krb5.git
15 years agofix minor comment typos
Ken Raeburn [Mon, 5 Jan 2009 17:59:59 +0000 (17:59 +0000)]
fix minor comment typos

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21699 dc483132-0cff-0310-8789-dd5450dbe970

15 years agofix merge of new openldap notice
Ken Raeburn [Mon, 5 Jan 2009 17:49:00 +0000 (17:49 +0000)]
fix merge of new openldap notice

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21698 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoifdef out unused functions that are also missing prototypes.
Ezra Peisach [Mon, 5 Jan 2009 05:01:04 +0000 (05:01 +0000)]
ifdef out unused functions that are also missing prototypes.
krb5int_utf8_islower and krb5int_utf8_isupper.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21697 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoInclude ucdata/ucdata.h for missing prototypes
Ezra Peisach [Mon, 5 Jan 2009 04:59:30 +0000 (04:59 +0000)]
Include ucdata/ucdata.h for missing prototypes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21696 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoInclude strings.h for memset prototype
Ezra Peisach [Mon, 5 Jan 2009 04:57:56 +0000 (04:57 +0000)]
Include strings.h for memset prototype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21695 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove support for setting a client flag indicating pkinit is used on the db entry.
Sam Hartman [Sat, 3 Jan 2009 23:20:35 +0000 (23:20 +0000)]
Remove support for setting a client flag indicating pkinit is used on the db entry.
I'm reasonably sure that this would belong in a pkinit plugin not in do_as_req.c.
Also, the flag should be documented to indicate what it means--client attempted pkinit?  Client succeeded in using pkinit?
I also wonder  whether you want a mechanism for a db plugin to figure out  all the padata or fast factors that a request is using.
Note that  this flag will need to be added back by at least one vendor.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21694 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoxrealm_non_transitive not trust_non_transitive
Sam Hartman [Sat, 3 Jan 2009 23:20:31 +0000 (23:20 +0000)]
xrealm_non_transitive not trust_non_transitive

Kerberos does not imply trust in the existence of a cross-realm key.
Trust is implied  when a foreign principal is placed on an ACL: the remote realm
is trusted to authenticate that principal and is trusted
not to confuse one principal with another.
Keep terminology consistent.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21693 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove flags that do not correspond to behavior we support
Sam Hartman [Sat, 3 Jan 2009 23:20:26 +0000 (23:20 +0000)]
Remove flags that do not correspond to behavior we support

non_ms_principal would need to be phrased in terms of what behavior is being changed, not client OS.
The pkinit flag would need to be better documented

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21692 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoKDB API should not be public
Sam Hartman [Sat, 3 Jan 2009 23:20:19 +0000 (23:20 +0000)]
KDB API should not be public

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21691 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMerge mskrb-integ onto trunk
Sam Hartman [Sat, 3 Jan 2009 23:19:42 +0000 (23:19 +0000)]
Merge mskrb-integ onto trunk

The mskrb-integ branch includes support for the following projects:
Projects/Aliases
* Projects/PAC and principal APIs
* Projects/AEAD encryption API
* Projects/GSSAPI DCE
* Projects/RFC 3244

In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions.
In the KDC it includes support for protocol transition, constrained delegation
and a new authorization data interface.
The old authorization data interface is also supported.

This commit merges the mskrb-integ branch on to the trunk.
Additional review and testing is required.

Merge commit 'mskrb-integ' into trunk

ticket: new
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoWith no more fakeka, we don't need the --enable-fakeka option
Ken Raeburn [Sat, 3 Jan 2009 12:40:53 +0000 (12:40 +0000)]
With no more fakeka, we don't need the --enable-fakeka option

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21683 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove some unused AC_SUBSTs
Ken Raeburn [Sat, 3 Jan 2009 12:05:58 +0000 (12:05 +0000)]
Remove some unused AC_SUBSTs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21682 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove some unused variables
Ken Raeburn [Sat, 3 Jan 2009 11:39:17 +0000 (11:39 +0000)]
Remove some unused variables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21681 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRewrite walk_rtree.c to handle hierarchical traversal better and to be
Tom Yu [Fri, 2 Jan 2009 01:40:41 +0000 (01:40 +0000)]
Rewrite walk_rtree.c to handle hierarchical traversal better and to be
less convoluted.  Update test cases.

