krb5.git
21 years agoMake things work on IRIX again
Ken Raeburn [Thu, 21 Aug 2003 03:55:53 +0000 (03:55 +0000)]
Make things work on IRIX again

* fake-addrinfo.h (inline): Move definitions further up, before first use.  Do
use __inline__ for gcc without c99 support.
(GET_SERV_BY_NAME) [!GETSERVBYNAME_R_RETURNS_INT]: Fix invocation for IRIX
definition.
* socket-utils.h: Include port-sockets.h to get a definition for struct
sockaddr_storage.

ticket: 1380
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15783 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoOops. Include errno.h even if gai_strerror isn't being defined
Ken Raeburn [Thu, 21 Aug 2003 02:52:07 +0000 (02:52 +0000)]
Oops.  Include errno.h even if gai_strerror isn't being defined

ticket: 1380
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15782 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* configure.in: Don't replace any missing system functions. Just set LIBOBJS
Ken Raeburn [Thu, 21 Aug 2003 02:49:49 +0000 (02:49 +0000)]
* configure.in: Don't replace any missing system functions.  Just set LIBOBJS
empty for now and substitute it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15781 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFirst cut at adding local caching to the getaddrinfo support. Still needs work
Ken Raeburn [Thu, 21 Aug 2003 01:50:02 +0000 (01:50 +0000)]
First cut at adding local caching to the getaddrinfo support.  Still needs work

* fake-addrinfo.h: Delete the unused WRAP_GETNAMEINFO support.
(HAVE_GETADDRINFO) [__APPLE__ && __MACH__]: Don't undefine.
(FAI_CACHE) [__APPLE__ && __MACH__]: Define.
(system_getaddrinfo, system_freeaddrinfo, system_getnameinfo): New functions.
(gaiptr, faiptr, gniptr): Variables deleted.  Change references to use the
system_* functions above.
(getaddrinfo, freeaddrinfo) [FAI_CACHE]: Define as macros to the my_fake_*
versions.
(protoname, socktypename, familyname): Use caller-supplied buffers instead of
local static buffers.
(debug_dump_getaddrinfo_args): Provide a buffer.
(NEED_FAKE_GETNAMEINFO): Define if HAVE_GETADDRINFO is not defined.
(inline): Rework macros to test for C99 and IRIX.
(NEED_FAKE_GETADDRINFO): Define if FAI_CACHE is defined.
(fai_add_entry) [KRB5_USE_INET6]: Support IPv6.
(CACHE_ENTRY_LIFETIME): New macro.
(struct face, struct fac): New types.
(fac): New static variable.
(plant_face, find_face): New functions.
(fai_add_hosts_by_name) [FAI_CACHE]: Check the cache before looking up the
hostname.  Add the looked-up host info to the cache.
(fake_getaddrinfo): Call GET_SERV_BY_NAME instead of conditionally calling
getservbyname or getservbyname_r.  Don't pass AF_INET to
fai_add_hosts_by_name.
(fake_getnameinfo): Define only if NEED_FAKE_GETNAMEINFO is defined.
(gai_strerror): Define if either HAVE_FAKE_GETADDRINFO or NEED_FAKE_GETNAMEINFO
is defined.
(getaddrinfo): Do define function if FAI_CACHE is defined.
(getnameinfo): Define only if NEED_FAKE_GETNAMEINFO is defined.

ticket: 1380
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15780 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't double free the encrypted credential part
Sam Hartman [Tue, 19 Aug 2003 20:32:43 +0000 (20:32 +0000)]
Don't double free the encrypted credential part

Ticket: 1731
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15773 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb_check_auth clears the return value for the schedule parameter with a memset....
Alexandra Ellwood [Fri, 15 Aug 2003 19:54:14 +0000 (19:54 +0000)]
krb_check_auth clears the return value for the schedule parameter with a memset.  This prevents callers from using the key schedule, which breaks code

ticket: 1730

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15770 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* configure.in: Check for mode_t
Ken Raeburn [Thu, 14 Aug 2003 04:07:10 +0000 (04:07 +0000)]
* configure.in: Check for mode_t

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15769 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* configure.in: Don't check for or replace vfprintf, vsprintf, strerror,
Ken Raeburn [Wed, 13 Aug 2003 08:28:38 +0000 (08:28 +0000)]
* configure.in: Don't check for or replace vfprintf, vsprintf, strerror,
memmove, or sscanf, all part of C 89.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15768 dc483132-0cff-0310-8789-dd5450dbe970

21 years agouse my mit changelog id
Ken Raeburn [Wed, 13 Aug 2003 08:27:07 +0000 (08:27 +0000)]
use my mit changelog id

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15767 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (OBJS, STLIBOBJS): Drop setenv.o.
Ken Raeburn [Wed, 13 Aug 2003 08:26:19 +0000 (08:26 +0000)]
* Makefile.in (OBJS, STLIBOBJS): Drop setenv.o.
* setenv.c: Deleted.
* pos-obsolete.h: Deleted.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15766 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * cnv_tkt_skey.c (krb524_convert_tkt_skey): Call krb_create_ticket
Tom Yu [Tue, 12 Aug 2003 02:18:55 +0000 (02:18 +0000)]
* cnv_tkt_skey.c (krb524_convert_tkt_skey): Call krb_create_ticket
instead of local version.  Remove local version of
krb_create_ticket.  This file no longer gets included into a
krb524 library, so accessing internal functions isn't that big of
an issue anymore.

