102cd04b0d
its ok to return NULL if we are allocating zero elements
2009-10-11 15:38:21 -07:00
1e9ec73bbc
[HEIMDAL-646] aix
...
AIX qsort() is unstable and might change the order of the elements
if they are equal, libwind require them to be in the same order as they were
on the input, pull in FreeBSD qsort and use that instead of AIX version.
2009-10-11 15:08:58 -07:00
e1b14b7854
Use right type when mallocing data (allocated too much)
2009-10-11 15:08:27 -07:00
119eb68a2e
Remove debug printf
2009-10-11 14:44:41 -07:00
377543e78e
use size_t for index
2009-10-11 14:36:46 -07:00
93f0e450cc
fix sizeof, only matter on platforms where sizeof(unsigned) != sizeof(uint32_t)
2009-10-11 12:22:19 -07:00
983d0f66f1
print lineno
2009-10-11 12:18:22 -07:00
d36402a671
Don't assume ldap_bv2escaped_filter_value() is exported
2009-10-11 11:17:56 -07:00
977acdd84d
Always send subkey and assume reply is encrypted using subkey
2009-10-11 09:12:01 -07:00
678f9f9f07
[HEIMDAL-533] KDC sends TGS-REP encrypted in session key not authenticator
...
From RFC 4120, page 35
In preparing the authentication header, the client can select a sub-
session key under which the response from the Kerberos server will be
encrypted. If the client selects a sub-session key, care must be
taken to ensure the randomness of the selected sub-session key.
The client library alread handle this case.
Thanks to Sam Hartman to report this though Debian
2009-10-11 08:46:53 -07:00
8e08aa0a15
Use krb5_free_keyblock()
2009-10-11 08:45:51 -07:00
2a369fc7fe
Capture failures from krb5_cc_get_principal()
...
Reported by Guillaume Rousse
2009-10-08 08:19:05 -07:00
943123da3b
enable DES when getting the afs credential
2009-10-07 09:39:19 -07:00
d3d9e5ecb5
free sp on error/full send
2009-10-06 11:19:27 -07:00
75210a985a
spelling
2009-10-06 10:02:34 -07:00
4bab1141d8
syntax error, from Harald Barth
2009-10-06 09:36:18 -07:00
6d49d9feeb
more text about TheseCells and ThisCell, from Harald Barth
2009-10-06 09:30:27 -07:00
77ecef0327
tell where kafs will search for files, from Harald Barth
2009-10-06 09:27:46 -07:00
62c061c79a
Wordsmithing, from Harald Barth
2009-10-06 09:22:20 -07:00
fbbb1bd04c
pre11
2009-10-06 07:46:34 -07:00
57b40643b9
use server name for referral decision
2009-10-06 07:38:29 -07:00
ceac2815bb
Just use RAND_bytes() for generating random bytes
2009-10-06 06:00:24 -07:00
d934c249f9
count the manpages
2009-10-05 22:50:18 -07:00
ded5608c0b
pick up configuration from the right spot
2009-10-05 22:48:03 -07:00
75a61b8842
krb5_build_authenticator is private
2009-10-05 22:09:23 -07:00
6d1d17efed
don't canonicalize names that are short then 2 name element
...
Since KDC will probably guess wrong on them, and doing
afs@CLIENT-REALM have too large change of actually working.
2009-10-05 22:07:47 -07:00
4c5a79f21b
add setup-env.in
2009-10-05 21:32:43 -07:00
8d381c8c34
add dependency for doxyout
2009-10-05 21:06:06 -07:00
cbb6bb5427
include doxyout in DIST_EXTRA
2009-10-05 20:57:34 -07:00
d7e7640d46
fix argumentin doxygen
2009-10-05 20:29:37 -07:00
bfa9f0b639
pre10
2009-10-05 20:12:34 -07:00
da91c5ed85
Fix tests
2009-10-05 20:11:49 -07:00
a132ffe757
Simplify krb5_build_authenticator and unexport
2009-10-05 19:52:28 -07:00
cc65dc4e8e
Just make a copy of the cksum instead of trying to work around the
...
fact that its not really copied.
2009-10-05 19:25:46 -07:00
753e2cc925
Check that enctypes are valid/enabled before trying to request them
2009-10-05 19:17:11 -07:00
0d10dfb529
doxygen
2009-10-04 11:33:45 -07:00
b0f73165a7
use krb5_make_principal
2009-10-04 11:29:54 -07:00
9e13b309d9
use krb5_make_principal
2009-10-04 11:29:43 -07:00
ba8b14ebbc
use krb5_make_principal
2009-10-04 11:29:29 -07:00
c7f51c8c5b
use krb5_make_principal
2009-10-04 11:29:20 -07:00
393ea16776
use krb5_make_principal
2009-10-04 11:29:05 -07:00
0153270494
use krb5_make_principal
2009-10-04 11:28:54 -07:00
dc31556b7d
use krb5_generate_subkey_extended
2009-10-04 11:12:43 -07:00
4f6759157b
move krb5_generate_subkey to deprecated and provide doxygen
2009-10-04 11:02:44 -07:00
615820b0af
move krb5_generate_subkey here and deprecate
2009-10-04 11:02:43 -07:00
2257ba3ea5
Anton Lundin
2009-10-03 13:34:16 -07:00
18d3895aad
add Johan Gadsjö
2009-10-03 13:33:38 -07:00
ff87429593
Make LDAP code fetch less attributes from LDAP server when KDC is asking
...
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
2009-10-03 13:20:41 -07:00
6f857bc86d
@subsection kafs and afslog
2009-10-03 12:26:17 -07:00
4b79b6fa57
remove unused variable
...
Based on a report from Matthias Dieter Wallnöfer.
2009-10-03 11:38:55 -07:00
Love Hornquist Astrand