ticket: 5947

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21659 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSet auth_context's rcache to NULL after destroying and before calling
Tom Yu [Wed, 31 Dec 2008 17:25:25 +0000 (17:25 +0000)]
Set auth_context's rcache to NULL after destroying and before calling
krb5_auth_con_free, to avoid crashing when krb5_rc_close tries to run
using a destroyed rcache handle.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21644 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoI don't know what it was that someone else didn't know, but it doesn't
Ken Raeburn [Wed, 31 Dec 2008 01:58:49 +0000 (01:58 +0000)]
I don't know what it was that someone else didn't know, but it doesn't
belong in the copyright header.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21642 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSigned/unsigned fixes
Ezra Peisach [Tue, 30 Dec 2008 14:04:51 +0000 (14:04 +0000)]
Signed/unsigned fixes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21639 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoChange kpropd_com_err_proc to prototype style, add format attribute
Ken Raeburn [Tue, 30 Dec 2008 05:45:06 +0000 (05:45 +0000)]
Change kpropd_com_err_proc to prototype style, add format attribute

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21637 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIf full resync fails, go into backoff mode
Ken Raeburn [Tue, 30 Dec 2008 05:42:04 +0000 (05:42 +0000)]
If full resync fails, go into backoff mode

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21636 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSigned/unsigned fixes and remove unused variable
Ezra Peisach [Mon, 29 Dec 2008 23:01:15 +0000 (23:01 +0000)]
Signed/unsigned fixes and remove unused variable

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21635 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix up warning of suggested parens in assignment in conditional
Ezra Peisach [Mon, 29 Dec 2008 22:41:27 +0000 (22:41 +0000)]
Fix up warning of suggested parens in assignment in conditional

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21634 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd gssrpcint.h to contain prototype for gssrpcint_printf. Include
Ezra Peisach [Mon, 29 Dec 2008 17:39:29 +0000 (17:39 +0000)]
Add gssrpcint.h to contain prototype for gssrpcint_printf.  Include
gcc printf attribute if supported. Include header file and fix up some
of the debugging printf arguments.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21632 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRevert r21589, and export krb5_get_fallback_host_realm instead
Greg Hudson [Mon, 29 Dec 2008 17:12:54 +0000 (17:12 +0000)]
Revert r21589, and export krb5_get_fallback_host_realm instead

Rationale: Zephyr and AFS both use the Kerberos realm name as the
name of the service realm (AFS realm or Zephyr galaxy).  AFS can grab
the Kerberos realm from the ticket being aklogged, but Zephyr is not
necessarily getting credentials at all (you could be sending an
unauthenticated message), and currently finds its answer by looking
up the realm of the server host.  Although we can't currently provide
an accurate result for this lookup in the presence of referrals, we do
need to provide enough tools to get as good of an answer as libzephyr
could have gotten before referrals went in.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21631 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCreate a private header file for local functions missing prototypes.
Ezra Peisach [Mon, 29 Dec 2008 13:37:20 +0000 (13:37 +0000)]
Create a private header file for local functions missing prototypes.
Fix a number of warnning suggesting parenthesis.
Fix a signed/unsigned warning.
Update dependencies.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21627 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd prototype for usage. Change invocation of usage to db_usage when using an argume...
Ezra Peisach [Mon, 29 Dec 2008 12:36:31 +0000 (12:36 +0000)]
Add prototype for usage.  Change invocation of usage to db_usage when using an argument. Include adm_proto.h for prototype for krb5_keysalt_iterate

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21625 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb4 removal missed ldap kdb plugin directory
Ezra Peisach [Mon, 29 Dec 2008 04:45:36 +0000 (04:45 +0000)]
krb4 removal missed ldap kdb plugin directory

The krb4 removal failed to change the makefile in ldap kdb plugin directory.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21622 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoHandle a number of warnings - including missing prototype,
Ezra Peisach [Mon, 29 Dec 2008 03:36:57 +0000 (03:36 +0000)]
Handle a number of warnings - including missing prototype,
paraenthesis in conditionals, unused function removal, unused variable
removal.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21621 dc483132-0cff-0310-8789-dd5450dbe970