ticket: 1714
version_reported: 1.3.1
target_version: 1.3.2
tags: pullup
component: krb5-kdc

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15765 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoget_init_creds_password: DNS SRV off causes bogus REALM_UNKNOWN
Tom Yu [Fri, 8 Aug 2003 20:38:55 +0000 (20:38 +0000)]
get_init_creds_password: DNS SRV off causes bogus REALM_UNKNOWN

* gic_pwd.c (krb5_get_init_creds_password): If DNS SRV support is
turned off, the second call to get_init_creds() will fail with
KRB5_REALM_UNKNOWN under certain circumstances.  If that happens,
return the error from the first call to get_init_creds(), which
will be more useful to the user.

ticket: new
target_version: 1.3.2
tags: pullup
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15761 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove the target requirement for kadmind4 and v5passwdd
Alexandra Ellwood [Fri, 8 Aug 2003 15:02:15 +0000 (15:02 +0000)]
Remove the target requirement for kadmind4 and v5passwdd

ticket: 1715

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15759 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoconfigure.in: Don't assume all darwin boxes are powerpc. (eg: OpenDarwin/x86)
Alexandra Ellwood [Wed, 6 Aug 2003 20:17:18 +0000 (20:17 +0000)]
configure.in: Don't assume all darwin boxes are powerpc. (eg: OpenDarwin/x86)

ticket: 1718

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15757 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDo not install kadmin4 or v5passwdd on Mac OS X. Also, fixed broken goober I acciden...
Alexandra Ellwood [Wed, 6 Aug 2003 17:50:59 +0000 (17:50 +0000)]
Do not install kadmin4 or v5passwdd on Mac OS X.  Also, fixed broken goober I accidentally checked in on the trunk.  oops

ticket: 1715

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15755 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kinit.c (main): Apply patch from Stephen Grau to correctly
Tom Yu [Fri, 1 Aug 2003 21:05:35 +0000 (21:05 +0000)]
* kinit.c (main): Apply patch from Stephen Grau to correctly
return non-zero for certain error conditions.

ticket: 1437
target_version: 1.3.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15754 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoadd missing ChangeLog entry
Tom Yu [Thu, 31 Jul 2003 19:20:01 +0000 (19:20 +0000)]
add missing ChangeLog entry

ticket: 1702
tags: pullup
target_version: 1.3.2

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15748 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb5_get_host_realm and krb5_free_host_realm should not be labeled as KRB5_PRIVATE.
Jeffrey Altman [Thu, 31 Jul 2003 19:06:31 +0000 (19:06 +0000)]
krb5_get_host_realm and krb5_free_host_realm should not be labeled as KRB5_PRIVATE.
They are required for many applications including OpenAFS and UMich's Kx509.  1.2.8
had them public but the change was never reflected on the trunk.

Ticket: 1702

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15747 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate for krb5-1.3.1
Tom Yu [Thu, 31 Jul 2003 03:05:25 +0000 (03:05 +0000)]
update for krb5-1.3.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15743 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoKfM jam file paths should work from any project file the KerberosFramework hierarchy
Alexandra Ellwood [Mon, 28 Jul 2003 18:40:13 +0000 (18:40 +0000)]
KfM jam file paths should work from any project file the KerberosFramework hierarchy

ticket: 1693

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15741 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago-s can return non-zero exit status if credentials are expired
Sam Hartman [Sun, 27 Jul 2003 05:30:54 +0000 (05:30 +0000)]
-s can return non-zero exit status if credentials are expired

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15739 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* admin.texinfo (realms (krb5.conf)): Add description of master_kdc tag.
Ken Raeburn [Fri, 25 Jul 2003 20:43:58 +0000 (20:43 +0000)]
* admin.texinfo (realms (krb5.conf)): Add description of master_kdc tag.
(Sample krb5.conf File): Add it to the example.

ticket: 1692
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15737 dc483132-0cff-0310-8789-dd5450dbe970

21 years agouse new config file tag for master KDC
Ken Raeburn [Fri, 25 Jul 2003 15:37:57 +0000 (15:37 +0000)]
use new config file tag for master KDC

We want to avoid making extra attempts to contact the "master" KDC, in the case
where the password appears to be incorrect according to one KDC but we think
maybe the master KDC could have a newer password, if there isn't actually a
master KDC.  Currently the admin_server tag is overloaded for kadmin and
password changing.  So, don't use it as a filter on the KDC list; instead, look
for master_kdc as an independent list.

(See also ticket 1511 re contacting the master twice if it's first in the
regular KDC list.)

Doc updates still needed.

* locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server as the
get_masters argument.  Instead, if get_masters is set, look up "master_kdc" in
the config file instead of "kdc".

ticket: new
target_version: 1.3.2
tags: pullup
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15736 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAdded a little more buffer space than the supplied patch, and used sizeof
Ken Raeburn [Thu, 24 Jul 2003 21:12:50 +0000 (21:12 +0000)]
Added a little more buffer space than the supplied patch, and used sizeof

* kadmin.c (strdate): Increase size of buffer to 40.  Use sizeof for
length passed to strftime.

ticket: 1613
target_version: 1.3.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15735 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't document kdc_supported_enctypes
Sam Hartman [Thu, 24 Jul 2003 20:35:17 +0000 (20:35 +0000)]
Don't document kdc_supported_enctypes

Since the code for kdc_supported_enctypes was removed, the docs should
be as well.

Ticket: new
Target_Version: 1.3.1
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15734 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb5-1.3.1-beta1, again
Tom Yu [Wed, 23 Jul 2003 02:28:36 +0000 (02:28 +0000)]
krb5-1.3.1-beta1, again

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15729 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate for krb5-1.3.1-beta1
Tom Yu [Wed, 23 Jul 2003 00:30:24 +0000 (00:30 +0000)]
update for krb5-1.3.1-beta1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15726 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSend generalstring not octetstring in etype_info2. Accept either
Sam Hartman [Tue, 22 Jul 2003 22:27:34 +0000 (22:27 +0000)]
Send generalstring not octetstring in etype_info2.  Accept either
form.

Also, if a etype_info fails to decode, skip it rather than failing to
process the AS reply.

Ticket: 1681
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15723 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * README: Revert previous change, as it was in error; socklen_t
Tom Yu [Tue, 22 Jul 2003 22:22:39 +0000 (22:22 +0000)]
* README: Revert previous change, as it was in error; socklen_t
was introduced in Aug 2001 Platform SDK, and the actual problem
reported was very probably a compilation environment
misconfiguration.

ticket: 1675

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15721 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't use broken getaddrinfo on Mac OS X
Alexandra Ellwood [Tue, 22 Jul 2003 21:51:59 +0000 (21:51 +0000)]
Don't use broken getaddrinfo on Mac OS X

ticket: 1683

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15717 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAlways register the file ccache in the set of registered ops. The
Sam Hartman [Tue, 22 Jul 2003 21:34:57 +0000 (21:34 +0000)]
Always register the file ccache in the set of registered ops.  The
resolve code may also find it as the default ops on some platforms,
but this will not cause problems.

ticket: 1684
owner: lxs
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15716 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoChange crypto "provider" structures to hold numeric values instead of function
Ken Raeburn [Tue, 22 Jul 2003 19:09:32 +0000 (19:09 +0000)]
Change crypto "provider" structures to hold numeric values instead of function
pointers for key sizes, block sizes, etc., when the values are always constant
for each encryption or hash mechanism.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15714 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* resolve.c (main): If gethostbyname fails, report the failing hostname
Ken Raeburn [Tue, 22 Jul 2003 18:02:34 +0000 (18:02 +0000)]
* resolve.c (main): If gethostbyname fails, report the failing hostname

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15711 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't combine encrypt and decrypt code paths.
Ken Raeburn [Tue, 22 Jul 2003 17:53:10 +0000 (17:53 +0000)]
Don't combine encrypt and decrypt code paths.
Zap key schedule when done.

* des3.c (validate_and_schedule): Split out from old k5_des3_docrypt.
(k5_des3_encrypt, k5_des3_decrypt): Call it, and krb5int_des3_cbc_encrypt or
_decrypt, instead of k5_des3_docrypt.  Zap key schedules before returning.

ticket: 1404
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15710 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* k5-int.h (krb5int_zap_data, zap): New macros; call memset with volatile cast
Ken Raeburn [Tue, 22 Jul 2003 17:44:39 +0000 (17:44 +0000)]
* k5-int.h (krb5int_zap_data, zap): New macros; call memset with volatile cast
for now.

ticket: 1404
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15709 dc483132-0cff-0310-8789-dd5450dbe970

21 years agocrypto library has bogus dependence on com_err
Ken Raeburn [Tue, 22 Jul 2003 16:50:24 +0000 (16:50 +0000)]
crypto library has bogus dependence on com_err

Forgotten debugging code that was never removed...

* pbkdf2.c (foo): Never call com_err.

ticket: new
target_version: 1.3.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15707 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* f_cbc.c (krb5int_des_cbc_decrypt): Move declarations that were after
Ken Raeburn [Tue, 22 Jul 2003 15:19:55 +0000 (15:19 +0000)]
* f_cbc.c (krb5int_des_cbc_decrypt): Move declarations that were after
statements after flattening blocks is previous change.
* d3_cbc.c (krb5int_des3_cbc_decrypt): Likewise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15706 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoExport krb5_principal2salt
Alexandra Ellwood [Mon, 21 Jul 2003 18:37:38 +0000 (18:37 +0000)]
Export krb5_principal2salt

ticket: 1679

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15701 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * init_ets.c (krb5_init_ets): Only initialize error tables once -
Ezra Peisach [Sat, 19 Jul 2003 20:07:18 +0000 (20:07 +0000)]
* init_ets.c (krb5_init_ets): Only initialize error tables once -
so that init_conext/free_context loops do not result in memory
leaks.

