59 +0000 (19:03 +0000)]
Added prototype for getpeername()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7869
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 30 Apr 1996 18:53:52 +0000 (18:53 +0000)]
Removed PROVIDE_SNEFRU (shouldn't be there) and added PROVIDE_CRC32
(was originally in k5-int.h).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7868
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 30 Apr 1996 18:52:24 +0000 (18:52 +0000)]
Fix Windows definition of PROVIDE_DES_CBC_RAW so that the raw DES
cryptosystem is properly included. Removed Macintosh definitions of
PROVIDE_* since that is done in mac/libaries/KerberosHeaders.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7867
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Tue, 30 Apr 1996 18:48:49 +0000 (18:48 +0000)]
For windows, mask off low 16 bits because Gradient DCE does things
wrong.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7866
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Apr 1996 17:47:14 +0000 (17:47 +0000)]
* Makefile.in (libcrypto.$(STEXT)): Remove before creating
Temporary workaround to avoid getting multiple versions of .o files in libs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7865
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 29 Apr 1996 23:52:38 +0000 (23:52 +0000)]
login man page by mark eichin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7864
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 29 Apr 1996 21:05:29 +0000 (21:05 +0000)]
* Makefile.in (install): Install correct set of man pages, and check for
failures.
* kshd.M, klogind.M: Renamed from kr*.M versions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7863
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 28 Apr 1996 14:24:08 +0000 (14:24 +0000)]
The rd_req has to allow any local service principal, as the host may have
multiple names and multiple "host" keys.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7861
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 28 Apr 1996 14:22:54 +0000 (14:22 +0000)]
Fixed a potentional null dereference
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7860
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 25 Apr 1996 12:50:49 +0000 (12:50 +0000)]
Whitespace cleanup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7858
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 24 Apr 1996 06:48:34 +0000 (06:48 +0000)]
* aclocal.m4 (V5_USE_SHARED_LIB): Remove another dependency in the
executables on the build tree.
The built executables should not look in the build tree for shared libraries...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7857
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 22 Apr 1996 00:35:52 +0000 (00:35 +0000)]
One could not specify -c in inetd.conf, because of the
variable initialization; initialization has been corrected to
allow either checksumming or ignoring the checksum.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7855
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 21 Apr 1996 18:04:01 +0000 (18:04 +0000)]
Update the two sections I worked on with comments from jhawk. I don't
have time to implement the rest of his comments to the document as a
whole.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7853
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sun, 21 Apr 1996 16:55:40 +0000 (16:55 +0000)]
* krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is
defined, incorrect messages were being displayed for V4 clients.
Additionally, various errors were not being displayed with the
trailing newline.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7852
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 21 Apr 1996 08:21:19 +0000 (08:21 +0000)]
Fix keytab prototype
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7851
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 21 Apr 1996 07:06:50 +0000 (07:06 +0000)]
* Remove documentation of how krlogind gets its command line options
from its name, because it doesn't any more. Same for kshd.
* Document and implement -i option to ignore checksums. Restore
default mode to accept and process checksums if provided.
* Bring back the warning about only using -c with Kerberos5. The
documentation (both install.texi and the man pages) clearly state that
the -c option shouldnot be used in conjunction with Kerberos4, so warn
users if they try.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7849
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 20 Apr 1996 21:06:29 +0000 (21:06 +0000)]
Document installing BSD utilities,
in particular talking about checksums and other
confusing issues.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7848
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Apr 1996 19:32:00 +0000 (19:32 +0000)]
Fix typo in last night's commit
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7845
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 19 Apr 1996 06:30:40 +0000 (06:30 +0000)]
Add Doug Engert's patches to deal
with vendor logins and packet mode on systems that don't
support it.
Also, clean up spaces in Makefile.in, replacing with tabs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7844
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 18 Apr 1996 23:03:00 +0000 (23:03 +0000)]
More option handling changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7839
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Apr 1996 05:19:51 +0000 (05:19 +0000)]
some changelog entries mark didn't bring over
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7838
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 17 Apr 1996 21:59:30 +0000 (21:59 +0000)]
Fix the expect string so that it doesn't assume that the client is
using its fully qualified domain name as its local hostname. We now
check to make sure that FTP banner contains $localhostname, plus
optional characters (which can be the domainname depending on the
system.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7824
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 17 Apr 1996 21:53:22 +0000 (21:53 +0000)]
configure.in (LOGINLIBS): Remove DECLARE_SYS_ERRLIST since it's no
longer necessary.
krcp.c (verifydir, allocbuf, rsource, source, sink): Don't use
sys_errlist[]; just call error_message() instead, since we depend on
com_err anyway.
krshd.c (recvauth):
krlogind.c (recvauth): Don't actually check the checksum unless it is
required. Old (pre-beta 5) clients sent a checksum of random garbage
(such as their pid) which is impossible to actually check on the
server side. (Grad student stupidity strikes again.)
