Ken Raeburn [Wed, 16 Feb 2000 18:29:50 +0000 (18:29 +0000)]
* preauth2.c (pa_sam): In send-encrypted-sad mode, check for magic salt length
and generate a salt from the principal name if found; use the password and salt
to generate a key. Provide timestamp if nonce is zero, regardless of preauth
mode. (Patch from Chas Williams.)
Ken Raeburn [Wed, 16 Feb 2000 08:35:46 +0000 (08:35 +0000)]
* localaddr.c (krb5_os_localaddr): Dynamically grow buffer used for SIOCGIFCONF
until it appears to have been big enough. Dynamically grow internal address
pointer array as needed.
Tom Yu [Tue, 15 Feb 2000 05:12:30 +0000 (05:12 +0000)]
* svc.c (xprt_register): Zero out xports after allocating
* auth_gssapi_misc.c (xdr_authgssapi_creds):
(xdr_authgssapi_init_arg):
(xdr_authgssapi_init_res):
(auth_gssapi_unwrap_data): If xdr_gss_buf or xdr_bytes fails, call
again with XDR_FREE set so that allocated memory doesn't leak.
Tom Yu [Mon, 14 Feb 2000 00:07:10 +0000 (00:07 +0000)]
Add client-side stubs and functions with additional capabilities to
take key_salt_tuples and optionally keep old keys around. Add
server-side functionality for setkey with key_salt_tuple and "keepold"
functionality. Update rpc stubs and xdr functions/headers
appropriately.
Tom Yu [Tue, 8 Feb 2000 05:28:12 +0000 (05:28 +0000)]
* api.1/lock.exp: Since a "wait" directive to the command list of
the lock_test procedures does not wait for any synchronization,
change lock9 to acquire and release a lock before the "wait"
directive in order to avoid a race condition where lock9 spawns
the ./lock-test but the program has not opened the database prior
to lock9_1 acquiring a permanent lock. This was causing
difficult-to-reproduce failures.
Tom Yu [Mon, 7 Feb 2000 23:51:13 +0000 (23:51 +0000)]
* config/unix.exp: Call send_error instead of fail to prevent
referencing variables not yet set up by the test framework.
* lib/helpers.exp: Call kinit and kdestroy with the -5 flag to
deal with new program behavior. Also call perror rather than
error to avoid spewing a stack trace.
Ken Raeburn [Mon, 7 Feb 2000 10:32:45 +0000 (10:32 +0000)]
* gic_pwd.c (krb5_get_as_key_password): If the as_key enctype is already set to
the correct type, do continue and ask for the password anyways. (Patch from
Chas Williams, PR krb5-libs/730.)
* preauth2.c (pa_sam): If no sam_flags were set, return KRB5_PREAUTH_BAD_TYPE,
because we don't currently handle that case.
* preauth2.c (pa_sam): Remove unused variable use_sam_key.
(SAMDATA): Cast first result to int, which is what sprintf needs.
(pa_salt): Delete unused variable ret.
Ken Raeburn [Mon, 7 Feb 2000 10:22:58 +0000 (10:22 +0000)]
* kdc_preauth.c (get_preauth_hint_list): Log a message if preauth is required
but no preauth types are available.
(return_sam_data): Fix typo in figuring length of data to XOR when merging
keys.
Ken Raeburn [Mon, 7 Feb 2000 04:15:58 +0000 (04:15 +0000)]
Frank Cusack's patches, first two sets. Should be no incompatible changes,
except perhaps for a client talking to both a new and old KDC? Several
improvements to guard against replay attacks when hardware preauth is in use,
though they require re-enabling the USE_RCACHE code, which I haven't done yet.
Several changes of mine for silencing a few compiler warnings, and adding some
debugging log messages while I track what's going on with the preauth code.
Ken Raeburn [Mon, 7 Feb 2000 00:18:02 +0000 (00:18 +0000)]
Frank Cusack changes, set 1, diffs 1-3 of 4
Rename "sam_passcode" field to "sam_sad". Add data to predicted-sam-response
structure, in part to (prepare to) help with replay detection.
