krb5.git
21 years ago* krb5.hin (krb5_princ_component): Return NULL if going off the end of the array
Ken Raeburn [Thu, 20 Feb 2003 00:04:06 +0000 (00:04 +0000)]
* krb5.hin (krb5_princ_component): Return NULL if going off the end of the array

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15193 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* configure.in: Check for sys/select.h and time.h
Ken Raeburn [Thu, 20 Feb 2003 00:00:11 +0000 (00:00 +0000)]
* configure.in: Check for sys/select.h and time.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15192 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThe client sorts the enctype list returned by etype_info ordering
Sam Hartman [Sat, 15 Feb 2003 01:15:10 +0000 (01:15 +0000)]
The client sorts the enctype list returned by etype_info ordering
enctypes that it requested or that are similar to ones it requested
first.

The KDC only includes enctypes in etype_info if they were requested by
the client.

ticket: 1006

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15191 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (ETOUT): Replace $(S) with "/"
Ken Raeburn [Fri, 14 Feb 2003 04:19:34 +0000 (04:19 +0000)]
* Makefile.in (ETOUT): Replace $(S) with "/"

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15190 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in ($(GSSAPI_KRB5_HDR)): Use $(S) to avoid problems on
Tom Yu [Fri, 14 Feb 2003 00:01:25 +0000 (00:01 +0000)]
* Makefile.in ($(GSSAPI_KRB5_HDR)): Use $(S) to avoid problems on
windows.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15189 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix double free of AS key
Sam Hartman [Thu, 13 Feb 2003 20:09:21 +0000 (20:09 +0000)]
Fix double free of AS key

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15188 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (krb_err.h, kadm_err.h): Rebuild by going to lib/krb4 and
Ken Raeburn [Thu, 13 Feb 2003 02:44:16 +0000 (02:44 +0000)]
* Makefile.in (krb_err.h, kadm_err.h): Rebuild by going to lib/krb4 and
building "includes".
(clean-unix): Don't need to delete copies of .et files any more.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15187 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoOops, add $(GSSAPI_KRB5_HDR) to all-unix
Tom Yu [Thu, 13 Feb 2003 00:51:43 +0000 (00:51 +0000)]
Oops, add $(GSSAPI_KRB5_HDR) to all-unix

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15186 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMore tweaks to deal with parallel builds
Tom Yu [Thu, 13 Feb 2003 00:23:45 +0000 (00:23 +0000)]
More tweaks to deal with parallel builds

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15185 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * post.in (.dtmp): Use -DDEPEND to allow source files to exclude
Tom Yu [Wed, 12 Feb 2003 16:21:09 +0000 (16:21 +0000)]
* post.in (.dtmp): Use -DDEPEND to allow source files to exclude
inclusions from dependencies.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15184 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in: Update dependencies.
Tom Yu [Wed, 12 Feb 2003 16:20:00 +0000 (16:20 +0000)]
* Makefile.in: Update dependencies.
(KRB_ERR_TXT): Set by configure to be either empty
(on Darwin) or krb_err_txt.c (on other platforms).  This avoids
building krb_err_txt.c on Darwin, as the type of krb_err_txt is a
pointer there, so we don't need another copy of the array.
(DEFINES): Remove.  It wasn't doing anything useful and was
cluttering up the compile command line.

* configure.in: On Darwin, don't use krb_err_txt.c.

* err_txt.c: On Darwin, actually use the array generated by
compile_et, and assign it to krb_err_txt, which is a pointer, not
an array, on that platform.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15183 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * CCache-glue.c: Delete in_tkt()
Tom Yu [Wed, 12 Feb 2003 00:06:37 +0000 (00:06 +0000)]
* CCache-glue.c: Delete in_tkt()

* change_password.c: Fix incorrect filename in comment.

