krb5.git
28 years ago * main.c (initialize_realms): missing indirection for conf_val in
Mark Eichin [Sun, 25 Feb 1996 21:07:18 +0000 (21:07 +0000)]
* main.c (initialize_realms): missing indirection for conf_val in
alternate profile code. (This should really be in a library...)
(thanks ezra!)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7544 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * g_acquire_cred.c, g_delete_sec_context.c, g_dsp_name.c,
Mark Eichin [Sun, 25 Feb 1996 20:44:06 +0000 (20:44 +0000)]
* g_acquire_cred.c, g_delete_sec_context.c, g_dsp_name.c,
g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c,
g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c,
g_inq_cred.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c,
g_rel_oid_set.c: include stdio.h to actually get NULL.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7543 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in, g_inquire_cred.c, g_inquire_names.c, g_inquire_context.c:
Theodore Tso [Sun, 25 Feb 1996 02:58:18 +0000 (02:58 +0000)]
Makefile.in, g_inquire_cred.c, g_inquire_names.c, g_inquire_context.c:

Renamed files to g_inq_cred.c, g_inq_names.c, and g_inq_context.c,
respectively.  To make files be unqiue to DOS's 8.3 restrictions.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7539 dc483132-0cff-0310-8789-dd5450dbe970

28 years agohpux make doesn't grok $@, so I'm told. Use explicit target names for
Theodore Tso [Sun, 25 Feb 1996 02:47:20 +0000 (02:47 +0000)]
hpux make doesn't grok $@, so I'm told.  Use explicit target names for
building errortable include files.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7538 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDon't do call vhangup() if system doesn't have it
Theodore Tso [Sun, 25 Feb 1996 02:35:35 +0000 (02:35 +0000)]
Don't do call vhangup() if system doesn't have it

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7537 dc483132-0cff-0310-8789-dd5450dbe970

28 years agog_acquire_cred.c (gss_add_cred): New GSSAPI V2 function
Theodore Tso [Sun, 25 Feb 1996 02:33:59 +0000 (02:33 +0000)]
g_acquire_cred.c (gss_add_cred): New GSSAPI V2 function

g_inquire_cred.c (gss_inquire_cred_by_mech): New GSSAPI V2 function.

g_init_sec_context.c (gss_init_sec_context): Make sure we convert the
union credential into a mechanism specific credential.

g_glue.c (__gss_get_mechanism_cred): New function for returning the
mechanism-specific credential from a union credential.

g_inquire_names.c (gss_inquire_names_for_mech):
g_oid_ops.c (gss_str_to_oid, gss_oid_to_str, ss_test_oid_set_member,
gss_add_oid_set_member, gss_create_empty_oid_set, gss_release_oid):
g_imp_sec_context.c (gss_import_sec_context):
g_exp_sec_context.c (gss_export_sec_context):
g_inquire_cred.c (gss_inquire_cred):
g_rel_oid_set.c (gss_release_oid_set):
g_rel_buffer.c (gss_release_buffer):
g_rel_name.c (gss_release_name):
g_imp_name.c (gss_import_name):
g_dsp_name.c (gss_display_name):
g_compare_name.c (gss_compare_name):
g_indicate_mechs.c (gss_indicate_mechs):
g_dsp_status.c (gss_display_status):
g_unseal.c (gss_unseal, gss_unwrap):
g_seal.c (gss_seal, gss_wrap):
g_verify.c (gss_verify, gss_verify_mic):
g_sign.c (gss_sign, gss_get_mic):
g_context_time.c (gss_context_time):
g_delete_sec_context.c (gss_delete_sec_context):
g_process_context.c (gss_process_context):
g_accept_sec_context.c (gss_accept_sec_context):
g_init_sec_context.c (gss_init_sec_context):
g_rel_cred.c (gss_release_cred):
g_acquire_cred.c (gss_acquire_cred): Added INTERFACE keyword for Windows.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7536 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoNew error code function
Theodore Tso [Sun, 25 Feb 1996 02:31:42 +0000 (02:31 +0000)]
New error code function

XXX Need to square number assigment with official C-binds draft once
it is issued.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7535 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoWith this change, lddb -old actually *works* on old dumps..
Mark Eichin [Sun, 25 Feb 1996 01:35:18 +0000 (01:35 +0000)]
With this change, lddb -old actually *works* on old dumps..

