Tom Yu [Thu, 15 Jun 2006 19:48:47 +0000 (19:48 +0000)]
* src/lib/gssapi/libgssapi_krb5.exports: Add
gss_inquire_mechs_for_name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18143
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 15 Jun 2006 19:05:38 +0000 (19:05 +0000)]
* src/lib/gssapi/krb5/gssapiP_krb5.h: Restore prototype of
krb5_gss_release_oid() for now.
* src/lib/gssapi/krb5/rel_oid.c (krb5_gss_release_oid): Restore
for now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18142
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 15 Jun 2006 18:40:25 +0000 (18:40 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18141
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 15 Jun 2006 18:36:38 +0000 (18:36 +0000)]
* src/lib/gssapi/mechglue/Makefile.in (mydir):
* src/lib/gssapi/spnego/Makefile.in (mydir): Point to correct
locations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18140
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 15 Jun 2006 18:22:17 +0000 (18:22 +0000)]
remove spuriously resurrected file from merge
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18139
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 15 Jun 2006 02:51:22 +0000 (02:51 +0000)]
* rc_io.c (krb5_rc_io_move): Use same code for cygwin as for normal
Windows build.
ticket: 1434
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18138
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 15 Jun 2006 02:40:23 +0000 (02:40 +0000)]
Conditionalize declarations of krb5int_make_srv_query_realm and
krb5int_free_srv_dns_data on KRB5_DNS_LOOKUP.
ticket: 2628
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18137
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 15 Jun 2006 02:35:44 +0000 (02:35 +0000)]
Make __kdb2_hash_open declaration and definition consistent
ticket: 2628
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18136
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 15 Jun 2006 02:02:02 +0000 (02:02 +0000)]
This ticket is pretty old, and the config files have been changed
around a bit since, but this is an attempt to integrate the patch...
ticket: 856
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18135
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 14 Jun 2006 23:44:48 +0000 (23:44 +0000)]
Some simple transformations:
Use ANSI C function definitions instead of old K&R style.
Rename local variable "res" to "clnt_res".
Cast clnt_call arguments to xdrproc_t and caddr_t.
This brings the code more in line with what current (RHEL) rpcgen would do.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18134
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 14 Jun 2006 22:27:54 +0000 (22:27 +0000)]
Merge from branches/mechglue. Initial integration of Sun-donated
mechglue and SPNEGO implementations. Additional changes outside of
src/lib/gssapi:
* src/configure.in: Add lib/gssapi/mechglue and lib/gssapi/spnego
to list of directories to output Makefile in.
* src/lib/rpc/unit-test/rpc_test.0/expire.exp (expired): Update
regexp for mechglue.
* src/tests/dejagnu/krb-standalone/v4gssftp.exp (v4ftp_test):
Update "Miscellaneous failure" regexp for mechglue.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18131
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 14 Jun 2006 21:42:02 +0000 (21:42 +0000)]
remove old cvs log comment
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18130
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Wed, 14 Jun 2006 20:31:52 +0000 (20:31 +0000)]
When NULL is passed into krb_get_in_pw_tkt, we only want to prompt once
for the password rather than passing NULL along to each string to key
function causing each to prompt independently. Modify krb_get_in_pw_tkt
to call des_read_pw_string directly and then pass the resulting password
into each string to key function as needed. Add a prototype of
des_read_pw_string to krb4int.h since it's an exported function of
libdes425 but isn't prototyped in des.h.
Ticket: 2648
Version_Reported: 1.3.3
Component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18129
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 16:08:38 +0000 (16:08 +0000)]
Enable kinit -a to match the man page and add documentation
Ticket: 3030
Reported_Version: 1.4.1
Component: krb5-clients
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18125
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 16:03:12 +0000 (16:03 +0000)]
telnet help should telnet to a host named help, not display a usage
message. Only support ?, not help, to request help with the open
command. The same change was made in netkit's telnet.
Ticket: 3269
Component: krb5-appl
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18124
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 15:34:27 +0000 (15:34 +0000)]
Change kprop and kpropd to fall back on port 754 if krb5_prop isn't
available via getservbyname rather than failing.
