krb5.git
29 years ago(krb5_get_server_rcache): Use krb5_rc_default_type instead of assuming
Ezra Peisach [Fri, 17 Nov 1995 01:30:40 +0000 (01:30 +0000)]
(krb5_get_server_rcache): Use krb5_rc_default_type instead of assuming
default rcache type is "dfl".

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7110 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * *.c (*): initialize lock_arg to a copy of a static
Mark Eichin [Thu, 16 Nov 1995 03:08:18 +0000 (03:08 +0000)]
* *.c (*): initialize lock_arg to a copy of a static
  (thus zero) struct flock, to avoid panic'ing sunos 4.1.4.

If you call fcntl F_SETLKW with l_type == F_UNLCK and l_xxx == 15
(GRANT_LOCK_FLAG) you'll panic sunos 4.1.4 with
assertion failed: ld->l_xxx != GRANT_LOCK_FLAG, file: ../../ufs/ufs_lockf.c, line: 995

Since automatic structs like these have random values in uninitialized
fields, we initialize from a static struct (since using memset in this
case is abhorrent, and naming l_xxx is non POSIX.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7109 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * ktest_equal.c (ktest_equal_krb5_etype_info_entry()) :
Chris Provenzano [Wed, 15 Nov 1995 20:29:59 +0000 (20:29 +0000)]
* ktest_equal.c (ktest_equal_krb5_etype_info_entry()) :
Only do emecmp() if ref->length > 0

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7108 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoInitial checkin of Sun's (Derek's) multi-mechanism GSSAPI support
Theodore Tso [Wed, 15 Nov 1995 16:21:13 +0000 (16:21 +0000)]
Initial checkin of Sun's (Derek's) multi-mechanism GSSAPI support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7107 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded ANL changes to support configuration authentication paths
Theodore Tso [Wed, 15 Nov 1995 15:24:43 +0000 (15:24 +0000)]
Added ANL changes to support configuration authentication paths

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7106 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* kdc_util.h: Added new prototypes for return_padata() and check_padata()
Theodore Tso [Tue, 14 Nov 1995 00:47:37 +0000 (00:47 +0000)]
* kdc_util.h: Added new prototypes for return_padata() and check_padata()

* kdc_preauth.c (return_padata): New function which calls out to each preauth
 type to see if it is necessary to return preauth data or not.
(return_pw_salt): New function responsible for returning the
KRB5_PW_SALT preauth information.

* do_as_req.c (process_as_req):  Move creation of the PW_SALT
preauthentication step into kdc_preauth.c.  Call return_pdata()
which is responsible for all padata info which is returned by
the KDC in the KRB_AS_REP message.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7103 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* preauth.c (krb5_process_padata): Added generalized processing for
Theodore Tso [Mon, 13 Nov 1995 18:01:26 +0000 (18:01 +0000)]
* preauth.c (krb5_process_padata): Added generalized processing for
preauth information which is returned by the KDC.  This should be
general enough to support the AFS3_SALT preauth type, the SNK4
preauth type, and the public-key mods to Kerberos.
(process_pw_salt): New function for processing the KRB5_PW_SALT
preauthentication type.

* get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for
processing the PW_SALT preauth type; that's now done in preauth.c
(krb5_get_in_tkt): Call krb5_process_padata with new arguments so that
the preauth code can set the decryption_key if necessary.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7102 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded typedef for krb5_preauth_proces_proc, and changed the prototype
Theodore Tso [Mon, 13 Nov 1995 17:57:00 +0000 (17:57 +0000)]
Added typedef for krb5_preauth_proces_proc, and changed the prototype
of krb5_process_padata() to take additional arguments for returning
the decryption key to use for decrypting the as_reply, as well as
passing in the decrypt_proc procedure in case some preauth types want
to call decrypt_proc themselves.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7101 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* encrypt_data.c (krb5_encrypt_data): New file. A generic routine
Theodore Tso [Mon, 13 Nov 1995 16:53:23 +0000 (16:53 +0000)]
* encrypt_data.c (krb5_encrypt_data): New file.  A generic routine
for encrypting data in a krb5_data structure.  Fills in a
krb5_enc_data structure.

* decrypt_data.c (krb5_decrypt_data): New file.  A generic routine
for decrypting data in a krb5_enc_data structure.  Fills
in a krb5_data structure.