* dump.c (process_k5beta_record): encrypted keys used to have 4
byte lengths in MSB order, need to convert to 2 byte LSB order
lengths before storing. Handle primary key and alternate key.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7534 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd support for new V2 call gss_wrap_size_limit
Theodore Tso [Sun, 25 Feb 1996 00:27:59 +0000 (00:27 +0000)]
Add support for new V2 call gss_wrap_size_limit

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7533 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd support for new V2 call gss_wrap_size_limit()
Theodore Tso [Sun, 25 Feb 1996 00:27:20 +0000 (00:27 +0000)]
Add support for new V2 call gss_wrap_size_limit()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7532 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFor MS-DOS filesystems, you must close the file before unlinking it,
Theodore Tso [Sun, 25 Feb 1996 00:17:39 +0000 (00:17 +0000)]
For MS-DOS filesystems, you must close the file before unlinking it,
otherwise the unlink() will fail.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7531 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd support for shared libraries under HPUX and Sinix (SysVR4 under mips)
Theodore Tso [Sun, 25 Feb 1996 00:08:27 +0000 (00:08 +0000)]
Add support for shared libraries under HPUX and Sinix (SysVR4 under mips)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7530 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd support for HPUX and Sinix (sys5r4 on mips)
Theodore Tso [Sun, 25 Feb 1996 00:05:32 +0000 (00:05 +0000)]
Add support for HPUX and Sinix (sys5r4 on mips)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7529 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUnder Windows, assume that the keytab file is located in the Windows
Theodore Tso [Sun, 25 Feb 1996 00:01:14 +0000 (00:01 +0000)]
Under Windows, assume that the keytab file is located in the Windows
directory.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7528 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUnder windows, let it be %s\v5srvtab. It will be filled in by the
Theodore Tso [Sun, 25 Feb 1996 00:00:39 +0000 (00:00 +0000)]
Under windows, let it be %s\v5srvtab.  It will be filled in by the
krb5_kt_default_name with the name of windows directory.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7527 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUse Windows path separator, if appropriate. Under Windows also use
Theodore Tso [Sat, 24 Feb 1996 23:55:04 +0000 (23:55 +0000)]
Use Windows path separator, if appropriate.  Under Windows also use
the environment variables TEMP and TMP for the replay cache.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7526 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd new GSSAPI V2 calls. (XXX we still need to get the official
Theodore Tso [Sat, 24 Feb 1996 23:48:32 +0000 (23:48 +0000)]
Add new GSSAPI V2 calls. (XXX we still need to get the official
function numbers defined for them.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7525 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoNo longer need to call name-type/mechanism registration function.
Theodore Tso [Sat, 24 Feb 1996 23:46:36 +0000 (23:46 +0000)]
No longer need to call name-type/mechanism registration function.
This is now done for us by the generic intialization function.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7524 dc483132-0cff-0310-8789-dd5450dbe970

28 years agog_mechname.c (gss_add_mech_name_type): Only mark a name-type as being
Theodore Tso [Sat, 24 Feb 1996 23:45:13 +0000 (23:45 +0000)]
g_mechname.c (gss_add_mech_name_type): Only mark a name-type as being
non-mechanism-specific if the mechanism doesn't match the type
currently associated with the name-type.

g_init_sec_context.c (gss_init_security_context): If we are using a
mechanism-specific name, use the mechanism-specific name directly,
instead of calling __gss_internal_import() on the external form of the
name.  If the mechanism_type is unspecified, use the type of the
mechanism-specific name.  If the mechanism_type is specified, it must
match the type of the supplied name.

g_acquire_cred.c (gss_acquire_cred): If we are acquiring credentials
for a mechanism-specific name, use the name directly, instead of doing
an __gss_internal_import() on the name.  Also, if the
desired_mechanisms oid is NULL, default to using the mechanism-type of
the mechanism-specific name.

g_compare_name.c (gss_compare_name): Add logic for comparing
mechanism-specific names.

g_accept_sec_context.c (gss_accept_sec_context): Use
__gss_convert_name_to_union_name() to take the gss_name_t returned by
the mechanism accept_sec_context(), and convert it into a
mechanism-specific union name.

g_inquire_context.c (gss_inquire_context): Removed local static
function convert_name_to_union_name(), and changed references to it
use the generalized __gss_convert_name_to_union_name() call.

g_glue.c (__gss_convert_name_to_union_name): New function which takes
gss_name_t returned by a particular mechanism, and converts it into a
gss_union_name.

g_rel_oid_set.c (gss_release_oid_set): Manually free the oids in an
OID set, since the containing structure is allocated as an array.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7523 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * mglueP.h (gss_config): Change int fields to OM_uint32 to match
Ezra Peisach [Sat, 24 Feb 1996 18:47:17 +0000 (18:47 +0000)]
* mglueP.h (gss_config): Change int fields to OM_uint32 to match
arguments to procedure calls in gss_init_sec_context,
gss_accept_sec_context, and gss_display_status.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7522 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * import_sec_context.c (krb5_gss_import_sec_context): Do not
Ezra Peisach [Sat, 24 Feb 1996 17:07:25 +0000 (17:07 +0000)]
* import_sec_context.c (krb5_gss_import_sec_context): Do not
shadow parameter ctx.