15 years agowhitespace
Tom Yu [Sun, 28 Dec 2008 19:55:52 +0000 (19:55 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21619 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoClean up krb5_get_fallback_host_realm in two respects:
Greg Hudson [Wed, 24 Dec 2008 18:48:00 +0000 (18:48 +0000)]
Clean up krb5_get_fallback_host_realm in two respects:

1. It isn't exported from libkrb5 (and no one seems to complain about
that).  So give it a krb5int_ name and move its declaration to
k5-int.h.  Also stop exporting it from the collected client lib.

2. It returned a list of realms, but its only caller assumes that the
list contains exactly one realm.  So just make it return a single
realm.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21589 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd a new fallback host-to-realm heuristic to try the components of the
Greg Hudson [Wed, 24 Dec 2008 16:51:33 +0000 (16:51 +0000)]
Add a new fallback host-to-realm heuristic to try the components of the
hostname as domains.  The heuristic is off by default and is controlled
by the realm_try_domains variable under libdefaults.

Based on a patch submitted by Mark Phalan from Sun.

ticket: 6031

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21588 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCollect ticket-request logging calls together in one place for easier
Ken Raeburn [Mon, 22 Dec 2008 04:40:39 +0000 (04:40 +0000)]
Collect ticket-request logging calls together in one place for easier
customization.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21564 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSome cleanup from Shawn Emery: Use INITIAL_TIMER macros instead of
Ken Raeburn [Mon, 22 Dec 2008 03:49:30 +0000 (03:49 +0000)]
Some cleanup from Shawn Emery: Use INITIAL_TIMER macros instead of
hardcoding values; reset 'gfd' when turning off the alarm.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21563 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoImprovements from Shawn Emery: an extra-verbose mode
Ken Raeburn [Mon, 22 Dec 2008 03:12:19 +0000 (03:12 +0000)]
Improvements from Shawn Emery: an extra-verbose mode

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21562 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSigned/unsigned fix. The function is called with a sizeof - so unsigned is
Ezra Peisach [Fri, 19 Dec 2008 17:14:16 +0000 (17:14 +0000)]
Signed/unsigned fix.  The function is called with a sizeof - so unsigned is
fine.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21553 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove documentation references to krb4 functionality we no longer
Greg Hudson [Thu, 18 Dec 2008 19:28:23 +0000 (19:28 +0000)]
Remove documentation references to krb4 functionality we no longer
have.  Remove the krb425 transition guide since we no longer have
compatibility code to assist with a transition.

ticket: 6303

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21545 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove krb524, lib/des425, lib/krb4, and include/kerberosIV.
Greg Hudson [Thu, 18 Dec 2008 18:31:16 +0000 (18:31 +0000)]
Remove krb524, lib/des425, lib/krb4, and include/kerberosIV.
Remove krb4 build system references and conditionals.
Move des425 header stuff referenced by des_int.h into des_int.h.
Remove krb4 test cases.

ticket: 6303

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21544 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoKIM: window settings
Zhanna Tsitkov [Thu, 18 Dec 2008 16:21:10 +0000 (16:21 +0000)]
KIM: window settings

Ticket: 6290

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21543 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMem leak fix
Zhanna Tsitkov [Thu, 18 Dec 2008 16:09:10 +0000 (16:09 +0000)]
Mem leak fix

Ticket: 6285

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21542 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoanother diff test 4
Tom Yu [Wed, 17 Dec 2008 20:44:37 +0000 (20:44 +0000)]
another diff test 4

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21519 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoanother diff test 3
Tom Yu [Wed, 17 Dec 2008 20:39:59 +0000 (20:39 +0000)]
another diff test 3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21518 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoanother diff test 2
Tom Yu [Wed, 17 Dec 2008 20:37:15 +0000 (20:37 +0000)]
another diff test 2

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21517 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoanother diff test
Tom Yu [Wed, 17 Dec 2008 20:37:07 +0000 (20:37 +0000)]
another diff test

