krb5.git
18 years agoAdd a policy to the database, then after the dump and restore, check
Ken Raeburn [Thu, 12 Oct 2006 03:47:05 +0000 (03:47 +0000)]
Add a policy to the database, then after the dump and restore, check
that it's still there.

ticket: 4355
tags: pullup
target_version: 1.5.2

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18691 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoAnother patch from Will Fiveash, to make "kdb5_util load <dumpfile>"
Ken Raeburn [Thu, 12 Oct 2006 02:39:14 +0000 (02:39 +0000)]
Another patch from Will Fiveash, to make "kdb5_util load <dumpfile>"
work with the LDAP KDB back end, in simple cases (all entries stored
under the krbcontainer entry).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18690 dc483132-0cff-0310-8789-dd5450dbe970

18 years agomore debugging printfs for nightly testing
Ken Raeburn [Thu, 12 Oct 2006 01:18:35 +0000 (01:18 +0000)]
more debugging printfs for nightly testing

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18689 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago(add_to_transited): Change the current logic to keep all array references
Ken Raeburn [Thu, 12 Oct 2006 00:33:12 +0000 (00:33 +0000)]
(add_to_transited): Change the current logic to keep all array references
in bounds, assuming that what would've been next[-1] would not be '.'.  I
haven't fully reexamined the logic, but this seems consistent with the
actual current behavior, and the existing test cases.

Also, factored out code for copying a string from a krb5_data to a char*.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18688 dc483132-0cff-0310-8789-dd5450dbe970

18 years agosome (more) debugging code to track down nightly test failures
Ken Raeburn [Wed, 11 Oct 2006 05:17:16 +0000 (05:17 +0000)]
some (more) debugging code to track down nightly test failures

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18680 dc483132-0cff-0310-8789-dd5450dbe970

18 years agosome debugging code to track down nightly test failures
Ken Raeburn [Wed, 11 Oct 2006 05:15:54 +0000 (05:15 +0000)]
some debugging code to track down nightly test failures

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18679 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoskip over verbose (protocol trace) debugging output
Ken Raeburn [Wed, 11 Oct 2006 05:08:02 +0000 (05:08 +0000)]
skip over verbose (protocol trace) debugging output

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18678 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoAdd bounds-checking assertions before automatic array reference
Ken Raeburn [Wed, 11 Oct 2006 04:54:00 +0000 (04:54 +0000)]
Add bounds-checking assertions before automatic array reference

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18677 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoKeep just 10/6 version of schema files
Ken Raeburn [Tue, 10 Oct 2006 23:59:46 +0000 (23:59 +0000)]
Keep just 10/6 version of schema files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18674 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMemory management and Solaris porting fixes from Will Fiveash
Ken Raeburn [Tue, 10 Oct 2006 23:56:46 +0000 (23:56 +0000)]
Memory management and Solaris porting fixes from Will Fiveash

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18673 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoCheck for allocation failure. Caught by Will Fiveash
Ken Raeburn [Tue, 10 Oct 2006 23:40:55 +0000 (23:40 +0000)]
Check for allocation failure.  Caught by Will Fiveash

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18672 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoDon't segfault if a preauth plugin module fails to load
Kevin Coffman [Tue, 10 Oct 2006 20:52:34 +0000 (20:52 +0000)]
Don't segfault if a preauth plugin module fails to load

Move the zeroing of the errinfo struct before the call to
krb5int_open_plugin_dirs() to prevent segfault in the case
where a plugin fails to load.  (For example if there are
unresolved symbols.)

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18671 dc483132-0cff-0310-8789-dd5450dbe970

18 years agofinal commits for KFW 3.1 Beta 2
Jeffrey Altman [Mon, 9 Oct 2006 18:08:10 +0000 (18:08 +0000)]
final commits for KFW 3.1 Beta 2

  krb5cred.dll (1.1.2.0)

  - Fix the control logic so that if the password is expired for an
    identity, the krb5 credentials provider will initiate a change
    password request.  Once the password is successfully changed, the
    new password will be used to obtain new credentials.

  - Fix an incorrect condition which caused the new credentials dialog
    to refresh custom prompts unnecessarily.

  - Removing an identity from the list of NetIDMgr identities now causes
    the corresponding principal to be removed from the LRU principals
    list.

  - Properly handle KMSG_CRED_PROCESS message when the user is
    cancelling out.

  - Add more debug output

  - Do not renew Kerberos tickets which are not initial tickets.

  - Fix whitespace in source code.

  - When providing identity selection controls, disable the realm
    selector when the user specifies the realm in the username control.

  - k5_ident_valiate_name() will refuse principal names with empty or
    unspecified realms.

  - When updating identity properties, the identity provider will
    correctly set the properties for identities that were destroyed.
    This fixes a problem where the values may be incorrect if an
    identity has two or more credential caches and one of them is
    destroyed.

  nidmgr32.dll (1.1.2.0)

  - Send out a separate notification if the configuration information
    associated with an identity is removed.

  - If an identity is being removed from the NetIDMgr identity list in
    the configuration panel, do not send out APPLY notifications to the
    subpanels after the configuration information has been removed.
    Otherwise this causes the configuration information to be reinstated
    and prevent the identity from being removed.