Fix some memory allocation problems.
Danilo Almeida [Fri, 4 Feb 2000 21:26:02 +0000 (21:26 +0000)]
* kinit.c: Major revamp to support Kerberos 4 compatibility. Code
restructured to allow changes to support Kerberos 4 or Kerberos 5
only operation depending on whether dynamic libraries are
avialable. Explicit documentation and support files to make it
easy to do this will be forthcoming.
* Makefile.in: On Windows, use getopt.lib instead of getopt.obj,
and add support for getopt_long.
Danilo Almeida [Fri, 4 Feb 2000 21:24:18 +0000 (21:24 +0000)]
* klist.c: Major revamp to support Kerberos 4 compatibility. Code
restructured to allow changes to support Kerberos 4 or Kerberos 5
only operation depending on whether dynamic libraries are
avialable. Explicit documentation and support files to make it
easy to do this will be forthcoming.
Danilo Almeida [Fri, 4 Feb 2000 21:23:59 +0000 (21:23 +0000)]
* kdestroy.c: Major revamp to support Kerberos 4 compatibility. Code
restructured to allow changes to support Kerberos 4 or Kerberos 5
only operation depending on whether dynamic libraries are
avialable. Explicit documentation and support files to make it
easy to do this will be forthcoming.
Danilo Almeida [Fri, 4 Feb 2000 20:14:56 +0000 (20:14 +0000)]
* getopt.c, getopt_long.c, getopt.h: Update to latest BSD code
found (from NetBSD).
* Makefile.in: Build getopt.lib which includes getopt.obj and
getopt_long.obj.
Danilo Almeida [Tue, 1 Feb 2000 20:49:25 +0000 (20:49 +0000)]
* gss-client.c, gss-server.c, gss-misc.c: Include Windows headers
instead of Unix headers under Windows.
* gss-server.c (usage): Fix usage info to reflect that service_name is
required.
* gss-misc.c (read_all, write_all): Change write to send and read
to recv for portability.
(gettimeofday): Add an implementation of gettimeofday() for
Windows.
Ezra Peisach [Sat, 29 Jan 2000 00:56:34 +0000 (00:56 +0000)]
* kts_g_ent.c, ktsrvtab.h (krb5_ktsrvtab_get_entry): Change the
third argument to krb5_const_principal (from krb5_principal) to
agree with krb5_kts_ops entries.
Ken Raeburn [Thu, 27 Jan 2000 22:02:58 +0000 (22:02 +0000)]
Don't use obsolete autoconf macros. Fix up output formatting a little.
Rewrote tcl config handling to extract info from installed tclConfig.sh.
Configure-time option to control IPv6 configuration.
Configure-time option to enable DNS lookups.
Ken Raeburn [Thu, 27 Jan 2000 00:56:27 +0000 (00:56 +0000)]
* k5-int.h [!NEED_SOCKETS]: Declare (but do not define) struct sockaddr if
SOCK_DGRAM hasn't been defined yet.
(krb5_locate_srv_conf, krb5_locate_srv_dns): Declare.
(struct krb5_keytypes, struct krb5_cksumtypes): enc, hash, and keyhash provider
structures pointed to are now const.
Ken Raeburn [Sat, 22 Jan 2000 03:49:56 +0000 (03:49 +0000)]
Various changes to:
* make most non-changing data const
* silence "gcc -Wall -Werror" complaints on sparc-solaris2.6
** delete unused functions and variables
** change if(a=b) ... to if((a=b)) or if((a=b)!=0) [yeah, kinda gratuitous]
** insert extra braces for 2-D arrays
* some basic thread safety checks
Not changing afsstring2key.c until I make sure I've got some tests for it.
Currently, prng.c and afsstring2key.c, at least, still aren't thread-safe.
Danilo Almeida [Sat, 4 Dec 1999 03:26:01 +0000 (03:26 +0000)]
Make Windows Makefile target creation atomic.
Build clients/kvno for Windows. Also pull from 1.1 branch: Add
install target for windows. Remove references to unused mit
directory.
projects / thirdparty / krb5.git / log
