Tom Yu [Thu, 5 Dec 2002 00:28:13 +0000 (00:28 +0000)]
* krb4int.h: Remove now conflicting prototype for
krb_set_lifetime().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15027
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 4 Dec 2002 07:00:13 +0000 (07:00 +0000)]
* des.h: Move explicit definition of _WINDOWS to precede
conditionalized inclusion of win-mac.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15026
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 4 Dec 2002 06:35:46 +0000 (06:35 +0000)]
* kadm.h: Include port-sockets.h, not netinet/in.h, for Windows
portability.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15025
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 4 Dec 2002 06:34:59 +0000 (06:34 +0000)]
* Makefile.in: Fix up includes handling somewhat
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15024
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 3 Dec 2002 04:59:03 +0000 (04:59 +0000)]
Update Windows build for kadm_err.*
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15023
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 3 Dec 2002 04:43:37 +0000 (04:43 +0000)]
* Makefile.in (kadm_err.h): Build here
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15022
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 3 Dec 2002 03:40:27 +0000 (03:40 +0000)]
* change_password.c: Remove netdb.h inclusion
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15021
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 17:15:17 +0000 (17:15 +0000)]
* post.in (clean-unix): Clean depfix2.sed as well
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15020
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 17:10:11 +0000 (17:10 +0000)]
upde dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15019
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 17:09:22 +0000 (17:09 +0000)]
* Makefile.in (SRCS): Add kadm_err.c. It was missing
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15018
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 16:55:06 +0000 (16:55 +0000)]
* depfix.sed: Remove tcl-specific headers from dependencies.
Delete now obsolete comment about gcc-specific directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15017
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 04:27:56 +0000 (04:27 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15016
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 04:26:38 +0000 (04:26 +0000)]
* configure.in: Set SETENVSRC correctly
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15015
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 27 Nov 2002 03:09:35 +0000 (03:09 +0000)]
Merge more KfM krb4 things
Implement *_in_tkt_creds, mk_req_creds, and rd_req_int functions.
Implement KfM krb4 kadm password changing, mostly by pulling in the
client side of the kadm library into the krb4 library.
Do some more header file cleanup of des.h and krb.h.
Remove some ancient krb4 dead weight.
Some Mac-specific functionality still needs to be merged.
ticket: 1189
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15014
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 19 Nov 2002 03:28:21 +0000 (03:28 +0000)]
Remove references to kadm_err.et for now, since the requisite changes
have not yet been committed.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15013
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Nov 2002 20:21:51 +0000 (20:21 +0000)]
* configure.in: Test for speed_t being present
* sys_term.c (addarg): When reallocing memory, ensure in size of
pointer. Use speed_t instead of int for termspeeds.
* authenc.c, ext.h, state.c, utility.c: Unsigned/signed cleanup.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15012
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Nov 2002 20:21:35 +0000 (20:21 +0000)]
* sys_bsd.c: Moved declaration for susp() to type of file and
provide prototype.
* commands.c, externs.h, telnet.c, network.c: Add prototype
declaration for command handler table dispatch functions. Make
functions called consistant with prototype. Misc unsigned/signed
cleanups.
* authenc.c, main.c, utilities.c: Signed vs. unsigned cleanup.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15011
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Nov 2002 20:21:18 +0000 (20:21 +0000)]
* enc-proto.h, enc_des.c, encrypt.c: Unsigned/signed cleanups
* forward.c: Include unistd.h if present on machine.
* misc-proto.h misc.c (auth_encrypt_user): Declare argument as
const.
* auth.c: Cast argument auth_encrypt_user. auth_gen_printsub() and
auth_printsub() take unsigned int as buffer length.
* auth.h, auth-proto.h, kerberos.c, kerberos5.c, spx.c:
auth_gen_printsub(), auth_printsub(), kerberos4_printsub(),
kerberos5_printsub(), spx_printsub() take unsigned int as length
argument.
