Tom Yu [Wed, 5 Feb 2003 03:57:22 +0000 (03:57 +0000)]
* prompter.c (krb5_prompter_posix): Rewrite to no longer use
longjmp(), as well as to get a non-buffered stdio stream on stdin
to avoid passwords staying around in stdio buffers. This does
have the side effect of possibly losing pre-buffered input from an
application that reads from stdin using stdio functions prior to
calling the prompter, but hopefully those are rare.
Tom Yu [Tue, 4 Feb 2003 03:48:55 +0000 (03:48 +0000)]
* login.c (dofork): Don't dissociate from controlling tty in the
parent, since the parent needs to remain the session leader so it
can tell when the tty gets hung up. Make the child wait for the
parent to set up a SIGHUP handler to ensure that cleanup happens
properly.
Ken Raeburn [Mon, 3 Feb 2003 22:09:09 +0000 (22:09 +0000)]
Build and link in AES crypto code (but don't define the enctype yet).
Build and link in PBKDF2 function.
Add ciphertext stealing tests.
Update various tests to correspond with IETF crypto draft.
* aes: New directory, containing AES implementation from Brian Gladstone,
tweaked a little for the krb5 build system.
* configure.in: Build its makefile.
* Makefile.in (LOCAL_SUBDIRS, LOCALINCLUDES, STOBJLISTS, SUBDIROBJLISTS): Add
aes entries.
* t_cts.c: New test file.
* Makefile.in (EXTRADEPSRCS): Add t_cts.
(t_cts$(EXEEXT)): New rule.
* t_nfold.c (fold_kerberos): New function.
(main): Call it with different lengths.
* vectors.c: Include ctype.h and hash_provider.h.
(test_nfold, test_mit_des_s2k, test_s2k, test_dr_dk): Test case data now static
and const.
(test_nfold): Add "Q" and "ba" tests from Simon Josefsson.
(GCLEF): New macro.
(test_mit_des_s2k): Add GCLEF test case. Fill in "key" at run time, not as
initialization.
(test_s2k): Added GCLEF test case.
(krb5int_enc_aes128, krb5int_enc_aes256): Declare.
(combine_keys, test_des3_combine, k5_des3_make_key): Functions deleted.
(whoami): New variable.
(printd, printk): New functions.
(test_pbkdf2): New function.
(main): Initialize whoami. Test nfold only for now.
Ken Raeburn [Thu, 23 Jan 2003 17:42:46 +0000 (17:42 +0000)]
* default.exp (start_kerberos_daemons): Record more information when "tail -f"
doesn't show the mark written to the log file. Look for and discard
non-matching lines.
(setup_root_shell): Ignore the message displayed by rlogin when a connection is
refused to one address but other addresses are available.
Sam Hartman [Tue, 21 Jan 2003 19:02:58 +0000 (19:02 +0000)]
Timestamp preauth should return clock skew errors
When the user supplies the correct password, but has a timestamp that
is out of bounds, the server should reply with a clock skew error
rather than a preauth required error.
Ken Raeburn [Fri, 17 Jan 2003 23:28:59 +0000 (23:28 +0000)]
Use new target create-ehdrdir, defined differently for UNIX and WIN32, to
conditionally create the target directory $(EHDRDIR) if needed, before copying
files into it.
Ken Raeburn [Fri, 17 Jan 2003 18:46:15 +0000 (18:46 +0000)]
* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on includes-unix, to make sure
the directory is created before installation of the file.
($(EHDRDIR)$(S)gssapi_generic.h): Likewise.
Ken Raeburn [Wed, 15 Jan 2003 23:52:04 +0000 (23:52 +0000)]
* sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to KRB4_32; don't
cast it to pointer to unsigned long. Change ld.so warning message check to be
byte-order independent.
* krb4int.h (krb_net_rd_sendauth): Decl updated.
Ken Raeburn [Wed, 15 Jan 2003 03:31:47 +0000 (03:31 +0000)]
Use "standard" error table processing rules
* Makefile.in (krb_err.et, kadm_err.et): New intermediate targets; copy files
from lib/krb4.
