krb5.git
21 years agoAdd k5srvutil
Sam Hartman [Thu, 6 Feb 2003 20:05:41 +0000 (20:05 +0000)]
Add k5srvutil

Add a script called k5srvutil that allows easy manipulation of keytabs
for common tasks such as changing keys and deleting outdated keys.

ticket: 1191
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15159 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis is the integration of "fakeka" (a program to emulate a kaserver)
Ken Hornstein [Thu, 6 Feb 2003 19:58:18 +0000 (19:58 +0000)]
This is the integration of "fakeka" (a program to emulate a kaserver)
into the MIT distribution.  It's compilation is enabled with --enable-fakeka.

ticket: 1281

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15158 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (std_rqs.c): Depend on ct_c.sed and ct_c.awk
Ken Raeburn [Thu, 6 Feb 2003 00:51:42 +0000 (00:51 +0000)]
* Makefile.in (std_rqs.c): Depend on ct_c.sed and ct_c.awk

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15157 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * login.c (main): Don't zero out terminal window size
Tom Yu [Wed, 5 Feb 2003 21:39:33 +0000 (21:39 +0000)]
* login.c (main): Don't zero out terminal window size

ticket: 697

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15156 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (run-aes-test): Add $(RUN_SETUP) so that if
Ezra Peisach [Wed, 5 Feb 2003 20:05:17 +0000 (20:05 +0000)]
    * Makefile.in (run-aes-test): Add $(RUN_SETUP) so that if
        compiling only shared libraries, LD_LIBRARY_PATH is set for test.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15155 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * mkrel: Exclude .rconf files
Tom Yu [Wed, 5 Feb 2003 19:35:48 +0000 (19:35 +0000)]
* mkrel: Exclude .rconf files

ticket: 771

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15154 dc483132-0cff-0310-8789-dd5450dbe970

21 years agocomment
Tom Yu [Wed, 5 Feb 2003 04:57:46 +0000 (04:57 +0000)]
comment

* decomp_tkt.c (dcmp_tkt_int): Patch from Booker Bense to use
krb_get_lrealm() instead of copying KRB_REALM into prealm.

ticket: 710

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15153 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * default.exp (start_kerberos_daemons): Use correct argument to
Tom Yu [Wed, 5 Feb 2003 04:02:05 +0000 (04:02 +0000)]
* default.exp (start_kerberos_daemons): Use correct argument to
"-4" flag.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15152 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * prompter.c (krb5_prompter_posix): Rewrite to no longer use
Tom Yu [Wed, 5 Feb 2003 03:57:22 +0000 (03:57 +0000)]
* prompter.c (krb5_prompter_posix): Rewrite to no longer use
longjmp(), as well as to get a non-buffered stdio stream on stdin
to avoid passwords staying around in stdio buffers.  This does
have the side effect of possibly losing pre-buffered input from an
application that reads from stdin using stdio functions prior to
calling the prompter, but hopefully those are rare.

ticket: 673
ticket: 680

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15151 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoGet addressless tickets by default
Sam Hartman [Tue, 4 Feb 2003 22:12:00 +0000 (22:12 +0000)]
Get addressless tickets by default

By default Kerberos obtains addressless tickets.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15150 dc483132-0cff-0310-8789-dd5450dbe970

21 years agodisable krb4 by default
Sam Hartman [Tue, 4 Feb 2003 22:07:38 +0000 (22:07 +0000)]
disable krb4 by default

By default, we disable krb4 in the KDC.  This means that -4 none is
the default mode.

Krb4 is reenabled for the dejagnu tests.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15149 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * login.c (dofork): Don't dissociate from controlling tty in the
Tom Yu [Tue, 4 Feb 2003 03:48:55 +0000 (03:48 +0000)]
* login.c (dofork): Don't dissociate from controlling tty in the
parent, since the parent needs to remain the session leader so it
can tell when the tty gets hung up.  Make the child wait for the
parent to set up a SIGHUP handler to ensure that cleanup happens
properly.

ticket: 608

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15148 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoupdate dependencies
Ken Raeburn [Mon, 3 Feb 2003 22:13:26 +0000 (22:13 +0000)]
update dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15147 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago*** empty log message ***
Ken Raeburn [Mon, 3 Feb 2003 22:12:34 +0000 (22:12 +0000)]
*** empty log message ***

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15146 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove placeholder file that shouldn't have been checked in
Ken Raeburn [Mon, 3 Feb 2003 22:12:18 +0000 (22:12 +0000)]
Remove placeholder file that shouldn't have been checked in

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15145 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoBuild and link in AES crypto code (but don't define the enctype yet).
Ken Raeburn [Mon, 3 Feb 2003 22:09:09 +0000 (22:09 +0000)]
Build and link in AES crypto code (but don't define the enctype yet).
Build and link in PBKDF2 function.
Add ciphertext stealing tests.
Update various tests to correspond with IETF crypto draft.