* configure.in: Check for unistd.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15010
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 15 Nov 2002 19:26:55 +0000 (19:26 +0000)]
argh
let's try this again.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15009
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 15 Nov 2002 19:21:50 +0000 (19:21 +0000)]
* Makefile.in: Remove some missed references to adm_err.et
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15008
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Nov 2002 16:12:20 +0000 (16:12 +0000)]
* accept_sec_context.c (krb5_gss_accept_sec_context): Use unsigned
lengths for arguments to g_token_size and g_make_token_header.
* export_name.c (krb5_gss_export_name): Change local length
variable to unsigned.
* k5unseal.c (kg_unseal_v1): Seqnum variable changed from
krb5_int32 to krb5_ui_4.
* k5seal.c (make_seal_token_v1): Change seqnum argument to
krb5_ui_4 from krb5_int32 to match krb5_gss_ctx_id_rec struct.
* gssapiP_krb5.h, util_crypt.c, util_seqnum.c: kg_make_seq_num(),
kg_get_seq_num() changed to use krb5_ui_4 for sequence
numbers. kg_encrypt(), kg_decrypt() length argument now unsigned.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15007
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 15 Nov 2002 16:12:03 +0000 (16:12 +0000)]
* gssapiP_generic.h, util_token.c: Change g_make_token_header and
g_verfy_token_header to take an unsigned length in.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15006
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 15 Nov 2002 01:20:28 +0000 (01:20 +0000)]
Better cleanup; reduce filename conflict
* Makefile.in (unit-test-ok): Depend only on unit-test-body.
(unit-test-body): Remove krb5cc_rpc_test_* on entry and on successful exit. On
error exit, let the trap handler do all the cleanup. Incorporate old
unit-test-setup commands.
(unit-test-setup, unit-test-cleanup): Targets deleted.
* lib/helpers.exp (start_client, wait_client): Set KRB5CCNAME to something in
the current directory.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15002
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 14 Nov 2002 19:10:33 +0000 (19:10 +0000)]
* changepw.c: Remove reference to adm_err.h
Update dependencies as well.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15001
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 14 Nov 2002 18:57:07 +0000 (18:57 +0000)]
* Makefile.in: Remove references to adm_err.h from here too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15000
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 14 Nov 2002 18:46:06 +0000 (18:46 +0000)]
* Makefile.in: Remove references to adm_err.et. It's not used,
and conflicts with the krb4 kadm error table.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14999
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 14 Nov 2002 16:12:56 +0000 (16:12 +0000)]
* get_in_tkt.c (krb5_get_in_tkt): Do not pass NULL when an
integer 0 is intended to send_as_request().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14998
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Thu, 14 Nov 2002 15:48:36 +0000 (15:48 +0000)]
Wrong size for memset()s in combine_keys()
The wrong size was used in the final memset()'s of various combine_key
temporary variables. Pointed out by Ken Renard.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14997
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 14 Nov 2002 04:43:25 +0000 (04:43 +0000)]
Invoke autoconf/autoreconf with the option --localdir or --include depending
on if pre/post autoconf 2.54. In 2.55 --localdir has been removed and replaced
with --include which was introduced in 2.53.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14996
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Nov 2002 02:05:16 +0000 (02:05 +0000)]
Better type and bounds checking:
* fake-addrinfo.h [NEED_FAKE_GETADDRINFO]: Include errno.h.
(fake_getnameinfo): Check that socklen_t size arguments are positive and fit in
size_t; return EAI_SYSTEM/EINVAL if not. Use the size_t variants when calling
string functions.
Work around another AIX bug:
[_AIX]: Define NUMERIC_SERVICE_BROKEN.
[NUMERIC_SERVICE_BROKEN]: Include ctype.h and stdlib.h.
(getaddrinfo) [NUMERIC_SERVICE_BROKEN]: If the service name is a numeric
string, save its value and the socket type, pass a null pointer to the real
getaddrinfo, and patch the returned results.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14995
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Nov 2002 01:50:12 +0000 (01:50 +0000)]
* Makefile.in (t_locate_kdc): Use normal CC_LINK rule for linking test program
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14994
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 12 Nov 2002 23:47:31 +0000 (23:47 +0000)]
Fix TCL_RPATH to explicitly insert system library path into
"-blibpath:" on AIX.
ticket: 1228
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14993
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 11 Nov 2002 21:54:53 +0000 (21:54 +0000)]
* get_myaddress.c (get_myaddress): Local array buf size should be counted in
ifreq structs, not ifconf structs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14992
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 11 Nov 2002 20:23:43 +0000 (20:23 +0000)]
* Makefile.in (unit-test-body): Set RPC_TEST_SRVTAB based on process-id. Set
trap handler to delete it before returning an exit status.
