Tom Yu [Wed, 16 Jun 2004 01:48:46 +0000 (01:48 +0000)]
* kadm_rpc_svc.c (check_rpcsec_auth, gss_to_krb5_name): New
functions to check service name for RPCSEC_GSS.
(kadm_1): Add service name check for RPCSEC_GSS.
* ovsec_kadmd.c (main): Setup logging calllbacks for RPCSEC_GSS.
Use GSS_C_N_NAME for acceptor name for RPCSEC_GSS.
(log_badverf): Handle null client and server names.
* server_stubs.c (rqst2name): New function to return appropriate
gss_name_t for a given auth flavor (RPCSEC_GSS and AUTH_GSSAPI use
different field names).
Changes to the NSIS installer for Windows to support KFW 2.6.1
Adds kvno.exe, gss-client.exe, and gss-server.exe to the distribution
Increments the version number of the installer
* k5unseal.c: gss_krb5int_unseal_token_v3() takes a pointer to
krb5_context
* import_sec_context.c: krb5_gss_ser_init() contains a function
pointer table. this table must use pointers to functions of
type KRB5_CALLCONV.
On Windows, a single letter followed by colon is used to identify
a drive. Therefore, do not assume that finding a colon in a string
indicates that we have found a keytab prefix label unless the length
of the potential prefix is not equal to one.
* cc_mslsa.c:
In at least one case on Win2003 it appears that it is possible
for the logon session to be authenticated via NTLM and yet for
there to be Kerberos credentials obtained by the LSA on behalf
of the logged in user. Therefore, we are removing the test
for IsKerberosLogon() within krb5_lcc_resolve()
which was meant to avoid the need to perform GetMSTGT() when
there was no possibility of credentials being found.
Ken Raeburn [Sat, 3 Apr 2004 01:52:46 +0000 (01:52 +0000)]
* network.c (setup_a_tcp_listener): Try to turn the IPV6_V6ONLY socket option
on, not off, and do it before calling bind.
(setup_tcp_listener_ports): Don't do it here any more.
(setup_udp_port): Ignore AF_DLI addresses.
Jeffrey Altman [Wed, 31 Mar 2004 21:22:25 +0000 (21:22 +0000)]
Delay load the ADVAPI32.DLL and SECUR32.DLL libraries within KRB5_32.DLL
Then modify the MSLSA implementation to ensure that none of the APIs loaded
from those DLLs are executed on Windows platforms prior to Windows 2000.
This ensures that the DLLs will never be loaded enabling KRB5_32.DLL to
continue to be used on Windows 9x.
Ken Raeburn [Wed, 24 Mar 2004 01:42:54 +0000 (01:42 +0000)]
* aclocal.m4 (KRB5_LIB_AUX): Use default_shared and default_static from
shlib.conf to decide whether to build shared and static libraries by default.
Update messages to indicate shared libraries are the default for most platforms
now. Use AC_MSG_NOTICE and AC_MSG_WARN instead of AC_MSG_RESULT when there's
no "checking" message.
Ken Raeburn [Wed, 24 Mar 2004 01:12:15 +0000 (01:12 +0000)]
* aclocal.m4 (KRB5_AC_MAINTAINER_MODE, KRB5_AC_ENABLE_THREADS, KRB5_AC_INET6,
WITH_HESIOD, KRB5_LIB_AUX, KRB5_AC_CHOOSE_SS, KRB5_AC_CHOOSE_DB): Express
defaults more consistently with other configure output. Use AC_HELP_STRING.
Shorten up some messages, drop some options that are defaults and obvious
counterparts to other documented options.
* configure.in: Likewise.
Ken Raeburn [Mon, 22 Mar 2004 22:00:02 +0000 (22:00 +0000)]
* network.c (delete_fd): Free pointed-to data after removing it from the
connection set.
(kill_tcp_connection): Move delete_fd call to the end.
(accept_tcp_connection): Decrement connection counter again if we drop the
incoming connection for lack of buffer space.
Ken Raeburn [Sun, 21 Mar 2004 01:56:39 +0000 (01:56 +0000)]
One less kg_get_context call..
* ovsec_kadmd.c (main): Use any handy krb5 context to register the KDB keytab
type, we don't need to pluck it out of the GSSAPI krb5 mechanism.
(gctx): Variable deleted.
Ken Raeburn [Thu, 18 Mar 2004 03:07:22 +0000 (03:07 +0000)]
Thread-safe manipulation of registered error-table list
* error_message.c: Include k5-thread.h.
(_et_list): Now always static.
(et_list_lock): New mutex.
(error_message): Lock it while manipulating the table lists.
(add_error_table, remove_error_table): Likewise.
Ken Raeburn [Thu, 18 Mar 2004 02:55:48 +0000 (02:55 +0000)]
* ac-archive: New directory.
* ac-archive/README: New file.
* ac-archive/acx_pthread.m4: New file, data taken from autoconf macro archive
at sourceforge.
Ken Raeburn [Mon, 15 Mar 2004 17:45:01 +0000 (17:45 +0000)]
* k5seal.c (kg_seal): Extract the krb5 context from the security context
instead of requiring it be passed in as an argument.
* k5unseal.c (kg_unseal): Likewise.
* gssapiP_krb5.h (kg_seal, kg_unseal): Declarations updated.
* delete_sec_context.c, process_context_token.c, seal.c, sign.c, unseal.c,
verify.c: Callers changed.
* inq_context.c (krb5_gss_inquire_context): Use krb5 context contained in
security context instead of calling kg_get_context.
* wrap_size_limit.c (krb5_gss_wrap_size_limit): Likewise.