* aes: New directory, containing AES implementation from Brian Gladstone,
tweaked a little for the krb5 build system.
* configure.in: Build its makefile.
* Makefile.in (LOCAL_SUBDIRS, LOCALINCLUDES, STOBJLISTS, SUBDIROBJLISTS): Add
aes entries.

* t_cts.c: New test file.
* Makefile.in (EXTRADEPSRCS): Add t_cts.
(t_cts$(EXEEXT)): New rule.

* Makefile.in (SRCS, OBJS, STLIBOBJS): Add pbkdf2.
(EXTRADEPSRCS): Remove pbkdf2.c.
(t_pkcs5$(EXEEXT)): Don't list pbkdf2.$(OBJEXT).

* t_nfold.c (fold_kerberos): New function.
(main): Call it with different lengths.
* vectors.c: Include ctype.h and hash_provider.h.
(test_nfold, test_mit_des_s2k, test_s2k, test_dr_dk): Test case data now static
and const.
(test_nfold): Add "Q" and "ba" tests from Simon Josefsson.
(GCLEF): New macro.
(test_mit_des_s2k): Add GCLEF test case.  Fill in "key" at run time, not as
initialization.
(test_s2k): Added GCLEF test case.
(krb5int_enc_aes128, krb5int_enc_aes256): Declare.
(combine_keys, test_des3_combine, k5_des3_make_key): Functions deleted.
(whoami): New variable.
(printd, printk): New functions.
(test_pbkdf2): New function.
(main): Initialize whoami.  Test nfold only for now.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15144 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* aes.c: New file.
Ken Raeburn [Mon, 3 Feb 2003 21:53:59 +0000 (21:53 +0000)]
* aes.c: New file.
* Makefile.in (STLIBOBJS, OBJS, SRCS): Include it.
(LOCALINCLUDE): Add aes source dir.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15143 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMake l40 static
Sam Hartman [Mon, 3 Feb 2003 21:38:06 +0000 (21:38 +0000)]
Make l40 static

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15142 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAES implementation by Briad Gladman; tweaked for krb5 tree
Ken Raeburn [Mon, 3 Feb 2003 21:10:25 +0000 (21:10 +0000)]
AES implementation by Briad Gladman; tweaked for krb5 tree

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15141 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (clean-windows): Remove $(GENS).
Ken Raeburn [Sat, 1 Feb 2003 00:35:08 +0000 (00:35 +0000)]
* Makefile.in (clean-windows): Remove $(GENS).
(krb524_err.c): Depend on krb524_err.et.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15140 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kcmd.c (v4_des_write): Apply patch from ghudson to fix
Tom Yu [Fri, 31 Jan 2003 05:50:29 +0000 (05:50 +0000)]
* kcmd.c (v4_des_write): Apply patch from ghudson to fix
non-right-justification case.

ticket: 620

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15139 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* login.c (main): Initialize 'hostname'
Ken Raeburn [Fri, 31 Jan 2003 00:43:50 +0000 (00:43 +0000)]
* login.c (main): Initialize 'hostname'

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15138 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* login.c (try_krb4): Delete unused krb5 principal name argument.
Ken Raeburn [Fri, 31 Jan 2003 00:41:17 +0000 (00:41 +0000)]
* login.c (try_krb4): Delete unused krb5 principal name argument.
(main): Don't pass it.

ticket: 479

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15137 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoChange to use more appropriate sample domains and IPs
Sam Hartman [Thu, 30 Jan 2003 20:31:23 +0000 (20:31 +0000)]
Change to use more appropriate sample domains and IPs

ticket: 175

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15136 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst, krb_realmofhost):
Ken Raeburn [Tue, 28 Jan 2003 23:30:02 +0000 (23:30 +0000)]
* RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst, krb_realmofhost):
Use strcpy instead of strncpy.

ticket: 1339
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15135 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokrb4 library breaks old krb_get_admhst API
Ken Raeburn [Mon, 27 Jan 2003 20:45:03 +0000 (20:45 +0000)]
krb4 library breaks old krb_get_admhst API