* g_in_tkt.c (krb_get_in_tkt_preauth): Call krb_in_tkt() rather
than in_tkt().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15182 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSupport credentials encrypted in the session key rather than
Sam Hartman [Tue, 11 Feb 2003 23:11:24 +0000 (23:11 +0000)]
Support credentials encrypted in the session key rather than
the subsession key.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15181 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * CCache-glue.c (krb_in_tkt): Rename from in_tkt().
Tom Yu [Tue, 11 Feb 2003 19:50:18 +0000 (19:50 +0000)]
* CCache-glue.c (krb_in_tkt): Rename from in_tkt().
(in_tkt): Implement in terms of krb_in_tkt() to match existing
Unix and Windows API.  This shouldn't be a problem because it
appears to be considered an internal API on Mac.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15180 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix recursion-forcing rules to be more friendly to parallel builds
Tom Yu [Tue, 11 Feb 2003 17:19:00 +0000 (17:19 +0000)]
Fix recursion-forcing rules to be more friendly to parallel builds

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15179 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in: Another attempt... turns our that the "copy"
Tom Yu [Tue, 11 Feb 2003 05:13:49 +0000 (05:13 +0000)]
* Makefile.in: Another attempt... turns our that the "copy"
command on Windows preserves modtimes, so spurious rebuilds were
happening even with the stamp file, since the target in $(EHDRDIR)
is always out of date with respect to the stamp file.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15178 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix some things to avoid spurious rebuilds of header files
Tom Yu [Tue, 11 Feb 2003 03:53:18 +0000 (03:53 +0000)]
Fix some things to avoid spurious rebuilds of header files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15177 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (K4LIBS): Revert previous
Tom Yu [Tue, 11 Feb 2003 03:08:37 +0000 (03:08 +0000)]
* Makefile.in (K4LIBS): Revert previous

* krb5_32.def: Add afs_string_to_key, which is now needed by the
krb4 library.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15176 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * password_to_key.c (krb5_passwd_to_key): Replace snprintf() call
Tom Yu [Tue, 11 Feb 2003 03:08:21 +0000 (03:08 +0000)]
* password_to_key.c (krb5_passwd_to_key): Replace snprintf() call
with explicit length checking.

* memcache.c (krb4int_save_credentials_addr): Renamed from
krb_save_credentials().
(krb_save_credentials): Implement in terms of
krb4int_save_credentials_addr().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15175 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoVarious fixes to Windows build of krb4 library. Fix up KRB5_CALLCONV
Tom Yu [Tue, 11 Feb 2003 02:20:12 +0000 (02:20 +0000)]
Various fixes to Windows build of krb4 library.  Fix up KRB5_CALLCONV
on some new krb4 library functions.  Fix up library generation to
refer to des425.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15174 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix lots of things to compile on Unix. Fix some typos
Tom Yu [Tue, 11 Feb 2003 01:35:32 +0000 (01:35 +0000)]
Fix lots of things to compile on Unix.  Fix some typos

By means of carrying through local addresses in many places, eliminate
or reduce sections of code depending on TARGET_OS_MAC conditionals.

Conditionalize some prototypes in krb.h with KRB_PRIVATE, to avoid
leakage on Mac.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15173 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoNote: these checkins are partial progress for Tom Yu. They probably don't build;...
Alexandra Ellwood [Mon, 10 Feb 2003 22:11:35 +0000 (22:11 +0000)]
Note: these checkins are partial progress for Tom Yu. They probably don't build; Tom is expecting that.  *** CCache-glue.c: Removed copying of the string_to_key type in krb_save_credentials.  Saving the string_to_key type is unnecessary and was just for display purposes.  Will be removed for KfM 5.0. Updated to use KRB5_CALLCONV instead of INTERFACE and include the krb5's krb4 headers instead of the KfM ones.  *** change-password.c: Removed include of CredentialsCache.h and code that switches between string to key types.  This doesn't make sense for password changing because the krb4 protocol for password changing implemented here only supports mit's string to key.  Bug was in KfM and got ported forward.  Should the code call mit_password_to_key for all platforms? *** FSp-glue.c: Removed dependency on MoreFiles and replaced it with code to use FSRefs now that we are Carbon-only.  *** g_in_tkt.c: Added loop which calls password to key functions trying each one.  This technique was imported from KTH-KRB into KfM.  This code still needs to have the TARGET_OS_MAC code made more Unix friendly for Darwin builds.  The behavior differences (store the address or not) should be deferred until the very last moment to avoid excessive #ifdefs.  *** g_pw_in_tkt.c: Added loop which calls password to key functions trying each one.  This technique was imported from KTH-KRB into KfM.  *** krb4int.h: Added password-to-key.c functions so they can be used by g_in_tkt.c and g_pw_in_tkt.c.  *** password-to-key.c: Removed dependence on the CCAPI so this code can be used on all platforms to implement looping over the password to key functions.  *** RealmsConfig-glue.c: Changed to use #ifdef USE_CCAPI like is used elsewhere in the krb5 sources.  This is just for consistency in krb5

