Ezra Peisach [Tue, 17 Oct 2000 23:02:10 +0000 (23:02 +0000)]
* admin.h (KADM5_PW_FIRST_PROMPT): Get rid of casts from
error_message to char * - leave them as const char *.
(kadm5_chpass_principal_util): Argument msg_len is unsigned int.
* admin_internal.h (_kadm5_chpass_principal_util): msg_len is
unsigned int.
* chpass_util.c (_kadm5_chpass_principal_util): Change msg_len to
unsigned int. Arhument to krb5_read_password is unsigned int.
Ezra Peisach [Tue, 17 Oct 2000 23:01:33 +0000 (23:01 +0000)]
* changepw.c: Cast length argument to recvfrom/sendto to int
* os-proto.h: Moved extern definition of krb5_max_dgram_size,
krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
krb5_skdc_timeout_1 here.
* accessor.c: Definition for krb5_max_dgram_size,
krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
krb5_skdc_timeout_1 moved to os-proto.h
* osconfig.c: Changed definition for krb5_max_dgram_size,
krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
krb5_skdc_timeout_1 to unsigned int.
* get_krbhst.c, init_os_context.c, locate_kdc.c, prompter.c:
Unsigned/signed int cleanup.
* read_pwd.c (krb5_read_password): Change size_return to unsigned
int *.
* sendto_kdc.c: Remove definition for krb5_max_dgram_size,
krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
krb5_skdc_timeout_1. (moved to os-proto.h). Cast arguments to int
for send() and recv().
Ezra Peisach [Tue, 17 Oct 2000 22:59:50 +0000 (22:59 +0000)]
* asn1buf.h: Lengths are now unsigned int for
asn1buf_ensure_space(), asn1buf_expand(), asn1buf_imbed(),
asn1buf_sync(), asn1buf_insert_octetstring(),
asn1buf_insert_charstring(), asn1_remove_octetstring(),
asn1buf_remove_charstring(),
* krb5_decode.c, krb5_encode.c: Length fields are unsigned ints.
* asn1_make.c, asn1_make.h: Prototypes changed to use an unsigned
int * in_len and retlen for: asn1_make_etag(), asn1_make_tag(),
asn1_make_sequence(), asn1_make_set(), asn1_make_string(),
asn1_make_length(), asn1_make_id().
* asn1_k_encode.h, asn1_k_encode.c: Change length fields to
unsigned ints for all functions.
(asn1_encode_etype_info_entry): Test for KRB5_ETYPE_NO_SALT
instead of -1.
* asn1_k_decode.c (asn1_decode_etype_info_entry): Use a length of
KRB5_ETYPE_NO_SALT to indicate the optional salt not being
present. (instead of -1).
(setup): Length is now unsigned int.
* asn1_get.c, asn1_get.h: Change retlent to unsigned int * for
asn1_get_tag(), asn1_get_tag_indef(), asn1_get_sequence,
asn1_get_length().
* asn1_encode.c, asn1_encode.h: Change retlen to unsigned int *
for asn1_encode_integer(), asn1_encode_unsigned_integer(),
asn1_encode_octetstring(), asn1_encode_charstring(),
asn1_encode_printable_string(), asn1_encode_ia5string(),
asn1_encode_generaltime(), asn1_encode_generalstring()
* asn1_decode.c, asn1_decode.h: Change retlen to unsigned int *
for asn1_decode_octetstring(), asn1_decode_generalstring(),
asn1_decode_charstring(),
Ezra Peisach [Tue, 17 Oct 2000 22:57:34 +0000 (22:57 +0000)]
* des_int.h: Change prototypes for mit_des_cbc_encrypt(),
mit_des_cbc_cksum(), and mit_des3_cbc_encrypt() to take unsigned
long lengths.
* d3_cbc.c (mit_des3_cbc_encrypt): Length argument now takes an
unsigned long.
* f_cbc.c (mit_des_cbc_encrypt): Length argument now takes an
unsigned long.
* f_cksum.c (mit_des_cbc_cksum): Length argument now takes an
unsigned long.
* string2key.c: Unsigned/signed int cleanup. Test for a
salt-length of SALT_TYPE_AFS_LENGTH or -1 (for backwards
compatibilty) for use of mit_afs_string_to_key().