(unit-test-cleanup): Don't delete files here.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14991
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 9 Nov 2002 03:35:29 +0000 (03:35 +0000)]
Oops, missed a few checks for eof
ticket: 1249
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14986
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 9 Nov 2002 01:39:45 +0000 (01:39 +0000)]
tests/dejagnu leaks ptys
* default.exp: Add (disabled) debugging code for catching leaking
ptys. expect eof from the correct spawn_ids when killing kdc and
kadmind to avoid leaking ptys.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14984
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 9 Nov 2002 01:35:21 +0000 (01:35 +0000)]
* main.c (makeargv): Report an error if parsed arguments won't fit in margv
array.
* ftp_var.h (line, argbuf): Extend to 500 bytes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14983
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 8 Nov 2002 22:33:59 +0000 (22:33 +0000)]
* pre.in (.et.h, .et.c): Drop "set -x"
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14982
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 7 Nov 2002 22:43:46 +0000 (22:43 +0000)]
rpc unit tests can fail due to race condition
The rpc unit tests can fail in fullrun.exp due to a failure to drain
output from the server in expire.exp. This commit works around the
problem by calling flush_server, but a real synchronization method
should probably be implemented, perhaps by having the server log when
a client disconnects.
* rpc_test.0/expire.exp (overlap): Add another call to
flush_server to make a race condition a little less likely. There
really should be better synchronization, as this test suite is
just full of race conditions waiting to happen.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14979
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 7 Nov 2002 21:40:15 +0000 (21:40 +0000)]
Thanks, patch applied
* svr_principal.c (kadm5_setkey_principal_3): Apply patch from
Emily Ratliff to allow n_ks_tuple to be zero, which is the case if
being called from kadmind answering a client's setkey_principal
request.
ticket: 1008
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14978
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 7 Nov 2002 20:14:19 +0000 (20:14 +0000)]
* conv_princ.c (strnchr): Make length argument unsigned int
* preauth2.c: Add parentheses around assignment used as truth
value. Cleanup unused variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14976
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 7 Nov 2002 20:09:02 +0000 (20:09 +0000)]
* asn1_k_encode.c (asn1_encode_sam_challenge_2): Test for error
returned from asn1buf_insert_oxtetstring and cleanup strctures
properly.
* asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Change
sequence_of/end_sequence_of to use
sequence_of_no_tagvars/end_sequence_of_no_tagravs to avoid
shadowing variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14975
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 7 Nov 2002 17:01:34 +0000 (17:01 +0000)]
For sam_challenge do not encode optional strings if string not present.
Previously, a string of length zero was transmitted.
ticket: 1224
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14974
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 6 Nov 2002 19:41:13 +0000 (19:41 +0000)]
New file to define SPNEGO structures
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14973
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 6 Nov 2002 00:42:57 +0000 (00:42 +0000)]
This commit fixes up the in-tree callers of krb5_read_password() and
des_read_password(). We should perhaps tighten up the test suite now.
ticket: 1217
status: open
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14972
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 5 Nov 2002 21:54:47 +0000 (21:54 +0000)]
* asn1_encode.h (asn1_encode_oid):
* asn1_encode.c (asn1_encode_oid): New function.