I did not implement the remove error table functions - as a system
installed com_err library might not support remove_error_table that
exists in our trees com_err library.

ticket: 1665
target_version: 1.3.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15700 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb5_gss_register_acceptor_identity does not allocate enough memory for cached keytab
Ezra Peisach [Sat, 19 Jul 2003 20:03:10 +0000 (20:03 +0000)]
krb5_gss_register_acceptor_identity does not allocate enough memory for cached keytab

* acquire_cred.c (krb5_gss_register_acceptor_identity): Allocate
enough memory to include the null at the end of the keytab char *.

Essentially off by one error.

ticket: new
target_version: 1.3.1
tags: pullup
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15699 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoWindows build needs Feb 2003 Platform SDK
Tom Yu [Sat, 19 Jul 2003 00:54:14 +0000 (00:54 +0000)]
Windows build needs Feb 2003 Platform SDK

* README: Note requirement for Feb 2003 Platform SDK.  Thanks to
Doug Engert and Rodney Dyer.

ticket: 1675
component: krb5-doc
version_reported: 1.3
target_version: 1.3.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15698 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix incorrect RFC number for FTP IPv6 support
Tom Yu [Sat, 19 Jul 2003 00:09:22 +0000 (00:09 +0000)]
Fix incorrect RFC number for FTP IPv6 support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15697 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * ms2mit.c:
Jeffrey Altman [Fri, 18 Jul 2003 13:17:47 +0000 (13:17 +0000)]
* ms2mit.c:

    Functional changes:
    (1) do not restrict ourselves to DES-CBC-CRC instead support any
        ticket with an enctype we support.  as of this date (rev 1.3)
        this includes all but RC4-MD4.
    (2) do not accept invalid tickets
    (3) when attempting to retrieve tickets do not specify either the
        enctype or cache options (if possible).  doing so will force a
        TGS request and prevent the results from being stored into the
        cache.
    (4) when the LSA cache contains a TGT which has expired Microsoft will
        not perform a new TGS request until the cache has been purged.
        Instead the expired ticket continues to be used along with its
        embedded authorization data.  When PURGE_ENABLED is defined, if the
        tickets are expired, the cache will be purged before requesting
        new tickets, else we ignore the contents of the cache and force
        a new TGS request.
    (5) when the LSA cache is empty do not abort.  On XP or 2003, use
        the SecurityLogonSessionData to determine the Realm (UserDnsDomain
        in MS-speak) and request an appropriate TGT.  On 2000, check the
        Registry for the HKCU\"Volatile Environment":"USERDNSDOMAIN"
        instead.  This will allow ms2mit to be used to repopulate the
        LSA cache.  If the current session is not Kerberos authenticated
        an appropriate error message will be generated.

    Code changes:
    (1) several memory leaks plugged
    (2) several support functions copied from the Leashw32.dll sources
    (3) get_STRING_from_registry() uses the ANSI versions of the Registry
        functions and should at a later date be converted to use the
        Unicode versions.

    Notes: an ms2mit.exe based on the Leash_import() function
    should be considered.  Leash_import() not only imports the TGT from
    the LSA but also performs the krb524 conversion and AFS token retrieval.
    Of course, that version of ms2mit.exe could not exist within the krb5
    source tree.

ticket: 1667
target_version: 1.3.1
tags: pullup
owner: jaltman@mit.edu
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15696 dc483132-0cff-0310-8789-dd5450dbe970

21 years agogssapi32.def: export the GSS_C_NT_xxxx constants as DATA. These are required
Jeffrey Altman [Fri, 18 Jul 2003 12:53:34 +0000 (12:53 +0000)]
gssapi32.def: export the GSS_C_NT_xxxx constants as DATA.  These are required
              by applications that wish to use the gss_nt_xxxx constants.

ticket: 1666
target_version: 1.3.1
tags: pullup
owner: jaltman@mit.edu
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15695 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove kg_release_defcred and caching of default credential. Rewrite
Tom Yu [Thu, 17 Jul 2003 20:50:36 +0000 (20:50 +0000)]
Remove kg_release_defcred and caching of default credential.  Rewrite
krb5_gss_init_sec_context() while we're at it to make defcred-related
changes easier, and as a side effect, fix some error condition memory
leaks.

ticket: 1365
target_version: 1.3.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15694 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse the old DES encrypt function, not the split versions via macros
Ken Raeburn [Thu, 17 Jul 2003 12:31:31 +0000 (12:31 +0000)]
Use the old DES encrypt function, not the split versions via macros

* des.c (mit_des_cbc_encrypt): Undef before use.
* enc_dec.c (mit_des_cbc_encrypt): Likewise.
* mac_des_glue.c (mit_des3_cbc_encrypt): Likewise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15693 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSeparate the DES encrypt and decrypt operations into separate functions,
Ken Raeburn [Thu, 17 Jul 2003 12:18:21 +0000 (12:18 +0000)]
Separate the DES encrypt and decrypt operations into separate functions,
since they have almost no code in common.