* inq_context.c (krb5_gss_inquire_context): Do not shadow
parameter ctx.

The variable ctx was used both as an argument to the function (and put
into the variabel context) and declared as a local variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7521 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * rel_oid.c (krb5_gss_internal_release_oid): Change to match prototype
Ezra Peisach [Sat, 24 Feb 1996 16:56:48 +0000 (16:56 +0000)]
* rel_oid.c (krb5_gss_internal_release_oid): Change to match prototype

* process_context_token.c (krb5_gss_process_context_token): Change
to match prototype.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7520 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * ext.h, utility.c (fatalperror, fatal): Add const to argument
Ezra Peisach [Sat, 24 Feb 1996 14:32:04 +0000 (14:32 +0000)]
* ext.h, utility.c (fatalperror, fatal): Add const to argument

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7519 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDeclare krb__get_srvtabname()
Ezra Peisach [Sat, 24 Feb 1996 14:29:32 +0000 (14:29 +0000)]
Declare krb__get_srvtabname()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7518 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoremove errno correctly
Mark Eichin [Sat, 24 Feb 1996 06:25:31 +0000 (06:25 +0000)]
remove errno correctly

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7517 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoremove extraneous second include of stdlib.h
Mark Eichin [Sat, 24 Feb 1996 06:24:48 +0000 (06:24 +0000)]
remove extraneous second include of stdlib.h
remove extra ; from previous merge
remove declaration of errno

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7516 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoSimple test program for testing how GSSAPI import name works. (May be
Theodore Tso [Sat, 24 Feb 1996 05:14:23 +0000 (05:14 +0000)]
Simple test program for testing how GSSAPI import name works.  (May be
made into a more full-fledged test program later.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7515 dc483132-0cff-0310-8789-dd5450dbe970

28 years agogssapiP_krb5.h: Changed most krb5 gssapi functions to take a void * as
Theodore Tso [Sat, 24 Feb 1996 05:10:47 +0000 (05:10 +0000)]
gssapiP_krb5.h: Changed most krb5 gssapi functions to take a void * as
their first argument, instead of a krb5_context.  Makes for a cleaner
interface to the mechanism glue layer.

k5mech.c (krb5_gss_initialize): Call name-type/mechanism registration
function so that mechanism glue layer knows whether or not a name
needs to be lazy evaluated or not.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7514 dc483132-0cff-0310-8789-dd5450dbe970

28 years agog_imp_name.c (gss_import_name): If the user passes in a name-type
Theodore Tso [Sat, 24 Feb 1996 05:05:48 +0000 (05:05 +0000)]
g_imp_name.c (gss_import_name): If the user passes in a name-type
which is mechanism specific, then import it immediately; don't lazy
evaluate it.

g_mechname.c (gss_add_mech_name_type): New file for maintaining a
registry of name-types which are mechanism specific.

g_dsp_name.c (gss_display_name): If there is a mechanism specific
name, use it when displaying the name.

oid_ops.c (generic_gss_copy_oid): New function used to copy an OID
object.

g_rel_name.c (gss_release_name): Release the OID in the mechanism
name, as it is now allocated.  Release the mechanism-specific name if
it is present.

g_imp_name.c (gss_import_name):  Copy the input OID, so we don't
have to worry about memory allocation problems later.

oid_ops.c (generic_gss_copy_oid): Added new function to copy OIDs.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7513 dc483132-0cff-0310-8789-dd5450dbe970

28 years agomore changes from cygnus source
Mark Eichin [Sat, 24 Feb 1996 02:26:19 +0000 (02:26 +0000)]
more changes from cygnus source
Fri Feb 16 15:51:59 1996  Mark Eichin  <eichin@cygnus.com>

* ftpcmd.y (yylex): error handling changes from kbalk@hp.com.

Tue Jan 16 18:44:42 1996  Mark Eichin  <eichin@cygnus.com>

* ftpd.c (user): 331 is more appropriate for kuserok failure.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7512 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoupdate from cygnus sources
Mark Eichin [Sat, 24 Feb 1996 02:20:22 +0000 (02:20 +0000)]
update from cygnus sources

Fri Feb 16 15:50:51 1996  Mark Eichin  <eichin@cygnus.com>

* ftp.c (do_auth): return status handling fixes from kbalk@hp.com.

