Greg Hudson [Thu, 18 Dec 2008 19:28:23 +0000 (19:28 +0000)]
Remove documentation references to krb4 functionality we no longer
have. Remove the krb425 transition guide since we no longer have
compatibility code to assist with a transition.
Greg Hudson [Thu, 18 Dec 2008 18:31:16 +0000 (18:31 +0000)]
Remove krb524, lib/des425, lib/krb4, and include/kerberosIV.
Remove krb4 build system references and conditionals.
Move des425 header stuff referenced by des_int.h into des_int.h.
Remove krb4 test cases.
Ezra Peisach [Wed, 17 Dec 2008 03:42:12 +0000 (03:42 +0000)]
Move prototypes needed in multiple files to misc.h instead of
declaring extern in each .c file. This will ensure that definitions
are consistent. Moved prototypes include: load_badauth,
setup_gss_names, krb5_iprop_prog_1, kiprop_get_adm_host_srv_name.
Greg Hudson [Mon, 15 Dec 2008 20:29:01 +0000 (20:29 +0000)]
Remove krb4 support in the applications. login's ability to run aklog
has been preserved and made unconditional on krb4 support, since aklog
can now do krb5 auth. The config variable is now named krb_run_aklog
(as it was sometimes documented), not krb4_run_aklog as it previously
was.
Greg Hudson [Mon, 15 Dec 2008 19:37:51 +0000 (19:37 +0000)]
Remove krb4 support from clients. Some of the code has been
simplified to remove architectural relics of the -4 and -5 options,
but more simplification is likely possible, particularly in kinit.
Ken Raeburn [Thu, 11 Dec 2008 21:07:08 +0000 (21:07 +0000)]
For Sun Studio compilers, set WARN_CFLAGS to emit warning tag names
and make int/ptr mixups a fatal error that will be noticed at build or
"make check" time. Tested in a 32-bit build.
Greg Hudson [Mon, 8 Dec 2008 22:33:07 +0000 (22:33 +0000)]
Add a configure option --disable-rpath to suppress rpath flags in
link lines. Useful for OS distributors and for builds which will
only be used to run the test suite.
Greg Hudson [Fri, 5 Dec 2008 18:30:18 +0000 (18:30 +0000)]
In the rlogin tests, expect to see /bin/sh echoed back after sending
/bin/sh. If we just look for a shell prompt, we can get out of sync
if the login shell decides to clear the line and redisplay the prompt.
(I see bash redisplaying the prompt in 30-50% of test runs; I don't
know what it's thinking.)
Sam Hartman [Thu, 4 Dec 2008 15:48:08 +0000 (15:48 +0000)]
Merge r21120 from mskrb-integ
Refactor code such that an AEAD provider does not need to implement the
older, non-IOV SPIs. Instead, the older APIs will implement their
behaviour on top of the AEAD SPIs, using the wrapper functions in
aead.c.
Greg Hudson [Wed, 3 Dec 2008 18:21:22 +0000 (18:21 +0000)]
Move warning flags to new variables WARN_CFLAGS and WARN_CXXFLAGS, so
that users can override the debugging and optimization flags
independently of the warning flags.
Remove -Wconversion from the standard set of warning flags since it
warns excessively on perfectly good code, and is designed to aid in
conversion of code from K&R to ANSI C rather than to maintain code
quality.
Sam Hartman [Tue, 2 Dec 2008 20:10:20 +0000 (20:10 +0000)]
Crypto IOV API per Projects/AEAD encryption API
Merge in the mskrb-crypto-iov branch at r21259 in order to move an
implementation of
http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the
trunk. This branch contains a subset of the commits on the
mskrb-integ branch that implement the krb5 library part of the crypto
IOV API.
Ezra Peisach [Mon, 1 Dec 2008 12:16:33 +0000 (12:16 +0000)]
Move cc_mutex code from k5-int.h - where it is globally available to cc-int.h
where it is declared and used. The functions are not exported by the library -
nor are they used outside lib/krb5/ccache... For cc_file.h - include cc-int.h.