* Makefile.in (SRCS): Added decrypt_data.c and encrypt_data.c to
list of files to be compiled.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7100 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd prototypes for krb5_encrypt_data(), krb5_decrypt_data()
Theodore Tso [Mon, 13 Nov 1995 16:51:54 +0000 (16:51 +0000)]
Add prototypes for krb5_encrypt_data(), krb5_decrypt_data()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7099 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd prototypes for krb5_encrypt_data(), krb5_decrypt_data()
Theodore Tso [Mon, 13 Nov 1995 16:51:37 +0000 (16:51 +0000)]
Add prototypes for krb5_encrypt_data(), krb5_decrypt_data()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7098 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * def_realm.c (krb5_get_default_realm): check for PROF_NO_PROFILE
Mark Eichin [Mon, 13 Nov 1995 01:41:07 +0000 (01:41 +0000)]
* def_realm.c (krb5_get_default_realm): check for PROF_NO_PROFILE
and return KRB5_CONFIG_CANTOPEN instead of BADFORMAT so that the
user in the end knows what is going on.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7097 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * g_cnffile.c (krb__get_srvtabname): new function, looks up
Mark Eichin [Mon, 13 Nov 1995 01:40:31 +0000 (01:40 +0000)]
* g_cnffile.c (krb__get_srvtabname): new function, looks up
[libdefaults]krb4_srvtab for use where KEYFILE used to be.
* g_cnffile.c (krb__v5_get_file): new function, looks up argument
in [libdefaults] and tries to open it as a filename. Returns
filehandle (or NULL, if fopen failed.)
(krb__get_cnffile, krb__get_realmsfile): use krb__v5_get_file to
look up "krb4_config" or "krb4_realms" respectively. Also add
$KRB_REALMS override for realms file.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7096 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * conv_creds.c (krb524_convert_creds_kdc): loop through all of the
Mark Eichin [Mon, 13 Nov 1995 01:39:39 +0000 (01:39 +0000)]
* conv_creds.c (krb524_convert_creds_kdc): loop through all of the
addresses returned by krb5_locate_kdc, don't just try the first one.
* krb524d.c (do_connection): check for particular failures of
decode_krb5_ticket, as well as for messages that are one int long
(which will eliminate our own error replies.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7095 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb.h (KEYFILE): change to call krb__get_srvtabname with a
Mark Eichin [Mon, 13 Nov 1995 01:39:04 +0000 (01:39 +0000)]
* krb.h (KEYFILE): change to call krb__get_srvtabname with a
default of the old hardcoded value "/etc/srvtab".

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7094 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb5.conf[libdefaults]: add krb4_config, krb4_realms
Mark Eichin [Mon, 13 Nov 1995 01:38:24 +0000 (01:38 +0000)]
* krb5.conf[libdefaults]: add krb4_config, krb4_realms

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7093 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * telnetd.8: source tmac.doc for correct parsing
Mark Eichin [Mon, 13 Nov 1995 01:37:23 +0000 (01:37 +0000)]
* telnetd.8: source tmac.doc for correct parsing

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7092 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * main.c: initialize line (to avoid splitting up forward.c.)
Mark Eichin [Mon, 13 Nov 1995 01:35:44 +0000 (01:35 +0000)]
* main.c: initialize line (to avoid splitting up forward.c.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7091 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * forward.c: set KRB5_DEFAULT_LIFE to 10 hours, not 8.
Mark Eichin [Mon, 13 Nov 1995 01:26:12 +0000 (01:26 +0000)]
* forward.c: set KRB5_DEFAULT_LIFE to 10 hours, not 8.
* forward.c (rd_and_store_for_creds): construct correct cache name
for forwarded tickets (based on tty name if available) and drop it
into the environment so login notices it.

also, fix typo in comment in kerberos5.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7090 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krshd.c (doit): drag TZ= from parent environment into envinit to
Mark Eichin [Mon, 13 Nov 1995 01:24:25 +0000 (01:24 +0000)]
* krshd.c (doit): drag TZ= from parent environment into envinit to
pass to child.
(envinit, TZENV): add one more slot for optional TZ, and mark it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7089 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * Makefile.in (install-mkdirs): bash needs a semicolon between fi
Mark Eichin [Mon, 13 Nov 1995 01:23:22 +0000 (01:23 +0000)]
* Makefile.in (install-mkdirs): bash needs a semicolon between fi
and done.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7088 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoComment out encrypted telnet tests
Ezra Peisach [Sat, 11 Nov 1995 02:16:11 +0000 (02:16 +0000)]
Comment out encrypted telnet tests