* f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): New functions
broken out from mit_des_cbc_encrypt.
(mit_des_cbc_encrypt): Call them.
* d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt):  New functions
broken out from mit_des3_cbc_encrypt.
(mit_des3_cbc_encrypt): Call them.
* des_int.h (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt,
krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): Declare.
(mit_des_cbc_encrypt, mit_des3_cbc_encrypt): New macros.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15692 dc483132-0cff-0310-8789-dd5450dbe970

21 years agodelete ##WIN16## lines from makefiles
Ken Raeburn [Thu, 17 Jul 2003 10:36:21 +0000 (10:36 +0000)]
delete ##WIN16## lines from makefiles

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15691 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* krb5_libinit.c: Include autoconf.h
Ken Raeburn [Tue, 15 Jul 2003 14:31:40 +0000 (14:31 +0000)]
* krb5_libinit.c: Include autoconf.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15690 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.o
Ken Raeburn [Tue, 15 Jul 2003 14:28:37 +0000 (14:28 +0000)]
* Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.o

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15689 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* aclocal.m4 (extra_gcc_warn_opts): Don't turn on -pedantic on Darwin
Ken Raeburn [Tue, 15 Jul 2003 14:23:15 +0000 (14:23 +0000)]
* aclocal.m4 (extra_gcc_warn_opts): Don't turn on -pedantic on Darwin

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15688 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * accept_sec_context.c (krb5_gss_accept_sec_context): Call
Tom Yu [Tue, 15 Jul 2003 00:12:01 +0000 (00:12 +0000)]
* accept_sec_context.c (krb5_gss_accept_sec_context): Call
TREAD_STR with correct arguments.  Patch from Emily Ratliff.

ticket: 1015
tags: pullup
target_version: 1.3.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15687 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoCheck for NULL realm argument and n not equal to 1. Fill in realm with an empty...
Alexandra Ellwood [Fri, 11 Jul 2003 22:12:32 +0000 (22:12 +0000)]
Check for NULL realm argument and n not equal to 1.  Fill in realm with an empty string on error in case the caller doesn't check the return value

ticket: 1657

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15684 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRealmsConfig-glue.c: Don't fail when krb5.conf is valid and krb.conf isn't. Also...
Alexandra Ellwood [Fri, 11 Jul 2003 21:25:48 +0000 (21:25 +0000)]
RealmsConfig-glue.c: Don't fail when krb5.conf is valid and krb.conf isn't.  Also, don't assert v4 realm is in profile unless that realm is a valid v4 realm

ticket: 1657

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15683 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRewrote krb_get_lrealm to correctly handle the v4 realms section in the profile and...
Alexandra Ellwood [Fri, 11 Jul 2003 15:03:59 +0000 (15:03 +0000)]
Rewrote krb_get_lrealm to correctly handle the v4 realms section in the profile and to return KFAILURE in the absence of any config (instead of returning ATHENA.MIT.EDU)

ticket: 1657

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15682 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * acquire_cred.c (acquire_init_cred): Close the ccache if
Tom Yu [Thu, 10 Jul 2003 22:53:02 +0000 (22:53 +0000)]
* acquire_cred.c (acquire_init_cred): Close the ccache if
krb5_cc_set_flags() fails, as krb5int_cc_default succeeds even if
the file is not there, but krb5_cc_set_flags will fail in turning
off OPENCLOSE mode if the file can't be opened.  Thanks to Kent Wu.

ticket: 1656
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15680 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoExport krb5_get_permitted_enctypes and krb5_set_real_time for Samba
Alexandra Ellwood [Wed, 9 Jul 2003 19:34:17 +0000 (19:34 +0000)]
Export krb5_get_permitted_enctypes and krb5_set_real_time for Samba

ticket: 1655

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15678 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate for krb5-1.3
Tom Yu [Tue, 8 Jul 2003 21:09:11 +0000 (21:09 +0000)]
update for krb5-1.3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15673 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis time, use the correct # of arguments for strcpy
Alexandra Ellwood [Tue, 8 Jul 2003 15:51:33 +0000 (15:51 +0000)]
This time, use the correct # of arguments for strcpy

ticket: 1651

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15672 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb_prof_get_nth() no longer assumes that its retlen argument is correct (call strcpy...
Alexandra Ellwood [Mon, 7 Jul 2003 18:21:57 +0000 (18:21 +0000)]
krb_prof_get_nth() no longer assumes that its retlen argument is correct (call strcpy instead of strncpy) because this argument is a guess for some callers (eg: krb_get_admhst())

ticket: 1651

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15671 dc483132-0cff-0310-8789-dd5450dbe970

21 years agodarwin build can't compile util/et test program
Ken Raeburn [Fri, 4 Jul 2003 20:49:06 +0000 (20:49 +0000)]
darwin build can't compile util/et test program

The autoconf tests correctly determine that sys_nerr exists, and that
no declaration is needed.  The test_et.c code checks the wrong condition,
though, and the system header declaration of sys_nerr conflicts with the
one in that source file.  (The native one is const.)