* asn1_decode.h (asn1_decode_oid):
* asn1_decode.c (asn1_decode_oid): New function.
ticket: 1223
target_version: 1.3
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14971
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 5 Nov 2002 04:52:24 +0000 (04:52 +0000)]
New Makefile variable RPATH_FLAG, possibly used even when we're not
building shared libs. TCL_MAYBE_RPATH gets used to account for
linking a shared tcl lib when we're not building shared libs.
ticket: 1228
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14969
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 4 Nov 2002 02:20:51 +0000 (02:20 +0000)]
* do_as_req.c (process_as_req): Fix previous patch; it caused an
uninitialized pointer to be dereferenced under certain error
conditions.
ticket: 1206
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14964
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Sun, 3 Nov 2002 20:31:33 +0000 (20:31 +0000)]
Calling convention for krb5int_c_combine_keys does not match prototype
The Windows calling convention for krb5int_c_combine_keys does not match the
prototype in k5-int.h. I missed this during the initial commit since I
neglected to test out the build of this code on Windows.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14962
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 2 Nov 2002 18:27:11 +0000 (18:27 +0000)]
This fixes some test suite password prompt checks that were missed
earlier.
* kpasswd.0/changing.exp:
* lib/helpers.exp: Make checks for password prompts more lenient.
ticket: 1217
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14961
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 1 Nov 2002 22:13:57 +0000 (22:13 +0000)]
MITKRB5-SA-2002-002 buffer overflow in kadmind4
* kadm_ser_wrap.c (kadm_ser_in): Apply fix for MITKRB5-SA-2002-002
buffer overflow.
ticket: new
status: open
version_reported: 1.2.6
target_version: 1.2.7
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14959
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 31 Oct 2002 23:29:48 +0000 (23:29 +0000)]
* Makefile.in (check-unix): Don't run t_pkcs5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14956
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 31 Oct 2002 23:03:47 +0000 (23:03 +0000)]
* xdr_alloc.c (xdralloc_putlong): Coerce value pointed to by argument to 32
bits, rather than reading only 32 bits from the supplied address.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14954
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 31 Oct 2002 22:54:00 +0000 (22:54 +0000)]
* k5-int.h (krb5_ser_handle): Now points to const.
(krb5_kt_dfl_ops): Now const.
(struct _krb5_kt_ops): Field serializer now points to const krb5_ser_entry
instead of void.
* krb5.hin (struct _krb5_kt): Field ops now points to const.
* kt_file.c (krb5_ktf_ops, krb5_ktf_writable_ops): Now const. Drop cast of
serializer entry initializer.
(fopen_mode_rbplus, fopen_mode_rb): Now const.
* kt_srvtab.c (krb5_kts_ops): Now const.
* ktbase.c (krb5_ktf_ops, krb5_kts_ops): Update declarations.
(struct krb5_kt_typelist): Field ops now points to const.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14953
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 31 Oct 2002 21:44:04 +0000 (21:44 +0000)]
* aclocal.m4 (AC_KRB5_TCL_FIND_CONFIG): Use 'eval' when setting TCL_LIBS to
force variable substitutions to take place.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14952
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 31 Oct 2002 18:36:29 +0000 (18:36 +0000)]
ticket: new
owner: tlyu
status: open
Fix typo in debugging printf introduced in null
handling
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14951
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 30 Oct 2002 23:35:51 +0000 (23:35 +0000)]
* chk_trans.c (krb5_check_transited_list): Style nit: check
character against '\0' not NULL.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14949
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 30 Oct 2002 23:07:23 +0000 (23:07 +0000)]
* start_servers_local: If $USER isn't set, use $LOGNAME. If ovsec_kadm_srv_tcl
invocation to do some initialization fails, exit rather than continuing.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14948
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 30 Oct 2002 20:10:40 +0000 (20:10 +0000)]
ticket: 1230
owner: tlyu
status: open
Ignore trailing nulls on incoming tr encoding to be compatible
with bug in previous versions of krb5
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14946
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Wed, 30 Oct 2002 18:41:24 +0000 (18:41 +0000)]
Wrong ASN.1 definition and padata type for new hardware preauth
It turned out that early in the development cycle, one of our developers
picked the "next" PADATA type in krb5.hin, and we said, "We've got to
fix that when we get the real one assigned" ... and we never did. Noticed
by Ezra Peisach.