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15172 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoHave g_token_size return unsigned int for signed/unsigned cleanup
Ezra Peisach [Sun, 9 Feb 2003 15:20:24 +0000 (15:20 +0000)]
Have g_token_size return unsigned int for signed/unsigned cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15171 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * prompter.c (krb5_prompter_posix): Kill echo before printing
Tom Yu [Sat, 8 Feb 2003 09:51:01 +0000 (09:51 +0000)]
* prompter.c (krb5_prompter_posix): Kill echo before printing
prompt to avoid possible race conditions in test suite.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15170 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThanks; equivalent patch applied
Tom Yu [Sat, 8 Feb 2003 08:25:28 +0000 (08:25 +0000)]
Thanks; equivalent patch applied

* admin_server.c (kadm_listen): Zero sa_flags to avoid wonkiness.

ticket: 1304

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15169 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoChange comments to remove the note that we're going to redesign key
Tom Yu [Sat, 8 Feb 2003 08:12:46 +0000 (08:12 +0000)]
Change comments to remove the note that we're going to redesign key
storage architecture for 1.3.

ticket: 1193

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15168 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (all-unix): Remove kerberosIV/krb_err.h, as it was
Tom Yu [Fri, 7 Feb 2003 22:15:59 +0000 (22:15 +0000)]
* Makefile.in (all-unix): Remove kerberosIV/krb_err.h, as it was
causing spurious rebuilds of lots of stuff because it was
depending on all-recurse, which is always out of date.
(install-headers-unix): Also, no need to depend on
kerberosIV/krb_err.h here, since the kerberosIV subdirectory takes
care of it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15167 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (install): Fix typo in k5srvutil.M install rule
Tom Yu [Fri, 7 Feb 2003 21:41:20 +0000 (21:41 +0000)]
* Makefile.in (install): Fix typo in k5srvutil.M install rule

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15166 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix ABI divergence between Unix and Mac krb4 libraries in declaration
Tom Yu [Fri, 7 Feb 2003 21:39:44 +0000 (21:39 +0000)]
Fix ABI divergence between Unix and Mac krb4 libraries in declaration
of krb_err_txt by means of a gross hack.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15165 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * prompter.c (krb5_prompter_posix, setup_tty, restore_tty): Fix to
Tom Yu [Fri, 7 Feb 2003 04:15:22 +0000 (04:15 +0000)]
* prompter.c (krb5_prompter_posix, setup_tty, restore_tty): Fix to
use the actual file descriptor we dup()'ed to in case tcsetattr()
doesn't actually change the underlying device modes and instead
only affects the specific file descriptor.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15164 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAdd AES copyright and license
Ken Raeburn [Fri, 7 Feb 2003 01:11:32 +0000 (01:11 +0000)]
Add AES copyright and license

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15163 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAdd Yarrow, AES licenses
Ken Raeburn [Fri, 7 Feb 2003 01:10:51 +0000 (01:10 +0000)]
Add Yarrow, AES licenses

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15162 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSorry, forgot this ChangeLog on the last commit
Ken Hornstein [Thu, 6 Feb 2003 23:45:55 +0000 (23:45 +0000)]
Sorry, forgot this ChangeLog on the last commit

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15161 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* locate_kdc.c (translate_ai_error): Handle EAI_ADDRFAMILY like EAI_NONAME.
Ken Raeburn [Thu, 6 Feb 2003 23:13:07 +0000 (23:13 +0000)]
* locate_kdc.c (translate_ai_error): Handle EAI_ADDRFAMILY like EAI_NONAME.
(krb5int_add_host_to_list): Translate errors returned from the second
getaddrinfo call.

ticket: 1339
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15160 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAdd k5srvutil
Sam Hartman [Thu, 6 Feb 2003 20:05:41 +0000 (20:05 +0000)]
Add k5srvutil

Add a script called k5srvutil that allows easy manipulation of keytabs
for common tasks such as changing keys and deleting outdated keys.