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21516 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs 6
Tom Yu [Wed, 17 Dec 2008 18:46:59 +0000 (18:46 +0000)]
test mailing diffs 6

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21515 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs 5
Tom Yu [Wed, 17 Dec 2008 18:44:40 +0000 (18:44 +0000)]
test mailing diffs 5

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21514 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs 4
Tom Yu [Wed, 17 Dec 2008 18:40:49 +0000 (18:40 +0000)]
test mailing diffs 4

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21513 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs 3
Tom Yu [Wed, 17 Dec 2008 18:26:44 +0000 (18:26 +0000)]
test mailing diffs 3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21512 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs 2
Tom Yu [Wed, 17 Dec 2008 18:25:04 +0000 (18:25 +0000)]
test mailing diffs 2

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21511 dc483132-0cff-0310-8789-dd5450dbe970

16 years agotest mailing diffs
Tom Yu [Wed, 17 Dec 2008 18:25:00 +0000 (18:25 +0000)]
test mailing diffs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21510 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMove prototypes needed in multiple files to misc.h instead of
Ezra Peisach [Wed, 17 Dec 2008 03:42:12 +0000 (03:42 +0000)]
Move prototypes needed in multiple files to misc.h instead of
declaring extern in each .c file.  This will ensure that definitions
are consistent.  Moved prototypes include: load_badauth,
setup_gss_names, krb5_iprop_prog_1, kiprop_get_adm_host_srv_name.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21493 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd prototype for kadm5_init_iprop. FOr the client - adds a dummy argument
Ezra Peisach [Tue, 16 Dec 2008 21:27:10 +0000 (21:27 +0000)]
Add prototype for kadm5_init_iprop.  FOr the client - adds a dummy argument
which is ignored.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21480 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix memory leaks in sam and ldap handler testing - there is still a leak w/ ldap
Ezra Peisach [Tue, 16 Dec 2008 20:15:46 +0000 (20:15 +0000)]
Fix memory leaks in sam and ldap handler testing - there is still a leak w/ ldap

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21479 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd svn:ignore properties for some files created by dejagnu tests
Greg Hudson [Mon, 15 Dec 2008 20:42:07 +0000 (20:42 +0000)]
Add svn:ignore properties for some files created by dejagnu tests

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21453 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove krb4 code in libkrb5
Greg Hudson [Mon, 15 Dec 2008 20:37:39 +0000 (20:37 +0000)]
Remove krb4 code in libkrb5

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21452 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove krb4 support in gssftp and telnet
Greg Hudson [Mon, 15 Dec 2008 20:31:53 +0000 (20:31 +0000)]
Remove krb4 support in gssftp and telnet

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21451 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove krb4 support in the applications. login's ability to run aklog
Greg Hudson [Mon, 15 Dec 2008 20:29:01 +0000 (20:29 +0000)]
Remove krb4 support in the applications.  login's ability to run aklog
has been preserved and made unconditional on krb4 support, since aklog
can now do krb5 auth.  The config variable is now named krb_run_aklog
(as it was sometimes documented), not krb4_run_aklog as it previously
was.

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21450 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove krb4 support from clients. Some of the code has been
Greg Hudson [Mon, 15 Dec 2008 19:37:51 +0000 (19:37 +0000)]
Remove krb4 support from clients.  Some of the code has been
simplified to remove architectural relics of the -4 and -5 options,
but more simplification is likely possible, particularly in kinit.

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21449 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn the KDC, remove krb4 request handling support and fakeka code
Greg Hudson [Mon, 15 Dec 2008 18:32:44 +0000 (18:32 +0000)]
In the KDC, remove krb4 request handling support and fakeka code

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21448 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove a krb4 conditional block in ktutil_funcs.c which was missed in
Greg Hudson [Mon, 15 Dec 2008 18:30:29 +0000 (18:30 +0000)]
Remove a krb4 conditional block in ktutil_funcs.c which was missed in
the previous commit.

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21447 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn ktutil, remove code for wst (write srvtab). Reimplement rst (read
Greg Hudson [Mon, 15 Dec 2008 18:26:47 +0000 (18:26 +0000)]
In ktutil, remove code for wst (write srvtab).  Reimplement rst (read
srvtab) as an alias for "rkt SRVTAB:filename" and include it
unconditionally.

