Sam Hartman [Tue, 4 Feb 2003 22:07:38 +0000 (22:07 +0000)]
disable krb4 by default
By default, we disable krb4 in the KDC. This means that -4 none is
the default mode.
Krb4 is reenabled for the dejagnu tests.
ticket: new
Tags: enhancement
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15149
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 4 Feb 2003 03:48:55 +0000 (03:48 +0000)]
* login.c (dofork): Don't dissociate from controlling tty in the
parent, since the parent needs to remain the session leader so it
can tell when the tty gets hung up. Make the child wait for the
parent to set up a SIGHUP handler to ensure that cleanup happens
properly.
ticket: 608
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15148
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 22:13:26 +0000 (22:13 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15147
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 22:12:34 +0000 (22:12 +0000)]
*** empty log message ***
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15146
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 22:12:18 +0000 (22:12 +0000)]
Remove placeholder file that shouldn't have been checked in
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15145
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 22:09:09 +0000 (22:09 +0000)]
Build and link in AES crypto code (but don't define the enctype yet).
Build and link in PBKDF2 function.
Add ciphertext stealing tests.
Update various tests to correspond with IETF crypto draft.
* aes: New directory, containing AES implementation from Brian Gladstone,
tweaked a little for the krb5 build system.
* configure.in: Build its makefile.
* Makefile.in (LOCAL_SUBDIRS, LOCALINCLUDES, STOBJLISTS, SUBDIROBJLISTS): Add
aes entries.
* t_cts.c: New test file.
* Makefile.in (EXTRADEPSRCS): Add t_cts.
(t_cts$(EXEEXT)): New rule.
* Makefile.in (SRCS, OBJS, STLIBOBJS): Add pbkdf2.
(EXTRADEPSRCS): Remove pbkdf2.c.
(t_pkcs5$(EXEEXT)): Don't list pbkdf2.$(OBJEXT).
* t_nfold.c (fold_kerberos): New function.
(main): Call it with different lengths.
* vectors.c: Include ctype.h and hash_provider.h.
(test_nfold, test_mit_des_s2k, test_s2k, test_dr_dk): Test case data now static
and const.
(test_nfold): Add "Q" and "ba" tests from Simon Josefsson.
(GCLEF): New macro.
(test_mit_des_s2k): Add GCLEF test case. Fill in "key" at run time, not as
initialization.
(test_s2k): Added GCLEF test case.
(krb5int_enc_aes128, krb5int_enc_aes256): Declare.
(combine_keys, test_des3_combine, k5_des3_make_key): Functions deleted.
(whoami): New variable.
(printd, printk): New functions.
(test_pbkdf2): New function.
(main): Initialize whoami. Test nfold only for now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15144
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 21:53:59 +0000 (21:53 +0000)]
* aes.c: New file.
* Makefile.in (STLIBOBJS, OBJS, SRCS): Include it.
(LOCALINCLUDE): Add aes source dir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15143
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 3 Feb 2003 21:38:06 +0000 (21:38 +0000)]
Make l40 static
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15142
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Feb 2003 21:10:25 +0000 (21:10 +0000)]
AES implementation by Briad Gladman; tweaked for krb5 tree
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15141
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 1 Feb 2003 00:35:08 +0000 (00:35 +0000)]
* Makefile.in (clean-windows): Remove $(GENS).
(krb524_err.c): Depend on krb524_err.et.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15140
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 31 Jan 2003 05:50:29 +0000 (05:50 +0000)]
* kcmd.c (v4_des_write): Apply patch from ghudson to fix
non-right-justification case.
ticket: 620
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15139
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 31 Jan 2003 00:43:50 +0000 (00:43 +0000)]
* login.c (main): Initialize 'hostname'
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15138
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 31 Jan 2003 00:41:17 +0000 (00:41 +0000)]
* login.c (try_krb4): Delete unused krb5 principal name argument.