ticket: 1191
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15159 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis is the integration of "fakeka" (a program to emulate a kaserver)
Ken Hornstein [Thu, 6 Feb 2003 19:58:18 +0000 (19:58 +0000)]
This is the integration of "fakeka" (a program to emulate a kaserver)
into the MIT distribution.  It's compilation is enabled with --enable-fakeka.

ticket: 1281

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15158 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (std_rqs.c): Depend on ct_c.sed and ct_c.awk
Ken Raeburn [Thu, 6 Feb 2003 00:51:42 +0000 (00:51 +0000)]
* Makefile.in (std_rqs.c): Depend on ct_c.sed and ct_c.awk

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15157 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * login.c (main): Don't zero out terminal window size
Tom Yu [Wed, 5 Feb 2003 21:39:33 +0000 (21:39 +0000)]
* login.c (main): Don't zero out terminal window size

ticket: 697

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15156 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (run-aes-test): Add $(RUN_SETUP) so that if
Ezra Peisach [Wed, 5 Feb 2003 20:05:17 +0000 (20:05 +0000)]
    * Makefile.in (run-aes-test): Add $(RUN_SETUP) so that if
        compiling only shared libraries, LD_LIBRARY_PATH is set for test.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15155 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * mkrel: Exclude .rconf files
Tom Yu [Wed, 5 Feb 2003 19:35:48 +0000 (19:35 +0000)]
* mkrel: Exclude .rconf files

ticket: 771

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15154 dc483132-0cff-0310-8789-dd5450dbe970

21 years agocomment
Tom Yu [Wed, 5 Feb 2003 04:57:46 +0000 (04:57 +0000)]
comment

* decomp_tkt.c (dcmp_tkt_int): Patch from Booker Bense to use
krb_get_lrealm() instead of copying KRB_REALM into prealm.

ticket: 710

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15153 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * default.exp (start_kerberos_daemons): Use correct argument to
Tom Yu [Wed, 5 Feb 2003 04:02:05 +0000 (04:02 +0000)]
* default.exp (start_kerberos_daemons): Use correct argument to
"-4" flag.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15152 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * prompter.c (krb5_prompter_posix): Rewrite to no longer use
Tom Yu [Wed, 5 Feb 2003 03:57:22 +0000 (03:57 +0000)]
* prompter.c (krb5_prompter_posix): Rewrite to no longer use
longjmp(), as well as to get a non-buffered stdio stream on stdin
to avoid passwords staying around in stdio buffers.  This does
have the side effect of possibly losing pre-buffered input from an
application that reads from stdin using stdio functions prior to
calling the prompter, but hopefully those are rare.

ticket: 673
ticket: 680

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15151 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoGet addressless tickets by default
Sam Hartman [Tue, 4 Feb 2003 22:12:00 +0000 (22:12 +0000)]
Get addressless tickets by default

By default Kerberos obtains addressless tickets.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15150 dc483132-0cff-0310-8789-dd5450dbe970

21 years agodisable krb4 by default
Sam Hartman [Tue, 4 Feb 2003 22:07:38 +0000 (22:07 +0000)]
disable krb4 by default

By default, we disable krb4 in the KDC.  This means that -4 none is
the default mode.

Krb4 is reenabled for the dejagnu tests.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15149 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * login.c (dofork): Don't dissociate from controlling tty in the
Tom Yu [Tue, 4 Feb 2003 03:48:55 +0000 (03:48 +0000)]
* login.c (dofork): Don't dissociate from controlling tty in the
parent, since the parent needs to remain the session leader so it
can tell when the tty gets hung up.  Make the child wait for the
parent to set up a SIGHUP handler to ensure that cleanup happens
properly.

ticket: 608

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15148 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate dependencies
Ken Raeburn [Mon, 3 Feb 2003 22:13:26 +0000 (22:13 +0000)]
update dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15147 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago*** empty log message ***
Ken Raeburn [Mon, 3 Feb 2003 22:12:34 +0000 (22:12 +0000)]
*** empty log message ***

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15146 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove placeholder file that shouldn't have been checked in
Ken Raeburn [Mon, 3 Feb 2003 22:12:18 +0000 (22:12 +0000)]
Remove placeholder file that shouldn't have been checked in

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15145 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoBuild and link in AES crypto code (but don't define the enctype yet).
Ken Raeburn [Mon, 3 Feb 2003 22:09:09 +0000 (22:09 +0000)]
Build and link in AES crypto code (but don't define the enctype yet).
Build and link in PBKDF2 function.
Add ciphertext stealing tests.
Update various tests to correspond with IETF crypto draft.