* import_sec_context.c (krb5_gss_ser_init): New function.
(krb5_gss_import_sec_context): Create a krb5 context locally to use for the
import.
* export_sec_context.c (krb5_gss_export_sec_context): Use the krb5 context in
the security context.
* gssapiP_krb5.h (krb5_gss_ser_init): Declare.
* gssapi_krb5.c (kg_get_context): Don't call krb5 serialization initialization
code here.
* accept_sec_context.c (krb5_gss_accept_sec_context): Free the new krb5 context
in an error case not caught before.
Ken Raeburn [Mon, 15 Mar 2004 02:05:11 +0000 (02:05 +0000)]
* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Add a krb5 context object.
* init_sec_context.c (krb5_gss_init_sec_context): Create a new krb5 context,
and store it in the security context if successful. If there's already a
security context, use the krb5 context in it.
* accept_sec_context.c (krb5_gss_accept_sec_context): Create a new krb5
context, and store it in the security context if successful.
* delete_sec_context.c (krb5_gss_delete_sec_context): If the security context
has a krb5 context, free it.
Ken Raeburn [Sun, 14 Mar 2004 08:14:51 +0000 (08:14 +0000)]
* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete fields init_token and
testing_unknown_tokid.
* init_sec_context.c (new_connection): Drop support (already inside "#if 0")
for them.
(krb5_gss_init_sec_context): Drop support for testing_unknown_tokid.
(mutual_auth): Don't let major_status be used uninitialized.
Ken Raeburn [Sun, 14 Mar 2004 07:08:40 +0000 (07:08 +0000)]
Add a mutex to protect the set manipulations
* gssapiP_generic.h: Include k5-thread.h.
(g_set): Add a mutex.
(G_SET_INIT): Initialize it.
* util_validate.c (g_save, g_validate, g_delete): Lock the mutex while working
on the set. (BDB version untested.)
Ken Raeburn [Sun, 14 Mar 2004 06:47:13 +0000 (06:47 +0000)]
Make the set type separate from the set-element (linked list node) type
* generic/gssapiP_generic.h (g_set): New struct type.
(G_SET_INIT): New macro.
* generic/util_validate.c (g_save, g_validate, g_delete): Change first argument
to take a g_set * rather than void **; use the address of the void pointer from
the structure.
(g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name,
g_validate_cred_id, g_validate_ctx_id, g_delete_name, g_delete_cred_id,
g_delete_ctx_id): Updated first argument type.
* genericgssapiP_generic.h: Declarations updated.
* krb5/gssapi_krb5.c (kg_vdb): Change type to g_set and initialize.
* krb5/gssapiP_krb5.h (kg_vdb): Declaration updated.
Ken Raeburn [Sun, 14 Mar 2004 04:27:08 +0000 (04:27 +0000)]
Change profile code over to new thread macros, and enable data sharing always
* prof_int.h: Include k5-thread.h. Don't include sys/types.h and pthread.h.
(SHARE_TREE_DATA): Always define.
(USE_PTHREADS): Don't define.
(prof_mutex_lock, prof_mutex_unlock): Deleted.
(struct global_shared_profile_data): Change mutex to use k5_mutex_t instead of
pthread_mutex_t.
(g_shared_trees_mutex): Don't conditionalize on USE_PTHREADS.
* prof_file.c (krb5int_profile_shared_data): Initialize mutex.
(profile_open_file, profile_dereference_data): Use new mutex macros. Check
return status when locking. Fix a potential memory leak in an error case.
Ken Raeburn [Mon, 8 Mar 2004 07:20:55 +0000 (07:20 +0000)]
Change subdir processing so that SUBDIRS will contain the configured
subdirs only for the makefile in the directory with the configure
script, and will have only $(LOCAL_SUBDIRS) elsewhere. Drop the use
of "MY_SUBDIRS=." to override SUBDIRS in favor of this way of keeping
SUBDIRS empty. Drop other uses of MY_SUBDIRS in favor of
LOCAL_SUBDIRS or (in one case, the top level) overriding the SUBDIRS
setting from pre.in.
One less thing to keep tweaking as configure scripts get reorganized
and merged.
Ken Raeburn [Mon, 8 Mar 2004 04:06:32 +0000 (04:06 +0000)]
* aclocal.m4 (AC_KRB5_TCL_FIND_CONFIG): Look for tclConfig.sh in
the specified directory if it's not in a "lib" subdirectory.
(AC_KRB5_TCL): If no pathname is supplied and tclConfig.sh isn't
found in /usr/lib, try running a script under tclsh to see if it
can supply the pathname for tclConfig.sh.
This allows the configure script to find /System/Library/Tcl/8.3/tclConfig.sh
on Jaguar.
Jeffrey Altman [Fri, 27 Feb 2004 05:24:39 +0000 (05:24 +0000)]
As discussed on the krbdev mailing list, krb5_get_init_creds_password()
suffered from a behavior in which it would unintentionally query a master
KDC twice if in fact the KDC queried when krb5int_sendto() was called
with use_master = 0 was in fact the master. This resulted in more than
an additional protocol operation. There were two negative side effects.
First, in the case of an incorrect password there would be two counts
against the max retry attempts. Second, in the case of hardware pre-auth
and an expired password, the user would be asked to enter their expired
password twice before being told it was expired.
This has been fixed by changing the use_master parameter into an in/out
parameter and modifying krb5int_sendto() to indicate which KDC it received
the response from. This allows the use_master parameter to be set to
indicate whether or not the response came from a master KDC regardless
of whether a master KDC was requested.
projects / thirdparty / krb5.git / log