Ezra Peisach [Tue, 17 Oct 2000 22:57:05 +0000 (22:57 +0000)]
* k5-int.h: krb5_alt_method, krb5_etype_info_entry length fields
changed to unsigned int. KRB5_ETYPE_NO_LENGTH defined. Change
prototype decode_krb5_sam_key to decode_krb5_enc_sam_key which is
what the code says.
krb5int_access - change timeouts, shifts, etc to unsigned ints.
* krb5.hin: krb5_data, krb5_address, krb5_keyblock, krb5_checksum,
krb5_authdata, and krb5_pa_data length fields changed to unsigned
int. krb5_kt_get_name(), krb5_unparse_name_ext(),
krb5_build_principal(), krb5_build_principal_ext(),
krb5_build_principal_va() and krb5_read_password() all take or
return unsigned int lengths.
* port-sockets.h (SOCKET): Under unix, a socket is of type int.
Tom Yu [Tue, 17 Oct 2000 03:14:56 +0000 (03:14 +0000)]
* kdb5_util.M: Update manpage
* kdb5_util.c (usage): Update usage message.
* dumpv4.c (dump_v4_iterator): Add logic to deal with long
lifetimes, as well as optionally using short lifetimes.
* loadv4.c (load_v4db): Add logic to deal with long lifetimes, as
well as optionally using short lifetimes.
* kadm5_create.c (kadm5_create_magic_princs): Add calls to
krb5_klog_init() and krb5_klog_close() to avoid coredumping if
kadm5_init() calls krb5_klog_syslog().
Ezra Peisach [Thu, 12 Oct 2000 18:58:26 +0000 (18:58 +0000)]
* lock-test.c (main): Cleanup assignments in conditionals. If
USE_KADM5_API_VERSION is 1, set to 2. This program uses the V2 api
(kadm5_get_config_params).
* setkey-test.c: Declare main() as int. Enclose initialization of
elements of arrays in '{', '}'. Use krb5_enctype type instead of
unsigned int. Break out assignments in conditionals.
* destroy-test.c, handle-test.c, init-test.c, iter-test.c,
randkey-test.c: Declare main() as int.
Ezra Peisach [Thu, 12 Oct 2000 16:07:46 +0000 (16:07 +0000)]
* default.exp: Add dict_file entry (and create one) for kdc.conf
Since the warning message about missing dictionary is now going to the
proper place (instead of simply syslogging), the logic to detect kadmind
startup is getting confused by the warning message of a dictionary not being in
place.
Ezra Peisach [Tue, 10 Oct 2000 09:00:59 +0000 (09:00 +0000)]
* kcmd.c (kcmd): Use krb5_set_principal_realm() instead of freeing the
principals realm data and mucking with it ourselves.
This way, we do not free memory allocated by the krb5 library with
a possibly incorrect free, and we do not allocate memory
for a krb5 structure which might be released by the krb5 library.
Tom Yu [Sat, 7 Oct 2000 02:31:21 +0000 (02:31 +0000)]
* kerberos_v4.c (kerb_get_principal): Modify to take a pointer to
a krb5_deltat in order to return the life in seconds. Also, use
time_to_life() to compute krb4 life.
(check_princ): Modify to pass a pointer to a krb5_deltat to
kerb_get_principal().
(set_tgtkey): Update for new kerb_get_principal() call signature.
(kerberos_v4): Update for new check_princ() call signature.
Modify lifetime computations to use lifetimes in seconds.
Back-date issue time if necessary.
Tom Yu [Sat, 7 Oct 2000 02:25:24 +0000 (02:25 +0000)]
* conv_creds.c (krb524_convert_creds_plain): Use time_to_life()
and life_to_time() to do lifetime calculations, including the
adjustment of start time, to match server-side calculations.
* cnv_tkt_skey.c (krb524_convert_tkt_skey): Use time_to_life() and
life_to_time() to do lifetime calculations. Adjust start time
backwards to deal with roundup so ticket expires at correct time.