(fatalperror): Don't use sys_errlist[] to get the right error
message; just depend on com_err instead, since we're using it anyway.
krshd.c (doit):
krlogind.c (do_krb_login): Fix logic so that if checksums are
required, and the checksum is valid, don't syslog the stupid warning
message about "Checksums are only required for v5 clients...."
krcp.c, krshd.c, krlogind.c: Miscellaneous -Wall cleanups
krlogind.c (getpty): Removed dead code.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7823
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 17 Apr 1996 18:29:59 +0000 (18:29 +0000)]
Added ftp and ecat to the list of services which should be converted.
This really ought to be something that's configurable in the
profile...
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7822
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 17 Apr 1996 17:25:01 +0000 (17:25 +0000)]
Removed kadmin.old from list of things to keep
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7821
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 17 Apr 1996 02:30:09 +0000 (02:30 +0000)]
Wed Mar 6 05:02:36 1996 Mark Eichin <eichin@cygnus.com>
* libupdate.sh: $ARCHIVE does not delete when creating. Explicitly remove
$library when using --force.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7820
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 17 Apr 1996 02:11:22 +0000 (02:11 +0000)]
* dump-utmp.c: New file. Not automatically used by anything, but may be useful
for examining utmp/wtmp files when comparing behavior against system software.
* update_utmp.c (pty_update_utmp): Always use id "cons" for console. For
HP-UX, omit "kl" prefix. Reindent for readability.
* update_wtmp.c (ptyint_update_wtmp): For HP-UX, copy ut_id and ut_type from
input utmp structure. Reindent for readability.
Wed Mar 27 21:14:33 1996 Marc Horowitz <marc@mit.edu>
* init_slave.c (pty_initialize_slave): Spurious signal stuff which did nothing
deleted.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7819
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 16 Apr 1996 18:19:13 +0000 (18:19 +0000)]
* Changes to not use streams on HPUX
* Changes to abort the session if telnetd receives certain options
such as environment or DISPLAY options before authentication and
encryption is negotiated or not negotiated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7818
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 16 Apr 1996 18:17:39 +0000 (18:17 +0000)]
Drop support for option names in argv[0]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7817
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 16 Apr 1996 18:16:07 +0000 (18:16 +0000)]
Changes so HPUX doesn't use streams. This
may break on HPUX10 depending on how you should get the name of the pts side
of /dev/ptym/clone. I don't have an HPUX10 system
to test on.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7816
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Mon, 15 Apr 1996 23:22:10 +0000 (23:22 +0000)]
Added V5_USE_SHARED_LIBS
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7815
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 15 Apr 1996 07:16:20 +0000 (07:16 +0000)]
Don't declare open()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7814
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 15 Apr 1996 07:15:11 +0000 (07:15 +0000)]
Have pty_cleanup() fork on systems with vhangup()
so that the right controlling terminal can be used; needed
on HP and others possibly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7813
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 15 Apr 1996 07:13:29 +0000 (07:13 +0000)]
Remove setpgrp() call from krlogind
as libpty deals.