* test_et.c: Conditionalize sys_nerr declaration on NEED_SYS_ERRLIST, not
HAVE_SYS_ERRLIST.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15670 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove leading spaces in #define and #include in public headers to support K&R C...
Alexandra Ellwood [Thu, 3 Jul 2003 19:46:49 +0000 (19:46 +0000)]
Remove leading spaces in #define and #include in public headers to support K&R C compilers

ticket: 1648

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15667 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoKfM build should inherit CFLAGS and LDFLAGS from parent project
Alexandra Ellwood [Wed, 2 Jul 2003 18:04:35 +0000 (18:04 +0000)]
KfM build should inherit CFLAGS and LDFLAGS from parent project

ticket: 1642

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15662 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFixed filename substitution typos. @LOCALSTATEDIR -> /usr/local/var
Jen Selby [Fri, 27 Jun 2003 23:38:43 +0000 (23:38 +0000)]
Fixed filename substitution typos.  @LOCALSTATEDIR -> /usr/local/var

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15661 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate for krb5-1.3-beta5
Tom Yu [Fri, 27 Jun 2003 23:25:49 +0000 (23:25 +0000)]
update for krb5-1.3-beta5

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15657 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis change fixes the problem in the ss directory. It probably won't
Ken Raeburn [Fri, 27 Jun 2003 20:36:24 +0000 (20:36 +0000)]
This change fixes the problem in the ss directory.  It probably won't
get into our 1.3 release, but perhaps in a patch release afterwards.

I'll look and see where else things are getting needlessly rebuilt....

* Makefile.in (HDRS): Remove mit-sipb-copyright.h.
(includes): Depend on copied version of the headers, not local versions.  Don't
do any copying; instead, move the copying commands to new targets for each
header.
($(HDRDIR)/timestamp): New target; create the directory here if needed.
(clean-unix): Remove the timestamp file.

ticket: 1631
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15654 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,
Tom Yu [Fri, 27 Jun 2003 17:53:42 +0000 (17:53 +0000)]
* gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,
not &keytab, to get_init_creds.  Thanks to Herb Lewis.

ticket: 1630
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15653 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoWith this patch, things seem to work with a Heimdal client and MIT KDC
Ken Raeburn [Thu, 26 Jun 2003 00:48:07 +0000 (00:48 +0000)]
With this patch, things seem to work with a Heimdal client and MIT KDC

* checksum_length.c (krb5_c_checksum_length): Handle trunc_size.

ticket: 1621
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15652 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoclean up ftp client gss memory management
Tom Yu [Wed, 25 Jun 2003 21:10:48 +0000 (21:10 +0000)]
clean up ftp client gss memory management

* ftp.c (do_auth): Call gss_release_buffer() on send_tok
immediately after sending it.  Call gss_release_name() on
target_name at outer_loop instead of inside the loop.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15651 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* cksumtypes.c (krb5_cksumtypes_list): Add aes128/256 hmacs, with new
Ken Raeburn [Tue, 24 Jun 2003 02:41:07 +0000 (02:41 +0000)]
* cksumtypes.c (krb5_cksumtypes_list): Add aes128/256 hmacs, with new
trunc_size field.

* make_checksum.c (krb5_c_make_checksum): If trunc_size is specified, shrink
the computed checksum down to the indicated size.

ticket: 1621
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15650 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoapply patch from jaltman:
Tom Yu [Tue, 24 Jun 2003 02:29:47 +0000 (02:29 +0000)]
apply patch from jaltman:

* ms2mit.c: Windows Credentials are addressless. Do not store the
credentials in the MIT cache with addresses since they do not
contain addresses in the encrypted portion of the credential.
Instead generate a valid empty address list.

ticket: 1618
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15648 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* k5-int.h (struct krb5_cksumtypes): Add new field trunc_size
Ken Raeburn [Tue, 24 Jun 2003 02:10:55 +0000 (02:10 +0000)]
* k5-int.h (struct krb5_cksumtypes): Add new field trunc_size

ticket: 1621
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15647 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * krb5.conf.M: Sync with doc/krb5conf.texinfo
Tom Yu [Fri, 20 Jun 2003 21:14:56 +0000 (21:14 +0000)]
* krb5.conf.M: Sync with doc/krb5conf.texinfo

ticket: 1085
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15641 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * build.texinfo (Installing the Binaries): New node; describe
Tom Yu [Fri, 20 Jun 2003 20:20:14 +0000 (20:20 +0000)]
* build.texinfo (Installing the Binaries): New node; describe
basic "make install", along with "DESTDIR=...".

ticket: 976
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15639 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSplit out etype_info2 decoder from etype_info decoder. In the
Sam Hartman [Fri, 20 Jun 2003 16:47:04 +0000 (16:47 +0000)]
Split out etype_info2 decoder from etype_info decoder.  In the
etype_info decoder ignore Heimdal's tag 2.