* RealmsConfig-glue.c (krb_get_admhst): Use strcpy instead of
strncpy, and max length of MAX_HSTNM.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15134 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * parse.c: Include errno.h for declaration of errno
Ezra Peisach [Fri, 24 Jan 2003 04:44:43 +0000 (04:44 +0000)]
   * parse.c: Include errno.h for declaration of errno

glibc 2.3.1 declares errno as a macro - so must include header file
before use.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15133 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* default.exp (start_kerberos_daemons): Record more information when "tail -f"
Ken Raeburn [Thu, 23 Jan 2003 17:42:46 +0000 (17:42 +0000)]
* default.exp (start_kerberos_daemons): Record more information when "tail -f"
doesn't show the mark written to the log file.  Look for and discard
non-matching lines.
(setup_root_shell): Ignore the message displayed by rlogin when a connection is
refused to one address but other addresses are available.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15132 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (all-unix, install): Build and install kadm_err.h.
Ken Raeburn [Wed, 22 Jan 2003 21:34:00 +0000 (21:34 +0000)]
* Makefile.in (all-unix, install): Build and install kadm_err.h.
(install-headers-unix): Install both generated header files.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15131 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoTimestamp preauth should return clock skew errors
Sam Hartman [Tue, 21 Jan 2003 19:02:58 +0000 (19:02 +0000)]
Timestamp preauth should return clock skew errors

When the user supplies the correct password, but has a timestamp that
is out of bounds, the server should reply with a clock skew error
rather than a preauth required error.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and
Ken Raeburn [Fri, 17 Jan 2003 23:55:43 +0000 (23:55 +0000)]
* krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and
krb5_decrypt_tkt_part, for GSSAPI.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15129 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse new target create-ehdrdir, defined differently for UNIX and WIN32, to
Ken Raeburn [Fri, 17 Jan 2003 23:28:59 +0000 (23:28 +0000)]
Use new target create-ehdrdir, defined differently for UNIX and WIN32, to
conditionally create the target directory $(EHDRDIR) if needed, before copying
files into it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15128 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* krb5.hin (krb5_mk_req_checksum_func): Fix Windows calling convention syntax
Ken Raeburn [Fri, 17 Jan 2003 23:22:10 +0000 (23:22 +0000)]
* krb5.hin (krb5_mk_req_checksum_func): Fix Windows calling convention syntax

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15127 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* prof_file.c (profile_flush_file_data): [_WIN32]: Don't call sync
Ken Raeburn [Fri, 17 Jan 2003 23:19:47 +0000 (23:19 +0000)]
* prof_file.c (profile_flush_file_data): [_WIN32]: Don't call sync

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15126 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
Ken Raeburn [Fri, 17 Jan 2003 18:46:15 +0000 (18:46 +0000)]
* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
the directory is created before installation of the file.
($(EHDRDIR)$(S)gssapi_generic.h): Likewise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15125 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
Ken Raeburn [Wed, 15 Jan 2003 23:52:04 +0000 (23:52 +0000)]
* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
cast it to pointer to unsigned long.  Change ld.so warning message check to be
byte-order independent.
* krb4int.h (krb_net_rd_sendauth): Decl updated.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15124 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis is the last piece of the KfM merge
Tom Yu [Wed, 15 Jan 2003 21:37:26 +0000 (21:37 +0000)]
This is the last piece of the KfM merge

* CCache-glue.c: New file from KfM.

ticket: 1189

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15123 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse "standard" error table processing rules
Ken Raeburn [Wed, 15 Jan 2003 03:31:47 +0000 (03:31 +0000)]
Use "standard" error table processing rules

* Makefile.in (krb_err.et, kadm_err.et): New intermediate targets; copy files
from lib/krb4.
(krb_err.h, kadm_err.h): Delete actions, use patterns in pre.in.
(clean-unix): Delete these generated files.

ticket: 1209
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15122 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (check-unix): Invoke t_krbconf instead of struggling
Ezra Peisach [Tue, 14 Jan 2003 19:08:21 +0000 (19:08 +0000)]
* Makefile.in (check-unix): Invoke t_krbconf instead of struggling
with differing versions of make's quoting of \ and $.

* t_krbconf: Small shell script to test krb5-config.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15121 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * Makefile.in (check-unix): Test to see if krb5-config outputs
Ezra Peisach [Mon, 13 Jan 2003 23:00:58 +0000 (23:00 +0000)]
* Makefile.in (check-unix): Test to see if krb5-config outputs
variables that require Makefile substitutions.