* aes: New directory, containing AES implementation from Brian Gladstone,
tweaked a little for the krb5 build system.
* configure.in: Build its makefile.
* Makefile.in (LOCAL_SUBDIRS, LOCALINCLUDES, STOBJLISTS, SUBDIROBJLISTS): Add
aes entries.

* t_cts.c: New test file.
* Makefile.in (EXTRADEPSRCS): Add t_cts.
(t_cts$(EXEEXT)): New rule.

* Makefile.in (SRCS, OBJS, STLIBOBJS): Add pbkdf2.
(EXTRADEPSRCS): Remove pbkdf2.c.
(t_pkcs5$(EXEEXT)): Don't list pbkdf2.$(OBJEXT).

* t_nfold.c (fold_kerberos): New function.
(main): Call it with different lengths.
* vectors.c: Include ctype.h and hash_provider.h.
(test_nfold, test_mit_des_s2k, test_s2k, test_dr_dk): Test case data now static
and const.
(test_nfold): Add "Q" and "ba" tests from Simon Josefsson.
(GCLEF): New macro.
(test_mit_des_s2k): Add GCLEF test case.  Fill in "key" at run time, not as
initialization.
(test_s2k): Added GCLEF test case.
(krb5int_enc_aes128, krb5int_enc_aes256): Declare.
(combine_keys, test_des3_combine, k5_des3_make_key): Functions deleted.
(whoami): New variable.
(printd, printk): New functions.
(test_pbkdf2): New function.
(main): Initialize whoami.  Test nfold only for now.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15144 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* aes.c: New file.
Ken Raeburn [Mon, 3 Feb 2003 21:53:59 +0000 (21:53 +0000)]
* aes.c: New file.
* Makefile.in (STLIBOBJS, OBJS, SRCS): Include it.
(LOCALINCLUDE): Add aes source dir.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15143 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMake l40 static
Sam Hartman [Mon, 3 Feb 2003 21:38:06 +0000 (21:38 +0000)]
Make l40 static

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15142 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAES implementation by Briad Gladman; tweaked for krb5 tree
Ken Raeburn [Mon, 3 Feb 2003 21:10:25 +0000 (21:10 +0000)]
AES implementation by Briad Gladman; tweaked for krb5 tree

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15141 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (clean-windows): Remove $(GENS).
Ken Raeburn [Sat, 1 Feb 2003 00:35:08 +0000 (00:35 +0000)]
* Makefile.in (clean-windows): Remove $(GENS).
(krb524_err.c): Depend on krb524_err.et.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15140 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kcmd.c (v4_des_write): Apply patch from ghudson to fix
Tom Yu [Fri, 31 Jan 2003 05:50:29 +0000 (05:50 +0000)]
* kcmd.c (v4_des_write): Apply patch from ghudson to fix
non-right-justification case.

ticket: 620

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15139 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* login.c (main): Initialize 'hostname'
Ken Raeburn [Fri, 31 Jan 2003 00:43:50 +0000 (00:43 +0000)]
* login.c (main): Initialize 'hostname'

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15138 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* login.c (try_krb4): Delete unused krb5 principal name argument.
Ken Raeburn [Fri, 31 Jan 2003 00:41:17 +0000 (00:41 +0000)]
* login.c (try_krb4): Delete unused krb5 principal name argument.
(main): Don't pass it.

ticket: 479

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15137 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoChange to use more appropriate sample domains and IPs
Sam Hartman [Thu, 30 Jan 2003 20:31:23 +0000 (20:31 +0000)]
Change to use more appropriate sample domains and IPs

ticket: 175

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15136 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst, krb_realmofhost):
Ken Raeburn [Tue, 28 Jan 2003 23:30:02 +0000 (23:30 +0000)]
* RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst, krb_realmofhost):
Use strcpy instead of strncpy.

ticket: 1339
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15135 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb4 library breaks old krb_get_admhst API
Ken Raeburn [Mon, 27 Jan 2003 20:45:03 +0000 (20:45 +0000)]
krb4 library breaks old krb_get_admhst API