Ticket: 1619
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15638 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDelete references to --with-system-db from README
Tom Yu [Fri, 20 Jun 2003 03:24:07 +0000 (03:24 +0000)]
Delete references to --with-system-db from README

* build.texinfo (HPUX): Fix typo.
(Options to Configure): Note that --with-system-db is unsupported,
concerning possible lossage with loading dumpfiles.

ticket: 1592
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15637 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoPut in some IPv6 details.
Ken Raeburn [Fri, 20 Jun 2003 01:28:49 +0000 (01:28 +0000)]
Put in some IPv6 details.
Mention db4 compatibility is untested.

ticket: 1600
status: open
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15636 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * dnssrv.texinfo: Add note about _kerberos-iv._udp SRV records
Tom Yu [Wed, 18 Jun 2003 23:00:41 +0000 (23:00 +0000)]
* dnssrv.texinfo: Add note about _kerberos-iv._udp SRV records

ticket: 1607
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15635 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUpdate for krb5-1.3-beta4. Fix note on [999]. Move notes re
Tom Yu [Tue, 17 Jun 2003 01:00:45 +0000 (01:00 +0000)]
Update for krb5-1.3-beta4.  Fix note on [999].  Move notes re
addressless tickets and NAT-friendliness to "major changes".  Still
need to fill out the TODO for IPv6.

ticket: 1600
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15630 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSet use_conf_ktypes to 1 while looking up the tgt to use for
Sam Hartman [Mon, 16 Jun 2003 22:34:50 +0000 (22:34 +0000)]
Set use_conf_ktypes to 1 while looking up the tgt to use for
forwarding.

Ticket: 1610
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15627 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* ftp.c (recvrequest): Add new argument indicating whether "-" and "|..."
Ken Raeburn [Mon, 16 Jun 2003 19:02:01 +0000 (19:02 +0000)]
* ftp.c (recvrequest): Add new argument indicating whether "-" and "|..."
special treatment should be disabled.
* ftp_var.h (recvrequest): Update declaration.
* cmds.c (remglob, ls, mls): Pass 0 as the extra argument.
(mget): Pass 1.
(getit): Pass 1 iff only one filename was supplied.

ticket: 1351
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15626 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * server_kdb.c (kdb_init_hist): Force history principal's key to
Tom Yu [Fri, 13 Jun 2003 22:30:59 +0000 (22:30 +0000)]
* server_kdb.c (kdb_init_hist): Force history principal's key to
be of the same enctype as the master key, as searches for it later
on explicitly specify the enctype.

ticket: 964
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15621 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb5_rd_rep leaks subkeys
Tom Yu [Fri, 13 Jun 2003 21:45:30 +0000 (21:45 +0000)]
krb5_rd_rep leaks subkeys

* rd_rep.c (krb5_rd_rep): Free subkeys before replacing them, if
needed.  This avoids a memory leak.

ticket: new
target_version: 1.3
component: krb5-libs
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15620 dc483132-0cff-0310-8789-dd5450dbe970

21 years agolibgss leaks, UMRs
Tom Yu [Fri, 13 Jun 2003 21:43:07 +0000 (21:43 +0000)]
libgss leaks, UMRs

* init_sec_context.c (krb5_gss_init_sec_context): Free
default_enctypes to avoid leaking returned value from
krb5_get_tgs_ktypes.

* k5unseal.c (kg_unseal_v1): Explicitly set token.value to NULL if
token.length == 0, to avoid spurious uninitialized memory
references when calling memcpy() with a zero length.

ticket: new
target_version: 1.3
tags: pullup
component: krb5-libs
cc: Kent_Wu@trendmicro.com

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15619 dc483132-0cff-0310-8789-dd5450dbe970

21 years agomake_ap_req_v1 leaks memory
Tom Yu [Fri, 13 Jun 2003 05:17:41 +0000 (05:17 +0000)]
make_ap_req_v1 leaks memory

* init_sec_context.c (make_ap_req_v1): Free checksum_data if
needed, to avoid leaking memory.  Found by Kent Wu.

ticket: new
target_version: 1.3
tags: pullup
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15618 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * krb5.hin: krb524_init_ets() takes one argument
Tom Yu [Thu, 12 Jun 2003 21:48:52 +0000 (21:48 +0000)]
* krb5.hin: krb524_init_ets() takes one argument

* krb524.c (krb524_convert_creds_kdc, krb524_init_ets): Mark as
KRB5_CALLCONV_WRONG.
(krb524_init_ets): Takes a krb5_context.

ticket: 1596
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15615 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* error_table.h, et_c.awk, et_c.pl, et_h.awk, et_c.awk: Removed Mac OS support becaus...
Alexandra Ellwood [Thu, 12 Jun 2003 21:15:52 +0000 (21:15 +0000)]
* error_table.h, et_c.awk, et_c.pl, et_h.awk, et_c.awk: Removed Mac OS support because it prevents darwin builds from getting com error strings via the initialize_*_error_table function

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15613 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemoved Mac OS 9 support because it prevents darwin builds from getting com error...
Alexandra Ellwood [Thu, 12 Jun 2003 19:51:38 +0000 (19:51 +0000)]
Removed Mac OS 9 support because it prevents darwin builds from getting com error strings via the initialize_*_error_table function

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15612 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDarwin libkrb4/err_txt.o needs dependency on krb_err.c
Tom Yu [Wed, 11 Jun 2003 21:19:43 +0000 (21:19 +0000)]
Darwin libkrb4/err_txt.o needs dependency on krb_err.c

* Makefile.in (KRB_ERR_C): New variable; Darwin needs err_txt.o to
have a dependency on krb_err.c so that krb_err.c will be generated
first.