* krb5-config.in: Remore $(PURE) from output. Handle variables
$(RPATH_FLAG) and $(LDFLAGS).

If config/shlib.conf is changed again, we will detect brokeness in
krb5-config before the release.

ticket: 1311

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15120 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* profile.pbexp: New file
Ken Raeburn [Mon, 13 Jan 2003 22:16:21 +0000 (22:16 +0000)]
* profile.pbexp: New file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15119 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* prof_int.h (SHARE_TREE_DATA): Define only on Mac
Ken Raeburn [Mon, 13 Jan 2003 22:11:14 +0000 (22:11 +0000)]
* prof_int.h (SHARE_TREE_DATA): Define only on Mac

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15118 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoThis should be all that remains of the 1-2-2-branch merge; some
Tom Yu [Mon, 13 Jan 2003 04:51:26 +0000 (04:51 +0000)]
This should be all that remains of the 1-2-2-branch merge; some
additional sanity-checking of merge needed though.

* krb5_32.def: Merge from 1-2-2-branch.

ticket: 1177
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15117 dc483132-0cff-0310-8789-dd5450dbe970

21 years agokadm5_get_either leaks memory
Ezra Peisach [Sun, 12 Jan 2003 18:17:02 +0000 (18:17 +0000)]
kadm5_get_either leaks memory

* svr_iters.c (kadm5_get_either): For POSIX_REGEXPS
(i.e. regcomp), call regfree() to cleanup memory.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15116 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMemory leak in krb5_send_tgs()
Ezra Peisach [Sun, 12 Jan 2003 18:02:03 +0000 (18:02 +0000)]
Memory leak in krb5_send_tgs()

* send_tgs.c (krb5_send_tgs): Free memory leak of TGS_REQ.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15115 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more
Ezra Peisach [Sun, 12 Jan 2003 17:36:53 +0000 (17:36 +0000)]
* svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more
than once, do not double free memory.

* clnt_perror.c (clnt_sperror): Do not write past end of allocated
buffer.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15114 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kdc_util.h, replay.c, main.c: Pass global krb5_context to
Ezra Peisach [Sun, 12 Jan 2003 13:07:49 +0000 (13:07 +0000)]
* kdc_util.h, replay.c, main.c: Pass global krb5_context to
kdc_free_lookaside() instead of per realm one - which has been
freed by time invoked.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15113 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * kdc5_hammer.c (verify_cs_pair): Use krb5_free_creds() instead of
Ezra Peisach [Sun, 12 Jan 2003 13:03:35 +0000 (13:03 +0000)]
* kdc5_hammer.c (verify_cs_pair): Use krb5_free_creds() instead of
krb5_free_cred_contents() to cleanup memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15112 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSearch for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather than
Ken Raeburn [Fri, 10 Jan 2003 23:19:01 +0000 (23:19 +0000)]
Search for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather than
explicitly in directories using those macros.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15111 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse passwd entry for ~ expansion if $HOME isn't set.
Ken Raeburn [Fri, 10 Jan 2003 22:42:05 +0000 (22:42 +0000)]
Use passwd entry for ~ expansion if $HOME isn't set.
Also fix a minor logic bug in checking file access.

ticket: 1237
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15110 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* server.c: Include port-sockets.h
Ken Raeburn [Fri, 10 Jan 2003 19:20:32 +0000 (19:20 +0000)]
* server.c: Include port-sockets.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15109 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMove socklen_t and sockaddr_storage definitions to port-sockets.h
Ken Raeburn [Fri, 10 Jan 2003 19:10:30 +0000 (19:10 +0000)]
Move socklen_t and sockaddr_storage definitions to port-sockets.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15108 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse markers in Makefile.in rather than rules in configure.in to indicate when
Ken Raeburn [Fri, 10 Jan 2003 05:55:49 +0000 (05:55 +0000)]
Use markers in Makefile.in rather than rules in configure.in to indicate when
to use the lib.in and libobj.in makefile fragments.  Pushing this per-directory
info into Makefile.in will make it a little easier to work on combining
configure scripts for multiple directories.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15107 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoPatch to get new service tickets in preference to using expired
Sam Hartman [Fri, 10 Jan 2003 01:23:49 +0000 (01:23 +0000)]
Patch to get new service tickets in preference to using expired
service tickets in krb5_get_credentials.