Tue Jan 16 19:05:31 1996  Mark Eichin  <eichin@cygnus.com>

* ftp.c (login): move do_auth ...
* cmds.c (setpeer): ... to just before login call.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7511 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * keytab.c (krb5_ktkdb_close): new function, non-optional.
Mark Eichin [Sat, 24 Feb 1996 00:40:44 +0000 (00:40 +0000)]
* keytab.c (krb5_ktkdb_close): new function, non-optional.
(krb5_kt_kdb_ops): include _close method, comment what the other
slots are.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7510 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFri Jan 12 04:37:23 1996 Mark Eichin <eichin@cygnus.com>
Mark Eichin [Sat, 24 Feb 1996 00:34:56 +0000 (00:34 +0000)]
Fri Jan 12 04:37:23 1996  Mark Eichin  <eichin@cygnus.com>

* cnv_tkt_skey.c (krb524_convert_tkt_skey): rather than apply fit
  an extended v5 lifetime into a v4 range, give out a v4 ticket with
  as much of the v5 lifetime is available "now" instead.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7509 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoSat Feb 3 22:37:55 1996 Mark Eichin <eichin@cygnus.com>
Mark Eichin [Sat, 24 Feb 1996 00:31:42 +0000 (00:31 +0000)]
Sat Feb  3 22:37:55 1996  Mark Eichin  <eichin@cygnus.com>

* network.c (add_port): sunos realloc doesn't handle a NULL
pointer, so protect with a macro.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7508 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoone step closer to *really* only depending on krb5.conf. (I don't know
Mark Eichin [Sat, 24 Feb 1996 00:29:47 +0000 (00:29 +0000)]
one step closer to *really* only depending on krb5.conf. (I don't know
of any others, but this was a big one.)

Sat Feb 10 02:46:27 1996  Mark Eichin  <eichin@cygnus.com>

* main.c (initialize_realms): look for [kdc] profile=path for
default alternate kdc profile (environment variable still
overrides it.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7507 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoThis is the aggregate of a bunch of fixes to kadmind (after all, some people
Mark Eichin [Sat, 24 Feb 1996 00:18:51 +0000 (00:18 +0000)]
This is the aggregate of a bunch of fixes to kadmind (after all, some people
actually use it.) Note that in admin.c, I shredded admin_add_modify and
admin_merge_dbentries, converting them to a goto-exception style, eliminating
the excessive nesting, so they were readable; having done so, admin_add_modify
turned out to be correct, and admin_merge_dbentries was "obviously" broken
in that it assigned random keys gratuitiously. Fixing this causes "modent"
to actually work, without destroying the key...

Wed Feb 21 21:26:50 1996  Mark Eichin  <eichin@cygnus.com>

* srv_main.c (xprintf): handle VARARGS.

Sun Feb 18 00:08:02 1996  Mark W. Eichin  <eichin@cygnus.com>

* admin.c (admin_merge_dbentries): rewrite for readability, and
fix the year old bug of modify randomizing the password field.
(admin_add_modify): rewrite for readability.

Fri Feb  9 20:11:50 1996  Mark Eichin  <eichin@cygnus.com>

* srv_net.c (net_init): gethostbyname doesn't use errno,
compensate by using KRB5_ERR_BAD_HOSTNAME.

Tue Dec 12 19:14:51 1995  Mark Eichin  <eichin@cygnus.com>

* admin.c (admin_merge_dbentries): new argument mod_only, to
distinguish between add and modify.
(admin_add_modify): new argument mod_only, to distinguish between
add and modify (and pass through to admin_merge_dbentries.)
(admin_add_principal, admin_modify_principal, admin_change_opwd,
admin_change_orandpw): pass flag indicating modify or add.

Tue Sep 26 22:51:25 1995  Mark Eichin  <eichin@cygnus.com>

* admin.c (admin_add_modify): copy, don't just assign, principals
to avoid double-freeing. Zero out "contents" and mod_name fields
after freeing, likewise. Free cur_dbentry and new_dbentry properly.

Tue Sep 26 02:56:41 1995  Mark Eichin  <eichin@cygnus.com>

* srv_acl.c (acl_free_entries): jump the ae_next link *before*
freeing the item so we don't lose it.

Tue Sep 26 02:28:35 1995  Mark Eichin  <eichin@cygnus.com>

* admin.c (admin_merge_dbentries): copy who into dbentp->mod_name
because callers will free it after successful use.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7506 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * krb5.hin (krb5_x, krb5_xc): wrapper macros to test all function
Mark Eichin [Sat, 24 Feb 1996 00:01:31 +0000 (00:01 +0000)]
* krb5.hin (krb5_x, krb5_xc): wrapper macros to test all function
pointers before calling through them (abort if null.) Simplifies
debugging on many platforms. Currently #if 1, but could be
conditionalized once we're in "production".