Ticket: 3268
Version_Reported: 1.4.2
Component: krb5-misc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18123
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 15:24:03 +0000 (15:24 +0000)]
Change man page cross-reference to kerberos(1) from kerberos(3)
Ticket: 3008
Version_Reported: 1.3.6
Component: krb5-appl
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18122
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 15:18:04 +0000 (15:18 +0000)]
POSIX allows getpwnam_r and getpwuid_r to return 0 (success) even if the
username or UID could not be found, in which case OUT will be set to
NULL. Elsewhere, code assumes that if k5_getpwnam_r or k5_getpwuid_r
returns 0, OUT is non-NULL. Check whether OUT is NULL and adjust the
return value accordingly in the k5_getpw{nam,uid}_r wrappers.
Ticket: 3490
Version_Reported: 1.4.3
Component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18121
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)]
Prevent a library double-free and crash when a keytab is zero-length.
Based on a patch from Rainer Weikusat.
Ticket: 3549
Version_Reported: 1.4.3
Component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 13 Jun 2006 00:31:17 +0000 (00:31 +0000)]
Trivial whitespace cleanup in KDC code
ticket: 2712
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18119
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 20:20:21 +0000 (20:20 +0000)]
Allow whitespace in front of comments. Patch from Jeremie Koenig
Ticket: 1988
Version_Reported: 1.3.6
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18118
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 19:59:35 +0000 (19:59 +0000)]
Always include sys/ioctl.h in the telnet and telnetd code, even if
sys/filio.h is available. GNU/kFreeBSD has sys/filio.h but still
requires sys/ioctl.h, and sys/ioctl.h is included unconditionally
elsewhere in the code. Patch from Petr Salinger.
Ticket: 3466
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18117
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 19:47:52 +0000 (19:47 +0000)]
Never return -I/usr/include from --cflags. It's already in the default
compiler search path, causes gcc warnings, and can cause obscure failures
with gcc by including system headers before gcc's internal headers.
Ticket: 3011
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18116
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 19:38:29 +0000 (19:38 +0000)]
Update texinfo.tex to the version from texinfo 4.8.1 (2006-02-13.16)
Ticket: 3879
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18115
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 18:58:01 +0000 (18:58 +0000)]
Always initialize the output token in gss_init_sec_context as required
by RFC 2744 section 5.19. The krb5 code did this but the generic code
didn't, causing a double-free in OpenSSH.
Ticket: 3086
Version_Reported: 1.3.6
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18114
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 18:35:03 +0000 (18:35 +0000)]
If krb5_gss_canonicalize_name is given GSS_C_NULL_OID as the mechanism,
assume krb5 using similar logic as other library functions rather than
failing. Patch provided by Daniel Kahn Gillmor.
Ticket: 3467
Version_Reported: 1.4.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18113
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 18:19:26 +0000 (18:19 +0000)]
Document the authorization logic used in the absence of .k5login files.
Remove all remaining references to .rhosts authentication; the code to
implement this was already removed.
Ticket: 2577
Version_Reported: 1.3.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18112
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 17:49:30 +0000 (17:49 +0000)]
Add dircategory and direntry lines to the texinfo source for better info
documentation. Fix a few typos in variable names.
Ticket: 3014
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18111
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 17:43:28 +0000 (17:43 +0000)]
This file uses E* constants and therefore should include errno.h
Ticket: 3266
Version_Reported: 1.3.6
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18110
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 17:19:19 +0000 (17:19 +0000)]
Add man pages for fakeka and k524init
Ticket: 3013
Version_Reported: 1.3.6
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18109
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 17:14:28 +0000 (17:14 +0000)]
krb5.conf option name is udp_preference_limit, not udp_preference_list
Ticket: 3468
Version_Reported: 1.4.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18108
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Mon, 12 Jun 2006 14:15:52 +0000 (14:15 +0000)]
Fix minor nroff man page problems (stray space, bad cross reference)
Ticket: 3010
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18107
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 10 Jun 2006 01:05:40 +0000 (01:05 +0000)]
Since it appears we don't actually set the conf_tgs_ktypes field except in this
initial allocation of zero elements, it can be deleted, along with
conf_tgs_ktypes_count and the associated code...
ticket: 2786
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18105
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 10 Jun 2006 00:47:38 +0000 (00:47 +0000)]
Fix stupid typo in last change
ticket: 3233
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18104
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 10 Jun 2006 00:00:19 +0000 (00:00 +0000)]
Use new macro FILE_OWNER_OK to examine uid of .k5login file.