* configure.in: Set KRB_ERR_C to krb_err.c on Darwin.

ticket: new
target_version: 1.3
tags: pullup
component: krb5-build

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15610 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't escape rcache filename characters with backslash
Tom Yu [Wed, 11 Jun 2003 20:32:22 +0000 (20:32 +0000)]
Don't escape rcache filename characters with backslash

* srv_rcache.c (krb5_get_server_rcache): Octal escapes begin with
hyphen now, since backslash is a pathname separator on DOS.

ticket: new
target_version: 1.3
component: krb5-libs
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15609 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate for krb5-1.3-beta3
Tom Yu [Mon, 9 Jun 2003 22:40:08 +0000 (22:40 +0000)]
update for krb5-1.3-beta3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15605 dc483132-0cff-0310-8789-dd5450dbe970

21 years agooops, fix up ChangeLog attribution
Tom Yu [Mon, 9 Jun 2003 20:36:17 +0000 (20:36 +0000)]
oops, fix up ChangeLog attribution

ticket: 1568

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15601 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * krb524.c: Fix copyright notice
Tom Yu [Mon, 9 Jun 2003 20:31:56 +0000 (20:31 +0000)]
* krb524.c: Fix copyright notice

ticket: 1568

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15600 dc483132-0cff-0310-8789-dd5450dbe970

21 years agofix bug: would return krb.conf entries plus dns info
Ken Raeburn [Mon, 9 Jun 2003 19:19:46 +0000 (19:19 +0000)]
fix bug: would return krb.conf entries plus dns info

* RealmsConfig-glue.c (krb_get_krbhst): Don't fall back to DNS if entries were
found in krb.conf, and just not enough to fill the request.

ticket: 1550
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15599 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoCheckpoint some working code.
Ken Raeburn [Sat, 7 Jun 2003 00:45:41 +0000 (00:45 +0000)]
Checkpoint some working code.
A better solution is in the works, but may or may not make the deadline for
the next beta...

* RealmsConfig-glue.c: Include k5-int.h.
(dnscache): New variable.
(DNS_CACHE_TIMEOUT): New macro.
(krb_get_krbhst) [KRB5_DNS_LOOKUP]: If no krb.conf info is found, try DNS SRV
records for "kerberos-iv".  Cache results in case they're immediately requested
again.

ticket: 1550
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15598 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* locate_kdc.c (struct srv_dns_entry): Moved to k5-int.h.
Ken Raeburn [Fri, 6 Jun 2003 23:07:55 +0000 (23:07 +0000)]
* locate_kdc.c (struct srv_dns_entry): Moved to k5-int.h.
(krb5int_make_srv_query_realm): Renamed from make_srv_query_realm.
(krb5int_free_srv_dns_data): New function.
(krb5_locate_srv_dns_1): Use it.

* accessor.c (krb5int_accessor): Fill in make_srv_query_realm and
free_srv_dns_data fields.

ticket: 1550
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15596 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoExport hooks for looking up SRV records, so we can avoid duplicating the code
Ken Raeburn [Fri, 6 Jun 2003 22:48:34 +0000 (22:48 +0000)]
Export hooks for looking up SRV records, so we can avoid duplicating the code

* k5-int.h (struct srv_dns_entry): Declare.
(krb5int_make_srv_query_realm, krb5int_free_srv_dns_data): Declare.
(struct _krb5int_access): Add make_srv_query_realm and free_srv_dns_data fields.

ticket: 1550
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15595 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoDon't allow renewable_ok to be set if the renew liftime is greater
Sam Hartman [Fri, 6 Jun 2003 19:30:40 +0000 (19:30 +0000)]
Don't allow renewable_ok to be set if the renew liftime is greater
than the ticket lifetime.

Ticket: 1576
Tags: pullup
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15590 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * g_cnffile.c (krb__get_srvtabname): Make retname be a static
Tom Yu [Fri, 6 Jun 2003 14:44:33 +0000 (14:44 +0000)]
* g_cnffile.c (krb__get_srvtabname): Make retname be a static
array rather than a static pointer, to avoid callers' possible
retention of free()d pointers.  Yes, this may cause difficulty
with making this function thread-safe.

ticket: 1563
target_version: 1.3
version_fixed: 1.3
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15589 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago--localstatedir=/var/db for KfM builds
Alexandra Ellwood [Fri, 6 Jun 2003 14:34:17 +0000 (14:34 +0000)]
--localstatedir=/var/db for KfM builds

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15586 dc483132-0cff-0310-8789-dd5450dbe970