  - Properly initialize the new credentials blob including the UI
    context structure.

  netidmgr.exe (1.1.2.0)

  - When suppressing error messages, make sure that the final
    KMSG_CRED_END notification is sent.  Otherwise the new credentials
    acquisition operation will not be cleaned up.

  - Autoinit option now checks to see if there are identity credentials
    for the default identity and triggers the new credentials dialog if
    there aren't any.

  - Properly synchronize the configuration node list when applying
    changes (e.g.: when removing or adding an identity).

  - Fix a handle leak when removing an identity from the NetIDMgr
    identity list.

  - Refresh the properties for the active identities before calculating
    the renewal and expiration timers.  Otherwise the timestamps being
    used might be incorrect.

  - Add Identity dialog (in the configuration panel) now uses the
    identity selection controls provided by the identity provider.

  - Improve type safety when handling timer refreshes.

  - When getting the expiration times and issue times for an identity,
    the timer refresh code may fail over to the expiration and issue
    times for the credential it is currently looking at.  Now the code
    makes sure that both the issue and expiration times come from the
    identity or the credential but not mixed.

  - Not being able to get the time of issue of a credential now does not
    result in the credential being skipped from the timer refresh pass.
    However, not having a time of issue will result in the half-life
    algorithm not being applied for the renew timer.

  - Fix a bug which caused a credential to be abandoned from the timer
    refresh pass if the reamining lifetime of the credential is less
    than the renewal threshold.

  - Fix a bug where the vertical scroll bars for the hypertext window
    would not appear when the contents of the window changed.

  - Trigger a refresh of the configuration nodes when adding or removing
    an identity.

  source for (1.1.2.0)

  - Explicitly include <prsht.h> so that the SDK can be used in build
    environments that define WIN32_LEAN_AND_MEAN.

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18670 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoInitialize buffer before calling res_ninit
Russ Allbery [Sun, 8 Oct 2006 03:22:48 +0000 (03:22 +0000)]
Initialize buffer before calling res_ninit

Per Paul Vixie: It is necessary to zero out the statbuf before calling
res_ninit(), or else res_vinit() will call res_nclose() and res_ndestroy()
with stack trash as a statbuf, and they will call free() with stack trash,
and programs will dump core.

Ticket: new
Component: krb5-libs
Version_Reported: 1.5.1
Target_Version: 1.5.2
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18669 dc483132-0cff-0310-8789-dd5450dbe970

18 years agofix dependencies properly this time
Ken Raeburn [Sat, 7 Oct 2006 08:02:41 +0000 (08:02 +0000)]
fix dependencies properly this time

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18668 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoInitialize accessor fields at compile time, under C99 and GCC
Ken Raeburn [Sat, 7 Oct 2006 07:51:48 +0000 (07:51 +0000)]
Initialize accessor fields at compile time, under C99 and GCC

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18667 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMove ASN.1 routines for KDB LDAP plugin into main krb5 library,
Ken Raeburn [Sat, 7 Oct 2006 07:39:24 +0000 (07:39 +0000)]
Move ASN.1 routines for KDB LDAP plugin into main krb5 library,
accessed via krb5int_access.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18666 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoCheck for ldap_initialize and other functions that Solaris (Mozilla-based)
Ken Raeburn [Sat, 7 Oct 2006 06:10:27 +0000 (06:10 +0000)]
Check for ldap_initialize and other functions that Solaris (Mozilla-based)
LDAP does not provide, and define versions a couple of them if needed.
Based on patches from and discussions with Will Fiveash.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18665 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago10/3 patch from Savitha R, part 3, patch-manpages-schema.diff
Ken Raeburn [Sat, 7 Oct 2006 05:25:54 +0000 (05:25 +0000)]
10/3 patch from Savitha R, part 3, patch-manpages-schema.diff

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18664 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Sat, 7 Oct 2006 01:38:12 +0000 (01:38 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18663 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Sat, 7 Oct 2006 01:36:50 +0000 (01:36 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18662 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoUse const pointers for error messages.
Ken Raeburn [Sat, 7 Oct 2006 01:30:59 +0000 (01:30 +0000)]
Use const pointers for error messages.
Add some debugging hooks in the libkrb5 support.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18661 dc483132-0cff-0310-8789-dd5450dbe970

18 years agodrop comma at end of enum list
Ken Raeburn [Sat, 7 Oct 2006 01:04:01 +0000 (01:04 +0000)]
drop comma at end of enum list

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18660 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoEliminate some warnings and non-gcc build problems:
Ken Raeburn [Sat, 7 Oct 2006 01:02:08 +0000 (01:02 +0000)]
Eliminate some warnings and non-gcc build problems:
- nested function
- bogus pointer casts
- C++-style comments
- unused variables
- variables of same name in nested scopes
- if condition syntax
- unused function
- use of GNU-only strndup() function

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18659 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago10/3 patch from Savitha R, part 2, patch-krb-schema.diff
Ken Raeburn [Fri, 6 Oct 2006 23:58:43 +0000 (23:58 +0000)]
10/3 patch from Savitha R, part 2, patch-krb-schema.diff

