Age | Commit message (Collapse) | Author | Files | Lines |
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18727 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18715 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18712 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18711 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18705 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18704 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18703 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18701 dc483132-0cff-0310-8789-dd5450dbe970
|
|
$(RUN_SETUP). Replaces old hack with MAYBE_VALGRIND added to RUN_ENV
in a way that would break in some of the tests.
Set VALGRIND in site.exp in tests/dejagnu. (Not used yet.)
Runs some shell scripts under valgrind, rather than changing them to
run only the executables under valgrind; this is mostly okay, just
creates lots of extra log data, and requires --trace-children=yes.
This should work for any instrumentation program invocation that gets
followed immediately by the name and argument list for the program
being instrumented. For example, VALGRIND="env LD_PRELOAD=..." should
work, though I haven't tested it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18699 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18689 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18680 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18679 dc483132-0cff-0310-8789-dd5450dbe970
|
|
accessed via krb5int_access.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18666 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
|
|
tickets.
We do not yet accept tickets in which the server name changes.
* krb5_sname_to_principal: If there is no domain realm mapping return null realm
*krb5_get_cred_via_tkt: New behavior as described below
1) the referrals case:
- check for TGT for initial realm
- if a remote realm was specified (which must have happened via a
domain_realm mapping), obtain a TGT for it the standard way and
start with that.
- use client realm for server if not specified
- iterate through this loop:
- request ticket with referrals turned on
- if that fails:
- if this was the first request, punt to non-referrals case
- otherwise, retry once without referrals turned on then terminate
either way
- if it works, either use the service ticket or follow the referral path
- if loop count exceeded, hardfail
2) the nonreferrals case
- this is mostly the old walk_realm_tree TGT-finding (which allows
limited shortcut referrals per 4120) followed by a standard tgs-req.
- originally requested principal is used for this, although if we were
handed something without a realm, determine a fallback realm based on
DNS TXT records or a truncation of the domain name.
ticket: 2652
Owner: amb
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970
|
|
* src/appl/gssftp/ftpd/ftpd.c (getdatasock, passive):
* src/appl/bsd/v4rcp.c (main):
* src/appl/bsd/krcp.c (main):
* src/appl/bsd/krshd.c (doit):
* src/appl/bsd/login.c (main):
* src/clients/ksu/main.c (sweep_up):
* src/lib/krb4/kuserok.c (kuserok): Check return values from
setuid() and related functions to avoid privilege escalation
vulnerabilities. Fixes MITKRB5-SA-2006-001. [CVE-2006-3083,
VU#580124, CVE-2006-3084, VU#401660]
ticket: new
target_version: 1.5.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18420 dc483132-0cff-0310-8789-dd5450dbe970
|
|
* src/appl/gssftp/ftpd/ftpd.c (auth_data): Initialize stat_maj,
accept_maj, acquire_maj.
* src/appl/telnet/libtelnet/kerberos5.c (kerberos5_send):
Intialize rdata.
* src/kdc/do_tgs_req.c (process_tgs_req): Initialize magic and
tr_contents.magic.
* src/lib/krb5/asn.1/krb5_decode.c (decode_krb5_safe_with_body):
Initialize tmpbody.magic.
* src/plugins/kdb/db2/libdb2/hash/dbm.c (kdb2_fetch)
(kdb2_firstkey, kdb2_nextkey): Initialize dsize.
ticket: 3904
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18404 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18332 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Change all file substitutions so that @-patterns start at the beginning
of their lines, as now required by autoconf 2.60 (released Monday).
ticket: new
target_version: 1.5
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18249 dc483132-0cff-0310-8789-dd5450dbe970
|
|
than an unsigned long to avoid memcpying past the end of a structure on
64-bit platforms.
Ticket: 581
Version_Reported: 1.0.5
Target_Version: 1.5
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18175 dc483132-0cff-0310-8789-dd5450dbe970
|
|
than the largest file number in the select set) rather than some multiple
of sizeof some struct. The latter is large enough accidentally work, but
breaks on AIX.
Map IPv4-mapped IPv6 addresses back to IPv4 in krshd for the purposes of
connecting back to the remote system on AIX, since on AIX getnameinfo
returns such addresses but connect won't accept them.
Ticket: 3122
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18166 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Modified to restrict the configure test to just the pty library.
ticket: 3423
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18161 dc483132-0cff-0310-8789-dd5450dbe970
|
|
few others) to cast the character values to unsigned char.
ticket: 3445
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18156 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Reported by Ubaidul Khan on kerberos@mit this date.
GNU libc includes a function getline with an incompatible prototype.
It hasn't caused problems for MIT on RHEL 4 (glibc 2.3.4), but
apparently FC5 has a newer set of headers in which it does.
* ftpcmd.y (getline): Renamed to ftpd_getline. Declarations and callers
changed.
* ftpd.c (getline): Remove duplicate declaration.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18153 dc483132-0cff-0310-8789-dd5450dbe970
|
|
exchanged. Suggested by Markus Moeller.
ticket: 2615
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18151 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18150 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18141 dc483132-0cff-0310-8789-dd5450dbe970
|
|
message. Only support ?, not help, to request help with the open
command. The same change was made in netkit's telnet.
Ticket: 3269
Component: krb5-appl
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18124 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Ticket: 3008
Version_Reported: 1.3.6
Component: krb5-appl
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18122 dc483132-0cff-0310-8789-dd5450dbe970
|
|
sys/filio.h is available. GNU/kFreeBSD has sys/filio.h but still
requires sys/ioctl.h, and sys/ioctl.h is included unconditionally
elsewhere in the code. Patch from Petr Salinger.
Ticket: 3466
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18117 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Remove all remaining references to .rhosts authentication; the code to
implement this was already removed.
Ticket: 2577
Version_Reported: 1.3.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18112 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Ticket: 3010
Version_Reported: 1.4.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18107 dc483132-0cff-0310-8789-dd5450dbe970
|
|
ticket: 3784
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the
build tree. Stub krb5.h in main include directory just includes krb5/krb5.h.
Update dependencies, and add dependencies in a couple Makefiles that didn't
have them.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030 dc483132-0cff-0310-8789-dd5450dbe970
|
|
of places where it's actually needed. Update dependencies.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17898 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17897 dc483132-0cff-0310-8789-dd5450dbe970
|
|
subversion commit log entry needs to include information that would
have been in the changelog.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17893 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17888 dc483132-0cff-0310-8789-dd5450dbe970
|
|
configure.in files accordingly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17887 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17826 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17818 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(ftp_uint32, ftp_int32): Always define as [u]int32_t instead of testing
configure-time type size macros.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17816 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17811 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17789 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17786 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17741 dc483132-0cff-0310-8789-dd5450dbe970
|
|
include directives sometimes using krb5/foo.h and sometimes using foo.h, and
-I options always given for both directories in both source and build trees,
push include/krb5/* up a level and drop the krb5 directory (except, for the
moment, the change log).
Updated #include directives, -I options, and dependencies accordingly, and
deleted one or two bits of old, unused code that was noticed in the process.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17730 dc483132-0cff-0310-8789-dd5450dbe970
|
|
generated files that lxs wants to feed into the Mac build system.
(First approximation, may want some fine tuning later.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17728 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17708 dc483132-0cff-0310-8789-dd5450dbe970
|
|
krb5 to build under the Microsoft Visual Studio 8 compiler
in 64-bit mode and produce file names that do not conflict
with the names produced by the 32-bit build. That patch
was modified to work on Unix and also include processor
dependent pre-processor definitions to remove warnings.
ticket: 3415
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17680 dc483132-0cff-0310-8789-dd5450dbe970
|