Age | Commit message (Collapse) | Author | Files | Lines |
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15257 dc483132-0cff-0310-8789-dd5450dbe970
|
|
KerberosLoginPrivate.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15256 dc483132-0cff-0310-8789-dd5450dbe970
|
|
calls on USE_CCAPI so Darwin builds work
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15255 dc483132-0cff-0310-8789-dd5450dbe970
|
|
functions static. Removed unused CoreServices include. Changed TICKET_GRANTING_TICKET to new macro: KRB_TICKET_GRANTING_TICKET. * change_password.c: Added check of inputs to krb_change_password so we don't crash on bad inputs. Call des_string_to_key not mit_password_to_key on all platforms because we don't want to prompt for a password. * FSp-glue.c: Added prototypes for deprecated functions. Changed to use KfM's FSSpecToPOSIXPath which correctly handles FSSpecs where the file does not exist. * g_in_tkt.c: Added explanatory comments. Made TARGET_OS_MAC sections a little smaller and easier to read. * g_pw_in_tkt.c: Only prompt when we are not using the login library. This is so that Darwin builds do prompt but KfM builds don't. * g_svc_in_tkt.c, g_tkt_svc.c: Changed to use KRB_TICKET_GRANTING_TICKET. * kadm_net.c: Use autoconf variable krb5_sigtype instead of sigtype, which doesn't seem to be defined on Mac OS X. * krb4int.h, RealmsConfig-glue.c: Removed krb_get_stk(). * rd_req.c: Added #ifdef KRB4_USE_KEYTAB to avoid unused variable warning when KRB4_USE_KEYTAB is not defined. * sendauth.c: Fixed warnings with casts
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15254 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15253 dc483132-0cff-0310-8789-dd5450dbe970
|
|
gssapiP_generic.h, gssapi.hin: Removed macintosh check because we don't build on OS 9 anymore. * gssapi.hin: Removed enumsalwaysint because there are no typed enums in this header. Removed duplicate CFM-68K magic
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15252 dc483132-0cff-0310-8789-dd5450dbe970
|
|
USE_HARDCODED_FALLBACK_ERROR_TABLES macro used by KfM. * gss_libinit.h: do not use the same multiple include protection macro as krb5_libinit.h. Changed to GSSAPI_LIBINIT_H
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15251 dc483132-0cff-0310-8789-dd5450dbe970
|
|
functions into their own file. They are all deprecated on KfM and shouldn't even get built on stock krb5 builds. * read_passwd.c: Added warning comment that des_read_pw_string is an exported function on KfM, so we should not change its ABI
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15250 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15249 dc483132-0cff-0310-8789-dd5450dbe970
|
|
deprecated KfM des_crypt function
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15248 dc483132-0cff-0310-8789-dd5450dbe970
|
|
header. * k5-int.h: Removed Mac OS header goober. Added prototype for os_get_default_config_files which will be used by KfM's preference APIs (KFM needs to get the secure default files as well as the normal ones). Moved profile.h inclusion higher so it gets included before this function and thus its types are defined (the reason I put it where I did was there is another config file function next to it)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15247 dc483132-0cff-0310-8789-dd5450dbe970
|
|
paths that start with ~/ (homedir-based) when getting an insecure context. This is the same as DEFAULT_PROFILE_PATH on all other platforms, which allows us to avoid more references to TARGET_OS_MAC in krb5 sources
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15246 dc483132-0cff-0310-8789-dd5450dbe970
|
|
not in the headers to discourage new callers. Removed enumsalwaysint because there are no typed enums in this header. * des.h: Made afs_string_to_key public on all platforms. (OpenAFS folk think this is okay.) * krb.h, prot.h: Made KRB_TICKET_GRANTING_TICKET public and removed non-public TICKET_GRANTING_TICKET because this macro is used in lots of places by KfM, including some clients. Made krb__get_srvtabname non-private because it is used by KEYFILE. * kadm.h: moved definition of MAXHOSTNAMELEN below the inclusion of other headers so that if it gets defined by those other headers or headers they include, we don't get a redefinition error (this happens on Mac OS X)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15245 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Mac-specific includes. * conv_creds.c: If we are on the Mac and using the CCAPI, set the string_to_key type to MIT. * krb524.h: Removed enumsalwaysint because there are no enums in this header. Also include krb524_err with <> because on Mac OS X both are public headers and should not be included with "". * Makefile.in: set KRB524_PRIVATE while building so that Darwin builds see these prototypes. Otherwise the Darwin build will fail
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15244 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15243 dc483132-0cff-0310-8789-dd5450dbe970
|
|
because KfM now uses krb5's DES and krb4 sources
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15242 dc483132-0cff-0310-8789-dd5450dbe970
|
|
build system
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15241 dc483132-0cff-0310-8789-dd5450dbe970
|
|
which are normally specified by -Dfoo on the command line by the krb5 build system. Since KfM uses Project Builder, we specify them here
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15240 dc483132-0cff-0310-8789-dd5450dbe970
|
|
resource fork. We stopped writing resources to the krb5 configuration in KfM 4.5.x. In KfM 5.0 will no longer read preferences from the resource fork so we can destroy it on copy. * prof-int.h: No longer include MoreFiles. Removed framework style includes for Kerberos headers. * prof_FSp_glue.c, prof_init.c, profile.hin: Moved Mac FSSpec-based functions into a separate file so they will only be built with KfM. These functions will be exported but not in the headers because they are deprecated
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15239 dc483132-0cff-0310-8789-dd5450dbe970
|
|
9-specific code. * et_h.awk: define compat macro for init_foo_err_table so that it gets defined to nothing on the Mac
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15238 dc483132-0cff-0310-8789-dd5450dbe970
|
|
kadmind previously required a file-based keytab to support its use of
gssapi. For ease of administration, a kdb-based keytab would be
beneficial.