On Mac, define this to accept UNKNOWNUID as well as 0.
ticket: 3233
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 9 Jun 2006 23:40:17 +0000 (23:40 +0000)]
Call krb5_set_error_message any time multiple errno values are translated to
one KRB5_RC_* error code, and a few other places.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18102
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 9 Jun 2006 22:48:06 +0000 (22:48 +0000)]
Don't use GNU linker option --as-needed yet
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18101
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 8 Jun 2006 21:44:50 +0000 (21:44 +0000)]
Free requested-enctype list when freeing up credentials. Reported by Rainer
Weikusat.
ticket: 3790
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18093
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 8 Jun 2006 20:23:17 +0000 (20:23 +0000)]
Fixed by having krb5_fcc_interpret call krb5_set_error_message to incorporate
the lower-level error message into the message displayed by kinit, which has
already been changed to use krb5_get_error_message. For example, "kinit(v5):
Credentials cache I/O operation failed (No space left on device) when
initializing cache".
ticket: 3438
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18091
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 8 Jun 2006 20:15:40 +0000 (20:15 +0000)]
copyright notice
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18090
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 8 Jun 2006 20:01:44 +0000 (20:01 +0000)]
Don't call k5_mutex_destroy when krb5_rc_resolve_type fails, because that's
where the mutex would've been initialized. Reported by Shawn Emery.
ticket: 3332
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18089
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 8 Jun 2006 19:21:53 +0000 (19:21 +0000)]
Avoid memory leak in error path. Reported by Rainer Weikusat
ticket: 3791
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18088
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 6 Jun 2006 21:14:18 +0000 (21:14 +0000)]
Updated CCAPI version of krb4int_save_credentials_addr to
match the prototype in the headers.
ticket: new
target-version: 1.5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18084
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sat, 3 Jun 2006 01:06:47 +0000 (01:06 +0000)]
Update procedures for Subversion; fix some typos
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 2 Jun 2006 23:21:12 +0000 (23:21 +0000)]
No longer ignore configure, autom4te.cache, config.status, config.log
in directories that no longer have configure.in files. (And prune
blank lines previously accidentally added to the svn:ignore property
while we're editing them anyways.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18079
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 2 Jun 2006 22:55:40 +0000 (22:55 +0000)]
Re-disable python plugin configuration accidentally enabled in an earlier checkin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18077
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 2 Jun 2006 21:14:35 +0000 (21:14 +0000)]
Patch from Alejandro R. Sedeno and Jeffrey Hutzelman to allow krb4 to
read 32-bit and 64-bit ticket files on 32-bit and 64-bit systems.
Previously the ticket file format depended on the ABI. Significant
backward compatibility is maintained; the patch works by writing
alignment records that are valid (but meaningless) ticket file entries
but that allow systems to get realigned. As a consequence an old
library will see additional meaningless ticket file entries when it
reads a ticket file produced by the new code. These entries are
harmless and will be ignored.
ticket: 1288
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18076
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 1 Jun 2006 22:48:20 +0000 (22:48 +0000)]
move var decl before code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18073
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 1 Jun 2006 03:18:19 +0000 (03:18 +0000)]
krb5 1.5 alpha - memory leaks in krb5kdc due to not freeing error messages
In the kdc and lib/kadm5/logger.c, krb5_get_error_message needs to be paired
with krb5_free_error_message to release returned memory.
Essentially a memory leak was introduced for every principal requested
that did not exist in the database.
