Tom Yu [Tue, 23 Mar 2004 22:20:17 +0000 (22:20 +0000)]
oops, save file first this time
krb5-1.3.3-beta1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16206
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 23 Mar 2004 22:19:40 +0000 (22:19 +0000)]
krb5-1.3.3-beta1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16205
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Mar 2004 22:07:20 +0000 (22:07 +0000)]
* pbkdf2.c (hmac1): Make a local copy of the supplied keyblock structure, in
case we want to modify it.
ticket: 2453
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16202
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Mar 2004 22:00:02 +0000 (22:00 +0000)]
* network.c (delete_fd): Free pointed-to data after removing it from the
connection set.
(kill_tcp_connection): Move delete_fd call to the end.
(accept_tcp_connection): Decrement connection counter again if we drop the
incoming connection for lack of buffer space.
ticket: 2384
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16201
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Mar 2004 20:28:49 +0000 (20:28 +0000)]
* sendto_kdc.c (get_so_error): New function.
(service_tcp_fd): Call it for write fds as well as exception fds.
ticket: 2426
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16199
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Mar 2004 05:01:43 +0000 (05:01 +0000)]
* sendto_kdc.c (krb5int_sendto): Initialize select_state.end_time
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16198
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Mar 2004 05:00:13 +0000 (05:00 +0000)]
* t_crc.c (timetest): Free 'block' before returning.
(verify): Fix minor type error in call to gethexstr.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16197
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 21 Mar 2004 02:09:21 +0000 (02:09 +0000)]
* rel_cred.c (krb5_gss_release_cred): Create and destroy a local krb5 context.
* rel_name.c (krb5_gss_release_name): Likewise.
* val_cred.c (krb5_gss_validate_cred): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16196
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 21 Mar 2004 01:56:39 +0000 (01:56 +0000)]
One less kg_get_context call..
* ovsec_kadmd.c (main): Use any handy krb5 context to register the KDB keytab
type, we don't need to pluck it out of the GSSAPI krb5 mechanism.
(gctx): Variable deleted.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16195
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 19 Mar 2004 23:27:46 +0000 (23:27 +0000)]
log for export/import_name changes I accidentally checked in with another change
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16194
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 19 Mar 2004 23:26:11 +0000 (23:26 +0000)]
back out a change I didn't mean to check in
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16193
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 19 Mar 2004 23:25:17 +0000 (23:25 +0000)]
acquire_cred.c: revert previous change, it breaks the test suite
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16192
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 19 Mar 2004 09:33:57 +0000 (09:33 +0000)]
* acquire_cred.c (krb5_gss_acquire_cred): Create and destroy a local krb5
context.
* add_cred.c (krb5_gss_add_cred): Likewise.
* compare_name.c (krb5_gss_compare_name): Likewise.
* copy_ccache.c (gss_krb5_copy_ccache): Likewise.
* disp_name.c (krb5_gss_display_name): Likewise.
* duplicate_name.c (krb5_gss_duplicate_name): Likewise.
* inq_cred.c (krb5_gss_inquire_cred): Likewise.
* context_time.c (krb5_gss_context_time): Use the krb5 context in the GSS
security context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16187
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 19 Mar 2004 07:25:08 +0000 (07:25 +0000)]
Return ERROR_FCC_NOFILE when the principal cannot be determined during
calls to krb5_lcc_resolve()
ticket: 2430
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16186
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 19 Mar 2004 06:56:43 +0000 (06:56 +0000)]
* cc_mslsa.c:
Add missing return statements in krb5_lcc_start_seq_get()
* cc-int.h:
New file - Add prototypes for cc internal functions
* cc_retr.c - include cc-int.h
ticket: new
target_version: 1.3.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16185
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 18 Mar 2004 16:49:33 +0000 (16:49 +0000)]
krb5_sendto_kdc passing improper argument to krb5_locate_kdc
* sendto_kdc.c (krb5_sendto_kdc): Change passing pointer to value of
use_master parameter to krb5_locate_kdc.