Also, the definition for sam-pk-for-sad was changed to OCTET STRING from
EncryptionKey in the draft and the code, but we never updated the ASN.1
definition. Also noticed by Ezra Peisach.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14945
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Oct 2002 22:11:57 +0000 (22:11 +0000)]
* localaddr.c (print_addr) [TEST]: Don't mix size_t and socklen_t, just assume
socklen macro will return a socklen_t value. Cast buffer size to socklen_t in
getnameinfo call.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14944
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Oct 2002 22:07:58 +0000 (22:07 +0000)]
* get_in_tkt.c (conf_yes, conf_no): Now const. References updated.
* preauth.c (preauth_systems): Now const. References updated.
* preauth2.c (pa_types): Now const.
(krb5_do_preauth): Local array paorder now const.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14943
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Oct 2002 21:20:50 +0000 (21:20 +0000)]
* aclocal.m4 (AC_KRB5_TCL): If --with-tcl is given, failure to find a library
we can use is now an error.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14942
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 28 Oct 2002 21:05:48 +0000 (21:05 +0000)]
If we get cannot resolve KDC for master but find a slave
return the real error from the slave rather than the resolution error.
ticket: 1232
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14941
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 28 Oct 2002 02:28:41 +0000 (02:28 +0000)]
Don't include trailing null in the transited encoding produced by the KDC.
Other routines do not expect the null to be included in the length so
policy checks fail. Also, sending the null over the wire is wrong.
ticket: 1230
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14940
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Thu, 24 Oct 2002 06:49:59 +0000 (06:49 +0000)]
Client code lacks support for draft-ietf-krb-wg-kerberos-sam-01.txt
This widely-spread commit implements support for the so-called "new"
hardware preauth protocol, defined in the IETF internet-draft
draft-ietf-krb-wg-kerberos-sam-01.txt. Note that this code is client-side
only.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14939
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Thu, 24 Oct 2002 02:03:15 +0000 (02:03 +0000)]
No support for negative password expiration last-req hint
Fixing an omission; previous code didn't support a negative value for the
password expiration hint (which is legal). Pointed out by Ezra Peisach.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14938
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 23 Oct 2002 20:15:59 +0000 (20:15 +0000)]
Implement asn1_encode_enumerated
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14937
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Hornstein [Wed, 23 Oct 2002 20:08:04 +0000 (20:08 +0000)]
gic_pwd doesn't support password expiration notification via last_req hint
In kerberos-clarifications, a new last-req type (6) has been specified
that indicates when a principal's password will expire. This code implements
support for this last-req type. Note that the intent is that the last-req
type will only be included by the KDC when the time until password expiration
reaches some threshold (e.g, one week), so this code will display the
password expiration anytime the last-req type is included.
ticket: 1065
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14936
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 23 Oct 2002 15:00:23 +0000 (15:00 +0000)]
* ftpcmd.y: Bison 1.75 cleanup. Essentially remove `=' before
statements to be executed.
ticket: 1218
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14935
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 22 Oct 2002 18:56:14 +0000 (18:56 +0000)]
* sendto_kdc.c (service_tcp_fd): If DEBUG defined, ensure that
initialization of variable not bypassed by goto.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14934
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 22 Oct 2002 18:53:10 +0000 (18:53 +0000)]
* configure.in: Autoconf 2.55 will not simply use cpp to test for
header file existance - the header file must be compilable. This
will mean that if one header depends on another, it must be
included. Test for term.h using the optional fourth argument to
AC_CHECK_HEADERS to specify include files to test.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14933
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 19 Oct 2002 01:22:31 +0000 (01:22 +0000)]
This commit fixes the test suite aspects. Callers of the various
read_password functions still need to be updated.
* api.2/init-v2.exp (test106): Make regexp more forgiving of
variant password prompts.