Identified by valgrind on the kdc - running kdc_hammer and specifying
more principals than are present in the db.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18072
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 1 Jun 2006 01:41:33 +0000 (01:41 +0000)]
Missed a reference to + sizeof() vs * sizeof(). Pointed out by
william fiveash.
ticket: 3825
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18071
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 1 Jun 2006 00:56:12 +0000 (00:56 +0000)]
krb5int_get_plugin_dir_data() uses + instead of * in realloc
In line 570, in reallocating the plugin tree - the memory allocated is
(count + 1) + sizeof(*p)
instead of
(count +1 ) * sizeof(*p)
Detected while running the krb5kdc under valgrind with memcheck.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18070
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 May 2006 00:09:31 +0000 (00:09 +0000)]
Merge about 1/3 of the remaining configure scripts into the top level. This
still leaves out appl and tests, and static library and plugin directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18068
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 30 May 2006 21:34:34 +0000 (21:34 +0000)]
krb5-1.5-alpha1-postrelease
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18066
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 30 May 2006 21:32:44 +0000 (21:32 +0000)]
krb5-1.5-alpha1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18064
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 30 May 2006 20:26:04 +0000 (20:26 +0000)]
Delete some bogus svn:mime-type properties
* README: Update for krb5-1.5-alpha1. Update Kerberos Development
Team member list.
* doc/copyright.texinfo: Update copyright years.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18063
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 26 May 2006 00:22:01 +0000 (00:22 +0000)]
Build lib/krb4 makefile at top level
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18046
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 26 May 2006 00:21:35 +0000 (00:21 +0000)]
Add copyright notice
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18045
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 25 May 2006 23:37:33 +0000 (23:37 +0000)]
Don't define MODULE_PATH
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18044
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 25 May 2006 23:31:26 +0000 (23:31 +0000)]
Properly recognize Mac environments, and set {KRB5,KDB5}_PLUGIN_BUNDLE_DIR
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18043
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 25 May 2006 23:18:38 +0000 (23:18 +0000)]
Create crypto, des425 Makefiles from top level
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18042
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 24 May 2006 21:19:23 +0000 (21:19 +0000)]
Rename locate.h to locate_plugin.h. Change references, update dependencies
ticket: 3784
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 24 May 2006 16:18:53 +0000 (16:18 +0000)]
Drop major version number from service-locator function table structure.
Add a typedef name for the structure. Change multiple-inclusion macro name.
Add a comment indicating desired symbol name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18036
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 24 May 2006 10:29:25 +0000 (10:29 +0000)]
Don't output krb5_config_prefix commands into config.status; do the substitutions
in the configure script.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18035
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 23 May 2006 00:37:46 +0000 (00:37 +0000)]
Mention the python plugin stuff in configure.in, but inside an "if false"
block, so reconf will build a configure script and it'll be easy to enable
for testing.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18034
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 23 May 2006 00:34:14 +0000 (00:34 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18033
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 23 May 2006 00:33:57 +0000 (00:33 +0000)]
Include k5-platform.h and fake-addrinfo.h, but not k5-int.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18032
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 23 May 2006 00:07:02 +0000 (00:07 +0000)]
service location plugin interface needs header installed
Install <krb5/locate.h>.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18031
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 23 May 2006 00:03:06 +0000 (00:03 +0000)]
install headers into include/krb5
Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the
build tree. Stub krb5.h in main include directory just includes krb5/krb5.h.
Update dependencies, and add dependencies in a couple Makefiles that didn't
have them.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 May 2006 10:38:36 +0000 (10:38 +0000)]
Missed change -- don't configure util/profile separately
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18020
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 May 2006 04:22:15 +0000 (04:22 +0000)]
* configure.in: Set and substitute KSU_LIBS, SETENVOBJ, DO_TCL. Generate
makefiles for util/et, util/profile, lib/kdb, clients and those clients
subdirectories built on UNIX, rather than running configure there.