Error was introduced in 2/26 code change.
ticket: new
tags: pullup
target_version: next
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16184
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 03:07:22 +0000 (03:07 +0000)]
Thread-safe manipulation of registered error-table list
* error_message.c: Include k5-thread.h.
(_et_list): Now always static.
(et_list_lock): New mutex.
(error_message): Lock it while manipulating the table lists.
(add_error_table, remove_error_table): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16183
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 02:59:17 +0000 (02:59 +0000)]
* aclocal.m4: Include acx_pthread.m4.
(KRB5_AC_ENABLE_THREADS): New macro.
(CONFIG_RULES): Invoke it. Use AC_REQUIRE to get topdir set early.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16182
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 02:55:48 +0000 (02:55 +0000)]
* ac-archive: New directory.
* ac-archive/README: New file.
* ac-archive/acx_pthread.m4: New file, data taken from autoconf macro archive
at sourceforge.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16181
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 02:16:06 +0000 (02:16 +0000)]
* derive.c (krb5_random2key): Don't compile.
* dk.h (krb5_derive_random): Declare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16180
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 02:09:40 +0000 (02:09 +0000)]
* prng.c (krb5int_prng_cleanup): Renamed from prng_cleanup.
* crypto_libinit.c: Include k5-int.h.
(cryptoint_cleanup_library): Updated call.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16179
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Mar 2004 02:03:15 +0000 (02:03 +0000)]
* error.c (ss_error): Always use ANSI C form. Don't try to hide the
declaration in the header file.
* ss.h: Always use the prototype forms of declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16178
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 15 Mar 2004 20:06:29 +0000 (20:06 +0000)]
Free unparsed names in SAM response handling
Ticket: 2219
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16173
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 15 Mar 2004 17:45:01 +0000 (17:45 +0000)]
* k5seal.c (kg_seal): Extract the krb5 context from the security context
instead of requiring it be passed in as an argument.
* k5unseal.c (kg_unseal): Likewise.
* gssapiP_krb5.h (kg_seal, kg_unseal): Declarations updated.
* delete_sec_context.c, process_context_token.c, seal.c, sign.c, unseal.c,
verify.c: Callers changed.
* inq_context.c (krb5_gss_inquire_context): Use krb5 context contained in
security context instead of calling kg_get_context.
* wrap_size_limit.c (krb5_gss_wrap_size_limit): Likewise.
* import_sec_context.c (krb5_gss_ser_init): New function.
(krb5_gss_import_sec_context): Create a krb5 context locally to use for the
import.
* export_sec_context.c (krb5_gss_export_sec_context): Use the krb5 context in
the security context.
* gssapiP_krb5.h (krb5_gss_ser_init): Declare.
* gssapi_krb5.c (kg_get_context): Don't call krb5 serialization initialization
code here.
* accept_sec_context.c (krb5_gss_accept_sec_context): Free the new krb5 context
in an error case not caught before.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16171
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 15 Mar 2004 02:05:11 +0000 (02:05 +0000)]
* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Add a krb5 context object.
* init_sec_context.c (krb5_gss_init_sec_context): Create a new krb5 context,
and store it in the security context if successful. If there's already a
security context, use the krb5 context in it.
* accept_sec_context.c (krb5_gss_accept_sec_context): Create a new krb5
context, and store it in the security context if successful.
* delete_sec_context.c (krb5_gss_delete_sec_context): If the security context
has a krb5 context, free it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16170
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 15 Mar 2004 01:36:42 +0000 (01:36 +0000)]
Set new variable portbase to supplied $PORTBASE or a default.
Use it to compute all port numbers.
This should help reduce conflicts between multiple simultaneous test
runs, if they supply different $PORTBASE values.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16169
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 08:14:51 +0000 (08:14 +0000)]
* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete fields init_token and
testing_unknown_tokid.
* init_sec_context.c (new_connection): Drop support (already inside "#if 0")
for them.
(krb5_gss_init_sec_context): Drop support for testing_unknown_tokid.