(main): Don't pass it.
ticket: 479
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15137
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 30 Jan 2003 20:31:23 +0000 (20:31 +0000)]
Change to use more appropriate sample domains and IPs
ticket: 175
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15136
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 28 Jan 2003 23:30:02 +0000 (23:30 +0000)]
* RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst, krb_realmofhost):
Use strcpy instead of strncpy.
ticket: 1339
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15135
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 27 Jan 2003 20:45:03 +0000 (20:45 +0000)]
krb4 library breaks old krb_get_admhst API
* RealmsConfig-glue.c (krb_get_admhst): Use strcpy instead of
strncpy, and max length of MAX_HSTNM.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15134
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 24 Jan 2003 04:44:43 +0000 (04:44 +0000)]
* parse.c: Include errno.h for declaration of errno
glibc 2.3.1 declares errno as a macro - so must include header file
before use.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15133
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 23 Jan 2003 17:42:46 +0000 (17:42 +0000)]
* default.exp (start_kerberos_daemons): Record more information when "tail -f"
doesn't show the mark written to the log file. Look for and discard
non-matching lines.
(setup_root_shell): Ignore the message displayed by rlogin when a connection is
refused to one address but other addresses are available.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15132
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 22 Jan 2003 21:34:00 +0000 (21:34 +0000)]
* Makefile.in (all-unix, install): Build and install kadm_err.h.
(install-headers-unix): Install both generated header files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15131
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 21 Jan 2003 19:02:58 +0000 (19:02 +0000)]
Timestamp preauth should return clock skew errors
When the user supplies the correct password, but has a timestamp that
is out of bounds, the server should reply with a clock skew error
rather than a preauth required error.
ticket: new
Tags: enhancement
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 17 Jan 2003 23:55:43 +0000 (23:55 +0000)]
* krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and
krb5_decrypt_tkt_part, for GSSAPI.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15129
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 17 Jan 2003 23:28:59 +0000 (23:28 +0000)]
Use new target create-ehdrdir, defined differently for UNIX and WIN32, to
conditionally create the target directory $(EHDRDIR) if needed, before copying
files into it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15128
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 17 Jan 2003 23:22:10 +0000 (23:22 +0000)]
* krb5.hin (krb5_mk_req_checksum_func): Fix Windows calling convention syntax
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15127
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 17 Jan 2003 23:19:47 +0000 (23:19 +0000)]
* prof_file.c (profile_flush_file_data): [_WIN32]: Don't call sync
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15126
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 17 Jan 2003 18:46:15 +0000 (18:46 +0000)]
* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
the directory is created before installation of the file.
($(EHDRDIR)$(S)gssapi_generic.h): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15125
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 15 Jan 2003 23:52:04 +0000 (23:52 +0000)]
* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
cast it to pointer to unsigned long. Change ld.so warning message check to be
byte-order independent.
* krb4int.h (krb_net_rd_sendauth): Decl updated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15124
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 15 Jan 2003 21:37:26 +0000 (21:37 +0000)]
This is the last piece of the KfM merge
* CCache-glue.c: New file from KfM.
ticket: 1189
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15123
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 15 Jan 2003 03:31:47 +0000 (03:31 +0000)]
Use "standard" error table processing rules
* Makefile.in (krb_err.et, kadm_err.et): New intermediate targets; copy files
from lib/krb4.
(krb_err.h, kadm_err.h): Delete actions, use patterns in pre.in.
(clean-unix): Delete these generated files.
ticket: 1209
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15122
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 14 Jan 2003 19:08:21 +0000 (19:08 +0000)]
* Makefile.in (check-unix): Invoke t_krbconf instead of struggling
with differing versions of make's quoting of \ and $.
* t_krbconf: Small shell script to test krb5-config.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15121
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 13 Jan 2003 23:00:58 +0000 (23:00 +0000)]
* Makefile.in (check-unix): Test to see if krb5-config outputs
variables that require Makefile substitutions.
* krb5-config.in: Remore $(PURE) from output. Handle variables
$(RPATH_FLAG) and $(LDFLAGS).
If config/shlib.conf is changed again, we will detect brokeness in
krb5-config before the release.
ticket: 1311
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 13 Jan 2003 22:16:21 +0000 (22:16 +0000)]
* profile.pbexp: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15119
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 13 Jan 2003 22:11:14 +0000 (22:11 +0000)]
* prof_int.h (SHARE_TREE_DATA): Define only on Mac
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15118
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 13 Jan 2003 04:51:26 +0000 (04:51 +0000)]
This should be all that remains of the 1-2-2-branch merge; some
additional sanity-checking of merge needed though.