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7087 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * TODO : Remove krb5_enctype argument from string_to_key() is done
Chris Provenzano [Thu, 9 Nov 1995 22:27:36 +0000 (22:27 +0000)]
* TODO : Remove krb5_enctype argument from string_to_key() is done

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7086 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * t_cksum.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:27:02 +0000 (22:27 +0000)]
    * t_cksum.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7085 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * string2key.c : Remove krb5_enctype from krb5_string_to_key() args.
Chris Provenzano [Thu, 9 Nov 1995 22:26:40 +0000 (22:26 +0000)]
    * string2key.c : Remove krb5_enctype from krb5_string_to_key() args.
* string2key.c, des_int.h : Remove krb5_enctype from
mit_des_string_to_key() args.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7084 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * fetch_mkey.c, kdb_cpw.c, t_kdb.c :
Chris Provenzano [Thu, 9 Nov 1995 22:26:01 +0000 (22:26 +0000)]
    * fetch_mkey.c, kdb_cpw.c, t_kdb.c :
Remove krb5_enctype from krb5_string_to_key() args.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7083 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:25:29 +0000 (22:25 +0000)]
    * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7082 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_verify.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:24:52 +0000 (22:24 +0000)]
    * kdb5_verify.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7081 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdc5_hammer.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:24:34 +0000 (22:24 +0000)]
    * kdc5_hammer.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7080 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_mkdums.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:24:16 +0000 (22:24 +0000)]
    * kdb5_mkdums.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7079 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * krb5.hin : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:23:27 +0000 (22:23 +0000)]
    * krb5.hin : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7078 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_edit.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:22:54 +0000 (22:22 +0000)]
    * kdb5_edit.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7077 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb5_create.c : Remove krb5_enctype from krb5_string_to_key() args
Chris Provenzano [Thu, 9 Nov 1995 22:22:34 +0000 (22:22 +0000)]
* kdb5_create.c : Remove krb5_enctype from krb5_string_to_key() args

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7076 dc483132-0cff-0310-8789-dd5450dbe970

29 years agosim_client.c (main): Use krb5_get_server_rcache instead of duplicating
Ezra Peisach [Thu, 9 Nov 1995 14:39:34 +0000 (14:39 +0000)]
sim_client.c (main): Use krb5_get_server_rcache instead of duplicating
code. Remove use of krb5_clockskew variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7074 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* kdc_preauth.c (get_etype_info): Added function to return the
Theodore Tso [Thu, 9 Nov 1995 05:08:09 +0000 (05:08 +0000)]
* kdc_preauth.c (get_etype_info): Added function to return the
etype_info preauth hint to the client.

* kdc_util.c (get_salt_from_key): Added new function which determines
the salting information from the krb5_key_data structure.

* main.c (kdc_initialize_rcache): Replace use of krb5_clockskew with
context->clockskew.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7073 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRemove etype_info from the argument list of krb5_obtain_padata
Theodore Tso [Thu, 9 Nov 1995 05:05:28 +0000 (05:05 +0000)]
Remove etype_info from the argument list of krb5_obtain_padata

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7072 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument from
Theodore Tso [Thu, 9 Nov 1995 05:04:28 +0000 (05:04 +0000)]
* get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument from
the call to krb5_obtain_padata.

* preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO preauth,
if it exists, to determine which salt type to use when encrypting the
preauthentication data.  Remove the etype_info argument.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7071 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoDon't require val->salt to be non-zero if val->lenth is zero
Theodore Tso [Thu, 9 Nov 1995 05:02:13 +0000 (05:02 +0000)]
Don't require val->salt to be non-zero if val->lenth is zero

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7070 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix stupid typo when creating function
Theodore Tso [Thu, 9 Nov 1995 02:53:04 +0000 (02:53 +0000)]
Fix stupid typo when creating function

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7069 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5_encode_test.c (main): In case of an error in the encoding
Theodore Tso [Thu, 9 Nov 1995 01:05:57 +0000 (01:05 +0000)]
* krb5_encode_test.c (main): In case of an error in the encoding
routines, exit.  Otherwise, calling the print routines will often
lead to a coredump.