(mutual_auth): Don't let major_status be used uninitialized.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16168
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 07:08:40 +0000 (07:08 +0000)]
Add a mutex to protect the set manipulations
* gssapiP_generic.h: Include k5-thread.h.
(g_set): Add a mutex.
(G_SET_INIT): Initialize it.
* util_validate.c (g_save, g_validate, g_delete): Lock the mutex while working
on the set. (BDB version untested.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16167
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 06:47:13 +0000 (06:47 +0000)]
Make the set type separate from the set-element (linked list node) type
* generic/gssapiP_generic.h (g_set): New struct type.
(G_SET_INIT): New macro.
* generic/util_validate.c (g_save, g_validate, g_delete): Change first argument
to take a g_set * rather than void **; use the address of the void pointer from
the structure.
(g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name,
g_validate_cred_id, g_validate_ctx_id, g_delete_name, g_delete_cred_id,
g_delete_ctx_id): Updated first argument type.
* genericgssapiP_generic.h: Declarations updated.
* krb5/gssapi_krb5.c (kg_vdb): Change type to g_set and initialize.
* krb5/gssapiP_krb5.h (kg_vdb): Declaration updated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16166
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 05:31:43 +0000 (05:31 +0000)]
* gssapiP_generic.h (struct _g_set_elt, g_set_elt): Renamed from non-_elt
versions.
* util_set.c, util_validate.c: Uses updated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16165
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 05:10:06 +0000 (05:10 +0000)]
Make sure autoconf.h is updated early, since it's needed by the thread support
* Makefile.in (update-autoconf-h): New target. Checks that
include/krb5/autoconf.h is current.
(all-prerecurse): Depend on it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16164
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 14 Mar 2004 04:27:08 +0000 (04:27 +0000)]
Change profile code over to new thread macros, and enable data sharing always
* prof_int.h: Include k5-thread.h. Don't include sys/types.h and pthread.h.
(SHARE_TREE_DATA): Always define.
(USE_PTHREADS): Don't define.
(prof_mutex_lock, prof_mutex_unlock): Deleted.
(struct global_shared_profile_data): Change mutex to use k5_mutex_t instead of
pthread_mutex_t.
(g_shared_trees_mutex): Don't conditionalize on USE_PTHREADS.
* prof_file.c (krb5int_profile_shared_data): Initialize mutex.
(profile_open_file, profile_dereference_data): Use new mutex macros. Check
return status when locking. Fix a potential memory leak in an error case.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16163
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Tue, 9 Mar 2004 19:21:53 +0000 (19:21 +0000)]
Fix missing case for get_init_creds API change
Fix a case I missed in my original patch for the krb5_get_init_creds API change.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16162
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 8 Mar 2004 09:00:17 +0000 (09:00 +0000)]
* pre.in (top_srcdir): Define, set by configure
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16161
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Mar 2004 07:58:17 +0000 (07:58 +0000)]
* prof_get.c (profile_parse_boolean): Declare first argument as
const char *.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16160
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 Mar 2004 07:38:35 +0000 (07:38 +0000)]
Missing prototype for gss_krb5int_unseal_token_v3
gssapiP_krb5.h: Add prototype for gss_krb5int_unseal_token_v3.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16159
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 8 Mar 2004 07:20:55 +0000 (07:20 +0000)]
Change subdir processing so that SUBDIRS will contain the configured
subdirs only for the makefile in the directory with the configure
script, and will have only $(LOCAL_SUBDIRS) elsewhere. Drop the use
of "MY_SUBDIRS=." to override SUBDIRS in favor of this way of keeping
SUBDIRS empty. Drop other uses of MY_SUBDIRS in favor of
LOCAL_SUBDIRS or (in one case, the top level) overriding the SUBDIRS
setting from pre.in.
One less thing to keep tweaking as configure scripts get reorganized
and merged.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16158
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 8 Mar 2004 05:52:51 +0000 (05:52 +0000)]
note, in comments, some per-directory variables autoconf sets
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16157
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 8 Mar 2004 04:06:32 +0000 (04:06 +0000)]
* aclocal.m4 (AC_KRB5_TCL_FIND_CONFIG): Look for tclConfig.sh in
the specified directory if it's not in a "lib" subdirectory.