Ezra Peisach [Wed, 4 Oct 2000 20:12:47 +0000 (20:12 +0000)]
* accept_sec_context.c (krb5_gss_accept_sec_context): If an error
occurs after the auth_context is established, but before the
krb5_gss_ctx_id_rec is established, release our pointer to the
replay cache and invoke krb5_auth_con_free(). (krb5-libs/855)
Tom Yu [Wed, 27 Sep 2000 03:54:33 +0000 (03:54 +0000)]
* asn1_get.c (asn1_get_tag_indef): Fix to not deref random garbage
while checking for EOC encoding. At least the indefinite decoding
breaks consistently now.
* conv_princ.c (krb5_425_conv_principal): Call profile_free_list
on v4realms during the iteration loop. Do not call
profile_release_string with a NULL pointer.
* krb5_decode_test.c (decode_run): If the ASN1 decoder returns an
error, add one to the error count so there will be a non-zero
exit. Sometimes, the decoded structure is complete enoght to pass
the test, even with an ASN.1 error - which can easilly get missed
in the output run.
The indefinite lengths encryption key test (w/ trailing [2] integer)
fails under linux and SGI - but works on other platforms - probably
due to luck stack problems.
* accept_sec_context.c (krb5_gss_accept_sec_context): When
GCC_S_NO_CHANNEL_BINDINGS is set by the server, skip over the
bindings sent from the client. RFC-1964 indicates that the
client's channel bindings are always sent in checksum field and
need to be accounted for, evn if the server does not care.
* kdb_xdr.c (krb5_dbe_free_contents): Clean up signedness warning
* fetch_mkey.c (krb5_db_fetch_mkey): Clean up signedness warnings.
* kdb_db2.c (destroy_file_suffix): Declare function as
static. Rewrite code to use off_t and unsigned ints to handle gcc
warnings. (kdb5_context_internalize) Unmarshal boolean type properly.
* store_mkey.c (krb5_db_store_mkey): Use mode_t instead of int in
call to umask.
* configure.in: Add AC_TYPE_MODE_T and AC_TYPE_OFF_T for mode_t
and off_t declarations.
Ken Raeburn [Sat, 9 Sep 2000 00:18:20 +0000 (00:18 +0000)]
* Makefile.in (DEFINES): Define HEIMDAL_FRIENDLY.
* krlogind.c (recvauth): Don't complain about a subkey sent for KCMDV0.1 if
HEIMDAL_FRIENDLY is defined, just quietly ignore it.
* krshd.c (recvauth): Likewise.
* accept_sec_context.c: krb5_gss_accept_sec_context()
It has been determined by Martin Rex that Windows 2000 is incapable
of supporting channel bindings. This caused us to examine the
various RFCs affecting FTP GSSAPI to determine whether or not
channel bindings were a MUST for implementation of the FTP GSSAPI
protocol. It was determined that the channel binding facility as
described in RFC2743 is optional. Therefore, we cannot assume
that all clients or servers will support it. The code was updated
to allow GSS_C_NO_CHANNEL_BINDINGS when specified by either the
client or server to indicate that channel bindings will not be
used.
Tom Yu [Fri, 1 Sep 2000 01:43:50 +0000 (01:43 +0000)]
* Makefile.in(OBJS, SRCS): Add lifetime.{o,c}
* lifetime.c: New file. For the purposes of CMU and AFS
compatibility, this implements the exponential krb4 ticket
lifetimes for lifetime values above 127, in the krb_life_to_time()
and krb_time_to_life() functions. Values 127 and below are still
treated normally.
Jeffrey Altman [Thu, 31 Aug 2000 07:49:09 +0000 (07:49 +0000)]
2000-08-31 Jeffrey Altman <jaltman@columbia.edu>
* locate_kdc.c: krb5_locate_srv_dns()
Ensure that res_search() is called with a query string
that is terminated by a '.' in order to disable the
expansion of dns-search lists.
Jeffrey Altman [Thu, 31 Aug 2000 07:47:04 +0000 (07:47 +0000)]
2000-08-31 Jeffrey Altman <jaltman@columbia.edu>
* locate_kdc.c: krb5_locate_srv_dns()
Ensure that res_search() is called with a query string
that is terminated by a '.' in order to disable the
expansion of dns-search lists.