* ktest.c (ktest_make_sample_etype_info): Set etype.length to -1 to
mean that the optional salt string is missing.  (This is change in
the convention used by the ASN.1 encoder and decoder for this ASN.1
structure.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7068 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* asn1_k_decode.c (asn1_decode_etype_info_entry): If the optional
Theodore Tso [Thu, 9 Nov 1995 01:03:32 +0000 (01:03 +0000)]
* asn1_k_decode.c (asn1_decode_etype_info_entry): If the optional
salt element is not present, set etype.length to -1.

* asn1_k_encode.c (asn1_encode_etype_info_entry): When encoding
the etype_info_entry structure, use length == -1 to mean
that the optional salt structure should not be sent.  (It
used to be if length == -1.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7067 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5.hin: Add preauthentication type KRB5_PADATA_ETYPE_INFO
Theodore Tso [Wed, 8 Nov 1995 22:57:07 +0000 (22:57 +0000)]
* krb5.hin: Add preauthentication type KRB5_PADATA_ETYPE_INFO

* k5-int.h: Add declaration for krb5_free_etype_info.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7066 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded new function to free a krb5_etype_info structure
Theodore Tso [Wed, 8 Nov 1995 22:55:41 +0000 (22:55 +0000)]
Added new function to free a krb5_etype_info structure

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7065 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoChange use of krb5_clockskew to be context->clockskew
Theodore Tso [Wed, 8 Nov 1995 22:54:58 +0000 (22:54 +0000)]
Change use of krb5_clockskew to be context->clockskew

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7064 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krbconfig.c: Removed the krb5_clockskew variable
Theodore Tso [Wed, 8 Nov 1995 21:59:00 +0000 (21:59 +0000)]
* krbconfig.c: Removed the krb5_clockskew variable

* srv_rcache.c (krb5_get_server_rcache):
* rd_safe.c (krb5_rd_safe):
* rd_req_dec.c (krb5_rd_req_decoded):
* rd_priv.c (krb5_rd_priv):
* rd_cred.c (krb5_rd_cred):
* gc_via_tkt.c (krb5_get_cred_via_tkt):
* get_in_tkt.c (verify_as_reply): Replace use of krb5_clockskew with
context->clockskew.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7063 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoUpdated reference files for the new structures now supported by the ASN.1
Theodore Tso [Wed, 8 Nov 1995 20:08:41 +0000 (20:08 +0000)]
Updated reference files for the new structures now supported by the ASN.1
encoders and decoders.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7062 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* kdc_util.c (): Added new helper functions
Theodore Tso [Wed, 8 Nov 1995 08:03:31 +0000 (08:03 +0000)]
* kdc_util.c (): Added new helper functions
dbentry_has_key_for_enctype(), dbentry_supports_enctype(), and
select_session_keytype().

* kdc_preauth.c: Added support for the ENC_TIMESTAMP preauthentication
scheme.

* do_tgs_req.c (process_tgs_req): Fixed the keytype/enctype selection
criteria for the server key, and the ticket session key.

* do_as_req.c (process_as_req): Added calls to the kdc preauthentication
verification routines.  Fixed the keytype/enctype selection
criteria for the client key, the server key, and the ticket
session key.

* main.c (finish_realm): Make sure all parts of the realm structure are
freed properly.
(main): Free the kcontext krb5_context.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7058 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5.hin: Removed internal functions krb5_encrypt_tkt_part,
Theodore Tso [Wed, 8 Nov 1995 07:55:51 +0000 (07:55 +0000)]
* krb5.hin: Removed internal functions krb5_encrypt_tkt_part,
krb5_verify_padta, and krb5_obtain_padata from the public header
file.

* k5-int.h: Removed old preauthentication declarations and added new
ones.  Changed function prototype of krb5_encrypt_tkt_part.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7057 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* encrypt_tk.c (cleanup_scratch): Changed interface to no longer require
Theodore Tso [Wed, 8 Nov 1995 07:52:57 +0000 (07:52 +0000)]
* encrypt_tk.c (cleanup_scratch): Changed interface to no longer require
an eblock; we can use our own and figure out the enctype
from the passed-in key.