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18658 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago10/3 patch from Savitha R, part 1, patch-ldap-schema.diff
Ken Raeburn [Fri, 6 Oct 2006 23:53:38 +0000 (23:53 +0000)]
10/3 patch from Savitha R, part 1, patch-ldap-schema.diff

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18657 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoschema info
Ken Raeburn [Fri, 6 Oct 2006 23:29:29 +0000 (23:29 +0000)]
schema info

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18656 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoremove old changelog
Ken Raeburn [Fri, 6 Oct 2006 23:28:50 +0000 (23:28 +0000)]
remove old changelog

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18655 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * src/lib/krb5/ccache/t_cccursor.c: Bugfixes from Ezra to clean up
Tom Yu [Fri, 6 Oct 2006 21:43:02 +0000 (21:43 +0000)]
* src/lib/krb5/ccache/t_cccursor.c: Bugfixes from Ezra to clean up
memory leaks.

ticket: 4389
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18654 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoupdate export lists
Tom Yu [Fri, 6 Oct 2006 21:35:50 +0000 (21:35 +0000)]
update export lists

ticket: 4389
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18653 dc483132-0cff-0310-8789-dd5450dbe970

18 years agomake depend
Tom Yu [Fri, 6 Oct 2006 21:17:56 +0000 (21:17 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970

18 years agocursor for iterating over ccaches
Tom Yu [Thu, 5 Oct 2006 22:58:41 +0000 (22:58 +0000)]
cursor for iterating over ccaches

Some ccache back ends need per-type cursors implemented.

* src/include/k5-int.h: Declare krb5_cc_ptcursor.  Update
krb5_cc_ops vector to include functions for ptcursor and some
not-yet-implemented functionality.

* src/include/krb5/krb5.hin: Prototype krb5_cccol_cursor_new,
krb5_cccol_cursor_next, krb5_cccol_cursor_free.

* src/lib/krb5/ccache/Makefile.in: Compile cccursor.c.  Build
t_cccursor.

* src/lib/krb5/ccache/cccursor.c: Implementation of cursor for
iterating over ccaches.

* src/lib/krb5/ccache/ccbase.c: Add typecursor functionality for
iteration over registered ccache types.

* src/lib/krb5/ccache/cc_memory.c: Implmement per-type ccache
cursor functionality.

* src/lib/krb5/ccache/cc_mslsa.c:
* src/lib/krb5/ccache/cc_file.c:
* src/lib/krb5/ccache/ccapi/stdcc.c: Add place-holder ops vector
entries.

* src/lib/krb5/ccache/t_cccursor.c: New test of ccache cursor
functionality.

* src/lib/krb5/os/ccdefname.c (krb5int_cc_os_default_name): New
function to return the OS-specific default ccache name.

ticket: new
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18651 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * kdc_preauth.c (return_padata): Allocate a padata context if not
Sam Hartman [Thu, 5 Oct 2006 21:28:58 +0000 (21:28 +0000)]
* kdc_preauth.c (return_padata): Allocate a padata context if not
already allocated.  In the preauth_required path check will not be
called to set up the context first.

ticket: 4377
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18650 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoPatch from Kevin Coffman:
Ken Raeburn [Thu, 5 Oct 2006 19:45:52 +0000 (19:45 +0000)]
Patch from Kevin Coffman:

- adds a function to get ccache keycount
- uses it in two places
- fixes free problem if next_cred fails
- simplifies the clearcache function by using keyctl_clear

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18649 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoignore generated source-tree files
Ken Raeburn [Thu, 5 Oct 2006 14:08:06 +0000 (14:08 +0000)]
ignore generated source-tree files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18648 dc483132-0cff-0310-8789-dd5450dbe970

18 years agofix dependence on config.status to use correct dir
Ken Raeburn [Thu, 5 Oct 2006 14:05:40 +0000 (14:05 +0000)]
fix dependence on config.status to use correct dir

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18647 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoAdd decode_tagged_unsigned_integer, and try to fix signed/unsigned and
Ken Raeburn [Thu, 5 Oct 2006 13:17:59 +0000 (13:17 +0000)]
Add decode_tagged_unsigned_integer, and try to fix signed/unsigned and
long/int/int32 mixups in ASN.1 decoding.  Add comments describing encoding
of key data.  Don't always parenthesize safe_syncbuf arguments.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18646 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoset a more meaningful error message in asn1 decode failure case
Ken Raeburn [Thu, 5 Oct 2006 13:15:31 +0000 (13:15 +0000)]
set a more meaningful error message in asn1 decode failure case

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18645 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoexport krb5_ldap_create
Ken Raeburn [Thu, 5 Oct 2006 13:15:00 +0000 (13:15 +0000)]
export krb5_ldap_create

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18644 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoarray before test for pointing at entry with the principal. Avoids
Ezra Peisach [Wed, 4 Oct 2006 18:40:53 +0000 (18:40 +0000)]
array before test for pointing at entry with the principal. Avoids
buffer overflow for end of list.

Detected with a hacked up version of valgrind to handle keyring syscalls.

krb5_krcc_next_cred: Move initial test if pointing past end of key

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18643 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoThe keyring code introduced in r18638 also included tests of the KEYRING:
Ezra Peisach [Wed, 4 Oct 2006 10:44:28 +0000 (10:44 +0000)]
The keyring code introduced in r18638 also included tests of the KEYRING:
regardless of whether the type is registered or not in the library.