* api.0/init.exp (test7, test22, test225): Make regexp more
forgiving of variant password prompts.
ticket: 1217
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14932
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Oct 2002 02:35:34 +0000 (02:35 +0000)]
* start_servers_local: Set names of replay cache and log files to be per-user,
since they're in system-wide shared directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14931
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Oct 2002 18:53:59 +0000 (18:53 +0000)]
* start_servers_local: Telnet to 127.0.0.1, not "localhost", to probe for
kadmind, since kadmind does IPv4 only.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14930
dc483132-0cff-0310-8789-
dd5450dbe970
Paul Hill [Wed, 16 Oct 2002 17:13:48 +0000 (17:13 +0000)]
ver.h to winver.h ver.h has become depricated by MS. Using winver.h will support MSVC 6 and 7
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14929
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 15 Oct 2002 22:51:50 +0000 (22:51 +0000)]
Thanks, (corrected) patch applied
* hst_realm.c (krb5_try_realm_txt_rr): Apply patch from Nalin
Dahyabhai to bounds-check return value from res_search().
* locate_kdc.c (krb5_locate_srv_dns_1): Apply patch from Nalin
Dahyabhai to bounds-check return value from res_search().
ticket: 1216
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14928
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 15 Oct 2002 15:40:49 +0000 (15:40 +0000)]
* server_init.c (kadm5_lock, kadm5_unlock): Return KADM5_OK
instead of falling off end of function.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14927
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Oct 2002 01:41:12 +0000 (01:41 +0000)]
* aclocal.m4 (CONFIG_RULES): Define using AC_DEFUN
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14926
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Oct 2002 00:48:26 +0000 (00:48 +0000)]
* aclocal.m4: Use dnl after all AC_REQUIRE invocations.
(KRB5_AC_FORCE_STATIC): New macro. Warn if invoked after KRB5_LIB_AUX.
(KRB5_BUILD_LIBRARY_STATIC): Require it.
(CHECK_SIGPROCMASK, AC_PROG_ARCHIVE, AC_PROG_ARCHIVE_ADD, CHECK_DIRENT,
CHECK_WAIT_TYPE, CHECK_SIGNALS, KRB5_SIGTYPE, CHECK_SETJMP, WITH_KRB4, ADD_DEF,
KRB_INCLUDE, K5_GEN_MAKEFILE, _K5_GEN_MAKEFILE, K5_GEN_FILE, K5_AC_OUTPUT,
V5_AC_OUTPUT_MAKEFILE, CHECK_UTMP, WITH_NETLIB, KRB5_BUILD_LIBRARY_STATIC):
Define using AC_DEFUN instead of define.
Doesn't change the generated configure scripts except for changing (mostly
deleting) whitespace.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14925
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 11 Oct 2002 23:16:44 +0000 (23:16 +0000)]
* aclocal.m4 (WITH_CC_DEPRECATED_ARG): New macro.
(WITH_CC): Require it, and AC_PROG_CC.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14924
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 11 Oct 2002 22:50:10 +0000 (22:50 +0000)]
* aclocal.m4 (CONFIG_RULES): Comment out code looking for the in-tree version
of autoconf that we deleted.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14923
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Oct 2002 06:05:09 +0000 (06:05 +0000)]
implement krb5_read_password, des_read_password via krb5_prompter_posix
This commit fixes one incompatibility introduced when
krb5_read_password was reimplemented in terms of krb5_prompter_posix.
There is a remaining incompatibility, which is krb5_prompter_posix's
appending of the string ": " following a prompt. Callers of
krb5_read_password and of des_read_password don't expect this
behavior, which results in a double colon prompt, which breaks the
libkadm5 test suite.
* read_pwd.c (krb5_read_password): Restore name of size_return.
Set *size_return after successful call to krb5_prompter_posix,
since some callers were actually checking, e.g. kadm5.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14922
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 10 Oct 2002 22:06:02 +0000 (22:06 +0000)]
Implement krb5_read_password an des_read_pw_string
in terms of krb5_prompter_posix.
Change motivated by the desire for echo foo |kinit -4 bar to work in
test scripts, but having one implementation of password read functions on unix is good
anyway
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14921
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Oct 2002 03:00:27 +0000 (03:00 +0000)]
* Makefile.in (EXTRADEPSRCS): New variable.
(t_hmac$(EXEEXT), t_pkcs5$(EXEEXT), vectors$(EXEEXT)): New targets.