(AC_KRB5_TCL): If no pathname is supplied and tclConfig.sh isn't
found in /usr/lib, try running a script under tclsh to see if it
can supply the pathname for tclConfig.sh.
This allows the configure script to find /System/Library/Tcl/8.3/tclConfig.sh
on Jaguar.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16156
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 7 Mar 2004 09:26:48 +0000 (09:26 +0000)]
* configure.in: Move test for setupterm back down below addition of
termcap/curses libraries.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16155
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 03:17:53 +0000 (03:17 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16154
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 03:16:02 +0000 (03:16 +0000)]
For keytab, ccache, and rcache type registries, use const more, and
use a mutex to protect manipulation of the lists.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16153
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 02:19:35 +0000 (02:19 +0000)]
fix debug initializer and copyright
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16152
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 01:50:12 +0000 (01:50 +0000)]
* reconf: Delete autom4te.cache directories after running autoreconf
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16151
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 00:54:48 +0000 (00:54 +0000)]
* lock_file.c (krb5_lock_file): Initialize flock data on entry, but don't
bother with a static version to copy from.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16150
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 00:45:33 +0000 (00:45 +0000)]
Use more const data in the keytab type registry
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16149
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 6 Mar 2004 00:28:03 +0000 (00:28 +0000)]
* k5-thread.h: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16148
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 5 Mar 2004 21:13:22 +0000 (21:13 +0000)]
Merge configuration of kdc, krb524, and slave directories into top
level configure script.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16147
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 4 Mar 2004 11:21:28 +0000 (11:21 +0000)]
* configure.in: Don't invoke macros for library build support. Don't look for awk
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16146
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 4 Mar 2004 10:55:00 +0000 (10:55 +0000)]
* configure.in: Don't check for --enable-athena and don't define ATHENA_DES3_KLUDGE
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16145
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 4 Mar 2004 10:25:12 +0000 (10:25 +0000)]
Configure telnet using one script instead of four
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16144
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 3 Mar 2004 08:14:26 +0000 (08:14 +0000)]
fix typo
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16143
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 3 Mar 2004 08:13:20 +0000 (08:13 +0000)]
don't get a krb5_context for the routines that don't need it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16142
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 3 Mar 2004 05:54:53 +0000 (05:54 +0000)]
minor formatting, mostly whitespace
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16141
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 3 Mar 2004 05:48:40 +0000 (05:48 +0000)]
* rc_base.c: Delete unused and untested semaphore support
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16140
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 28 Feb 2004 00:35:01 +0000 (00:35 +0000)]
* gic_pwd.c (krb5_get_in_tkt_with_password): Fix a case Jeff missed
ticket: 2296
version_fixed:
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16139
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Feb 2004 21:48:32 +0000 (21:48 +0000)]
* lib/helpers.exp (expect_kadm_ok): Check for eof and report a specific error
for that case.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16138
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 27 Feb 2004 05:24:39 +0000 (05:24 +0000)]
As discussed on the krbdev mailing list, krb5_get_init_creds_password()
suffered from a behavior in which it would unintentionally query a master
KDC twice if in fact the KDC queried when krb5int_sendto() was called
with use_master = 0 was in fact the master. This resulted in more than
an additional protocol operation. There were two negative side effects.
First, in the case of an incorrect password there would be two counts
against the max retry attempts. Second, in the case of hardware pre-auth
and an expired password, the user would be asked to enter their expired
password twice before being told it was expired.