(krb_err.h, kadm_err.h): Delete actions, use patterns in pre.in.
(clean-unix): Delete these generated files.
Ken Raeburn [Fri, 10 Jan 2003 05:55:49 +0000 (05:55 +0000)]
Use markers in Makefile.in rather than rules in configure.in to indicate when
to use the lib.in and libobj.in makefile fragments. Pushing this per-directory
info into Makefile.in will make it a little easier to work on combining
configure scripts for multiple directories.
Ken Raeburn [Thu, 9 Jan 2003 23:55:06 +0000 (23:55 +0000)]
AIX 4.3.3 getaddrinfo() is broken in a slightly different way than I thought
* fake-addrinfo.h (getaddrinfo) [_AIX]: Always overwrite sa_family and sa_len
fields, since sa_family at least may be non-zero *and* wrong.
(protoname, socktypename, familyname, debug_dump_getaddrinfo_args,
debug_dump_error, debug_dump_error, debug_dump_addrinfos) [DEBUG_ADDRINFO]: New
debugging functions.
(fake_getaddrinfo, getaddrinfo) [DEBUG_ADDRINFO]: Use them.
Sam Hartman [Thu, 9 Jan 2003 21:12:34 +0000 (21:12 +0000)]
Between the 1.1 and 1.2 releases of Kerberos, the gss-sample protocol
changed. People seem to use this sample for interop testing, so
support for the old protocol is needed.
This commit adds a -v1 flag to the gss-client that will use the old
protocol.
The server does not yet support the old protocol, so the ticket remains open.
Ken Raeburn [Thu, 9 Jan 2003 00:17:27 +0000 (00:17 +0000)]
Support \r as additional line separator on Mac OS X
* prof_parse.c (profile_parse_file) [PROFILE_SUPPORTS_FOREIGN_NEWLINES]: Look
for \r and treat it as a line break.
* prof_int.h: Don't include prof_err.h.
(PROFILE_SUPPORTS_FOREIGN_NEWLINES) [macintosh]: Define new macro.
Sam Hartman [Wed, 8 Jan 2003 23:49:33 +0000 (23:49 +0000)]
Previously fwd_tgt_creds required either that the hostname be passed
in or that the principal be a host-based service. This means you
cannot for example forward tickets to a GSSAPI user-based service.
The requirement to get the hostname is only needed in cases where
addressless tickets are not used. So when addressless tickets are
used, do not require the hostname.
Sam Hartman [Wed, 8 Jan 2003 02:20:42 +0000 (02:20 +0000)]
For new encryption types and for RC4, encrypt the krb_cred message in
the initial gssapi token if credentials are being delegated. For
consistency with Microsoft, we encrypt the credentials using the
session key not the subsession key.
Sam Hartman [Mon, 6 Jan 2003 22:51:16 +0000 (22:51 +0000)]
Implement krb5_auth_con_set_checksum_func, an API for setting a
callback to specify the data to be checksummed by krb5_mk_req after
the auth_context has been set up. Mainly useful for GSSAPI.
Sam Hartman [Sun, 5 Jan 2003 23:28:05 +0000 (23:28 +0000)]
Only system headers should declare errno
Many parts of krb5 declare errno in source files using extern int
errno. This has not been needed in ANSI C for a long time,
and actively breaks modern versions of glibc.
So these declarations are removed and errno.h included where necessary.
Ken Raeburn [Wed, 1 Jan 2003 10:13:20 +0000 (10:13 +0000)]
Add IPv6 support to rshd test/debug code:
* compat_recv.c: Include sys/select.h and port-sockets.h.
(krb5_compat_recvauth_version): Only attempt krb4 authentication if the source
address is an IPv4 one.
(accept_a_connection): New function, derived from old krshd.c. Listen on IPv6
as well as IPv4, if possible.
* krshd.c (main): Call accept_a_connection. Change fromlen to a socklen_t.
(doit): Initialize s. Change length passed to getsockname to a socklen_t.
(recvauth): Change len to socklen_t. Cast peer IPv4 address before calling
krb5_compat_recvauth_version.
* defines.h: Include port-sockets.h.
(accept_a_connection): Declare.