Test to see if KEYRING: is registered - and if so - run the tests on it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18642 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoPreauthentication Plugin Framework
Sam Hartman [Tue, 3 Oct 2006 19:07:17 +0000 (19:07 +0000)]
Preauthentication Plugin Framework

Patch from Nalin Dahyabhai at Redhat to implement a preauthentication
framework based on the plugin architecture.  Currently. the API is
considered internal and the header is not installed.
See src/include/krb5/preauth_plugin.h for the interface.

ticket: new
Tags: enhancement
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoconfigure: Depend on $(AUTOCONF_HEADER) so check-ac-syms will be happier
Ken Raeburn [Mon, 2 Oct 2006 23:14:59 +0000 (23:14 +0000)]
configure: Depend on $(AUTOCONF_HEADER) so check-ac-syms will be happier

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18640 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago(AUTOCONF_HEADER): Change to match file's target name
Ken Raeburn [Mon, 2 Oct 2006 23:14:17 +0000 (23:14 +0000)]
(AUTOCONF_HEADER): Change to match file's target name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18639 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMerge Kevin Coffman's keyring ccache branch for Linux, with some modifications:
Ken Raeburn [Mon, 2 Oct 2006 22:50:10 +0000 (22:50 +0000)]
Merge Kevin Coffman's keyring ccache branch for Linux, with some modifications:

aclocal.m4: Enable keyring ccache if the header and library are available; no
configure-time option.  No error if it's not found.

ccdefname.c: Keep old default of FILE: cache, at least for now.

libkrb5.exports: Don't export krb5_krcc_ops.

ccbase.c: Only initialize krb5int_krcc_mutex if USE_KEYRING_CCACHE; destroy it
in finalization.  Define INITIAL_TYPEHEAD macro (for file vs keyring), and use
it for initialization and in krb5int_cc_finalize.  Re-enable freeing of
additional registered-type structures.

cc_keyring.c: Avoid calls to com_err from within library.

cc_file.c: Punt change; generate_new is badly broken, and we expect to replace
it with a new API anyways.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18638 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoNuke old Saber-related stuff
Ken Raeburn [Mon, 2 Oct 2006 21:39:48 +0000 (21:39 +0000)]
Nuke old Saber-related stuff

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18637 dc483132-0cff-0310-8789-dd5450dbe970

18 years agokdc: make_toolong_error does not initialize all fields for krb5_mk_error
Ezra Peisach [Sun, 1 Oct 2006 12:05:20 +0000 (12:05 +0000)]
kdc: make_toolong_error does not initialize all fields for krb5_mk_error

network.c: make_too_long_error() fails to set the ctime and cusec elements of
the krb5_error structure. Valgrind detects errors in the asn.1 encoding
handlers in reading an unitialized value. Initialize to 0.

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18635 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoUpdate expected results for krb5_get_host_realm with referral patches
Ken Raeburn [Sat, 30 Sep 2006 00:54:14 +0000 (00:54 +0000)]
Update expected results for krb5_get_host_realm with referral patches
installed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18634 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago(get_errmsg): Check for errcode_2_string and release_errcode_string
Ken Raeburn [Fri, 29 Sep 2006 23:07:19 +0000 (23:07 +0000)]
(get_errmsg): Check for errcode_2_string and release_errcode_string
being null function pointers.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18633 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoFix AIX version of GET_HOST_BY_NAME to use TMP.ent for the result, not
Ken Raeburn [Thu, 28 Sep 2006 19:07:19 +0000 (19:07 +0000)]
Fix AIX version of GET_HOST_BY_NAME to use TMP.ent for the result, not
the no-longer-defined my_h_ent.

ticket: 4256

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18632 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoPatch from Will Fiveash for "kdb5_util create" support in LDAP, modified to
Ken Raeburn [Mon, 25 Sep 2006 21:17:42 +0000 (21:17 +0000)]
Patch from Will Fiveash for "kdb5_util create" support in LDAP, modified to
drop separate port-number spec so it'll build with current sources.  Not
tested because of a bug in the recent Novell patch. :-(

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18616 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago Implement renew credential functionality which was inadvertently
Jeffrey Altman [Sun, 24 Sep 2006 14:30:29 +0000 (14:30 +0000)]
Implement renew credential functionality which was inadvertently
left out.

ticket: 4312

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18609 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoRemove now-unused 'port' fields
Ken Raeburn [Fri, 22 Sep 2006 21:19:16 +0000 (21:19 +0000)]
Remove now-unused 'port' fields

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18608 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMisc cleanup:
Ken Raeburn [Fri, 22 Sep 2006 20:57:22 +0000 (20:57 +0000)]
Misc cleanup:
Include header instead of duplicating public decls.
Don't use C99-style "//" comments.
Reformat a bit to krb5 tree normal style.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18607 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoNew patch from Savitha, for new principal key storage format in LDAP
Ken Raeburn [Fri, 22 Sep 2006 20:29:24 +0000 (20:29 +0000)]
New patch from Savitha, for new principal key storage format in LDAP

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18606 dc483132-0cff-0310-8789-dd5450dbe970

18 years agono c++-style comments
Ken Raeburn [Fri, 22 Sep 2006 19:24:44 +0000 (19:24 +0000)]
no c++-style comments

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18605 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoKFW 3.1 Beta 2 NetIDMgr Changes
Jeffrey Altman [Thu, 21 Sep 2006 21:49:41 +0000 (21:49 +0000)]
KFW 3.1 Beta 2 NetIDMgr Changes

         source for (1.1.0.1)

         - Updated documentation with additional information and fixed errors.

         nidmgr32.dll (1.1.0.1)

         - Fixed a deadlock in the configuration provider that may cause
           NetIDMgr to deadlock on load.