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21446 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove loadv4/dumpv4 code in kdb5_util. (The command table entries for
Greg Hudson [Mon, 15 Dec 2008 18:23:58 +0000 (18:23 +0000)]
Remove loadv4/dumpv4 code in kdb5_util.  (The command table entries for
this code had already been commented out previously.)

ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21445 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFixed memory leak in krb5_stdccv3_remove
Zhanna Tsitkov [Sat, 13 Dec 2008 00:05:33 +0000 (00:05 +0000)]
Fixed memory leak in krb5_stdccv3_remove

Ticket: 6299

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21362 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAccept digits and = in base64 output to flush
Ken Raeburn [Fri, 12 Dec 2008 18:33:26 +0000 (18:33 +0000)]
Accept digits and = in base64 output to flush

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21330 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFor Sun Studio compilers, set WARN_CFLAGS to emit warning tag names
Ken Raeburn [Thu, 11 Dec 2008 21:07:08 +0000 (21:07 +0000)]
For Sun Studio compilers, set WARN_CFLAGS to emit warning tag names
and make int/ptr mixups a fatal error that will be noticed at build or
"make check" time.  Tested in a 32-bit build.

ticket: 6297

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21325 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoClean up some kadmind4 relics left behind in osconf.hin
Greg Hudson [Tue, 9 Dec 2008 19:32:01 +0000 (19:32 +0000)]
Clean up some kadmind4 relics left behind in osconf.hin

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21300 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRelease default credentials before exiting krb5_gss_init_sec_context routine
Zhanna Tsitkov [Tue, 9 Dec 2008 16:09:18 +0000 (16:09 +0000)]
Release default credentials before exiting krb5_gss_init_sec_context routine

Ticket: 6294

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21298 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd a configure option --disable-rpath to suppress rpath flags in
Greg Hudson [Mon, 8 Dec 2008 22:33:07 +0000 (22:33 +0000)]
Add a configure option --disable-rpath to suppress rpath flags in
link lines.  Useful for OS distributors and for builds which will
only be used to run the test suite.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21297 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove some lingering Saber C cruft
Greg Hudson [Fri, 5 Dec 2008 21:03:25 +0000 (21:03 +0000)]
Remove some lingering Saber C cruft

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21293 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoWhen storing info into cred cache, remove any dups.
Zhanna Tsitkov [Fri, 5 Dec 2008 21:02:08 +0000 (21:02 +0000)]
When storing info into cred cache, remove any dups.

Ticket: 6291

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21292 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix data initialization in process_as_req function
Zhanna Tsitkov [Fri, 5 Dec 2008 20:18:47 +0000 (20:18 +0000)]
Fix data  initialization in process_as_req function

Ticket: 6282

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21291 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoTicket: 6286
Zhanna Tsitkov [Fri, 5 Dec 2008 19:59:35 +0000 (19:59 +0000)]
Ticket: 6286

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21290 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn the dejagnu test suite utilities, use the caller's value of
Greg Hudson [Fri, 5 Dec 2008 18:32:08 +0000 (18:32 +0000)]
In the dejagnu test suite utilities, use the caller's value of
spawn_id in check_exit_status, rather than the global value.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21289 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn the rlogin tests, expect to see /bin/sh echoed back after sending
Greg Hudson [Fri, 5 Dec 2008 18:30:18 +0000 (18:30 +0000)]
In the rlogin tests, expect to see /bin/sh echoed back after sending
/bin/sh.  If we just look for a shell prompt, we can get out of sync
if the login shell decides to clear the line and redisplay the prompt.
(I see bash redisplaying the prompt in 30-50% of test runs; I don't
know what it's thinking.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21288 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge in fix from ms-krb-integ branch to avoid modifying input data on aead_decrypt...
Sam Hartman [Fri, 5 Dec 2008 14:09:40 +0000 (14:09 +0000)]
Merge in fix from ms-krb-integ branch to   avoid modifying input data on aead_decrypt_compat

ticket: 6274
Status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21287 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix from Marcus Watts for glob-to-regexp conversion bug.
Ken Raeburn [Thu, 4 Dec 2008 22:26:56 +0000 (22:26 +0000)]
Fix from Marcus Watts for glob-to-regexp conversion bug.
Tweaked test case to exercise the bug.