Ken Raeburn [Tue, 31 Dec 2002 09:21:12 +0000 (09:21 +0000)]
Merge some Mac-specific changes from meeroh's branch:
* profile.hin: Don't test MACINTOSH any more. On Mac OS X, include
TargetConditionals.h, set some pragmas, define COPY_RESOURCE_FORK, and error
out if TARGET_RT_MAC_CFM is defined; don't set the old m68k CFM pragmas.
Always use PROFILE_USES_PATHS code, don't test or define it.
(FSp_profile_init, FSp_profile_init_path): Declare, on Mac OS X.
* prof_int.h (NO_SYS_TYPES_H, NO_SYS_STAT_H) [macintosh]: Don't define these.
* prof_file.c: Always inclued sys/types.h and sys/stat.h.
(GetMacOSTempFilespec): Deleted.
(profile_flush_file_data) [COPY_RESOURCE_FORK]: Copy Mac resource fork from old
file to new before renaming.
(rw_access, profile_update_file_data, profile_flush_file_data,
profile_free_file_data): Assume PROFILE_USES_PATHS, don't test.
* prof_init.c (profile_ser_size, profile_ser_externalize,
profile_ser_internalize): Likewise.
(FSp_profile_init, FSp_profile_init_path): Define, on MacOS X.
* profile.exp: Add FSp_* functions.
* prof_file.c (r_access): New function.
(profile_open_file): Use it.
Ken Raeburn [Mon, 30 Dec 2002 19:46:21 +0000 (19:46 +0000)]
* gss-misc.c (send_token, recv_token): Open-code the math to send and receive
the length as four bytes in network order, rather than using the first four
bytes of a size_t.
Ezra Peisach [Mon, 23 Dec 2002 17:53:01 +0000 (17:53 +0000)]
* authorization.c, heuristic.c, ksu.h: Use uid_t instead of int in
arguments to fowner() and get_best_princ_for_target(). Signed
vs. unsigned int cleanup.
Ken Raeburn [Sat, 21 Dec 2002 04:28:06 +0000 (04:28 +0000)]
* prof_int.h: Define USE_PTHREADS and include pthread.h if on MacOS X.
(struct global_shared_profile_data) [USE_PTHREADS]: Add a mutex.
(g_shared_trees_mutex) [USE_PTHREADS]: New macro, references the global mutex.
(prof_mutex_lock, prof_mutex_unlock) [SHARE_TREE_DATA]: Define to use pthread
functions or do nothing.
(profile_free_file_data): Delete declaration.
(profile_dereference_data): Declare.
* prof_file.c (profile_free_file_data): Now static.
(profile_open_file, profile_dereference_data) [SHARE_TREE_DATA]: Grab lock
while manipulating global data list or its contents.
Ken Raeburn [Fri, 20 Dec 2002 22:38:04 +0000 (22:38 +0000)]
Merge in data tree sharing, minus locking support, plus a bugfix or two
* prof_int.h (SHARE_TREE_DATA): Define.
(struct _prf_file_t) [SHARE_TREE_DATA]: Make data field a pointer rather than
an array.
(struct global_shared_profile_data): New type, for profile library global
data.
(krb5int_profile_shared_data): Declare new variable.
(g_shared_trees): New macro, refers to a field in the global data.
(PROFILE_FILE_SHARED): New flag macro.
* prof_file.c (krb5int_profile_shared_data): Initialize here.
(profile_open_file) [SHARE_TREE_DATA]: Scan g_shared_trees for an entry with
the same filename. If found, increment its reference count, update it, and
return it; otherwise, allocate a new one, and add it to the list after filling
it in.
(profile_dereference_data): New function. Decrement reference count if
SHARE_TREE_DATA, and free the data if appropriate.
(profile_free_file): Call profile_dereference_data.
(profile_free_file_data) [SHARE_TREE_DATA]: If the SHARED flag is set, remove
it from the g_shared_trees list before freeing. Free up the allocated space.
* prof_set.c (rw_setup) [SHARE_TREE_DATA]: If the object's data is shared, copy
it into a new data structure not in the global shared list, and dereference the
old one.