* krb5_32.def: Merge from 1-2-2-branch.
ticket: 1177
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15117
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 Jan 2003 18:17:02 +0000 (18:17 +0000)]
kadm5_get_either leaks memory
* svr_iters.c (kadm5_get_either): For POSIX_REGEXPS
(i.e. regcomp), call regfree() to cleanup memory.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15116
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 Jan 2003 18:02:03 +0000 (18:02 +0000)]
Memory leak in krb5_send_tgs()
* send_tgs.c (krb5_send_tgs): Free memory leak of TGS_REQ.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15115
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 Jan 2003 17:36:53 +0000 (17:36 +0000)]
* svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more
than once, do not double free memory.
* clnt_perror.c (clnt_sperror): Do not write past end of allocated
buffer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15114
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 Jan 2003 13:07:49 +0000 (13:07 +0000)]
* kdc_util.h, replay.c, main.c: Pass global krb5_context to
kdc_free_lookaside() instead of per realm one - which has been
freed by time invoked.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15113
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 12 Jan 2003 13:03:35 +0000 (13:03 +0000)]
* kdc5_hammer.c (verify_cs_pair): Use krb5_free_creds() instead of
krb5_free_cred_contents() to cleanup memory leak.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15112
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 23:19:01 +0000 (23:19 +0000)]
Search for ar, ranlib, install in KRB5_BUILD_LIBRARY* macros rather than
explicitly in directories using those macros.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15111
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 22:42:05 +0000 (22:42 +0000)]
Use passwd entry for ~ expansion if $HOME isn't set.
Also fix a minor logic bug in checking file access.
ticket: 1237
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 19:20:32 +0000 (19:20 +0000)]
* server.c: Include port-sockets.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15109
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 19:10:30 +0000 (19:10 +0000)]
Move socklen_t and sockaddr_storage definitions to port-sockets.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15108
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 05:55:49 +0000 (05:55 +0000)]
Use markers in Makefile.in rather than rules in configure.in to indicate when
to use the lib.in and libobj.in makefile fragments. Pushing this per-directory
info into Makefile.in will make it a little easier to work on combining
configure scripts for multiple directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15107
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 10 Jan 2003 01:23:49 +0000 (01:23 +0000)]
Patch to get new service tickets in preference to using expired
service tickets in krb5_get_credentials.
Ticket: 1260
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15106
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 10 Jan 2003 00:14:16 +0000 (00:14 +0000)]
Use socklen_t when passing address to socket functions.
Fixes compilation warnings on AIX 4.3.3.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15105
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 9 Jan 2003 23:55:06 +0000 (23:55 +0000)]
AIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought
* fake-addrinfo.h (getaddrinfo) [_AIX]: Always overwrite sa_family and sa_len
fields, since sa_family at least may be non-zero *and* wrong.
(protoname, socktypename, familyname, debug_dump_getaddrinfo_args,
debug_dump_error, debug_dump_error, debug_dump_addrinfos) [DEBUG_ADDRINFO]: New
debugging functions.
(fake_getaddrinfo, getaddrinfo) [DEBUG_ADDRINFO]: Use them.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15104
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 9 Jan 2003 21:12:34 +0000 (21:12 +0000)]
Between the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
changed. People seem to use this sample for interop testing, so
support for the old protocol is needed.
This commit adds a -v1 flag to the gss-client that will use the old
protocol.
The server does not yet support the old protocol, so the ticket remains open.
Ticket: 881
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 9 Jan 2003 01:28:30 +0000 (01:28 +0000)]
* Makefile.in (DEFINES): New variable. Define HAS_STDARG for Tcl headers
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15102
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 9 Jan 2003 00:20:20 +0000 (00:20 +0000)]
Try to do atomic file swap on UNIX when updating profile
* prof_file.c (make_hard_link): New function.
(profile_flush_file_data): Use it to attempt a safe profile file replacement.
ticket: 1301
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15101
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 9 Jan 2003 00:17:27 +0000 (00:17 +0000)]
Support \r as additional line separator on Mac OS X
* prof_parse.c (profile_parse_file) [PROFILE_SUPPORTS_FOREIGN_NEWLINES]: Look
for \r and treat it as a line break.
* prof_int.h: Don't include prof_err.h.
(PROFILE_SUPPORTS_FOREIGN_NEWLINES) [macintosh]: Define new macro.
ticket: 1237
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15100
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 8 Jan 2003 23:49:33 +0000 (23:49 +0000)]
Previously fwd_tgt_creds required either that the hostname be passed
in or that the principal be a host-based service. This means you
cannot for example forward tickets to a GSSAPI user-based service.