* get_in_tkt.c (krb5_get_in_tkt): Added calls to krb5_obtain_padata().

* preauth.c: Completely restructured file to support preauthentication.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7056 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFree the realm_kdc_ports element of the structure
Theodore Tso [Wed, 8 Nov 1995 07:47:23 +0000 (07:47 +0000)]
Free the realm_kdc_ports element of the structure

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7055 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded magic number for krb5_preauth_ops
Theodore Tso [Wed, 8 Nov 1995 07:46:14 +0000 (07:46 +0000)]
Added magic number for krb5_preauth_ops

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7054 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5_decode.c (decode_krb5_pa_enc_ts, decode_krb5_enc_data): Added
Theodore Tso [Wed, 8 Nov 1995 07:45:12 +0000 (07:45 +0000)]
* krb5_decode.c (decode_krb5_pa_enc_ts, decode_krb5_enc_data): Added
new functions.

* krb5_encode.c (encode_krb5_pa_enc_ts, encode_krb5_enc_data): Added
new functions.

KRB5-asn.py (PA-ENC-TS-ENC): Added new definition for the krb5_pa_enc_ts
structure.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7053 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* krb5_decode_test.c (main): Add tests for decode_krb5_enc_data
Theodore Tso [Wed, 8 Nov 1995 07:43:46 +0000 (07:43 +0000)]
* krb5_decode_test.c (main): Add tests for decode_krb5_enc_data
and decode_krb5_pa_enc_ts.

* krb5_encode_test.c (main): Add tests for encode_krb5_enc_data
and encode_krb5_pa_enc_ts.

* ktest.c (ktest_make_sample_pa_enc_ts): New functions to test
{encode,decode}_krb5_pa_enc_ts().

* ktest_equal.c (ktest_equal_krb5_pa_enc_ts): New functions to test
{encode,decode}_krb5_pa_enc_ts().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7052 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoUpdated TODO list
Theodore Tso [Wed, 8 Nov 1995 02:01:59 +0000 (02:01 +0000)]
Updated TODO list

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7051 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix build problem on Mac caused by multiple definitions of stat
Keith Vetter [Wed, 8 Nov 1995 01:09:26 +0000 (01:09 +0000)]
Fix build problem on Mac caused by multiple definitions of stat
function.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7048 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoImprove password dialog and credentials list in Mac CNS
Keith Vetter [Wed, 8 Nov 1995 01:08:07 +0000 (01:08 +0000)]
Improve password dialog and credentials list in Mac CNS

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7047 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * kdb.h: Added prototype for krb5_dbe_search_enctype(). Changed
Theodore Tso [Tue, 7 Nov 1995 21:45:22 +0000 (21:45 +0000)]
* kdb.h: Added prototype for krb5_dbe_search_enctype().  Changed
prototype of krb5_dbe_find_enctype() so that ktype is of
type krb5_int32.  (krb5_enctype is unsigned, so -1 doesn't
work!)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7024 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago* kdb_xdr.c (krb5_dbe_search_enctype): Make a more general version
Theodore Tso [Tue, 7 Nov 1995 21:44:52 +0000 (21:44 +0000)]
* kdb_xdr.c (krb5_dbe_search_enctype): Make a more general version
of kdb5_dbe_find_enctype() which allows you to search the
keylist looking for multiple keys that fit your criteria.
Eventually we should convert all programs to use
kdb5_dbe_search_enctype() instead of kdb5_dbe_find_enctype().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7023 dc483132-0cff-0310-8789-dd5450dbe970

29 years agomcc_ops.c: Remove excess code which is defined in fcc_ops.c
Theodore Tso [Sat, 4 Nov 1995 05:47:41 +0000 (05:47 +0000)]
mcc_ops.c: Remove excess code which is defined in fcc_ops.c
(which may not be the right place for it anyway).

mcc.h: Remove use of krb5_ccache_sessions

mcc_destry.c (krb5_mcc_destroy): Remove use of krb5_ccache_sessions

mcc_gennew.c (krb5_mcc_generate_new): Remove use of krb5_ccache_sessions

mcc_reslv.c (krb5_mcc_resolve): Remove use of krb5_ccache_sessions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7019 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded the ccache/memory subdirectory
Theodore Tso [Sat, 4 Nov 1995 02:32:13 +0000 (02:32 +0000)]
Added the ccache/memory subdirectory