Deleted configure.in scripts for those directories, and changed
Makefile.in definitions of thisconfigdir and mydir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18018
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 17 May 2006 05:26:12 +0000 (05:26 +0000)]
Remove krb5_init_context macro hack; change all the calls except in
krb5_gss_init_context to calls to krb5_gss_init_context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18015
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 16 May 2006 02:56:59 +0000 (02:56 +0000)]
Don't look for pthread_mutexattr_setrobust_np
Apparently Red Hat's Fedora Core 5 defines it but doesn't declare it,
so we'd have to declare it before testing the address. While it was
once useful for checking whether the pthread code had been loaded, I
think the other tests done now are more effective and this isn't
needed any more.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18012
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 16 May 2006 02:23:08 +0000 (02:23 +0000)]
Add SRCS definition and run make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18011
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 16 May 2006 02:15:06 +0000 (02:15 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18010
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 16 May 2006 01:45:00 +0000 (01:45 +0000)]
* lib/kadm5/alt_prof.c (kadm5_get_config_params): Replace filename and
envvar arguments with a flag indicating whether KDC config data should
be used. Prototype and all callers changed.
(krb5_read_realm_params): Delete config file and env var arguments.
Prototype and all callers changed.
* lib/kadm5/admin.h (KADM5_CONFIG_PROFILE): Commented out.
(struct _kadm5_config_params): Delete field PROFILE.
* lib/kadm5/alt_prof.c (kadm5_get_config_params): Don't look at it.
(kadm5_free_config_params): Don't free it.
* kadmin/testing/tcl/util.t: Remove profile data from config params.
* kadmin/testing/util/tcl_kadm5.c (config_mask_flags): Deleted
KADM5_CONFIG_PROFILE entry.
(parse_config_params): Changed to require 20 parameters instead of 21.
* lib/kadm5/unit-test/api.2/init-v2.exp (test100): Deleted.
* lib/kadm5/alt_prof.c (krb5_aprof_init): Fetch the list of config files from
the library and add the caller-indicated config file to the front of the list.
* lib/kadm5/clnt/client_init.c (kadm5_init_krb5_context): New function.
* lib/kadm5/clnt/libkadm5clnt.exports: Export it.
* lib/kadm5/srv/server_init.c: Include k5-int.h, osconf.h, gssapiP_krb5.h.
(kadm5_init_krb5_context): New function.
* lib/kadm5/srv/libkadm5srv.exports: Export it.
* lib/kadm5/srv/Makefile.in (LOCAL_INCLUDES): Add gssapi directories.
* lib/kadm5/admin.h (kadm5_init_krb5_context): Declare it.
* kadmin/dbutil/kdb5_destroy.c (kdb5_destroy): Call kadm5_init_krb5_context
instead of krb5_init_context.
* kadmin/dbutil/dump.c (load_db): Likewise.
* kadmin/dbutil/kdb5_util.c (main): Likewise.
* kadmin/dbutil/kadm5_create.c (kadm5_create): Likewise.
* kadmin/dbutil/kdb5_stash.c (kdb5_stash): Likewise.
* kadmin/dbutil/loadv4.c (load_v4db): Likewise.
* kadmin/server/ovsec_kadmd.c (main): Likewise.
* kadmin/cli/kadmin.c (kadmin_startup): Likewise.
* kadmin/testing/util/tcl_ovsec_kadm.c (tcl_ovsec_kadm_init): Likewise.
* lib/kadm5/unit-test/lock-test.c (main): Likewise.
* lib/kadm5/unit-test/handle-test.c (main): Likewise.
* lib/kadm5/unit-test/randkey-test.c (main): Likewise.
* lib/kadm5/unit-test/setkey-test.c (main): Likewise.
* lib/kadm5/chpass_util.c (_kadm5_chpass_principal_util): Likewise.
* lib/kadm5/kadm_rpc_xdr.c (xdr_krb5_principal): Likewise.
* lib/krb5/os/init_os_ctx.c (add_kdc_config_file): New function.
(os_init_paths): Add new argument KDC; call add_kdc_config_file if true.
* lib/krb5/krb/init_ctx.c (krb5int_init_context_kdc): New function.
(init_common): Add new argument KDC, passed to krb5_os_init_context.
* lib/krb5/libkrb5.exports: Export krb5int_init_context_kdc.
* k5-int.h (krb5_os_init_context): Update decl.
* lib/kadm5/srv/server_init.c (kadm5_init): Call krb5int_init_context_kdc.
* krb524/krb524d.c (main): Likewise.