The requirement to get the hostname is only needed in cases where
addressless tickets are not used. So when addressless tickets are
used, do not require the hostname.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15099
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 8 Jan 2003 21:50:21 +0000 (21:50 +0000)]
* fake-addrinfo.h (freeaddrinfo): Back out 1/3/03 change. ANSI
does not require it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15098
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 8 Jan 2003 20:16:07 +0000 (20:16 +0000)]
2003-01-08 Sam Hartman <hartmans@mit.edu>
* krb5.hin : Move KRB5_CALLCONV specifier for
krb5_mk_req_checksum_func to right place
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15097
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 03:55:40 +0000 (03:55 +0000)]
More const for ops tables
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15096
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 03:51:50 +0000 (03:51 +0000)]
* sendto_kdc.c (state_strings): Now const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15095
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 03:51:03 +0000 (03:51 +0000)]
More const for ops tables
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15094
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 03:45:50 +0000 (03:45 +0000)]
* appdefault.c (conf_yes, conf_no): Now const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15093
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 03:42:54 +0000 (03:42 +0000)]
Make ccache and rcache ops tables const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15092
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 8 Jan 2003 02:20:42 +0000 (02:20 +0000)]
For new encryption types and for RC4, encrypt the krb_cred message in
the initial gssapi token if credentials are being delegated. For
consistency with Microsoft, we encrypt the credentials using the
session key not the subsession key.
Ticket: 1054
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15091
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 00:34:36 +0000 (00:34 +0000)]
Log entries for Makefile.ov deletion
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15090
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Jan 2003 00:26:20 +0000 (00:26 +0000)]
Nuke some old .orig files
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15089
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 7 Jan 2003 21:42:15 +0000 (21:42 +0000)]
nuke old OV makefile stuff
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15088
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 7 Jan 2003 19:27:50 +0000 (19:27 +0000)]
Fix logic error in previous patch that broke gss_init_sec_context
ticket: 1054
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15087
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 6 Jan 2003 22:51:16 +0000 (22:51 +0000)]
Implement krb5_auth_con_set_checksum_func, an API for setting a
callback to specify the data to be checksummed by krb5_mk_req after
the auth_context has been set up. Mainly useful for GSSAPI.
Ticket: 1054
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15084
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Sun, 5 Jan 2003 23:28:05 +0000 (23:28 +0000)]
Only system headers should declare errno
Many parts of krb5 declare errno in source files using extern int
errno. This has not been needed in ANSI C for a long time,
and actively breaks modern versions of glibc.
So these declarations are removed and errno.h included where necessary.
Ticket: new
Component: krb5-build
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15082
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 3 Jan 2003 21:19:51 +0000 (21:19 +0000)]
* ftpd.c (auth_data): Kerberos v4 checksum must be a 32-bit value
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15081
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 3 Jan 2003 16:28:45 +0000 (16:28 +0000)]
* main.c: On exit, free more allocated memory, including:
realm_tcp_ports data, kdc_realmlist, close the replay cache, and
free the lookaside cache.
* network.c (FREE_SET_DATA): Do not free a NULL pointer.
* replay.c, kdc_util.h: Add kdc_free_lookaside() to clear the lookaside
cache on shutdown - to search for memory leaks.
* rtest.c (main): Do not allocate or free a NULL pointer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15080
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 3 Jan 2003 16:18:20 +0000 (16:18 +0000)]
* compat_recv.c (accept_a_connection): Test if IPv6 socket returns
EAFNOSUPPORT as well as EPROTONOSUPPORT. Irix 6.5.16m returns the
former.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15079
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 3 Jan 2003 14:33:46 +0000 (14:33 +0000)]
* fake-addrinfo.h (freeaddrinfo): Do not free a NULL pointer
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15078
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 1 Jan 2003 23:00:12 +0000 (23:00 +0000)]
blah
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15077
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 1 Jan 2003 15:22:21 +0000 (15:22 +0000)]
* standalone.exp: Only run the keytab to srvtab tests if kerberos 4
support is compiled into the source tree.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15076
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 Jan 2003 10:13:20 +0000 (10:13 +0000)]
Add IPv6 support to rshd test/debug code:
* compat_recv.c: Include sys/select.h and port-sockets.h.
(krb5_compat_recvauth_version): Only attempt krb4 authentication if the source
address is an IPv4 one.