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7505 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P
Mark Eichin [Fri, 23 Feb 1996 23:44:44 +0000 (23:44 +0000)]
* kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7504 dc483132-0cff-0310-8789-dd5450dbe970

28 years agot_random.c: New file which just tests the random number generator
Theodore Tso [Fri, 23 Feb 1996 02:37:33 +0000 (02:37 +0000)]
t_random.c: New file which just tests the random number generator

new_rn_key.c (mit_des_set_random_generator_seed): Add fix so that we
do something even if the input key is not a valid DES key.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7503 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * Makefile.in (check-unix): Set LD_LIBRARY_PATH for kdb5_anadd
Ezra Peisach [Thu, 22 Feb 1996 18:19:15 +0000 (18:19 +0000)]
* Makefile.in (check-unix): Set LD_LIBRARY_PATH for kdb5_anadd

* hostaddr.c (krb5_os_hostaddr): Set magic number in structure.

* full_ipadr.c (krb5_make_full_ipaddr): Set magic number in structure.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7502 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDo not free memory before done using it. (The credential was pointing
Ezra Peisach [Thu, 22 Feb 1996 13:11:38 +0000 (13:11 +0000)]
Do not free memory before done using it. (The credential was pointing
to memory that is freed and then referenced again)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7501 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoA few more things are complete.
Richard Basch [Thu, 22 Feb 1996 05:49:42 +0000 (05:49 +0000)]
A few more things are complete.
Added a note about the TGS req starttime bug.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7500 dc483132-0cff-0310-8789-dd5450dbe970

28 years agokerberos_v4.c: Better DES key validation.
Richard Basch [Thu, 22 Feb 1996 04:42:42 +0000 (04:42 +0000)]
kerberos_v4.c: Better DES key validation.
main.c: Don't assume master key is DES for initializing the V4 randkey
generator; use a random key from the DES_CBC_CRC generator as the seed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7499 dc483132-0cff-0310-8789-dd5450dbe970

28 years agokadm_funcs.c: add_entry was failing; improper struct initialization
Richard Basch [Thu, 22 Feb 1996 04:41:12 +0000 (04:41 +0000)]
kadm_funcs.c: add_entry was failing; improper struct initialization

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7498 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in: Don't install k5-int.h
Richard Basch [Thu, 22 Feb 1996 04:40:25 +0000 (04:40 +0000)]
Makefile.in: Don't install k5-int.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7497 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* aclocal.m4
Richard Basch [Thu, 22 Feb 1996 04:40:02 +0000 (04:40 +0000)]
* aclocal.m4
Don't include build directory in rpath
Fixed cache variable prefix (from krb_ to krb5_)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7496 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago Do not include the build directories in the rpath (runtime lib path)
Richard Basch [Thu, 22 Feb 1996 04:24:39 +0000 (04:24 +0000)]
Do not include the build directories in the rpath (runtime lib path)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7495 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* kerberos_v4.c
Richard Basch [Thu, 22 Feb 1996 04:23:30 +0000 (04:23 +0000)]
* kerberos_v4.c
Improve the checks that DES keys are being used.
* main.c
Do not assume that the master key is necessarily a DES key suitable
for use to initialize the V4 random key generator.  Instead, after
initializing the DES_CBC_CRC generator, get a random key and use that
to seed the V4 random key generator.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7494 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago add_entry was not working because the structure length element was
Richard Basch [Thu, 22 Feb 1996 04:21:07 +0000 (04:21 +0000)]
add_entry was not working because the structure length element was
not being initialized.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7493 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago Do not install k5-int.h
Richard Basch [Thu, 22 Feb 1996 04:20:02 +0000 (04:20 +0000)]
Do not install k5-int.h

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7492 dc483132-0cff-0310-8789-dd5450dbe970

28 years agokerberos_v4.c (kerberos_v4): Use strong random number generator
Theodore Tso [Wed, 21 Feb 1996 20:21:50 +0000 (20:21 +0000)]
kerberos_v4.c (kerberos_v4): Use strong random number generator

main.c (main): Initialize Kerberos V4's random number generator.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7491 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoIf the configuration file does not exist (context->profile == NULL)
Theodore Tso [Sat, 17 Feb 1996 05:07:06 +0000 (05:07 +0000)]
If the configuration file does not exist (context->profile == NULL)
return KRB5_CONFIG_CANTOPEN; if the default realm is not defined in
the configuration file, return an error message saying so.  These
changes just make the diagnostic error messages more clear.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7486 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded new error table code KRB5_CONFIG_NODEFREALM
Theodore Tso [Fri, 16 Feb 1996 17:04:45 +0000 (17:04 +0000)]
Added new error table code KRB5_CONFIG_NODEFREALM