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7018 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded memory subdirectory
Theodore Tso [Sat, 4 Nov 1995 02:31:18 +0000 (02:31 +0000)]
Added memory subdirectory

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7017 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded memory-based credentials cache
Theodore Tso [Sat, 4 Nov 1995 02:30:37 +0000 (02:30 +0000)]
Added memory-based credentials cache

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7016 dc483132-0cff-0310-8789-dd5450dbe970

29 years agostamp out festering Imakefiles
Mark Eichin [Fri, 3 Nov 1995 22:12:52 +0000 (22:12 +0000)]
stamp out festering Imakefiles

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7015 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoremove rcs keyword cruft which doesn't make much sense in CVS.
Mark Eichin [Fri, 3 Nov 1995 21:53:05 +0000 (21:53 +0000)]
remove rcs keyword cruft which doesn't make much sense in CVS.
removal simplifies merging. I left in the RCSID's that are in actual
error table values (*_RCSID typically) but comments had them elided
(Source keywords replaced with a literal pathname, Id totally removed.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7014 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * adm.h : Constant changes for the new kadmin code.
Chris Provenzano [Fri, 3 Nov 1995 10:16:16 +0000 (10:16 +0000)]
    * adm.h : Constant changes for the new kadmin code.
* kdb.h : Added attribute bit KRB5_KDB_NEW_PRINC. This will
allow kadmin administrators with add acls to modify a
principal until this bit is cleared.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7013 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago * decrypt_key.c (krb5_dbekd_decrypt_key_data()) : If key salt length
Chris Provenzano [Fri, 3 Nov 1995 10:15:09 +0000 (10:15 +0000)]
* decrypt_key.c (krb5_dbekd_decrypt_key_data()) : If key salt length
is 0 then set keysalt->data.data to NULL.
* kdb_cpw.c (add_key_rnd(), add_key_pwd()) : When creating new keys
for a new kvno and there are multiple enctypes that use a
common keytype, then set the enctype in the key to the first
specified enctype and skip all other enctypes that use
the same keytype. (This assumes the salt type is the same too.)
This way when the kdc needs to get the server key it doesn't
need to gues what enctypes the server supports.
* kdb_xdr.c (krb5_dbe_find_enctype()): Match keys that use common
keytypes but different enctypes. Eg. ENCTYPE_DES_CBC_MD5
matches ENCTYPE_DES_CBC_CRC and vice versa.
* kdb_xdr.c krb5_dbe_find_enctype()): If kvno = 0 then determine
maxkvno for all the keys and then search keys for a key that
matches enctype salttype and has kvno == maxkvno. This
is different than when kvno = -1 which searches the keys
for THE key with the greatest kvno which also matches enctype
and salttype.
* kdb_kdr.c (krb5_dbe_find_enctype()): If kvno = ktype = stype = -1
then set kvno = 0. The first doesn't make a lot of sense.
* kdb_xdr.c (krb5_dbe_encode_last_pwd_change(),
krb5_dbe_decode_last_pwd_change()) : Added.
* kdb_xdr.c (krb5_decode_princ_contents()) : Don't try to allocate
space for keys if n_key_data = 0.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7012 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd support for Linux shared libraries
Theodore Tso [Thu, 2 Nov 1995 22:15:24 +0000 (22:15 +0000)]
Add support for Linux shared libraries

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7011 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIf invoked with the -D port option, do not die if proper entry is missing
Ezra Peisach [Thu, 2 Nov 1995 21:18:58 +0000 (21:18 +0000)]
If invoked with the -D port option, do not die if proper entry is missing
from /etc/services...