This has been fixed by changing the use_master parameter into an in/out
parameter and modifying krb5int_sendto() to indicate which KDC it received
the response from. This allows the use_master parameter to be set to
indicate whether or not the response came from a master KDC regardless
of whether a master KDC was requested.
ticket: new
target_version: next
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16137
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 27 Feb 2004 05:04:59 +0000 (05:04 +0000)]
* gss-client.c: change if (this) if (that) => if (this && that)
ticket: new
target_version: next
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16136
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 23:27:49 +0000 (23:27 +0000)]
fix GET{SOCK,PEER}NAME_ARG{2,3}_TYPE lossage I created
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16135
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 26 Feb 2004 22:10:39 +0000 (22:10 +0000)]
fix typos
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16134
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 26 Feb 2004 21:52:00 +0000 (21:52 +0000)]
Set context flags after calling krb5_rd_req so that the replay cache is set up
Ticket: 2284
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16129
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 05:16:02 +0000 (05:16 +0000)]
Move apputils dir from util to lib, to get its proper place in the
build process (after include).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16128
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 04:35:09 +0000 (04:35 +0000)]
* rcp.exp (stop_rsh_daemon): Check for any output before eof, causing any such
info to be dumped into the debug log.
* rsh.exp (stop_rsh_daemon): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16127
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 04:20:43 +0000 (04:20 +0000)]
* gssapi.exp (doit): Fix typo in log message
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16126
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 04:19:23 +0000 (04:19 +0000)]
* default.exp (passes): Add "mode=udp" to existing pass specifications. Add a
new pass which does AES and "mode=tcp".
(setup_kerberos_files, setup_krb5_conf): Check global var "mode" and use it to
force UDP or TCP communication between client and KDC. Also, have clients try
another random port where we don't expect anything to be listening.
ticket: 2285
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16125
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 03:43:00 +0000 (03:43 +0000)]
* network.c (setup_a_tcp_listener): Call setreuseaddr before calling bind.
(setup_tcp_listener_ports): Don't call setreuseaddr. Log info about socket
option IPV6_V6ONLY in unsupported and success cases.
ticket: 2285
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16124
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 26 Feb 2004 00:38:01 +0000 (00:38 +0000)]
* sendto_kdc.c (start_connection): Close socket if connect() call fails for an
unexpected reason.
ticket: 2277
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16123
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 24 Feb 2004 21:07:22 +0000 (21:07 +0000)]
Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1
Previously, MIT had support for a version of the des3 enctype with a
32-bit length prepended to encrypted data. Remove that support. This
is non-standard and is no longer needed even at MIT.
Ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16122
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 20:01:08 +0000 (20:01 +0000)]
dependency updates
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16121
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 19:46:02 +0000 (19:46 +0000)]
ignore generated shared libraries
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 19:36:31 +0000 (19:36 +0000)]
ignore some more generated files
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16119
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 19:24:25 +0000 (19:24 +0000)]
Move daemon.c into a new library of utility routines for linking our programs
against but which we don't want to install as a separate library.
Change Kerberos and application servers to link against the library if they
might need the replacement daemon() function.
Add a dummy file to the library in case daemon() is not needed, so we don't
have an empty library, which we may not handle properly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16118
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 17:49:03 +0000 (17:49 +0000)]
ignore fakedest dir
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16117
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 17:48:45 +0000 (17:48 +0000)]
ignore generated krb524 error table code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16116
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 17:48:26 +0000 (17:48 +0000)]
ignore files created during testing
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16115
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Feb 2004 17:47:56 +0000 (17:47 +0000)]
ignore ksetpwd
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16114
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 23 Feb 2004 22:47:55 +0000 (22:47 +0000)]
update for krb5-1.3.2-beta5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 23 Feb 2004 21:25:17 +0000 (21:25 +0000)]
* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix calculation for
confidential CFX tokens.
ticket: 2266
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16107
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 23 Feb 2004 21:25:07 +0000 (21:25 +0000)]
Add missing ChangeLog entry
ticket: 2258
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16106
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 23:02:54 +0000 (23:02 +0000)]
* prof_init.c (prof_int32): If long is 4 bytes and int is not, then use long,
not int, for prof_int32.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16105
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Thu, 19 Feb 2004 17:51:40 +0000 (17:51 +0000)]
Bug from David Thompson <thomas@cs.wisc.edu>. Bug originally introduced
by me during conversion from bcopy() to memcpy().