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7485 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoIf version is not FVNO_4, do not seek forwar a random stack value.
Ezra Peisach [Thu, 15 Feb 1996 20:07:29 +0000 (20:07 +0000)]
If version is not FVNO_4, do not seek forwar a random stack value.
Also check resturn status of lseek.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7481 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoSet magic number in krb5_address
Ezra Peisach [Thu, 15 Feb 1996 15:59:43 +0000 (15:59 +0000)]
Set magic number in krb5_address

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7480 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMake parsing more flexible, so we don't barf over lack of spaces
Theodore Tso [Wed, 14 Feb 1996 21:48:05 +0000 (21:48 +0000)]
Make parsing more flexible, so we don't barf over lack of spaces
around the equals sign.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7479 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kdb5_edit.c (enter_master_key, set_dbname_help): If master key
Ezra Peisach [Wed, 14 Feb 1996 14:55:34 +0000 (14:55 +0000)]
    * kdb5_edit.c (enter_master_key, set_dbname_help): If master key
                enctype is unknown, set to DEFAULT_KDC_ENCTYPE.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7478 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kdb_dbm.c (krb5_dbm_db_rename): Initialize pointer before use
Ezra Peisach [Wed, 14 Feb 1996 02:40:31 +0000 (02:40 +0000)]
* kdb_dbm.c (krb5_dbm_db_rename): Initialize pointer before use
for case where new db does not exist.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7477 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kdb5_edit.c (extract_v4_srvtab): krb5_dbekd_decrypt_key_data
Ezra Peisach [Tue, 13 Feb 1996 21:11:40 +0000 (21:11 +0000)]
* kdb5_edit.c (extract_v4_srvtab): krb5_dbekd_decrypt_key_data
takes krb5_key_data *, not **.

Prototype warnings realy do mean potential errors.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7476 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemove junk file
Theodore Tso [Tue, 13 Feb 1996 03:52:55 +0000 (03:52 +0000)]
Remove junk file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7475 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix lint flame (added missing cast)
Theodore Tso [Tue, 13 Feb 1996 03:42:47 +0000 (03:42 +0000)]
Fix lint flame (added missing cast)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7474 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoIncluide stdlib.h for declaration of malloc
Ezra Peisach [Sun, 11 Feb 1996 01:58:20 +0000 (01:58 +0000)]
Incluide stdlib.h for declaration of malloc

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7470 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * g_glue.c: grab stdlib.h to get NULL
Tom Yu [Sat, 10 Feb 1996 23:46:05 +0000 (23:46 +0000)]
* g_glue.c: grab stdlib.h to get NULL

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7469 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoOnly display secure_message if encryption actually enabled
Sam Hartman [Sat, 10 Feb 1996 02:45:42 +0000 (02:45 +0000)]
Only display secure_message if encryption actually enabled

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7467 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFixed bug in v4 compatability: you don't check
Sam Hartman [Sat, 10 Feb 1996 02:35:39 +0000 (02:35 +0000)]
Fixed bug in v4 compatability: you don't check
v5 authenticator checksums when v4 is being used.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7466 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* scc.h scc_gprin.c scc_maybe.c scc_skip.c scc_sseq.c
Richard Basch [Fri, 9 Feb 1996 02:19:14 +0000 (02:19 +0000)]
* scc.h scc_gprin.c scc_maybe.c scc_skip.c scc_sseq.c
Store and retrieve the os_context time offset from the
credentials cache.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7465 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* pre.in
Richard Basch [Fri, 9 Feb 1996 01:05:50 +0000 (01:05 +0000)]
* pre.in
Install administrative database utilities in sbin, not admin.
Also, define $(transform) to be the sed transformation for program
installation.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7464 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* kinit.c
Richard Basch [Fri, 9 Feb 1996 00:52:44 +0000 (00:52 +0000)]
* kinit.c
Only initialize the credentials cache if credentials were obtained.
This means you won't blow away the old cache if an incorrect password
was entered, and it also allows for the os_context time offset to be
set properly in the credentials cache.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7463 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* fcc_maybe.c
Richard Basch [Fri, 9 Feb 1996 00:50:32 +0000 (00:50 +0000)]
* fcc_maybe.c
Only store the os_context time offset if it is valid.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7462 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* fcc.h fcc_gprin.c fcc_maybe.c fcc_skip.c fcc_sseq.c
Richard Basch [Fri, 9 Feb 1996 00:47:05 +0000 (00:47 +0000)]
* fcc.h fcc_gprin.c fcc_maybe.c fcc_skip.c fcc_sseq.c
Store the time offset from the os_context in the credentials cache.
When applications open the credentials cache, they will set the
os_context time offset if kdc_timesync is set and the os_context
time offset has not yet been set.
  Note: The time offset is stored during krb5_cc_initialize, so the os_context
should be set prior to this operation.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7461 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * configure.in: Check for stdlib.h
Ezra Peisach [Wed, 7 Feb 1996 20:33:12 +0000 (20:33 +0000)]
* configure.in: Check for stdlib.h