Ken Raeburn [Mon, 1 Dec 2008 06:48:54 +0000 (06:48 +0000)]
Shawn's fix for some iprop bugs, with some tweaks
Adds an alarm while waiting for kprop connection or authentication in
iprop mode; on timeout, close down the active file descriptor to force
us to bail out and return to the iprop main loop (which may try a full
resync again next time around).
Ken Raeburn [Mon, 24 Nov 2008 21:06:20 +0000 (21:06 +0000)]
Simplify memory management a bit in places, by allocating and freeing
separately, instead of reallocating arrays of pointers to themselves
be reallocated. Do a better job of initializing arrays of which we
only use a variable-sized part.
Use a temp var instead of lots of long macro invocations.
Fix some overrun-by-one errors in buffer copying.
Clean up some possible leaks.
Ken Raeburn [Mon, 17 Nov 2008 21:34:48 +0000 (21:34 +0000)]
Set krb4 and priocntl flags via site.exp instead of command line
Update set of files to clean out at test suite startup, or when
deleting the database.
Improve support for setting up slave test environment. Don't set
KRB5_KDC_PROFILE except in KDC master and slave environments. Create
distinct env.sh and env.csh files for different configurations. Move
kpropd setup proc into common initialization.
Add incremental propagation test: Create new kiprop/$host principal,
update kproplog test for the new data. "Propagate" the master
database to the slave, add a new principal, start up kpropd, watch for
the "OK" message, and check to see if the new principal exists on the
slave.
Zhanna Tsitkov [Mon, 17 Nov 2008 21:04:06 +0000 (21:04 +0000)]
Lite Client - the following calls are server-side functions:
decode_krb5_authenticator,
krb5_auth_con_getauthenticator,
krb5_copy_authenticator,
krb5_ser_authenticator_init
Take them out for the Lite CLient.
Ken Raeburn [Mon, 10 Nov 2008 22:43:21 +0000 (22:43 +0000)]
Generate separate master-KDC and slave-KDC config files, with
different names for the database files. (Slave config files unused as
yet.) Ensure that the master-KDC environment is used when running
kadmin.local or kdb5_util. Define and use a new proc for deleting all
KDC database and keytab files.
Set KPASSWD in default.exp.
Run kadmin, pwchange, pwhist, gssftp, telnet, v4gssftp tests only once each.
Ken Raeburn [Mon, 10 Nov 2008 18:27:42 +0000 (18:27 +0000)]
Delete the pass (one of twelve) that does all KDC exchanges with TCP;
add a test case that sets that up and runs kinit.
Add a new support proc that allows running a test only once despite
multiple passes; use it for the tcp and iprop tests.
According to one totally unscientific measurement, this reduces the
tests/dejagnu tests run from ~4200 to ~3800, and cuts over 8% off the
run time of those tests, without IMNSHO reducing the effectiveness of
the testing.
Ken Raeburn [Wed, 5 Nov 2008 17:47:00 +0000 (17:47 +0000)]
Only look for IPv4 addresses for the kpasswd server. This is just a
workaround for other parts of the code failing to cope with IPv6
addresses, and won't work in an IPv6-only environment; the problem
should still be fixed for real.
Greg Hudson [Wed, 5 Nov 2008 17:08:47 +0000 (17:08 +0000)]
Rename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be used
for binary data as well as C string data. The buffer will always have
a null byte at krb5int_buf_len bytes regardless of whether it contains
C string data.
Greg Hudson [Wed, 5 Nov 2008 16:09:22 +0000 (16:09 +0000)]
Replace strcpy/strcat/sprintf uses in a couple of sample code files
with strncpy/strncat. Since this is sample code, we can't rely on
build system support for asprintf/strlcpy/strlcat.
Ken Raeburn [Mon, 3 Nov 2008 18:41:33 +0000 (18:41 +0000)]
If we're not making asn1buf_insert_octet an inline function, then make
asn1buf_size, asn1buf_ensure_space, and asn1buf_expand static in
asn1buf.c, for better optimization.
Recode asn1buf_ensure_space to directly return the result of asn1buf_expand.
Don't check for NULL before malloc/realloc in asn1buf_expand.
projects / thirdparty / krb5.git / log