This is for the dejagnu suite running on a machine following the installation
instructions - i.e. make, make check.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7010 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMake mit_des_finish_key() safe to call even if there is no key that
Theodore Tso [Wed, 1 Nov 1995 03:07:54 +0000 (03:07 +0000)]
Make mit_des_finish_key() safe to call even if there is no key that
needs to be freed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7009 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMissing 'break' statement during option parsing;
Richard Basch [Mon, 30 Oct 1995 23:50:23 +0000 (23:50 +0000)]
Missing 'break' statement during option parsing;
-p <port> could not be specified, without falling into the usage message.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7006 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix all paths in document, convert tabs to spaces for TeX, and check
Ezra Peisach [Mon, 30 Oct 1995 22:02:08 +0000 (22:02 +0000)]
Fix all paths in document, convert tabs to spaces for TeX, and check
spelling.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7005 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoWhen showing a principal with the "show" command, iterate through the
Richard Basch [Mon, 30 Oct 1995 15:59:04 +0000 (15:59 +0000)]
When showing a principal with the "show" command, iterate through the
keys, displaying the version number and type.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7004 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago Add /usr/lib/ispell/ispell.words for Linux
Ezra Peisach [Mon, 30 Oct 1995 01:13:36 +0000 (01:13 +0000)]
 Add /usr/lib/ispell/ispell.words for Linux

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7003 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoExtensive reworking of the structure of this file to make it possible
Theodore Tso [Sat, 28 Oct 1995 02:22:57 +0000 (02:22 +0000)]
Extensive reworking of the structure of this file to make it possible
to support preauthentication.   (interim checkin)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7002 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix off by one in malloc for reading in name
Ezra Peisach [Fri, 27 Oct 1995 17:40:30 +0000 (17:40 +0000)]
Fix off by one in malloc for reading in name

Detected only under Linux, found with purify, except when file
compiled -g with suncc....

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7001 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix to properly malloc password buffer, instead of returning a pointer
Theodore Tso [Wed, 25 Oct 1995 21:09:22 +0000 (21:09 +0000)]
Fix to properly malloc password buffer, instead of returning a pointer
to an automatic variable(!).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6999 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoChange the input type of do_mutual to be OM_int32 instead of an int,
Theodore Tso [Wed, 25 Oct 1995 19:43:32 +0000 (19:43 +0000)]
Change the input type of do_mutual to be OM_int32 instead of an int,
to prevent lossage under windows, since the passed in type size is a
OM_int32.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6998 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFor the windows, add the oldnames library to the link lines for
Theodore Tso [Wed, 25 Oct 1995 19:00:32 +0000 (19:00 +0000)]
For the windows, add the oldnames library to the link lines for
gssapi.dll and libkrb5.dll.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6997 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRun db checks before going into subdirs and dejagnu test..
Ezra Peisach [Wed, 25 Oct 1995 15:25:02 +0000 (15:25 +0000)]
Run db checks before going into subdirs and dejagnu test..

We really want to do the lower level tests before dealing with network connections.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6996 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoDisallow changes to AOUT_LD_* environment variables
Richard Basch [Wed, 25 Oct 1995 01:12:37 +0000 (01:12 +0000)]
Disallow changes to AOUT_LD_* environment variables

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6995 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFor compatibility with older .conf files, keep the domain name check
Richard Basch [Tue, 24 Oct 1995 23:14:56 +0000 (23:14 +0000)]
For compatibility with older .conf files, keep the domain name check
being done in lower case, and if necessary, convert it to upper case
if the domain is being used as the default realm.

In addition, there was an extra free without an associated *alloc.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6994 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoReversed the check for strchr(). If strchr(varp, '=') is true then we
Richard Basch [Tue, 24 Oct 1995 23:11:06 +0000 (23:11 +0000)]
Reversed the check for strchr().  If strchr(varp, '=') is true then we
reject the bad environment variable as it contains an =.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6993 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoManually defined PROVIDE_* for Macintosh and MS-DOS so that libcrypto
Theodore Tso [Tue, 24 Oct 1995 21:33:29 +0000 (21:33 +0000)]
Manually defined PROVIDE_* for Macintosh and MS-DOS so that libcrypto
knows which encryption systems to include.  Otherwise, we would be
building an exportable (and useless) krb5 library for the Mac and PC.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6992 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdded new error code KRB5_GET_IN_TKT_LOOP
Theodore Tso [Tue, 24 Oct 1995 01:25:28 +0000 (01:25 +0000)]
Added new error code KRB5_GET_IN_TKT_LOOP