* secure.c, pclose.c, ruserpass.c, ftp.c: Include stdlib.h if
present for malloc declarations.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7453 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoNeed to include stdio.h and errno.h no matter what.
Ezra Peisach [Wed, 7 Feb 1996 19:18:40 +0000 (19:18 +0000)]
Need to include stdio.h and errno.h no matter what.
(stderr and ENOMEM needs to be defined)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7452 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMake clean removes ftpd (not ftp)
Ezra Peisach [Wed, 7 Feb 1996 18:38:02 +0000 (18:38 +0000)]
Make clean removes ftpd (not ftp)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7451 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoNew files, for danw's changes to allow building Makefiles for the
Theodore Tso [Wed, 7 Feb 1996 05:33:25 +0000 (05:33 +0000)]
New files, for danw's changes to allow building Makefiles for the
Macintosh.  We now can build MPW makefiles which are interpreted by
CodeWarrior.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7445 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFolded in danw's changes to allow building Makefiles for the
Theodore Tso [Wed, 7 Feb 1996 05:30:24 +0000 (05:30 +0000)]
Folded in danw's changes to allow building Makefiles for the
Macintosh.  We now can build MPW makefiles which are interpreted by
CodeWarrior.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7444 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoCommited new snapshot from Roland Schemers at Sun
Theodore Tso [Wed, 7 Feb 1996 05:04:58 +0000 (05:04 +0000)]
Commited new snapshot from Roland Schemers at Sun

This snapshot features a BSD-style copyright notice from Sun.  It also
includes the code to parse a configuration file and then dlopen the
proper shared library.  Miscellaneous cleanup in the mechglue directory.
Namespace uglieness (like get_mechanism) have been cleaned up, to use
things like __gss_get_mechanism instead.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7442 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* configure.in, Makefile.in
Richard Basch [Sun, 4 Feb 1996 04:21:09 +0000 (04:21 +0000)]
* configure.in, Makefile.in
Berkeley hash db is now a separate library

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7437 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* configure.in, Makefile.in
Richard Basch [Sun, 4 Feb 1996 04:20:23 +0000 (04:20 +0000)]
* configure.in, Makefile.in
Better support of alternate db libraries.
Berkeley db is now a separate library

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7436 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* Makefile.in
Richard Basch [Sun, 4 Feb 1996 04:19:17 +0000 (04:19 +0000)]
* Makefile.in
Support --program-prefix, --program-suffix, --program-transform

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7435 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* aclocal.m4
Richard Basch [Sun, 4 Feb 1996 04:16:00 +0000 (04:16 +0000)]
* aclocal.m4
Support --program-prefix and --program-suffix
Support different dbm libraries better.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7434 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemove check to make sure ticket enctype
Sam Hartman [Thu, 1 Feb 1996 22:01:13 +0000 (22:01 +0000)]
Remove check to make sure ticket enctype
is in the tgs enctypes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7431 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemove check to make sure cached tickets are in tgs_enctypes
Sam Hartman [Thu, 1 Feb 1996 22:00:01 +0000 (22:00 +0000)]
Remove check to make sure cached tickets are in tgs_enctypes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7430 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* rcp (client mode) now uses rsh -x but still supports the old encryption in
Sam Hartman [Thu, 1 Feb 1996 05:56:27 +0000 (05:56 +0000)]
* rcp (client mode) now uses rsh -x but still supports the old encryption in
     server mode.
* krshd will work in encrypting mode even when the port for stderr is null.
* rcp will work if stdin isn't not a socket, but is a pipe  in remote mode
* krshd destroys forwarded credentials properly
* For rsh, the secure_message got moved to the client; if you use a new client
     with an old server, you get secure_message twice, but it should be a
     useful change long-term.
* Fixed typo in rcp man page.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7423 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* krshd: Make sure KRB5CCNAME gets set for forward creds; code could be much cleaner.
Sam Hartman [Wed, 31 Jan 1996 22:26:17 +0000 (22:26 +0000)]
* krshd: Make sure KRB5CCNAME gets set for forward creds; code could be much cleaner.
* forward.c: give caller handle to ccache so it can be destroyed.
* krshd: destroy the ccache if it is non-null.
* krlogind:  Fix call, but don't destroy cache, as
    login.krb5 should do that any year now.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7422 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoSeveral changes to the db rename feature.
Richard Basch [Wed, 31 Jan 1996 00:22:23 +0000 (00:22 +0000)]
Several changes to the db rename feature.
Renaming locks the target lock file.
If the target lock file doesn't exist, create it.
Check the return value of krb5_dbm_db_set_name and set the
context accordingly if the target didn't exist.
Only unlink the source lock file if one could be computed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7418 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
Mark Eichin [Tue, 30 Jan 1996 23:30:23 +0000 (23:30 +0000)]
* dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
to fprintf correctly.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7417 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kdb_dbm.c (krb5_dbm_db_rename): O_EXCL is meaningless without
Mark Eichin [Tue, 30 Jan 1996 23:28:18 +0000 (23:28 +0000)]
* kdb_dbm.c (krb5_dbm_db_rename): O_EXCL is meaningless without
O_CREAT.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7416 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDon't update the utmp file unless update_utmp is true
Sam Hartman [Tue, 30 Jan 1996 18:04:30 +0000 (18:04 +0000)]
Don't update the utmp file  unless update_utmp is true