Ticket: 1260

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15106 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoUse socklen_t when passing address to socket functions.
Ken Raeburn [Fri, 10 Jan 2003 00:14:16 +0000 (00:14 +0000)]
Use socklen_t when passing address to socket functions.
Fixes compilation warnings on AIX 4.3.3.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15105 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought
Ken Raeburn [Thu, 9 Jan 2003 23:55:06 +0000 (23:55 +0000)]
AIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought

* fake-addrinfo.h (getaddrinfo) [_AIX]: Always overwrite sa_family and sa_len
fields, since sa_family at least may be non-zero *and* wrong.
(protoname, socktypename, familyname, debug_dump_getaddrinfo_args,
debug_dump_error, debug_dump_error, debug_dump_addrinfos) [DEBUG_ADDRINFO]: New
debugging functions.
(fake_getaddrinfo, getaddrinfo) [DEBUG_ADDRINFO]: Use them.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15104 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoBetween the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
Sam Hartman [Thu, 9 Jan 2003 21:12:34 +0000 (21:12 +0000)]
Between the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
changed.  People seem to use this sample for interop testing, so
support for the old protocol is needed.

This commit adds a -v1 flag to the gss-client that will use the old
protocol.

The server does not yet support the old protocol, so  the ticket remains open.

Ticket: 881
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15103 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* Makefile.in (DEFINES): New variable. Define HAS_STDARG for Tcl headers
Ken Raeburn [Thu, 9 Jan 2003 01:28:30 +0000 (01:28 +0000)]
* Makefile.in (DEFINES): New variable.  Define HAS_STDARG for Tcl headers

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15102 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoTry to do atomic file swap on UNIX when updating profile
Ken Raeburn [Thu, 9 Jan 2003 00:20:20 +0000 (00:20 +0000)]
Try to do atomic file swap on UNIX when updating profile

* prof_file.c (make_hard_link): New function.
(profile_flush_file_data): Use it to attempt a safe profile file replacement.

ticket: 1301
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15101 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoSupport \r as additional line separator on Mac OS X
Ken Raeburn [Thu, 9 Jan 2003 00:17:27 +0000 (00:17 +0000)]
Support \r as additional line separator on Mac OS X

* prof_parse.c (profile_parse_file) [PROFILE_SUPPORTS_FOREIGN_NEWLINES]: Look
for \r and treat it as a line break.
* prof_int.h: Don't include prof_err.h.
(PROFILE_SUPPORTS_FOREIGN_NEWLINES) [macintosh]: Define new macro.

ticket: 1237
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15100 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoPreviously fwd_tgt_creds required either that the hostname be passed
Sam Hartman [Wed, 8 Jan 2003 23:49:33 +0000 (23:49 +0000)]
Previously fwd_tgt_creds required either that the hostname be passed
in or that the principal be a host-based service.  This means you
cannot for example forward tickets to a GSSAPI user-based service.

The requirement to get the hostname is only needed in cases where
addressless tickets are not used.  So when addressless tickets are
used, do not require the hostname.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15099 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * fake-addrinfo.h (freeaddrinfo): Back out 1/3/03 change. ANSI
Ezra Peisach [Wed, 8 Jan 2003 21:50:21 +0000 (21:50 +0000)]
* fake-addrinfo.h (freeaddrinfo): Back out 1/3/03 change. ANSI
does not require it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15098 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago2003-01-08 Sam Hartman <hartmans@mit.edu>
Sam Hartman [Wed, 8 Jan 2003 20:16:07 +0000 (20:16 +0000)]
2003-01-08  Sam Hartman  <hartmans@mit.edu>

* krb5.hin :  Move KRB5_CALLCONV specifier for
krb5_mk_req_checksum_func to right place

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15097 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMore const for ops tables
Ken Raeburn [Wed, 8 Jan 2003 03:55:40 +0000 (03:55 +0000)]
More const for ops tables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15096 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* sendto_kdc.c (state_strings): Now const
Ken Raeburn [Wed, 8 Jan 2003 03:51:50 +0000 (03:51 +0000)]
* sendto_kdc.c (state_strings): Now const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15095 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMore const for ops tables
Ken Raeburn [Wed, 8 Jan 2003 03:51:03 +0000 (03:51 +0000)]
More const for ops tables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15094 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* appdefault.c (conf_yes, conf_no): Now const
Ken Raeburn [Wed, 8 Jan 2003 03:45:50 +0000 (03:45 +0000)]
* appdefault.c (conf_yes, conf_no): Now const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15093 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMake ccache and rcache ops tables const
Ken Raeburn [Wed, 8 Jan 2003 03:42:54 +0000 (03:42 +0000)]
Make ccache and rcache ops tables const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15092 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFor new encryption types and for RC4, encrypt the krb_cred message in
Sam Hartman [Wed, 8 Jan 2003 02:20:42 +0000 (02:20 +0000)]
For new encryption types and for RC4, encrypt the krb_cred message in
the initial gssapi token if credentials are being delegated.  For
consistency with Microsoft, we encrypt the credentials using the
session key not the subsession key.