         - Prevent the configuration provider handle list from getting
           corrupted in the event of a plug-in freeing a handle twice.

         - Add more parameter validation for the configuration provider.

         - If a plug-in is only partially registered (only some of the entries
           were set in the registry), the completion of the registration didn't
           complete successfully, leaving the plug-in in an unusable state.
           This has been fixed.  Plug-ins will now successfully complete
           registration once they are loaded for the first time, assuming the
           correct resources are present in the module.

         - Fixed notifications for setting a default identity.  Notifications
           were not being properly sent out resulting in the credentials window
           not being updated when the default identity changed.

         - Changes to the API for type safety.

         - Handling of binary data fields was changed to support validation and
           comparison.

         - Data types that do not support KCDB_CBSIZE_AUTO now check for and
           report an error if it is specified.

         - Password fields in the new credentials dialog will trim leading and
           trailing whitespace before using a user-entered value.

         - Change password action will no longer be disabled if no identity is
           selected.  An identity selection control is present in the dialog
           making this restriction unnecessary.

         - When renewing credentials, error messages will be suppressed if the
           renewal was for an identity and the identity does not have any
           identity credentials associated with it.

         - Error messages that are related to credentials acquisition or
           password changes will now display the name of the identity that the
           error applies to.

         - Automatic renewals now renews all identities that have credentials
           associated with them instead of just the default identity.

         - Fixed a bug where error messages did not have a default button which
           can be invoked with the return key or the space bar.

         - The new credentials window will force itself to the top.  This can
           be disabled via a registry setting, but is on by default.

         - Fixed the sort order in the new credentials tabs to respect sort
           hints provided by plug-ins.

         - If a new credentials operation fails, the password fields will be
           cleared.

         - Once a new credentials operation starts, the controls for specifying
           the identity and password and any other custom prompts will be
           disabled until the operation completes.

         - Notifications during the new credentials operation now supply a
           handle to the proper data structures as documented.

         - Hyperlinks in the new credentials dialog now support markup that
           will prevent the dialog from switching to the credentials type panel
           when the link is activated.

         - If there are too many buttons added by plug-ins in the new
           credentials dialog, they will be resized to accomodate all of them.

         - The options button in the new credentials dialog will be disabled
           while a new credentials operation is in progress.

         - The 'about' dialog retains the original copyright strings included
           in the resource.

         - Multiple modal dialogs are now supported.  Only the topmost one will
           be active.  Once it is closed, the other dialogs will gain focus in
           turn.  This allows for error messages to be displayed from other
           modal dialogs.

         - The hypertext window supports italics.

         krb4cred.dll (1.1.0.1)

         - Fixed a bug where the plug-in would attempt to free a handle twice.

         - Fixed a handle leak.

         - Changed the facility name used for event reporting to match the
           credentials type name.

         krb5cred.dll (1.1.0.1)

         - Fixed handling of expired passwords.  If the password for an
           identity is found to have expired at the time a new credentials
           acquisition is in progress, the user will be given an opportunity to
           change the password.  If this is successful, the new credentials
           operation will continue with the new password.

         - Prevent the new credentials dialog from switching to the Kerberos 5
           credentials panel during a password change.

         - Prompts that were cached indefinitely will now have a limited
           lifetime.  Prompt caches that were created using prior versions of
           the plug-in will automatically expire.

         - Multistrings in the resource files were converted to CSV to protect
           them against a bug in Visual Studio 2005 which corrupted
           multistrings.

         - Added handling of and reporting WinSock errors that are returned
           from the Kerberos 5 libraries.

         - Fixed uninitialized variables.

         - The username and realm that is entered when selecting an identity
           will be trimmed of leading and trailing whitespace.

         - Changed the facility name used for event reporting to match the
           credentials type name.

ticket: new
component: windows
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18604 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoNSIS installer - update for Win2K NetIDMgr
Jeffrey Altman [Thu, 21 Sep 2006 16:18:26 +0000 (16:18 +0000)]
NSIS installer - update for Win2K NetIDMgr

Install the Win2K specific binaries for NetIDMgr on Win2K

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18603 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago oops, make sure we install from the correct source file
Jeffrey Altman [Thu, 21 Sep 2006 15:54:05 +0000 (15:54 +0000)]
oops, make sure we install from the correct source file
on Windows 2000

ticket: 4309

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18602 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowix installer - win2k compatibility for netidmgr
Jeffrey Altman [Thu, 21 Sep 2006 14:58:40 +0000 (14:58 +0000)]
wix installer - win2k compatibility for netidmgr

Install the special win2k version of nidmgr32.dll
   on Windows 2000 systems.