* RealmsConfig-glue.c (krb_get_admhst): Use strcpy instead of
strncpy, and max length of MAX_HSTNM.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15134 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * parse.c: Include errno.h for declaration of errno
Ezra Peisach [Fri, 24 Jan 2003 04:44:43 +0000 (04:44 +0000)]
   * parse.c: Include errno.h for declaration of errno

glibc 2.3.1 declares errno as a macro - so must include header file
before use.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15133 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* default.exp (start_kerberos_daemons): Record more information when "tail -f"
Ken Raeburn [Thu, 23 Jan 2003 17:42:46 +0000 (17:42 +0000)]
* default.exp (start_kerberos_daemons): Record more information when "tail -f"
doesn't show the mark written to the log file.  Look for and discard
non-matching lines.
(setup_root_shell): Ignore the message displayed by rlogin when a connection is
refused to one address but other addresses are available.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15132 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (all-unix, install): Build and install kadm_err.h.
Ken Raeburn [Wed, 22 Jan 2003 21:34:00 +0000 (21:34 +0000)]
* Makefile.in (all-unix, install): Build and install kadm_err.h.
(install-headers-unix): Install both generated header files.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15131 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoTimestamp preauth should return clock skew errors
Sam Hartman [Tue, 21 Jan 2003 19:02:58 +0000 (19:02 +0000)]
Timestamp preauth should return clock skew errors

When the user supplies the correct password, but has a timestamp that
is out of bounds, the server should reply with a clock skew error
rather than a preauth required error.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and
Ken Raeburn [Fri, 17 Jan 2003 23:55:43 +0000 (23:55 +0000)]
* krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and
krb5_decrypt_tkt_part, for GSSAPI.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15129 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse new target create-ehdrdir, defined differently for UNIX and WIN32, to
Ken Raeburn [Fri, 17 Jan 2003 23:28:59 +0000 (23:28 +0000)]
Use new target create-ehdrdir, defined differently for UNIX and WIN32, to
conditionally create the target directory $(EHDRDIR) if needed, before copying
files into it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15128 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* krb5.hin (krb5_mk_req_checksum_func): Fix Windows calling convention syntax
Ken Raeburn [Fri, 17 Jan 2003 23:22:10 +0000 (23:22 +0000)]
* krb5.hin (krb5_mk_req_checksum_func): Fix Windows calling convention syntax

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15127 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* prof_file.c (profile_flush_file_data): [_WIN32]: Don't call sync
Ken Raeburn [Fri, 17 Jan 2003 23:19:47 +0000 (23:19 +0000)]
* prof_file.c (profile_flush_file_data): [_WIN32]: Don't call sync

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15126 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
Ken Raeburn [Fri, 17 Jan 2003 18:46:15 +0000 (18:46 +0000)]
* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
the directory is created before installation of the file.
($(EHDRDIR)$(S)gssapi_generic.h): Likewise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15125 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
Ken Raeburn [Wed, 15 Jan 2003 23:52:04 +0000 (23:52 +0000)]
* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
cast it to pointer to unsigned long.  Change ld.so warning message check to be
byte-order independent.
* krb4int.h (krb_net_rd_sendauth): Decl updated.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15124 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis is the last piece of the KfM merge
Tom Yu [Wed, 15 Jan 2003 21:37:26 +0000 (21:37 +0000)]
This is the last piece of the KfM merge

* CCache-glue.c: New file from KfM.

ticket: 1189

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15123 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse "standard" error table processing rules
Ken Raeburn [Wed, 15 Jan 2003 03:31:47 +0000 (03:31 +0000)]
Use "standard" error table processing rules

* Makefile.in (krb_err.et, kadm_err.et): New intermediate targets; copy files
from lib/krb4.
(krb_err.h, kadm_err.h): Delete actions, use patterns in pre.in.
(clean-unix): Delete these generated files.

ticket: 1209
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15122 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (check-unix): Invoke t_krbconf instead of struggling
Ezra Peisach [Tue, 14 Jan 2003 19:08:21 +0000 (19:08 +0000)]
* Makefile.in (check-unix): Invoke t_krbconf instead of struggling
with differing versions of make's quoting of \ and $.

* t_krbconf: Small shell script to test krb5-config.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15121 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (check-unix): Test to see if krb5-config outputs
Ezra Peisach [Mon, 13 Jan 2003 23:00:58 +0000 (23:00 +0000)]
* Makefile.in (check-unix): Test to see if krb5-config outputs
variables that require Makefile substitutions.