Tom Yu [Thu, 31 Aug 2000 02:36:40 +0000 (02:36 +0000)]
* aclocal.m4 (LIBLINKS): Fix appending of $EXTRA_LIB_TARGETS to
LIBLINKS; previously it was setting LIBLINKS to include $LIBLIST
instead, which is Just Wrong.
Ken Raeburn [Wed, 30 Aug 2000 23:06:55 +0000 (23:06 +0000)]
* lib.in (EXTRA_CLEAN_TARGETS, EXTRA_CLEAN_LINKS): New variables.
(clean-libs, clean-liblinks): Depend on targets specified in those variables.
(config.status): Depend on shlib.conf.
(all-framework, link-framework, clean-framework, clean-framework-link,
install-framework): New targets, details to be filled in later.
* pre.in (KRB5_LIB_libopt): Renamed from KDB5_LIB.
(KRB5_LIB_frameworkopt): Tentative framework version for Mac OS X, details to
be tuned later.
(KRB5_LIB): Select between them using @LIB_LINK_OPT@.
(KRB5CRYPTO_LIB*, COM_ERR_LIB*, GSS_KRB5_LIB*): Similarly.
(KRB5_BASE_LIBS, GSS_LIBS): Use them.
(KRB4COMPAT_LIBS): Use KRB5_BASE_LIBS.
* shlib.conf: Set LIB_LINK_OPT. Set new EXTRA_* variables for darwin target.
Ken Raeburn [Wed, 30 Aug 2000 23:06:01 +0000 (23:06 +0000)]
* aclocal.m4 (KRB5_LIB_AUX): Fold in values of EXTRA_LIB_TARGETS,
EXTRA_LIBLINK_TARGETS, EXTRA_LIBINST_TARGETS set in shlib.conf. Substitute
EXTRA_CLEAN_TARGETS and EXTRA_CLEAN_LINKS.
(KRB5_LIB_PARAMS): Substitute LIB_LINK_OPT.
Ken Raeburn [Tue, 29 Aug 2000 22:36:45 +0000 (22:36 +0000)]
* get_creds.c (krb5_get_credentials_core): If the supplied enctype is not
supported, return an error; can't satisfy both TC_SUPPORTED_KTYPES and
TC_MATCH_KTYPE that way. Delete unused arguments CCACHE and OUT_CREDS; fix
callers.
renamed getmode() and setmode() to get_mode() and set_mode() to avoid a collision with Mac OS X file permission bits manipulation functions of the same name which get included through unistd.h
Tom Yu [Sat, 26 Aug 2000 01:30:04 +0000 (01:30 +0000)]
* ftpcmd.y: Fix up grammar so that single character token names
are no longer used; this was breaking the build using bison on
HP/UX because some system headers declare structures with members
having all-uppercase field names and bison puts the token name
#define statements in front of the C declarations section in the
output, causing them to be in force while those headers get
#included. There doesn't seem to be much purpose in not just
using character constants, anyway.
Ken Raeburn [Wed, 23 Aug 2000 22:57:08 +0000 (22:57 +0000)]
* main.c (initialize_realms): For "cannot initialize realm" messages, tell the
user to check the log file. Print out an error message as well as logging it
if retrieving the default realm name fails.
* kerberos_v4.c (kerberos_v4): Mask requested-life byte value with 0xff to
avoid sign-extension problems.
Ezra Peisach [Tue, 22 Aug 2000 21:12:32 +0000 (21:12 +0000)]
* secure.h (myaddr): For secure data stream, pass the port number
of the data stream and not the control stream to krb_mk_priv.
This would result in the occasional time out of bounds error when ftping
to the same machine. (mk_priv and rd_priv have some amusing
negating of timestamps depending on address and port of sockets).
Ezra Peisach [Tue, 22 Aug 2000 15:42:56 +0000 (15:42 +0000)]
* default.exp: Create a properly formatted krb.conf file. Also
provide a krb4_srvtab stanza (even though we are falling back on
the keytab file) so the tests do not try to access an installed
systems /etc/srvtab file.
Ezra Peisach [Tue, 22 Aug 2000 15:38:59 +0000 (15:38 +0000)]
* ftpd.c (auth_data): Iterate over all krb4 services instead of
trying to examine the srvtab file for a particular key (which
failes when falling back on the v5 keytab for des3 services).