Use setsid() instead of setpgrp() in krshd
if possible.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7812
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 03:42:50 +0000 (03:42 +0000)]
Store the forwarded credentials in /tmp/krb5cc_p<pid> (like krlogind)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7811
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 03:42:08 +0000 (03:42 +0000)]
Destroy any forwarded credentials when we cleanup. (They were stored in
an unusual location, so they are not likely to be reused by other sessions.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7810
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 03:19:34 +0000 (03:19 +0000)]
Reflect today's reality... it hasn't been edited in a while
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7809
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 01:49:27 +0000 (01:49 +0000)]
Renamed MD5 routines to be preceded with krb5_
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7806
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 01:40:05 +0000 (01:40 +0000)]
Renamed the functions to begin with krb5_ (like was done with MD5)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7805
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Sat, 13 Apr 1996 01:30:50 +0000 (01:30 +0000)]
Renamed the functions to be preceded with krb5_ (I ran into a naming
conflict with the standard MD5 library calls in another application,
and this version has non-standard calling arguments.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7804
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 21:05:26 +0000 (21:05 +0000)]
Fix wrapper macros so they don't try to dereference a function pointer
as a data value. This doesn't work if you're using hpux cc, since
functions are aligned on 2-byte boundaries, but data has to be
accessed on 4-byte boundaries. Accessing a function as a data value
isn't ANSI C portable anyway. :-) Wrapper macros now take a function
pointer, and check to see if the function pointer is non-NULL, instead
of taking a (*funptr), and seeing if the function when treated as data
object is non-NULL.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7803
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 02:54:22 +0000 (02:54 +0000)]
On a Macintosh, turn on kdc_timesync and use the v4 credentials cache
by default.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7802
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 02:18:50 +0000 (02:18 +0000)]
Move time offset code from stash_as_reply to verify_as_reply, and fix
it so that it actually works.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7801
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 02:18:11 +0000 (02:18 +0000)]
When doing the time offset adjustments, make sure the microseconds
field doesn't go negative.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7800
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 12 Apr 1996 01:52:28 +0000 (01:52 +0000)]
forward.c: Use a saner naming convention for the credentials cache.
kerberos5.c: Add a cleanup function to destroy the credentials cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7799
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Fri, 12 Apr 1996 01:51:34 +0000 (01:51 +0000)]
Call a krb5 cleanup routine to cleanup forwarded credentials, if necessary
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7798
dc483132-0cff-0310-8789-
dd5450dbe970
Marc Horowitz [Fri, 12 Apr 1996 00:40:24 +0000 (00:40 +0000)]
Integrated OpenVision's changes into the most recent MIT code. This
revision is what I'd call the easy stuff. Some more controversial
stuff remains to be done, which is why I'm doing a checkin now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7797
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 00:34:53 +0000 (00:34 +0000)]
Remove the old Sandia kadmin code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7795
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 00:12:58 +0000 (00:12 +0000)]
Return GSS_S_CRED_UNAVAIL on if krb5_cc_set_flags() returns an error,
since that's the call that will return an error if the credentials
files doesn't exist.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7794
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Fri, 12 Apr 1996 00:12:23 +0000 (00:12 +0000)]
Fixed code to correctly handle errors reported from the mechanism
layer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7793
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 23:37:15 +0000 (23:37 +0000)]
* kdb5_edit.c (extract_v4_srvtab): Use the matching key_data's kvno;
don't assume that key_data[0]'s kvno is necessarily the matching
key_data's kvno.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7792
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 04:26:22 +0000 (04:26 +0000)]
* kcmd.c: Cleaned up whitespace and removed commented & unused cruft
* krlogind.c, krshd.c: Allow the recvauth routine to find any key
in the keytab for which the user is trying to login. The host may
be known as many names. Additionally, for krlogind, clean up the
error handling for bad authentication (potential null dereference
and a misleading message because of the wrong authentication system
being used)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7791
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 03:17:56 +0000 (03:17 +0000)]
Fixed the chronology of two of my previous checkins
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7790
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 03:14:19 +0000 (03:14 +0000)]
Added V5_USE_SHARED_LIB
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7789
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 00:39:27 +0000 (00:39 +0000)]
V4 srvtab extraction did not do proper principal translation
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7788
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 00:36:19 +0000 (00:36 +0000)]
Mostly output formatting fixes.
Also, rather than figuring out the default host key, leave it to the library.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7787
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 00:34:56 +0000 (00:34 +0000)]
Small fix in case anyone tries compiling without the keytab fallback
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7786
dc483132-0cff-0310-8789-
dd5450dbe970
Richard Basch [Thu, 11 Apr 1996 00:32:22 +0000 (00:32 +0000)]
* rd_svc_key.c (read_service_key): First try to read the V4
service key from the V4 srvtab, and if it fails, try the keytab.
A * instance will be translated into the default instance component
(usually the FQDN of the local hostname).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7785
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 10 Apr 1996 22:26:40 +0000 (22:26 +0000)]
proven's ksu fixes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7784
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 10 Apr 1996 22:05:34 +0000 (22:05 +0000)]
oops, ted already got it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7783
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 10 Apr 1996 22:04:04 +0000 (22:04 +0000)]
actually build afsstring2key.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7782
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Apr 1996 21:47:38 +0000 (21:47 +0000)]
Added afsstring2key.c to the list of files to be compiled
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7781
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Wed, 10 Apr 1996 19:39:56 +0000 (19:39 +0000)]
add meeting stuff
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7780
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Apr 1996 14:45:09 +0000 (14:45 +0000)]
If make_ap_req() returns KRB5APP_TKT_EXPIRED, then return
GSS_S_CREDENTIALS_EXPIRED as the major return code.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7779
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Apr 1996 14:40:28 +0000 (14:40 +0000)]
Add prototype of new function
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7778
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Apr 1996 14:39:36 +0000 (14:39 +0000)]
rd_req_dec.c (krb5_rd_req_decoded): Move code which validated the
ticket times to krb5_validate_times.