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18601 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowindows thread support frees thread local storage after TlsSetValue
Jeffrey Altman [Thu, 21 Sep 2006 02:43:12 +0000 (02:43 +0000)]
windows thread support frees thread local storage after TlsSetValue

  threads.c: The return value of TlsSetValue is non-zero on
                   success.  As a result of misinterpreting the
                   return value, the memory set in TLS is then freed.
   A subsequent call to TlsGetValue returns the
   invalid pointer.

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18600 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoSet the canonicalize flag in TGS requests and accept cross-realm referral tickets.
Sam Hartman [Thu, 21 Sep 2006 01:48:50 +0000 (01:48 +0000)]
Set the canonicalize flag in TGS requests and accept cross-realm referral tickets.
We do not yet accept tickets in which the server name changes.

* krb5_sname_to_principal:   If there is no domain realm mapping return null realm
*krb5_get_cred_via_tkt: New behavior as described below

1) the referrals case:
  - check for TGT for initial realm
    - if a remote realm was specified (which must have happened via a
      domain_realm mapping), obtain a TGT for it the standard way and
      start with that.
  - use client realm for server if not specified
  - iterate through this loop:
    - request ticket with referrals turned on
    - if that fails:
      - if this was the first request, punt to non-referrals case
      - otherwise, retry once without referrals turned on then terminate
        either way
    - if it works, either use the service ticket or follow the referral path
    - if loop count exceeded, hardfail
2) the nonreferrals case
  - this is mostly the old walk_realm_tree TGT-finding (which allows
    limited shortcut referrals per 4120) followed by a standard tgs-req.
  - originally requested principal is used for this, although if we were
    handed something without a realm, determine a fallback realm based on
    DNS TXT records or a truncation of the domain name.

ticket: 2652
Owner: amb

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago* kdb_ldap.h: If BUILD_WITH_BROKEN_LDAP is defined, skip version checks
Ken Raeburn [Wed, 20 Sep 2006 01:30:25 +0000 (01:30 +0000)]
* kdb_ldap.h: If BUILD_WITH_BROKEN_LDAP is defined, skip version checks

ticket: 4292

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18595 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoBad loop logic in krb5_mcc_generate_new
Alexandra Ellwood [Tue, 19 Sep 2006 22:40:09 +0000 (22:40 +0000)]
Bad loop logic in krb5_mcc_generate_new

krb5_mcc_generate_new() Error in loop caused first item in the list to not
get checked the second time through scanning for duplicates.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18594 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Mon, 18 Sep 2006 23:58:56 +0000 (23:58 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18593 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoSavitha's patches for:
Ken Raeburn [Mon, 18 Sep 2006 23:51:50 +0000 (23:51 +0000)]
Savitha's patches for:
- LDAP URI support for specifying server and port
- support for ldapi interface
- updated to newer LDAP APIs
- updated documentation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18592 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago* kdb5.c (kdb_load_library): Make error message a little more accurate.
Ken Raeburn [Sat, 16 Sep 2006 01:59:15 +0000 (01:59 +0000)]
* kdb5.c (kdb_load_library): Make error message a little more accurate.
(get_errmsg): New function.  Uses errcode_2_string and release_errcode_string
functions to copy out an error message from the plugin and store it locally,
if the error code supplied is nonzero.  Changed other uses of plugin functions
to call get_errmsg on returning.
(krb5_db_errcode2string): Deleted.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18591 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoUpdate dependencies
Ken Raeburn [Sat, 16 Sep 2006 01:49:52 +0000 (01:49 +0000)]
Update dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18590 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMove RPC header files to include/gssrpc, which we copy to them at
Ken Raeburn [Sat, 16 Sep 2006 01:32:40 +0000 (01:32 +0000)]
Move RPC header files to include/gssrpc, which we copy to them at
build time, and which is the only place we use them from anyways.
Update Makefile references and dependencies.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18589 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoExport krb5_ldap_release_errcode_string
Ken Raeburn [Sat, 16 Sep 2006 01:25:12 +0000 (01:25 +0000)]
Export krb5_ldap_release_errcode_string

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18588 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMake it easier to ignore additional directories, like, oh, say, local
Ken Raeburn [Fri, 15 Sep 2006 22:57:09 +0000 (22:57 +0000)]
Make it easier to ignore additional directories, like, oh, say, local
install paths for OpenLDAP.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18587 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Wed, 13 Sep 2006 20:30:23 +0000 (20:30 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18584 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Tue, 12 Sep 2006 00:25:34 +0000 (00:25 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18583 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Tue, 12 Sep 2006 00:20:01 +0000 (00:20 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18582 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago* Makefile.in (krb5/krb5.h): Wrap the content in macro test for
Ken Raeburn [Thu, 7 Sep 2006 22:16:45 +0000 (22:16 +0000)]
* Makefile.in (krb5/krb5.h): Wrap the content in macro test for
multiple-inclusion protection.

ticket: 3522

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18571 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMake database plugin responsible for releasing the error-message string, so
Ken Raeburn [Wed, 6 Sep 2006 20:31:54 +0000 (20:31 +0000)]
Make database plugin responsible for releasing the error-message string, so
that we can use the krb5_get_error_message interface internally.