(accept_a_connection): New function, derived from old krshd.c. Listen on IPv6
as well as IPv4, if possible.
* krshd.c (main): Call accept_a_connection. Change fromlen to a socklen_t.
(doit): Initialize s. Change length passed to getsockname to a socklen_t.
(recvauth): Change len to socklen_t. Cast peer IPv4 address before calling
krb5_compat_recvauth_version.
* defines.h: Include port-sockets.h.
(accept_a_connection): Declare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15075
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 Jan 2003 09:33:21 +0000 (09:33 +0000)]
Remove files that haven't been used since 1995
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15074
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 31 Dec 2002 09:21:12 +0000 (09:21 +0000)]
Merge some Mac-specific changes from meeroh's branch:
* profile.hin: Don't test MACINTOSH any more. On Mac OS X, include
TargetConditionals.h, set some pragmas, define COPY_RESOURCE_FORK, and error
out if TARGET_RT_MAC_CFM is defined; don't set the old m68k CFM pragmas.
Always use PROFILE_USES_PATHS code, don't test or define it.
(FSp_profile_init, FSp_profile_init_path): Declare, on Mac OS X.
* prof_int.h (NO_SYS_TYPES_H, NO_SYS_STAT_H) [macintosh]: Don't define these.
* prof_file.c: Always inclued sys/types.h and sys/stat.h.
(GetMacOSTempFilespec): Deleted.
(profile_flush_file_data) [COPY_RESOURCE_FORK]: Copy Mac resource fork from old
file to new before renaming.
(rw_access, profile_update_file_data, profile_flush_file_data,
profile_free_file_data): Assume PROFILE_USES_PATHS, don't test.
* prof_init.c (profile_ser_size, profile_ser_externalize,
profile_ser_internalize): Likewise.
(FSp_profile_init, FSp_profile_init_path): Define, on MacOS X.
* profile.exp: Add FSp_* functions.
* prof_file.c (r_access): New function.
(profile_open_file): Use it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15073
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 30 Dec 2002 19:49:21 +0000 (19:49 +0000)]
* kerberos_v4.c (process_v4): Use a temporary variable for the current time
instead of an incorrect pointer cast.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15072
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 30 Dec 2002 19:46:21 +0000 (19:46 +0000)]
* gss-misc.c (send_token, recv_token): Open-code the math to send and receive
the length as four bytes in network order, rather than using the first four
bytes of a size_t.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15071
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 23 Dec 2002 22:43:03 +0000 (22:43 +0000)]
Replace dependencies on generated krb524 and krb4 headers with
variables, to allow correct behavior when krb4 is disabled.
ticket: 1276
owner: tlyu
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15070
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 18:12:29 +0000 (18:12 +0000)]
* setup_mkey.c (krb5_db_setup_mkey_name): Use size_t instead of
int for lengths.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15069
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 18:10:56 +0000 (18:10 +0000)]
* asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Add
unused_var declaration to cleanup warnings. Signed/unsigned fix as
well.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15068
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 18:09:24 +0000 (18:09 +0000)]
* t_kerb.c: Include string.h for strcmp prototype
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15067
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 18:08:02 +0000 (18:08 +0000)]
* prof_file.c: Cast return from prof_mutex_lock and
prof_mutex_unlock to void to avoid warnings of code with no side
effects.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15066
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 18:01:54 +0000 (18:01 +0000)]
Cleanup unused
variables. Signed vs unsigned cleanup. Ensure variables set before
use.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15065
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 17:57:48 +0000 (17:57 +0000)]
* t_crc.c: Declare local functions static
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15064
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 17:55:44 +0000 (17:55 +0000)]
* t_cksum.c: Cleanup (potential) variable used before set warning
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15063
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 23 Dec 2002 17:53:01 +0000 (17:53 +0000)]
* authorization.c, heuristic.c, ksu.h: Use uid_t instead of int in
arguments to fowner() and get_best_princ_for_target(). Signed
vs. unsigned int cleanup.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15062
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 21 Dec 2002 04:28:06 +0000 (04:28 +0000)]
* prof_int.h: Define USE_PTHREADS and include pthread.h if on MacOS X.
(struct global_shared_profile_data) [USE_PTHREADS]: Add a mutex.
(g_shared_trees_mutex) [USE_PTHREADS]: New macro, references the global mutex.