* krb5-config.in: Remore $(PURE) from output. Handle variables
$(RPATH_FLAG) and $(LDFLAGS).

If config/shlib.conf is changed again, we will detect brokeness in
krb5-config before the release.

ticket: 1311

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15120 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* profile.pbexp: New file
Ken Raeburn [Mon, 13 Jan 2003 22:16:21 +0000 (22:16 +0000)]
* profile.pbexp: New file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15119 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* prof_int.h (SHARE_TREE_DATA): Define only on Mac
Ken Raeburn [Mon, 13 Jan 2003 22:11:14 +0000 (22:11 +0000)]
* prof_int.h (SHARE_TREE_DATA): Define only on Mac

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15118 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis should be all that remains of the 1-2-2-branch merge; some
Tom Yu [Mon, 13 Jan 2003 04:51:26 +0000 (04:51 +0000)]
This should be all that remains of the 1-2-2-branch merge; some
additional sanity-checking of merge needed though.

* krb5_32.def: Merge from 1-2-2-branch.

ticket: 1177
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15117 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokadm5_get_either leaks memory
Ezra Peisach [Sun, 12 Jan 2003 18:17:02 +0000 (18:17 +0000)]
kadm5_get_either leaks memory

* svr_iters.c (kadm5_get_either): For POSIX_REGEXPS
(i.e. regcomp), call regfree() to cleanup memory.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15116 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMemory leak in krb5_send_tgs()
Ezra Peisach [Sun, 12 Jan 2003 18:02:03 +0000 (18:02 +0000)]
Memory leak in krb5_send_tgs()

* send_tgs.c (krb5_send_tgs): Free memory leak of TGS_REQ.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15115 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more
Ezra Peisach [Sun, 12 Jan 2003 17:36:53 +0000 (17:36 +0000)]
* svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more
than once, do not double free memory.

* clnt_perror.c (clnt_sperror): Do not write past end of allocated
buffer.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15114 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kdc_util.h, replay.c, main.c: Pass global krb5_context to
Ezra Peisach [Sun, 12 Jan 2003 13:07:49 +0000 (13:07 +0000)]
* kdc_util.h, replay.c, main.c: Pass global krb5_context to
kdc_free_lookaside() instead of per realm one - which has been
freed by time invoked.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15113 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kdc5_hammer.c (verify_cs_pair): Use krb5_free_creds() instead of
Ezra Peisach [Sun, 12 Jan 2003 13:03:35 +0000 (13:03 +0000)]
* kdc5_hammer.c (verify_cs_pair): Use krb5_free_creds() instead of
krb5_free_cred_contents() to cleanup memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15112 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSearch for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather than
Ken Raeburn [Fri, 10 Jan 2003 23:19:01 +0000 (23:19 +0000)]
Search for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather than
explicitly in directories using those macros.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15111 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse passwd entry for ~ expansion if $HOME isn't set.
Ken Raeburn [Fri, 10 Jan 2003 22:42:05 +0000 (22:42 +0000)]
Use passwd entry for ~ expansion if $HOME isn't set.
Also fix a minor logic bug in checking file access.

ticket: 1237
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15110 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* server.c: Include port-sockets.h
Ken Raeburn [Fri, 10 Jan 2003 19:20:32 +0000 (19:20 +0000)]
* server.c: Include port-sockets.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15109 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMove socklen_t and sockaddr_storage definitions to port-sockets.h
Ken Raeburn [Fri, 10 Jan 2003 19:10:30 +0000 (19:10 +0000)]
Move socklen_t and sockaddr_storage definitions to port-sockets.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15108 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse markers in Makefile.in rather than rules in configure.in to indicate when
Ken Raeburn [Fri, 10 Jan 2003 05:55:49 +0000 (05:55 +0000)]
Use markers in Makefile.in rather than rules in configure.in to indicate when
to use the lib.in and libobj.in makefile fragments.  Pushing this per-directory
info into Makefile.in will make it a little easier to work on combining
configure scripts for multiple directories.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15107 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoPatch to get new service tickets in preference to using expired
Sam Hartman [Fri, 10 Jan 2003 01:23:49 +0000 (01:23 +0000)]
Patch to get new service tickets in preference to using expired
service tickets in krb5_get_credentials.