(check-unix): Depend on and run t_hmac and t_pkcs5.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14920
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Oct 2002 02:58:23 +0000 (02:58 +0000)]
* string2key.c (mit_des_string_to_key_int): If PRINT_TEST_VECTORS is defined,
print some of the intermediate results.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14919
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Oct 2002 02:52:51 +0000 (02:52 +0000)]
* Makefile.in (t_cksum4, t_cksum5): Include com_err library when linking
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14918
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Oct 2002 02:52:00 +0000 (02:52 +0000)]
whitespace
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14917
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Oct 2002 02:41:52 +0000 (02:41 +0000)]
* pbkdf2.c, t_hmac.c, t_pkcs5.c: New files
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14916
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 8 Oct 2002 20:53:29 +0000 (20:53 +0000)]
principal can't specify ks_tuples changing own passwd
Thanks, the patch has been applied and will appear in a future release.
* misc.c (chpass_principal_wrapper_3): Renamed from
chpass_principal_wrapper; calls chpass_principal_3 now.
(randkey_principal_wrapper_3): Renamed from
randkey_principal_wrapper; calls randkey_principal_3 now. Patch
from Ben Cox.
* server_stubs.c (chpass_principal_1_svc)
(chpass_principal3_1_svc): Call chpass_principal_wrapper_3.
(chrand_principal_1_svc, chrand_principal3_1_svc): Call
randkey_principal_wrapper_3. Patch from Ben Cox.
ticket: 1207
version_reported: 1.2.6
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14915
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 8 Oct 2002 20:20:29 +0000 (20:20 +0000)]
libkadm5 should allow persistent locks
libkadm5 should have a way to persistently lock the databases to avoid
wasting time on closing and reopening. These patches implement
persistent exclusive locks for local access only.
ticket: new
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14914
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 8 Oct 2002 02:27:39 +0000 (02:27 +0000)]
ASN.1 code passes uninitialized values around
* asn1_get.c (asn1_get_tag_indef): Stomp on asn1class,
construction, retlen, and indef, even if we've hit the end of the
buffer, to avoid passing uninitialized values around.
* asn1_k_decode.c: Reformat somewhat and add comments to demystify
things a little.
(opt_field): Fix to explicitly check for end of subbuf before
verifying the pre-fetched tag, which may have been stomped on by
asn1_get_tag_indef() encountering end-of-buffer.
* krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check
for end of subbuf before verifying the pre-fetched tag, which may
have been stomped on by asn1_get_tag_indef() encountering
end-of-buffer.
ticket: new
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14913
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 7 Oct 2002 21:51:49 +0000 (21:51 +0000)]
Implement an install-headers target to install public headers into KRB5_INCDIR;
probably called by setting DESTDIR.
ticket: 1208
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14912
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Oct 2002 20:42:51 +0000 (20:42 +0000)]
* default.exp (stop_kerberos_daemons): Kill, expect eof, wait, in
that order. Avoids delivery of multiple signals (HUP+TERM) to KDC
daemons when shutting down.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14911
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sun, 6 Oct 2002 01:44:27 +0000 (01:44 +0000)]
* do_as_req.c (process_as_req): Apply fix from Kevin Coffman to
avoid leaking padata.
ticket: 1206
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14910
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 3 Oct 2002 22:07:11 +0000 (22:07 +0000)]
Move test_* from all to check target
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14909
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 30 Sep 2002 04:21:10 +0000 (04:21 +0000)]
* rsh.exp (rsh_test): Explicitly call stop_rsh_daemon upon pass
for "encrypted rsh" test, to avoid zombies.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14908
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sun, 29 Sep 2002 21:00:31 +0000 (21:00 +0000)]
* default.exp (start_kerberos_daemons): Fix to use "tail -f" to
check for setup messages from daemons; this avoids a few race
conditions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14907
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 28 Sep 2002 00:03:03 +0000 (00:03 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14906
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 27 Sep 2002 23:58:05 +0000 (23:58 +0000)]
* depgen.sed: Solaris sed doesn't like '\(^.*$\)'; replace it with
'^\(.*\)$'.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14905
dc483132-0cff-0310-8789-
dd5450dbe970