ticket: 2258
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16104
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 02:47:11 +0000 (02:47 +0000)]
ignore some files generated during testing
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 02:46:30 +0000 (02:46 +0000)]
protoize
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16102
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 02:13:02 +0000 (02:13 +0000)]
ignore aes-gen program
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16101
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 01:37:27 +0000 (01:37 +0000)]
protoize
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16100
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 01:35:15 +0000 (01:35 +0000)]
Protoize
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16099
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Feb 2004 01:22:26 +0000 (01:22 +0000)]
delete some blank lines in fn defs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16098
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 18 Feb 2004 20:43:59 +0000 (20:43 +0000)]
use $(CC) rather than ld to build shared libs on tru64 and irix
* shlib.conf (alpha-*-dec-osf*, mips-sgi-irix*): Use $(CC) instead
of ld for building shared libraries.
ticket: new
component: krb5-build
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16097
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 18 Feb 2004 11:04:13 +0000 (11:04 +0000)]
* pcbc_encrypt.c (des_pcbc_encrypt): Don't pass a temporary variable to
DES_DO_ENCRYPT and _DECRYPT. Drop the temporary variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16096
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 17 Feb 2004 23:53:44 +0000 (23:53 +0000)]
* f_tables.h (DES_DO_ENCRYPT, DES_DO_DECRYPT): Allocate temporary variable
locally instead of taking the extra argument.
* d3_cbc.c (krb5int_des3_cbc_encrypt): Don't pass the extra argument, and
delete the automatic variable.
(krb5int_des3_cbc_decrypt): Likewise.
* f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): Likewise.
* f_cksum.c (mit_des_cbc_cksum): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16095
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 17 Feb 2004 23:36:41 +0000 (23:36 +0000)]
* afsstring2key.c (krb5_afs_encrypt): Drop EDFLAG as an argument, make it local
instead, since we always pass 0.
(afs_crypt): Call changed.
(krb5_afs_crypt_setkey, krb5_afs_encrypt): Use memcpy.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16094
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 17 Feb 2004 21:58:30 +0000 (21:58 +0000)]
oops; add some acknowledgments to change list
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16088
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 17 Feb 2004 21:50:38 +0000 (21:50 +0000)]
update for krb5-1.3.2-beta4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16087
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 16 Feb 2004 06:28:44 +0000 (06:28 +0000)]
Add missing PRIOCNTL_HACK stuff here
ticket: new
target_version: 1.3.2
tags: pullup
component: krb5-build
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16085
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 14 Feb 2004 00:37:18 +0000 (00:37 +0000)]
Don't specify defaults for GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macros
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16082
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 14 Feb 2004 00:34:15 +0000 (00:34 +0000)]
aclocal.m4 (WITH_CC): Add -fno-common to CFLAGS on Darwin, unless -fcommon or
-fno-common is already given.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 14 Feb 2004 00:31:35 +0000 (00:31 +0000)]
* aclocal.m4 (TRY_PEER_INT): Deleted.
(KRB5_GETPEERNAME_ARGS): Map the getpeername arg types to the corresponding
getsockname arg types.
(KRB5_GETSOCKNAME_ARGS): If nothing matches, assume struct sockaddr and
socklen_t.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16080
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 13 Feb 2004 23:40:08 +0000 (23:40 +0000)]
* t_encrypt.c (compare_results): New function.
(main): Use it to check decryption results against the original plaintext. When
testing with cipher state, encrypt and then decrypt (and verify) two messages.
* Makefile.in (t_encrypt$(EXEEXT)): Depend on CRYPTO_DEPLIB.
ticket: 2229
status: resolved
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16079
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 13 Feb 2004 23:39:59 +0000 (23:39 +0000)]
* build.texinfo (Solaris 9): Add section describing workaround for
Solaris 9 pty-close kernel bug.
ticket: 2195
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16078
dc483132-0cff-0310-8789-
dd5450dbe970