Ticket: 1260

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15106 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse socklen_t when passing address to socket functions.
Ken Raeburn [Fri, 10 Jan 2003 00:14:16 +0000 (00:14 +0000)]
Use socklen_t when passing address to socket functions.
Fixes compilation warnings on AIX 4.3.3.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15105 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought
Ken Raeburn [Thu, 9 Jan 2003 23:55:06 +0000 (23:55 +0000)]
AIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought

* fake-addrinfo.h (getaddrinfo) [_AIX]: Always overwrite sa_family and sa_len
fields, since sa_family at least may be non-zero *and* wrong.
(protoname, socktypename, familyname, debug_dump_getaddrinfo_args,
debug_dump_error, debug_dump_error, debug_dump_addrinfos) [DEBUG_ADDRINFO]: New
debugging functions.
(fake_getaddrinfo, getaddrinfo) [DEBUG_ADDRINFO]: Use them.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15104 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoBetween the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
Sam Hartman [Thu, 9 Jan 2003 21:12:34 +0000 (21:12 +0000)]
Between the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
changed.  People seem to use this sample for interop testing, so
support for the old protocol is needed.

This commit adds a -v1 flag to the gss-client that will use the old
protocol.

The server does not yet support the old protocol, so  the ticket remains open.

Ticket: 881
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15103 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (DEFINES): New variable. Define HAS_STDARG for Tcl headers
Ken Raeburn [Thu, 9 Jan 2003 01:28:30 +0000 (01:28 +0000)]
* Makefile.in (DEFINES): New variable.  Define HAS_STDARG for Tcl headers

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15102 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoTry to do atomic file swap on UNIX when updating profile
Ken Raeburn [Thu, 9 Jan 2003 00:20:20 +0000 (00:20 +0000)]
Try to do atomic file swap on UNIX when updating profile

* prof_file.c (make_hard_link): New function.
(profile_flush_file_data): Use it to attempt a safe profile file replacement.

ticket: 1301
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15101 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSupport \r as additional line separator on Mac OS X
Ken Raeburn [Thu, 9 Jan 2003 00:17:27 +0000 (00:17 +0000)]
Support \r as additional line separator on Mac OS X

* prof_parse.c (profile_parse_file) [PROFILE_SUPPORTS_FOREIGN_NEWLINES]: Look
for \r and treat it as a line break.
* prof_int.h: Don't include prof_err.h.
(PROFILE_SUPPORTS_FOREIGN_NEWLINES) [macintosh]: Define new macro.

ticket: 1237
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15100 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoPreviously fwd_tgt_creds required either that the hostname be passed
Sam Hartman [Wed, 8 Jan 2003 23:49:33 +0000 (23:49 +0000)]
Previously fwd_tgt_creds required either that the hostname be passed
in or that the principal be a host-based service.  This means you
cannot for example forward tickets to a GSSAPI user-based service.

The requirement to get the hostname is only needed in cases where
addressless tickets are not used.  So when addressless tickets are
used, do not require the hostname.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15099 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * fake-addrinfo.h (freeaddrinfo): Back out 1/3/03 change. ANSI
Ezra Peisach [Wed, 8 Jan 2003 21:50:21 +0000 (21:50 +0000)]
* fake-addrinfo.h (freeaddrinfo): Back out 1/3/03 change. ANSI
does not require it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15098 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago2003-01-08 Sam Hartman <hartmans@mit.edu>
Sam Hartman [Wed, 8 Jan 2003 20:16:07 +0000 (20:16 +0000)]
2003-01-08  Sam Hartman  <hartmans@mit.edu>

* krb5.hin :  Move KRB5_CALLCONV specifier for
krb5_mk_req_checksum_func to right place

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15097 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMore const for ops tables
Ken Raeburn [Wed, 8 Jan 2003 03:55:40 +0000 (03:55 +0000)]
More const for ops tables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15096 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* sendto_kdc.c (state_strings): Now const
Ken Raeburn [Wed, 8 Jan 2003 03:51:50 +0000 (03:51 +0000)]
* sendto_kdc.c (state_strings): Now const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15095 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMore const for ops tables
Ken Raeburn [Wed, 8 Jan 2003 03:51:03 +0000 (03:51 +0000)]
More const for ops tables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15094 dc483132-0cff-0310-8789-dd5450dbe970