Ticket: 1054

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15091 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoLog entries for Makefile.ov deletion
Ken Raeburn [Wed, 8 Jan 2003 00:34:36 +0000 (00:34 +0000)]
Log entries for Makefile.ov deletion

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15090 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoNuke some old .orig files
Ken Raeburn [Wed, 8 Jan 2003 00:26:20 +0000 (00:26 +0000)]
Nuke some old .orig files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15089 dc483132-0cff-0310-8789-dd5450dbe970

21 years agonuke old OV makefile stuff
Ken Raeburn [Tue, 7 Jan 2003 21:42:15 +0000 (21:42 +0000)]
nuke old OV makefile stuff

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15088 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoFix logic error in previous patch that broke gss_init_sec_context
Sam Hartman [Tue, 7 Jan 2003 19:27:50 +0000 (19:27 +0000)]
Fix logic error in previous patch that broke gss_init_sec_context

ticket: 1054
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15087 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoImplement krb5_auth_con_set_checksum_func, an API for setting a
Sam Hartman [Mon, 6 Jan 2003 22:51:16 +0000 (22:51 +0000)]
Implement krb5_auth_con_set_checksum_func, an API for setting a
callback to specify the data to be checksummed by krb5_mk_req after
the auth_context has been set up.  Mainly useful for GSSAPI.

Ticket: 1054
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15084 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoOnly system headers should declare errno
Sam Hartman [Sun, 5 Jan 2003 23:28:05 +0000 (23:28 +0000)]
Only system headers should declare errno

Many parts of krb5 declare errno in source files using extern int
errno.  This has not been needed in ANSI C for a long time,
and actively breaks modern versions of glibc.

So these declarations are removed and errno.h included where necessary.

Ticket: new
Component: krb5-build

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15082 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* ftpd.c (auth_data): Kerberos v4 checksum must be a 32-bit value
Ken Raeburn [Fri, 3 Jan 2003 21:19:51 +0000 (21:19 +0000)]
* ftpd.c (auth_data): Kerberos v4 checksum must be a 32-bit value

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15081 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * main.c: On exit, free more allocated memory, including:
Ezra Peisach [Fri, 3 Jan 2003 16:28:45 +0000 (16:28 +0000)]
* main.c: On exit, free more allocated memory, including:
realm_tcp_ports data, kdc_realmlist, close the replay cache, and
free the lookaside cache.

* network.c (FREE_SET_DATA): Do not free a NULL pointer.

* replay.c, kdc_util.h: Add kdc_free_lookaside() to clear the lookaside
cache on shutdown - to search for memory leaks.

* rtest.c (main): Do not allocate or free a NULL pointer.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15080 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * compat_recv.c (accept_a_connection): Test if IPv6 socket returns
Ezra Peisach [Fri, 3 Jan 2003 16:18:20 +0000 (16:18 +0000)]
    * compat_recv.c (accept_a_connection): Test if IPv6 socket returns
        EAFNOSUPPORT as well as EPROTONOSUPPORT. Irix 6.5.16m returns the
        former.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15079 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * fake-addrinfo.h (freeaddrinfo): Do not free a NULL pointer
Ezra Peisach [Fri, 3 Jan 2003 14:33:46 +0000 (14:33 +0000)]
* fake-addrinfo.h (freeaddrinfo): Do not free a NULL pointer

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15078 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoblah
Sam Hartman [Wed, 1 Jan 2003 23:00:12 +0000 (23:00 +0000)]
blah

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15077 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago * standalone.exp: Only run the keytab to srvtab tests if kerberos 4
Ezra Peisach [Wed, 1 Jan 2003 15:22:21 +0000 (15:22 +0000)]
   * standalone.exp: Only run the keytab to srvtab tests if kerberos 4
        support is compiled into the source tree.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15076 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoAdd IPv6 support to rshd test/debug code:
Ken Raeburn [Wed, 1 Jan 2003 10:13:20 +0000 (10:13 +0000)]
Add IPv6 support to rshd test/debug code:

* compat_recv.c: Include sys/select.h and port-sockets.h.
(krb5_compat_recvauth_version): Only attempt krb4 authentication if the source
address is an IPv4 one.
(accept_a_connection): New function, derived from old krshd.c.  Listen on IPv6
as well as IPv4, if possible.
* krshd.c (main): Call accept_a_connection.  Change fromlen to a socklen_t.
(doit): Initialize s.  Change length passed to getsockname to a socklen_t.
(recvauth): Change len to socklen_t.  Cast peer IPv4 address before calling
krb5_compat_recvauth_version.
* defines.h: Include port-sockets.h.
(accept_a_connection): Declare.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15075 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoRemove files that haven't been used since 1995
Ken Raeburn [Wed, 1 Jan 2003 09:33:21 +0000 (09:33 +0000)]
Remove files that haven't been used since 1995

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15074 dc483132-0cff-0310-8789-dd5450dbe970

21 years agoMerge some Mac-specific changes from meeroh's branch:
Ken Raeburn [Tue, 31 Dec 2002 09:21:12 +0000 (09:21 +0000)]
Merge some Mac-specific changes from meeroh's branch:
* profile.hin: Don't test MACINTOSH any more.  On Mac OS X, include
TargetConditionals.h, set some pragmas, define COPY_RESOURCE_FORK, and error
out if TARGET_RT_MAC_CFM is defined; don't set the old m68k CFM pragmas.
Always use PROFILE_USES_PATHS code, don't test or define it.
(FSp_profile_init, FSp_profile_init_path): Declare, on Mac OS X.
* prof_int.h (NO_SYS_TYPES_H, NO_SYS_STAT_H) [macintosh]: Don't define these.
* prof_file.c: Always inclued sys/types.h and sys/stat.h.
(GetMacOSTempFilespec): Deleted.
(profile_flush_file_data) [COPY_RESOURCE_FORK]: Copy Mac resource fork from old
file to new before renaming.
(rw_access, profile_update_file_data, profile_flush_file_data,
profile_free_file_data): Assume PROFILE_USES_PATHS, don't test.
* prof_init.c (profile_ser_size, profile_ser_externalize,
profile_ser_internalize): Likewise.
(FSp_profile_init, FSp_profile_init_path): Define, on MacOS X.
* profile.exp: Add FSp_* functions.

* prof_file.c (r_access): New function.
(profile_open_file): Use it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15073 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* kerberos_v4.c (process_v4): Use a temporary variable for the current time
Ken Raeburn [Mon, 30 Dec 2002 19:49:21 +0000 (19:49 +0000)]
* kerberos_v4.c (process_v4): Use a temporary variable for the current time
instead of an incorrect pointer cast.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15072 dc483132-0cff-0310-8789-dd5450dbe970

21 years ago* gss-misc.c (send_token, recv_token): Open-code the math to send and receive
Ken Raeburn [Mon, 30 Dec 2002 19:46:21 +0000 (19:46 +0000)]
* gss-misc.c (send_token, recv_token): Open-code the math to send and receive
the length as four bytes in network order, rather than using the first four
bytes of a size_t.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15071 dc483132-0cff-0310-8789-dd5450dbe970

22 years agoReplace dependencies on generated krb524 and krb4 headers with
Tom Yu [Mon, 23 Dec 2002 22:43:03 +0000 (22:43 +0000)]
Replace dependencies on generated krb524 and krb4 headers with
variables, to allow correct behavior when krb4 is disabled.

ticket: 1276
owner: tlyu

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15070 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * setup_mkey.c (krb5_db_setup_mkey_name): Use size_t instead of
Ezra Peisach [Mon, 23 Dec 2002 18:12:29 +0000 (18:12 +0000)]
   * setup_mkey.c (krb5_db_setup_mkey_name): Use size_t instead of
        int for lengths.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15069 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Add
Ezra Peisach [Mon, 23 Dec 2002 18:10:56 +0000 (18:10 +0000)]
    * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Add
        unused_var declaration to cleanup warnings. Signed/unsigned fix as
        well.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15068 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * t_kerb.c: Include string.h for strcmp prototype
Ezra Peisach [Mon, 23 Dec 2002 18:09:24 +0000 (18:09 +0000)]
    * t_kerb.c: Include string.h for strcmp prototype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15067 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * prof_file.c: Cast return from prof_mutex_lock and
Ezra Peisach [Mon, 23 Dec 2002 18:08:02 +0000 (18:08 +0000)]
   * prof_file.c: Cast return from prof_mutex_lock and
        prof_mutex_unlock to void to avoid warnings of code with no side
        effects.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15066 dc483132-0cff-0310-8789-dd5450dbe970