* lib/kadm5/unit-test/api.2/init-v2.exp: Don't run test 154 for error for
$KRB5_KDC_PROFILE file not present.
* lib/krb5/os/init_os_ctx.c (os_get_default_config_files): Rewrite KLL test so
as not to confuse Emacs indentation support.
* lib/gssapi/krb5/init_sec_context.c (kg_kdc_flag_mutex, kdc_flag): New
variables.
(krb5_gss_init_context, krb5_gss_use_kdc_context): New functions.
* lib/gssapi/krb5/gssapiP_krb5.h (kg_kdc_flag_mutex): Declare.
(krb5_gss_init_context, krb5_gss_use_kdc_context): Declare.
(krb5_init_context): Define as macro to invoke krb5_gss_init_context for now.
* lib/gssapi/gss_libinit.c (gssint_lib_init): Initialize the mutex.
(gssint_lib_fini): Destroy it.
* lib/gssapi/libgssapi_krb5.exports: Export krb5_gss_use_kdc_context.
* lib/kadm5/srv/server_init.c (kadm5_init): Don't complain if the config files
specify an admin server, since we now look at krb5.conf as well.
* lib/kadm5/unit-test/api.2/init-v2.exp: Delete test test114 for bad server
params.
* plugins/kdb/db2/adb_openclose.c (osa_adb_init_db): Use
krb5int_init_context_kdc instead of krb5_init_context.
* kdc/rtest.c (main): Likewise.
* kdc/fakeka.c (main): Likewise.
* kdc/main.c (main, init_realm): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18009
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 15 May 2006 23:11:34 +0000 (23:11 +0000)]
* Makefile.in (krb5kdc, rtest): Don't explicitly add kdb5 libs to the link
command. (And we link against libraries, not dependency lists, anyways...)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18008
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 13 May 2006 06:41:37 +0000 (06:41 +0000)]
* main.c (initialize_realms): Use precise size allocation for dbname= parameter
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18007
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 13 May 2006 06:21:09 +0000 (06:21 +0000)]
Have Tcl script error out if initialization fails
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18006
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 13 May 2006 05:20:22 +0000 (05:20 +0000)]
* configure.in: Don't create a makefile for posix subdir
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18005
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 13 May 2006 05:17:25 +0000 (05:17 +0000)]
* syslog.c: Discard all the non-Windows bits, since we don't build this on
UNIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18004
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 13 May 2006 05:15:29 +0000 (05:15 +0000)]
* getuid.c, memmove.c, sscanf.c, strcasecmp.c, strdup.c, strerror.c,
vfprintf.c, vsprintf.c: Remove files we don't compile anywhere.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18003
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 13 May 2006 00:57:26 +0000 (00:57 +0000)]
Use unsigned char rather than u_int8_t in random_string()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18002
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 11 May 2006 00:41:46 +0000 (00:41 +0000)]
* tests/dejagnu/config/default.exp (setup_krb5_conf): Don't add suffix to
library name in generated config file.
* kadmin/testing/proto/krb5.conf.proto: Drop suffix from library name.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17999
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 10 May 2006 21:48:53 +0000 (21:48 +0000)]
Fixed the krb5_cc_gen_new memory ccache implementation and updated
krb5_verify_init_creds() and rd_and_store_for_creds() to use the
API properly (possible now that it's been fixed).
ticket: 3746
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17997
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 9 May 2006 22:26:04 +0000 (22:26 +0000)]
vsnprintf not present on windows
vsnprintf is not present on Windows. Microsoft provides
the _vsnprintf form instead. Add a macro to allow this
file to compile.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17993
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 9 May 2006 21:03:07 +0000 (21:03 +0000)]
plugins support requires a Windows equivalent to opendir and friends
This patch simply allows krb5 to build once again on Windows.