ticket: 5667

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCleanup warnings
Sam Hartman [Thu, 4 Dec 2008 15:48:18 +0000 (15:48 +0000)]
Cleanup warnings

ticket: 6274
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21280 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge R21122 from mskrb-integ
Sam Hartman [Thu, 4 Dec 2008 15:48:14 +0000 (15:48 +0000)]
Merge R21122 from mskrb-integ

Namespace cleanup

ticket: 6274
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21279 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge r21120 from mskrb-integ
Sam Hartman [Thu, 4 Dec 2008 15:48:08 +0000 (15:48 +0000)]
Merge r21120 from mskrb-integ

Refactor code such that an AEAD provider does not need to implement the
older, non-IOV SPIs. Instead, the older APIs will implement their
behaviour on top of the AEAD SPIs, using the wrapper functions in
aead.c.

ticket: 6274
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21278 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMove warning flags to new variables WARN_CFLAGS and WARN_CXXFLAGS, so
Greg Hudson [Wed, 3 Dec 2008 18:21:22 +0000 (18:21 +0000)]
Move warning flags to new variables WARN_CFLAGS and WARN_CXXFLAGS, so
that users can override the debugging and optimization flags
independently of the warning flags.

Remove -Wconversion from the standard set of warning flags since it
warns excessively on perfectly good code, and is designed to aid in
conversion of code from K&R to ANSI C rather than to maintain code
quality.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21273 dc483132-0cff-0310-8789-dd5450dbe970

16 years agomake depend
Sam Hartman [Tue, 2 Dec 2008 21:01:54 +0000 (21:01 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21266 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCrypto IOV API per Projects/AEAD encryption API
Sam Hartman [Tue, 2 Dec 2008 20:10:20 +0000 (20:10 +0000)]
Crypto IOV API per Projects/AEAD encryption API

Merge in the mskrb-crypto-iov branch at r21259 in order to move an
implementation of
http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the
trunk.  This branch contains a subset of the commits on the
mskrb-integ branch that implement the krb5 library part of the crypto
IOV API.

ticket: new
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21263 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove unneeded LEAN_CLIENT #define's
Zhanna Tsitkov [Tue, 2 Dec 2008 19:36:56 +0000 (19:36 +0000)]
Remove unneeded  LEAN_CLIENT #define's

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21261 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoadd k5-platform.h for asprintf
Tom Yu [Tue, 2 Dec 2008 16:57:18 +0000 (16:57 +0000)]
add k5-platform.h for asprintf

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21260 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoConvert many uses of sprintf to snprintf or asprintf
Greg Hudson [Mon, 1 Dec 2008 17:09:59 +0000 (17:09 +0000)]
Convert many uses of sprintf to snprintf or asprintf

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970

16 years agomake depend
Ezra Peisach [Mon, 1 Dec 2008 12:22:12 +0000 (12:22 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21206 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMove cc_mutex code from k5-int.h - where it is globally available to cc-int.h
Ezra Peisach [Mon, 1 Dec 2008 12:16:33 +0000 (12:16 +0000)]
Move cc_mutex code from k5-int.h - where it is globally available to cc-int.h
where it is declared and used.  The functions are not exported by the library -
nor are they used outside lib/krb5/ccache...  For cc_file.h - include cc-int.h.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21205 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoShawn's fix for some iprop bugs, with some tweaks
Ken Raeburn [Mon, 1 Dec 2008 06:48:54 +0000 (06:48 +0000)]
Shawn's fix for some iprop bugs, with some tweaks

Adds an alarm while waiting for kprop connection or authentication in
iprop mode; on timeout, close down the active file descriptor to force
us to bail out and return to the iprop main loop (which may try a full
resync again next time around).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21204 dc483132-0cff-0310-8789-dd5450dbe970

16 years agofix tiny overrun
Ken Raeburn [Mon, 24 Nov 2008 21:06:55 +0000 (21:06 +0000)]
fix tiny overrun