22 years agoCleanup unused
Ezra Peisach [Mon, 23 Dec 2002 18:01:54 +0000 (18:01 +0000)]
Cleanup unused
variables. Signed vs unsigned cleanup. Ensure variables set before
use.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15065 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * t_crc.c: Declare local functions static
Ezra Peisach [Mon, 23 Dec 2002 17:57:48 +0000 (17:57 +0000)]
   * t_crc.c: Declare local functions static

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15064 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * t_cksum.c: Cleanup (potential) variable used before set warning
Ezra Peisach [Mon, 23 Dec 2002 17:55:44 +0000 (17:55 +0000)]
   * t_cksum.c: Cleanup (potential) variable used before set warning

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15063 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago * authorization.c, heuristic.c, ksu.h: Use uid_t instead of int in
Ezra Peisach [Mon, 23 Dec 2002 17:53:01 +0000 (17:53 +0000)]
    * authorization.c, heuristic.c, ksu.h: Use uid_t instead of int in
        arguments to fowner() and get_best_princ_for_target(). Signed
        vs. unsigned int cleanup.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15062 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago* prof_int.h: Define USE_PTHREADS and include pthread.h if on MacOS X.
Ken Raeburn [Sat, 21 Dec 2002 04:28:06 +0000 (04:28 +0000)]
* prof_int.h: Define USE_PTHREADS and include pthread.h if on MacOS X.
(struct global_shared_profile_data) [USE_PTHREADS]: Add a mutex.
(g_shared_trees_mutex) [USE_PTHREADS]: New macro, references the global mutex.
(prof_mutex_lock, prof_mutex_unlock) [SHARE_TREE_DATA]: Define to use pthread
functions or do nothing.
(profile_free_file_data): Delete declaration.
(profile_dereference_data): Declare.
* prof_file.c (profile_free_file_data): Now static.
(profile_open_file, profile_dereference_data) [SHARE_TREE_DATA]: Grab lock
while manipulating global data list or its contents.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15061 dc483132-0cff-0310-8789-dd5450dbe970

22 years agoMerge in data tree sharing, minus locking support, plus a bugfix or two
Ken Raeburn [Fri, 20 Dec 2002 22:38:04 +0000 (22:38 +0000)]
Merge in data tree sharing, minus locking support, plus a bugfix or two

* prof_int.h (SHARE_TREE_DATA): Define.
(struct _prf_file_t) [SHARE_TREE_DATA]: Make data field a pointer rather than
an array.
(struct global_shared_profile_data): New type, for profile library global
data.
(krb5int_profile_shared_data): Declare new variable.
(g_shared_trees): New macro, refers to a field in the global data.
(PROFILE_FILE_SHARED): New flag macro.
* prof_file.c (krb5int_profile_shared_data): Initialize here.
(profile_open_file) [SHARE_TREE_DATA]: Scan g_shared_trees for an entry with
the same filename.  If found, increment its reference count, update it, and
return it; otherwise, allocate a new one, and add it to the list after filling
it in.
(profile_dereference_data): New function.  Decrement reference count if
SHARE_TREE_DATA, and free the data if appropriate.
(profile_free_file): Call profile_dereference_data.
(profile_free_file_data) [SHARE_TREE_DATA]: If the SHARED flag is set, remove
it from the g_shared_trees list before freeing.  Free up the allocated space.
* prof_set.c (rw_setup) [SHARE_TREE_DATA]: If the object's data is shared, copy
it into a new data structure not in the global shared list, and dereference the
old one.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15060 dc483132-0cff-0310-8789-dd5450dbe970

22 years agoIgnore some new generated files
Ken Raeburn [Thu, 19 Dec 2002 05:24:58 +0000 (05:24 +0000)]
Ignore some new generated files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15059 dc483132-0cff-0310-8789-dd5450dbe970

22 years agoClean up some broken uses of "const" in function interfaces
Ken Raeburn [Thu, 19 Dec 2002 05:23:44 +0000 (05:23 +0000)]
Clean up some broken uses of "const" in function interfaces

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15058 dc483132-0cff-0310-8789-dd5450dbe970

22 years ago* Makefile.in (check): Remove test_db before running tests
Ken Raeburn [Thu, 19 Dec 2002 04:56:26 +0000 (04:56 +0000)]
* Makefile.in (check): Remove test_db before running tests

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15057 dc483132-0cff-0310-8789-dd5450dbe970