Age | Commit message (Collapse) | Author | Files | Lines |
|
implement it
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/namingexts-mechglue@24334 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/namingexts-mechglue@24333 dc483132-0cff-0310-8789-dd5450dbe970
|
|
to client
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/namingexts-mechglue@24332 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/namingexts-mechglue@24331 dc483132-0cff-0310-8789-dd5450dbe970
|
|
implementation residing in mechglue
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/namingexts-mechglue@24330 dc483132-0cff-0310-8789-dd5450dbe970
|
|
* Use calloc() to allocate the pids array; squashes a Coverity false
positive.
* Don't leak the pids array in worker processes.
* Use consistent terminology in comments.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24329 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Add support for a krb5kdc -w option which causes the KDC to spawn
worker processes which can process requests in parallel. See also:
http://k5wiki.kerberos.org/wiki/Projects/Parallel_KDC
ticket: 6783
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24328 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24327 dc483132-0cff-0310-8789-dd5450dbe970
|
|
old, freed value of *pcontext still there--that would result in a
double free.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24326 dc483132-0cff-0310-8789-dd5450dbe970
|
|
libkdb_ldap.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24324 dc483132-0cff-0310-8789-dd5450dbe970
|
|
of X509_get_ext_by_NID so we can detect negative return values.
Reported by nalin@redhat.com.
ticket: 6774
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24323 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24322 dc483132-0cff-0310-8789-dd5450dbe970
|
|
blocker which does not impinge on the system's symbol namespace, and
use the recommended formatting for function prototypes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24319 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24318 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24317 dc483132-0cff-0310-8789-dd5450dbe970
|
|
This implements
http://k5wiki.kerberos.org/Projects/What_does_God_need_with_a_password.
If the KDB keytab is selected by command line options, then kinit will
register the KDB keytab and open the database. This permits an
administrator to obtain tickets as a user without knowing that user's
password.
As a result kinit links against libkadm5srv and libkdb5. Discussion is
ongoing about whether this is desirable or about whether two versions
of kinit are required.
ticket: 6779
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24316 dc483132-0cff-0310-8789-dd5450dbe970
|
|
kdb: remove get/set_mkey_list
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24315 dc483132-0cff-0310-8789-dd5450dbe970
|
|
kdb_dbe_decrypt_key_data
Previously, code needed to run a loop to find the current master key,
possibly fetch a new master key list and try finding the master key
again around each key decryption. This was not universally done;
there are cases where only the current master key was used. In
addition, the correct ideom for decrypting key data is too complicated
and is potentially unavailable to plugins that do not have access to
the master key. Instead, store the master key list in the dal_handle
whenever it is fetched and permit a NULL master key for
krb5_dbe_decrypt_key_data.
* Remove APIs for krb5_db_{get|set}_mkey_list
* krb5_db_fetch_mkey_list: memoize master key list in dal_handle
* krb5_db_free_mkey_list: don't free the memoized list; arrange for it to be freed later
* krb5_dbe_decrypt_key_data: Search for correct master key on NULL argument
* change call sites to take advantage
ticket: 6778
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24314 dc483132-0cff-0310-8789-dd5450dbe970
|
|
have been set before using ku_reject. Patch from nalin@redhat.com.
ticket: 6775
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24313 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Flebbe.
ticket: 6776
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24312 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24311 dc483132-0cff-0310-8789-dd5450dbe970
|
|
master key is passed into default decryption function.
kdb: fix warnings
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24310 dc483132-0cff-0310-8789-dd5450dbe970
|
|
krb5_build_principal.
ticket: 6777
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24309 dc483132-0cff-0310-8789-dd5450dbe970
|
|
this indicates that the mandatory checksum type for the key is to be used.
This interface is necessary because there is no public interface through
which the mandatory checksum type for an encryption type can be determined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24304 dc483132-0cff-0310-8789-dd5450dbe970
|
|
passed in as the checksum type; however krb5_k_make_checksum_iov
does not support this. Add the same logic for the behaviour is
consistent.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24303 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24299 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24298 dc483132-0cff-0310-8789-dd5450dbe970
|
|
enctypes aren't enabled.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24297 dc483132-0cff-0310-8789-dd5450dbe970
|
|
it does, don't dereference a null pointer when creating the pkiDebug
message.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24296 dc483132-0cff-0310-8789-dd5450dbe970
|
|
assignments for Camellia-CCM enctypes or cksumtypes yet, they are
disabled in a default build. They can be made available by defining
(via CPPFLAGS) local-use enctype numbers for the enctypes and
cksumtypes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24295 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Under low memory conditions (or when testing memory allocation failures),
the key pointer will be 0 - and not initialized. Test and return failure
before deref a NULL.
ticket: 6772
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24292 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Minor leaks. Just cleaning up code.
ticket: 6771
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24291 dc483132-0cff-0310-8789-dd5450dbe970
|
|
and not its exit value.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24290 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24289 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24288 dc483132-0cff-0310-8789-dd5450dbe970
|
|
t_prf.c: Ensure prfsz is set before use (not exercised in current tests)
t_short.c: Fix memory leak
ticket: 6769
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24287 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Mike Roszkowski.
ticket: 6764
tags: pullup
target_version: 1.8.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24286 dc483132-0cff-0310-8789-dd5450dbe970
|
|
branch. Delete it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24285 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Merge branches/plugins2 to trunk. Adds a password quality pluggable
interface described in this project page:
http://k5wiki.kerberos.org/wiki/Projects/Password_quality_pluggable_interface
ticket: 6765
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24284 dc483132-0cff-0310-8789-dd5450dbe970
|
|
ticket: 6761
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24282 dc483132-0cff-0310-8789-dd5450dbe970
|
|
LIBDIR/krb5/plugins.
ticket: 6763
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24277 dc483132-0cff-0310-8789-dd5450dbe970
|
|
ticket: 6761
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24274 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24269 dc483132-0cff-0310-8789-dd5450dbe970
|
|
result of krb5_db_check_policy_as/tgs from a krb5_error_code to a
protocol error number.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24268 dc483132-0cff-0310-8789-dd5450dbe970
|
|
ticket: 6763
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24264 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Merge domain-independent plugin framework code from branches/plugins2,
leaving out the password quality interface.
ticket: 6763
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24263 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24258 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24257 dc483132-0cff-0310-8789-dd5450dbe970
|
|
syntactically independent of parent files.
ticket: 6761
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24256 dc483132-0cff-0310-8789-dd5450dbe970
|
|
ticket: 6761
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24255 dc483132-0cff-0310-8789-dd5450dbe970
|