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7414 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * dump.c (process_k5_record): t2..t9 is only 8 vars, not 9
Mark Eichin [Sun, 28 Jan 1996 19:36:35 +0000 (19:36 +0000)]
* dump.c (process_k5_record): t2..t9 is only 8 vars, not 9

make check is useful, gang...

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7412 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix quoting problem
Sam Hartman [Sun, 28 Jan 1996 00:20:31 +0000 (00:20 +0000)]
Fix quoting problem

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7411 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFixes to build on Linux;
Sam Hartman [Sat, 27 Jan 1996 23:50:53 +0000 (23:50 +0000)]
Fixes to build on Linux;
never call fcntl(F_SETOWN)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7410 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix bug in finding the tgs key;
Sam Hartman [Sat, 27 Jan 1996 06:40:36 +0000 (06:40 +0000)]
Fix bug in finding the  tgs key;
we really really want to avoid encrypting v4 tickets in DES3 keys.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7407 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoImplement -e option for keytabs
Sam Hartman [Sat, 27 Jan 1996 06:39:40 +0000 (06:39 +0000)]
Implement -e option for keytabs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7406 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * void_assoc.c (ptyint_void_association): if we don't have
Mark Eichin [Sat, 27 Jan 1996 06:14:24 +0000 (06:14 +0000)]
* void_assoc.c (ptyint_void_association): if we don't have
TIOCNOTTY (HP/UX 9 for example) don't try to use it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7405 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * krb5.conf: use host:portnum in example files, not host,portnum
Mark Eichin [Sat, 27 Jan 1996 06:13:02 +0000 (06:13 +0000)]
* krb5.conf: use host:portnum in example files, not host,portnum

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7404 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kadmin.exp: use a longer password for kadmin_modify test to meet
Mark Eichin [Sat, 27 Jan 1996 06:11:33 +0000 (06:11 +0000)]
* kadmin.exp: use a longer password for kadmin_modify test to meet
password quality constraints.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7403 dc483132-0cff-0310-8789-dd5450dbe970

28 years agofix indentation
Mark Eichin [Sat, 27 Jan 1996 06:09:40 +0000 (06:09 +0000)]
fix indentation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7402 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * kuserok.c: use HAVE_SETEUID and HAVE_SETRESUID to figure out how
Mark Eichin [Sat, 27 Jan 1996 06:06:22 +0000 (06:06 +0000)]
* kuserok.c: use HAVE_SETEUID and HAVE_SETRESUID to figure out how
to emulate seteuid instead of assuming hpux.
* configure.in: test for seteuid as well; fold some tests into a
single AC_HAVE_FUNCS.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7401 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * t_kdb.c: wrap db_dbm decls and berkely_dispatch in ifdefs
Mark Eichin [Sat, 27 Jan 1996 06:03:26 +0000 (06:03 +0000)]
* t_kdb.c: wrap db_dbm decls and berkely_dispatch in ifdefs
BERK_DB_DBM.
(do_testing): wrap references as well.

* keytab.c (krb5_ktkdb_get_entry): use KRB5_PROTOTYPE.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7400 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * t_cksum.c (main): use proper old-style definition
Mark Eichin [Sat, 27 Jan 1996 05:57:22 +0000 (05:57 +0000)]
* t_cksum.c (main): use proper old-style definition

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7399 dc483132-0cff-0310-8789-dd5450dbe970