* kdb5.h: Add release_errcode_string field to the interface.
* db2_exp.c, ldap_exp.c: Initialize it.
* ldap_misc.c: Use krb5_get/free_error_message for error message strings.
* kdb_ldap.h: Declare krb5_ldap_release_errcode_string.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18565 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Wed, 6 Sep 2006 19:54:06 +0000 (19:54 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18564 dc483132-0cff-0310-8789-dd5450dbe970

18 years agocomment formatting for 80 columns
Ken Raeburn [Wed, 6 Sep 2006 17:15:12 +0000 (17:15 +0000)]
comment formatting for 80 columns

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18563 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago(prof_get_integer_def, prof_get_string_def): New functions: check specified
Ken Raeburn [Tue, 5 Sep 2006 21:54:47 +0000 (21:54 +0000)]
(prof_get_integer_def, prof_get_string_def): New functions: check specified
config section in the profile, then the default section, then fall back to
passed default value (for integer only).  Set error string on error.
(krb5_ldap_read_server_params): Use them, instead of explicitly doubling each
profile_get call.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18562 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowindows ccache and keytab file paths without a prefix
Jeffrey Altman [Tue, 5 Sep 2006 18:47:29 +0000 (18:47 +0000)]
windows ccache and keytab file paths without a prefix

ktbase.c, ccbase.c:  When a file path is specified without
         the prefix we must infer the use of the "FILE" prefix.
  However, we were setting the prefix including the colon
    separator when the separator should have been ignored.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18561 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoReject old OpenLDAP versions with bugs tickled by this code.
Ken Raeburn [Fri, 1 Sep 2006 02:51:38 +0000 (02:51 +0000)]
Reject old OpenLDAP versions with bugs tickled by this code.
Clean up some warnings during the build.

* ldap_misc.c (strptime) [NEED_STRPTIME_PROTO]: Declare, conditionally.
(krb5_ldap_errcode_2_string): Return string, not error code, to fit with DAL
interface spec.
* kdb_ldap.h: Error out for OpenLDAP versions before 2.2.24.
(LDAP_DEPRECATED): Define; openldap-2.3.27 defaults to undefined.
(krb5_ldap_lib_init): Prototype.
(krb5_get_policydn): Declare.
(krb5_ldap_errcode_2_string): Fix return type.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18558 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago(krb5_ldap_destroy_policy): krb5_ldap_delete_policy takes a mask arg, not pointer-to
Ken Raeburn [Thu, 31 Aug 2006 22:12:36 +0000 (22:12 +0000)]
(krb5_ldap_destroy_policy): krb5_ldap_delete_policy takes a mask arg, not pointer-to

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18557 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoDeclare get_date() used from kadmin cli code.
Ken Raeburn [Thu, 31 Aug 2006 22:08:45 +0000 (22:08 +0000)]
Declare get_date() used from kadmin cli code.
In calls, delete the second argument that get_date doesn't take.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18556 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoRemove or conditionalize unused variables
Ken Raeburn [Thu, 31 Aug 2006 21:30:30 +0000 (21:30 +0000)]
Remove or conditionalize unused variables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18555 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoPatches from Will Fiveash to allow for configuration and building on
Ken Raeburn [Thu, 31 Aug 2006 21:17:34 +0000 (21:17 +0000)]
Patches from Will Fiveash to allow for configuration and building on
Solaris.  Tested (configured & built) on RHEL 4 and Solaris 10.  One
minor bugfix added.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18554 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago* shlib.conf (*-*-linux*): Use LDFLAGS in LDCOMBINE
Ken Raeburn [Wed, 30 Aug 2006 19:44:54 +0000 (19:44 +0000)]
* shlib.conf (*-*-linux*): Use LDFLAGS in LDCOMBINE

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18553 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoSome mechanical changes (mostly whitespace, like indentation levels)
Ken Raeburn [Wed, 30 Aug 2006 00:10:54 +0000 (00:10 +0000)]
Some mechanical changes (mostly whitespace, like indentation levels)
to match up better with MIT coding style.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18552 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoSome mechanical changes (mainly whitespace) to match up better with
Ken Raeburn [Tue, 29 Aug 2006 22:54:46 +0000 (22:54 +0000)]
Some mechanical changes (mainly whitespace) to match up better with
MIT coding style.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18551 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoRename KRB5_KDB_PLUGIN_OP_NOTSUPP to KRB5_PLUGIN_OP_NOTSUPP and move to krb5 table
Ken Raeburn [Tue, 29 Aug 2006 20:41:50 +0000 (20:41 +0000)]
Rename KRB5_KDB_PLUGIN_OP_NOTSUPP to KRB5_PLUGIN_OP_NOTSUPP and move to krb5 table

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18550 dc483132-0cff-0310-8789-dd5450dbe970

18 years agowhitespace
Ken Raeburn [Tue, 29 Aug 2006 20:13:27 +0000 (20:13 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18549 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoPatch from Savitha R:
Ken Raeburn [Tue, 29 Aug 2006 19:52:38 +0000 (19:52 +0000)]
Patch from Savitha R:

    ldap_util
    1. Kdb5_ldap_util interface
    Removed supp enctypes, suppsalttypes from create realm and modify
    realm since they are currently not used
    2. memset passwd strings to zero when not used any more
    3. Using krb5_sname_to_principal in place of gethostbyname while
    creating the kadmin principal with hostname.

    libkdb_ldap
    1. Added mandatory functions which were missing in the LDAP plug-in
    2. Error handling changes - Setting the error message in the
    kerberos context when decryption of the service passwd fails or
    connection to the LDAP server fails during initialization.

