NOTE: The test runs and succeeds, but the client seems to be getting
a new x-realm TGT after we set the kvno to 0 or remove the
kvno from the tickets. This means we're not really testing
the TGS paths! So this test is not yet ready.
Application developers have a tendency to use krb5_get_error_message()
as a drop in replacement for error_message() and under various
circumstances they pass in a NULL context. This method works fine
for MIT's implementation which ignores the context but in Heimdal
passing in a NULL context would dump core.
This patch set modifies krb5_get_error_message() in order to
permit the passing of a NULL context. First, if the context
is NULL, an attempt will be made to allocate one locally for
the purpose of evaluating the error code. Second, if a local
context cannot be allocated, fall back on calling error_message().
If error_message() fails to return a string, then generate an
"unknown error" response.
Only if all of the above fails is NULL returned.
Change-Id: If4baf7d6c428cf0baf11c044b8dfd5c2b3cdf7e4
Add _krb5_set_default_cc_name_to_registry() function and
call use it on Windows to set the user's default credential cache.
Change-Id: Ib59ff218a098a841bc61846abf873736380b5c6c
The new _krb5_store_string_to_reg_value() function permits
the caller to create REG_SZ, REG_EXPAND_SZ, REG_DWORD, and
REG_MULTI_SZ entries in the registry.
Change-Id: Ib5740ad07209618d8ea4c0bf3c75615f27e98b4e
commit 0ed83cebd3 removed the
weak enctypes from the default enctype list. This is a change
in behavior from 1.5.x which permitted the use of weak enctypes
if "allow_weak_crypto" is set to true. This patchset creates
two default enctype lists. One with weak enctypes and the other
without. The weak version is used if "allow_weak_crypto" is set
to true.
Change-Id: Ide5cce0645836249031350bfaf619d970635e579