This commit includes changes to the kdb library to support this goal,
as well as actual changes in the kadmind itself.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15237 dc483132-0cff-0310-8789-dd5450dbe970
|
|
function. Allows global override of default keytab for
gss_acquire_cred() purposes.
(acquire_accept_cred): Implement override.
* gssapi_krb5.h: Add krb5_gss_register_acceptor_identity.
ticket: 880
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15236 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15235 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(lib\crypto\aes\Makefile) [##DOS##]: New target.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15234 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(all-windows, clean-windows, check-windows): Process aes directory.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15233 dc483132-0cff-0310-8789-dd5450dbe970
|
|
not recognized by gcc or cl.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15232 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15231 dc483132-0cff-0310-8789-dd5450dbe970
|
|
function info available in krb5/autoconf.h.
* gethostname.c, getst.c, kadm_net.c, klog.c, kparse.c: Include
krb5/autoconf.h.
* kuserok.c, log.c, memcache.c, mk_preauth.c, netread.c: Ditto.
* netwrite.c, put_svc_key.c, recvauth.c, send_to_kdc.c: Ditto.
* tkt_string.c: Ditto.
* Makefile.in: Update dependencies.
(DEFINES): Define KRB4_USE_KEYTAB.
* configure.in: Don't define KRB4_USE_KEYTAB. Don't check for any headers or
functions; include/configure.in already does it. Don't invoke AC_C_CONST
explicitly; CONFIG_RULES does that.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15230 dc483132-0cff-0310-8789-dd5450dbe970
|
|
no new decl in krb5.h yet; rename changed s2k functions to use krb5int_ prefix.
Add AES to etype table. Delete some unused declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15229 dc483132-0cff-0310-8789-dd5450dbe970
|
|
* enc_provider.h (krb5int_enc_aes128, krb5int_enc_aes256): Declare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15228 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15227 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15226 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15225 dc483132-0cff-0310-8789-dd5450dbe970
|
|
isinvalidrcname -> isvalidrcname.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15224 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(krb_v4_recvauth, krb5_compat_recvauth, krb5_compat_recvauth_version): Define
only if KRB5_KRB4_COMPAT.
* krlogind.c: Include krb.h only if KRB5_KRB4_COMPAT.
(v4_kdata, v4_schedule): Define only if KRB5_KRB4_COMPAT.
(recvauth) [!KRB5_KRB4_COMPAT]: Skip v4 stuff and call krb5_recvauth_version.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15223 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Ticket: 1370
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15222 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15221 dc483132-0cff-0310-8789-dd5450dbe970
|
|
to TCP socket as doing so causes interop problems.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15220 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15219 dc483132-0cff-0310-8789-dd5450dbe970
|
|
If a context is accepted with GSS_C_NO_CREDENTIAL or if a credential
is acquired with GSS_C_NO_NAME as the acceptor name then allow any
principal in the keytab to be used as the acceptor name.
This means that gss_inquire_cred can return GSS_C_NO_NAME from a
credential.
ticket: new
Tags: enhancement
cc: nicolas.williams@sun.com
cc: krbdev@mit.edu
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15218 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15217 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(krb5int_pbkdf2, krb5int_pbkdf2_hmac_sha1, krb5int_pbkdf2_hmac_sha1_128,
krb5int_pbkdf2_hmac_sha1_256): Likewise, and for output also.
* vectors.c (test_pbkdf2): Calls updated.
(main): Run pbkdf2 tests.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15216 dc483132-0cff-0310-8789-dd5450dbe970
|
|
static variable and free it called again; this prevents a memory
leak.
ticket: 1357
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15215 dc483132-0cff-0310-8789-dd5450dbe970
|
|
AC_DEFINE'ed things or to Makefile.in files. Remove explicit settings
of CPPFLAGS. These allow CPPFLAGS to be a user parameter. Also, add
CFLAGS to the CC_LINK variables, so they can control usage of the
compiler to link programs.
ticket: 677
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15214 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15213 dc483132-0cff-0310-8789-dd5450dbe970
|
|
shared libraries depend at a make level on com_err if we use the
system com_err library.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15212 dc483132-0cff-0310-8789-dd5450dbe970
|
|
acquired by acquire_cred(), so instead of the suggested patch,
validate verifier_cred_handle only if we didn't acquire_cred().
* accept_sec_context.c (krb5_gss_accept_sec_context): Don't
validate verifier_cred_handle if GSS_C_NO_CREDENTIAL is passed in.
ticket: 1356
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15211 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15210 dc483132-0cff-0310-8789-dd5450dbe970
|
|
dependencies
* g_pw_in_tkt.c: Include krb4int.h for krb_get_keyprocs() prototype.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15209 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15208 dc483132-0cff-0310-8789-dd5450dbe970
|