Additional changes:

libkdb_ldap: Link against com_err library, to provide error_message().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18548 dc483132-0cff-0310-8789-dd5450dbe970

18 years agomake depend
Ken Raeburn [Wed, 23 Aug 2006 22:58:02 +0000 (22:58 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18519 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoMerge Todd's TCP changepw support, with a few fixups
Ken Raeburn [Wed, 23 Aug 2006 22:56:29 +0000 (22:56 +0000)]
Merge Todd's TCP changepw support, with a few fixups

* include/cm.h (state_strings, enum conn_states, struct incoming_krb5_message,
struct conn_state): Moved here from lib/krb5/os/sendto_kdc.c.
(stuct sendto_callback_info): New type.
* lib/krb5/os/sendto_kdc.c (set_conn_state_msg_length): New function.
(setup_connection): Deleted argument message_len_buf.  Don't store message
length; call set_conn_state_msg_length instead.
(start_connection): New arguments callback_info and callback_buffer.  Invoke
callback function if any, and set message length on success.
(maybe_send): New arguments callback_info and callback_buffer; pass them to
start_connection.
(krb5int_sendto): New arguments callback_info, remoteaddr, remoteaddrlen.  If
callback info is provided, allocate per-connection buffers, and pass them to
maybe_send.  On cleanup, invoke the cleanup callback function if any.
(krb5_sendto_kdc): Update krb5int_sendto call.
* include/k5-int.h (struct sendto_callback_info): Add forward declaration.
(krb5int_sendto, struct _krb5int_access.sendto_udp): Update for new signature.
* lib/krb5/os/send524 (krb5int_524_sendto_kdc): Update krb5int_sendto call.
* lib/krb4/send_to_kdc.c (krb5int_send_to_kdc_addr): Update sendto_udp call.

* lib/krb5/os/changepw.c (struct sendto_callback_context): New type.
(krb5_locate_kpasswd): New argument useTcp, used to select socket type in
krb5int_locate_server call.
(kpasswd_sendto_msg_cleanup, kpasswd_sendto_msg_callback): New functions.
(krb5_change_set_password): Call krb5int_sendto with callbacks, instead of
managing the exchange here.  On RESPONSE_TOO_BIG error, try again with TCP
only.

* lib/krb5/krb/chpw.c (krb5int_rd_chpw_rep): If length is wrong, check if a
buggy server sent a KRB_ERROR.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18518 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago Update auxiliary version number for NetIDMgr
Jeffrey Altman [Wed, 23 Aug 2006 16:33:58 +0000 (16:33 +0000)]
Update auxiliary version number for NetIDMgr

ticket: 4172

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18499 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * install NetIDMgr plug-in sample as part of SDK
Jeffrey Altman [Wed, 23 Aug 2006 02:28:05 +0000 (02:28 +0000)]
* install NetIDMgr plug-in sample as part of SDK
* install netidmgr.exe (win2000 version)

ticket: 4172

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18498 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * newcredwnd.c - erase the password field on error
Jeffrey Altman [Wed, 23 Aug 2006 02:18:00 +0000 (02:18 +0000)]
* newcredwnd.c - erase the password field on error
          during new credential acquisition

ticket: 4172

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18497 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * Fix auto-registration of plug-in modules
Jeffrey Altman [Wed, 23 Aug 2006 02:17:12 +0000 (02:17 +0000)]
* Fix auto-registration of plug-in modules
     if there is no plug-in list specified

ticket: 4172

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18496 dc483132-0cff-0310-8789-dd5450dbe970

18 years ago * Makefile - do not etag the Win2000 version of
Jeffrey Altman [Wed, 23 Aug 2006 02:15:52 +0000 (02:15 +0000)]
* Makefile - do not etag the Win2000 version of
          the NetIDMgr.exe

ticket: 4172

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18495 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoimprovements to netidmgr dialogs
Jeffrey Altman [Tue, 22 Aug 2006 22:12:15 +0000 (22:12 +0000)]
improvements to netidmgr dialogs

   * ensure that buttons are disabled while
          actions are in process

   * allow plug-ins to specify italic text

   * fix some documentation

* reformat langres.rc

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18494 dc483132-0cff-0310-8789-dd5450dbe970

18 years agoclean up mkrel patchlevel.h editing etc
Tom Yu [Mon, 21 Aug 2006 20:31:51 +0000 (20:31 +0000)]
clean up mkrel patchlevel.h editing etc

* src/util/mkrel: Be more careful editing KRB5_RELDATE.  Delete
'$ac_config_fragdir' autoconf droppings.

ticket: new
tags: pullup
target_version: 1.5.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18475 dc483132-0cff-0310-8789-dd5450dbe970