Windows does not have opendir() and friends. Instead Win32 API
functions must be used as described in
http://msdn.microsoft.com/library/en-us/dnucmg/html/UCMGch09.asp
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17992
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 9 May 2006 20:37:49 +0000 (20:37 +0000)]
* threads.c (krb5int_pthread_loaded): Supply dummy version for !ENABLE_THREADS
case.
ticket: 3426
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17990
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 9 May 2006 19:36:46 +0000 (19:36 +0000)]
* send_tgs.c (krb5_send_tgs): Fix memory allocation size when padata is
provided.
ticket: 3714
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17988
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 9 May 2006 11:31:02 +0000 (11:31 +0000)]
Cleanup a number of cast away from const warnings in gssapi
Change internal token handling and oid handling functions to take a
const style gss_OID. In the krb5 dir remove casting.
This is the start of fixes in this arena.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17987
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 8 May 2006 18:05:47 +0000 (18:05 +0000)]
kdb_load_library(): SGI compiler requires that when initializing arrays
at declaration - only constants be used. [filebases]. Code was introduced with
17975 revision.
ticket: 3716
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17986
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 5 May 2006 03:46:09 +0000 (03:46 +0000)]
* plugins.c (krb5int_get_plugin_filenames): Make extention array static and const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17981
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 5 May 2006 03:36:05 +0000 (03:36 +0000)]
* plugins.c (krb5int_get_plugin_filenames): Avoid shadowing local variable names
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17980
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 5 May 2006 03:32:54 +0000 (03:32 +0000)]
* plugins.c (FILEEXTS): No trailing semicolon
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17979
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 4 May 2006 18:43:20 +0000 (18:43 +0000)]
need to export kadm5_set_use_password_server
Need to export "kadm5_set_use_password_server" because it is used by
krb5kdc when USE_PASSWORD_SERVER is defined. Since the Mac builds this
way we need it in the export list. Unfortunately export lists don't get
preprocessed. Note that I only added this one function. The rest of the
password server functionality is still conditionalized around
USE_PASSWORD_SERVER.
Hopefully we can rip all this code out when Apple starts using the db plugin
interface for their password server integration.
ticket: new
target_version: 1.5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17977
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 4 May 2006 18:35:01 +0000 (18:35 +0000)]
Export new function names
ticket: 3716
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17976
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 4 May 2006 03:06:33 +0000 (03:06 +0000)]
Changed to krb5int_open_plugin_dirs/krb5int_close_plugin_dirs which
takes a list of filebases and directories rather than a list of full paths
so the caller doesn't have to generate the possibilities themselves.
krb5int_open_plugin_dirs will append the possible suffixes for that platform
(including no suffix in case there already is one on the file base).
Modified the kdb and locate kdc interfaces to use the new API.
ticket: 3716
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17975
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 4 May 2006 02:01:17 +0000 (02:01 +0000)]
Removed the unnecessary and incorrect (due to operator precedence) "== MPOOL_INUSE".
The previous code actually ended up checking if MPOOL_DIRTY (0x01) is set.
ticket: new
target_version: 1.5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17974
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 3 May 2006 00:06:23 +0000 (00:06 +0000)]
* post.in (.acsyms_okay): Target deleted.
(configure): Incorporate the check-ac-syms rules here.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17973
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 29 Apr 2006 07:06:34 +0000 (07:06 +0000)]
ipv4+ipv6 messages can trip up KDC replay detection
The replay lookaside cache includes the sending address, but the krb5
library replay cache does not. So, if the same message arrives from
two different source addresses, it is considered a replay by the KDC.
If the client isn't receiving the replies for some reason, and the
client has multiple addresses it uses to contact different addresses
on the KDC (and trying to reach the KDC via both IPv4 and IPv6 is an
obvious such case), this can cause errors to be returned by the KDC.
* replay.c (krb5_kdc_replay_ent): Remove "addrs" field.
(MATCH): Don't check it.
(kdc_check_lookaside, kdc_insert_lookaside): Remove "from" argument.
* kdc_util.h (kdc_check_lookaside, kdc_insert_lookaside): Update decls.
* dispatch.c (dispatch): Update calls.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17970
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 29 Apr 2006 06:59:23 +0000 (06:59 +0000)]
Don't test HAVE_C_STRUCTURE_ASSIGNMENT.
Instead, just assume we do have a working C compiler.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17969
dc483132-0cff-0310-8789-
dd5450dbe970