(prof_mutex_lock, prof_mutex_unlock) [SHARE_TREE_DATA]: Define to use pthread
functions or do nothing.
(profile_free_file_data): Delete declaration.
(profile_dereference_data): Declare.
* prof_file.c (profile_free_file_data): Now static.
(profile_open_file, profile_dereference_data) [SHARE_TREE_DATA]: Grab lock
while manipulating global data list or its contents.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15061
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Dec 2002 22:38:04 +0000 (22:38 +0000)]
Merge in data tree sharing, minus locking support, plus a bugfix or two
* prof_int.h (SHARE_TREE_DATA): Define.
(struct _prf_file_t) [SHARE_TREE_DATA]: Make data field a pointer rather than
an array.
(struct global_shared_profile_data): New type, for profile library global
data.
(krb5int_profile_shared_data): Declare new variable.
(g_shared_trees): New macro, refers to a field in the global data.
(PROFILE_FILE_SHARED): New flag macro.
* prof_file.c (krb5int_profile_shared_data): Initialize here.
(profile_open_file) [SHARE_TREE_DATA]: Scan g_shared_trees for an entry with
the same filename. If found, increment its reference count, update it, and
return it; otherwise, allocate a new one, and add it to the list after filling
it in.
(profile_dereference_data): New function. Decrement reference count if
SHARE_TREE_DATA, and free the data if appropriate.
(profile_free_file): Call profile_dereference_data.
(profile_free_file_data) [SHARE_TREE_DATA]: If the SHARED flag is set, remove
it from the g_shared_trees list before freeing. Free up the allocated space.
* prof_set.c (rw_setup) [SHARE_TREE_DATA]: If the object's data is shared, copy
it into a new data structure not in the global shared list, and dereference the
old one.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15060
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 05:24:58 +0000 (05:24 +0000)]
Ignore some new generated files
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15059
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 05:23:44 +0000 (05:23 +0000)]
Clean up some broken uses of "const" in function interfaces
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15058
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 04:56:26 +0000 (04:56 +0000)]
* Makefile.in (check): Remove test_db before running tests
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15057
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 01:56:45 +0000 (01:56 +0000)]
* api.2/init-v2.exp (test150, test151, test153): Don't try to set KRB5CCNAME;
only the fact that it wasn't being done correctly prevented it from causing
test failures.
* lib/lib.t (kinit): If kinit reports a problem initializing the credentials
cache, raise an error.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15056
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 01:53:29 +0000 (01:53 +0000)]
* init_db (qualname): If "kdb5_util create" fails, exit
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15055
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Dec 2002 01:48:21 +0000 (01:48 +0000)]
* env-setup.shin: Set KRB5CCNAME to something under $K5ROOT
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15054
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 18 Dec 2002 07:17:25 +0000 (07:17 +0000)]
* RealmsConfig-glue.c: Fix up KRB5_CALLCONV
* win_store.c (krb__get_srvtabname): Add const to parameter.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15053
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 18 Dec 2002 06:05:38 +0000 (06:05 +0000)]
Fix some 64-bit problems
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15052
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 18 Dec 2002 02:09:27 +0000 (02:09 +0000)]
* aclocal.m4 (KRB5_GETSOCKNAME_ARGS, KRB5_GETPEERANME_ARGS): Check for
socklen_t pointer as second argument.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15051
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 16 Dec 2002 20:55:15 +0000 (20:55 +0000)]
* tkt_string.c (krb5_set_tkt_string): Add KRB5_CALLCONV
* win_glue.c (krb_set_tkt_string): Add KRB5_CALLCONV.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15050
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 16 Dec 2002 19:12:16 +0000 (19:12 +0000)]
Changes to allow compilation --with-system-db and --enable-shared
(Do not depend on lib/db.so being present)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15049
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 14 Dec 2002 04:10:42 +0000 (04:10 +0000)]
* ad_print.c, g_in_tkt.c, g_pw_in_tkt.c, kadm_net.c, klog.c:
* kuserok.c, log.c, memcache.c, netread.c, netwrite.c:
* password_to_key.c, recvauth.c, stime.c, tkt_string.c:
Change _WINDOWS to _WIN32 in many places. Update copyright
notices. Remove _WINDOWS handling completely in a few places
where it's not needed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15048
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 12 Dec 2002 21:33:16 +0000 (21:33 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15047
dc483132-0cff-0310-8789-
dd5450dbe970