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21183 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSimplify memory management a bit in places, by allocating and freeing
Ken Raeburn [Mon, 24 Nov 2008 21:06:20 +0000 (21:06 +0000)]
Simplify memory management a bit in places, by allocating and freeing
separately, instead of reallocating arrays of pointers to themselves
be reallocated.  Do a better job of initializing arrays of which we
only use a variable-sized part.
Use a temp var instead of lots of long macro invocations.
Fix some overrun-by-one errors in buffer copying.
Clean up some possible leaks.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21182 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoTest with varying numbers of principal name components, of varying lengths.
Ken Raeburn [Mon, 24 Nov 2008 20:27:44 +0000 (20:27 +0000)]
Test with varying numbers of principal name components, of varying lengths.
Test principal modifications, not just additions.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21181 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse profile_free_list as appropriate. Fix memory leaks
Ken Raeburn [Mon, 24 Nov 2008 19:40:23 +0000 (19:40 +0000)]
Use profile_free_list as appropriate.  Fix memory leaks

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix memory leak caught by valgrind
Ken Raeburn [Mon, 24 Nov 2008 19:19:14 +0000 (19:19 +0000)]
Fix memory leak caught by valgrind

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoNote kprop doesn't do IPv6 yet either
Ken Raeburn [Mon, 17 Nov 2008 22:19:26 +0000 (22:19 +0000)]
Note kprop doesn't do IPv6 yet either

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21135 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSet krb4 and priocntl flags via site.exp instead of command line
Ken Raeburn [Mon, 17 Nov 2008 21:34:48 +0000 (21:34 +0000)]
Set krb4 and priocntl flags via site.exp instead of command line

Update set of files to clean out at test suite startup, or when
deleting the database.

Improve support for setting up slave test environment.  Don't set
KRB5_KDC_PROFILE except in KDC master and slave environments.  Create
distinct env.sh and env.csh files for different configurations.  Move
kpropd setup proc into common initialization.

Add incremental propagation test: Create new kiprop/$host principal,
update kproplog test for the new data.  "Propagate" the master
database to the slave, add a new principal, start up kpropd, watch for
the "OK" message, and check to see if the new principal exists on the
slave.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21134 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix a memory management bug
Ken Raeburn [Mon, 17 Nov 2008 21:28:04 +0000 (21:28 +0000)]
Fix a memory management bug

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21133 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDon't stick '<null>' in log messages. Run kdb5_util dump with input explicitly from...
Ken Raeburn [Mon, 17 Nov 2008 21:24:29 +0000 (21:24 +0000)]
Don't stick '<null>' in log messages.  Run kdb5_util dump with input explicitly from /dev/null

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21132 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoLog more info if ulog_replay fails. Correctly use supplied keytab name
Ken Raeburn [Mon, 17 Nov 2008 21:14:03 +0000 (21:14 +0000)]
Log more info if ulog_replay fails.  Correctly use supplied keytab name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21131 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse correct update log file name in messages
Ken Raeburn [Mon, 17 Nov 2008 21:12:01 +0000 (21:12 +0000)]
Use correct update log file name in messages

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21130 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoLite Client - the following calls are server-side functions:
Zhanna Tsitkov [Mon, 17 Nov 2008 21:04:06 +0000 (21:04 +0000)]
Lite Client - the following calls are server-side functions:
decode_krb5_authenticator,
krb5_auth_con_getauthenticator,
krb5_copy_authenticator,
krb5_ser_authenticator_init
Take them out for the Lite CLient.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21129 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoPERF: Introduced a new function krb5_is_permitted_enctype_ext to replace multiple...
Zhanna Tsitkov [Mon, 17 Nov 2008 19:28:24 +0000 (19:28 +0000)]
PERF: Introduced a new function krb5_is_permitted_enctype_ext to replace multiple calls to krb5_is_permitted_enctype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21128 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix test bug: kpropd -S exits after success
Ken Raeburn [Wed, 12 Nov 2008 22:11:43 +0000 (22:11 +0000)]
Fix test bug: kpropd -S exits after success

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21079 dc483132-0cff-0310-8789-dd5450dbe970