valid_times.c (krb5_validate_times): New function which determines
whether or not the ticket times are valid.
mk_req_ext.c (krb5_mk_req_extended): Call krb5_validate_time() to
determine whether or not the ticket in passed-in credentials is valid.
If it isn't, return an error right away.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7777
dc483132-0cff-0310-8789-
dd5450dbe970
Theodore Tso [Wed, 10 Apr 1996 14:22:33 +0000 (14:22 +0000)]
Fix #define of PROVIDE_DES_CBC_RAW so that the mac implementation
actually exported the raw DES encryption system (needed for GSSAPI).
Also added defines for the triple-DES encryption systems.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7776
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 23:02:34 +0000 (23:02 +0000)]
add sam challenge and response test cases
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7775
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 23:00:06 +0000 (23:00 +0000)]
fix spelling error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7774
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:57:14 +0000 (22:57 +0000)]
preauth.c: add SAM support
str_conv.c: add AFS3 support
init_ctx.c: add processing for default_tkt_enctypes, matching
default_tgs_enctypes but client-side (so as not to hard code it,
since hard coded values are usually wrong :-)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7773
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:52:06 +0000 (22:52 +0000)]
add sam-related error codes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7772
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:51:38 +0000 (22:51 +0000)]
add sam encoders, decoders, including "optional string" macros
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7771
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:50:28 +0000 (22:50 +0000)]
add afs3 salt support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7770
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:48:59 +0000 (22:48 +0000)]
document the afs3 salt tag
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7769
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:47:25 +0000 (22:47 +0000)]
add afsstring2key
hack des string2key to call it if salt.length is -1
initialize context in testsuite
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7768
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:46:22 +0000 (22:46 +0000)]
add transarc-afs cmu-style long-lived ticket timestamp support
handle clockskew properly
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7767
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:45:03 +0000 (22:45 +0000)]
add SAM preauth extensible snk4 support
add AFS3 preauth response and salt hooks
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7766
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:44:01 +0000 (22:44 +0000)]
unused, but afs3 hook added for completeness
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7765
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:43:21 +0000 (22:43 +0000)]
Ken's acl and hangup fixes
AFS3 salt support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7764
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)]
add "extract snk4 key" function to get device keys out of the database
(easier than putting them in...)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7763
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:41:13 +0000 (22:41 +0000)]
add afs3 salttype value
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7762
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:40:49 +0000 (22:40 +0000)]
add SAM preauth values and prototypes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7761
dc483132-0cff-0310-8789-
dd5450dbe970
Mark Eichin [Tue, 9 Apr 1996 22:40:18 +0000 (22:40 +0000)]
some fixes changes from marc. changelogs will be merged later
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Apr 1996 19:34:12 +0000 (19:34 +0000)]
* rcp.exp: Invoke kshd with -L for every environment variable we
want passed to invoke rcp with...
We also tell kshd to pass on ENV_SET because at MIT,
csh -c rcp.... will source the users .cshrc - which at MIT sets
LD_LIBRARY_PATH on the SUNS... We cannot use other options like
-f as the user may have sh as their shell. Probably kshd should recognize
rcp and invoke rcp without the shell invocation....
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7759
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Apr 1996 18:11:11 +0000 (18:11 +0000)]
Check in comments from previous checkin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7758
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Apr 1996 03:07:31 +0000 (03:07 +0000)]
Major chanes to use the list of runtime environment variables as
indicated by configure. (i.e. do not assume that LD_LIBRARY_PATH is all
you need)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7754
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Apr 1996 03:04:26 +0000 (03:04 +0000)]
* configure.in: Add KRB5_RUN_FLAGS
* Makefile.in (site.exp): Create site.exp with runtime environment
line from configure.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7753
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Apr 1996 02:47:37 +0000 (02:47 +0000)]
Add an option -L to pass an environment variable to a client.
This is used by the DejaGnu test suite to pass the shared library
paths to start up rcp properly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7752
dc483132-0cff-0310-8789-
dd5450dbe970