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6991 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRather than displaying the master key version twice, display the actual
Richard Basch [Tue, 24 Oct 1995 01:19:13 +0000 (01:19 +0000)]
Rather than displaying the master key version twice, display the actual
key version for the "Key version" field.  (It only displays the version
for the first key in the database.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6990 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoRead the V4 Kerberos master key from /.k. Only prompt the user for the
Richard Basch [Tue, 24 Oct 1995 01:18:15 +0000 (01:18 +0000)]
Read the V4 Kerberos master key from /.k.  Only prompt the user for the
V4 master key if the command-line option so indicates, or the key cannot
be read from /.k.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6989 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoTry to do a best realm match for a hostname, trying all the domain components.
Richard Basch [Tue, 24 Oct 1995 01:15:50 +0000 (01:15 +0000)]
Try to do a best realm match for a hostname, trying all the domain components.
For example, the realm search for a host A.B.C.D will include
A.B.C.D  .B.C.D  B.C.D  .C.D  C.D  .D  D
If all of them fail, assume the realm is B.C.D (as was previously the case).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6988 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago1. Do not end syslog messages with \n (it messes up the logs).
Richard Basch [Mon, 23 Oct 1995 21:55:51 +0000 (21:55 +0000)]
1. Do not end syslog messages with \n (it messes up the logs).
2. Prototyped envvarok() to ensure proper usage.
3. Prohibit the change of ELF_LD_* environment variables (Linux)
4. Syslog attempts to pass bad environment variables.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6987 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoPrint messages using \r\n so that the display in binary mode will be correct.
Richard Basch [Mon, 23 Oct 1995 21:52:12 +0000 (21:52 +0000)]
Print messages using \r\n so that the display in binary mode will be correct.
Additionally, perror should not be using \n as it appends the error message.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6986 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoPrint all statements using \r\n so that they will be properly formatted
Richard Basch [Mon, 23 Oct 1995 21:42:43 +0000 (21:42 +0000)]
Print all statements using \r\n so that they will be properly formatted
when binary mode is being used.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6985 dc483132-0cff-0310-8789-dd5450dbe970

29 years agosyslog statements should not be called with \n
Richard Basch [Mon, 23 Oct 1995 21:40:29 +0000 (21:40 +0000)]
syslog statements should not be called with \n

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6984 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoAdd new option 's' which automatically stashes the master key in the
Theodore Tso [Mon, 23 Oct 1995 20:41:16 +0000 (20:41 +0000)]
Add new option 's' which automatically stashes the master key in the
key stash file.  This eliminates the need for the admin to type
kdb5_stash right after kdb5_create.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6983 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoFix typo
Sam Hartman [Mon, 23 Oct 1995 17:32:07 +0000 (17:32 +0000)]
Fix typo

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6982 dc483132-0cff-0310-8789-dd5450dbe970

29 years ago rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,
Ezra Peisach [Mon, 23 Oct 1995 16:07:56 +0000 (16:07 +0000)]
 rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,
set the length after initializing string.

 rd_req.c (krb5_rd_req): If a new auth_context is created
and then there is an error, make sure return pointer is not
looking at freed memory.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6981 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoMinor fix to last commit
Sam Hartman [Sun, 22 Oct 1995 17:46:15 +0000 (17:46 +0000)]
Minor fix to last commit

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6980 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIncorperate utmpx patch to take advantage of longer utmpx host names
Sam Hartman [Sat, 21 Oct 1995 20:43:18 +0000 (20:43 +0000)]
Incorperate utmpx patch to take advantage of longer utmpx host names

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6979 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoIntegrate patch including functionality from David Borman's latest
Sam Hartman [Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)]
Integrate patch including functionality from David Borman's latest
telnet, adapted for krb5.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6978 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoGo into config-files subdir in order to install the manual pages sitting there
Ezra Peisach [Sat, 21 Oct 1995 19:10:15 +0000 (19:10 +0000)]
Go into config-files subdir in order to install the manual pages sitting there

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6977 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoInstall the manual pages and fix typo in kdc.conf.M
Ezra Peisach [Sat, 21 Oct 1995 19:06:50 +0000 (19:06 +0000)]
Install the manual pages and fix typo in kdc.conf.M

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6976 dc483132-0cff-0310-8789-dd5450dbe970

29 years agoInstall in ADMIN_BINDIR/ADMIN_MANDIR for concistency with other v5 admin
Ezra Peisach [Sat, 21 Oct 1995 12:50:11 +0000 (12:50 +0000)]
Install in ADMIN_BINDIR/ADMIN_MANDIR for concistency with other v5 admin
client programs.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6975 dc483132-0cff-0310-8789-dd5450dbe970