Load configuration data in the registry into a krb5_config_section.
Each registry key corresponds to a krb5_config_section and each
registry value becomes a bound string value.
The set of values contained in the root Heimdal registry key is
treated as if they were defined in the [libdefaults] section.
E.g. the configuration file:
[libdefaults]
foo = bar
[Foo]
x = y
y = {
baz = quux
}
is equivalent to the registry keys:
[HKEY_CURRENT_USER\Software\Heimdal]
"foo"="bar"
[HKEY_CURRENT_USER\Software\Heimdal\Foo]
"x"="y"
[HKEY_CURRENT_USER\Software\Heimdal\Foo\y]
"baz"="quux"
The implementation of opendir() in lib/roken/dirent.c takes as input a
directory name. For the contents of the specified directory to be
enumerated correctly, this directory name must be converted to a
wildcard.
Before we can include ws2tcpip.h, we must have already included
winsock2.h. The latest SDK does this by including winsock2 within
the ws2tcpip header, but the older SDKs do not, and fail to build.
the lex code in heimdal had a function error_message() which is
confusingly the ame as a core function from the com_err library. This
replaces it with lex_error_message(), and allows Samba4 to have a
stricter check for duplicate symbols between it's components.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
The clock skew handling was previously only on properly wrapped
GSSAPI, and was skipped for DCE-style. This allows the ASN.1 errors
from the krb5_rd_req to suggest parsing as a kerberos error packet.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
There are exceptions from the expected behaviour of 'checksum type
matches key type' that we must deal with here, or else we can't serve
DES-only servers.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
lib/krb5/crypto.c was a large, monolithic block of code which made
it very difficult to selectively enable and disable particular
alogrithms.
Reorganise crypto.c into individual files for each encryption and
salt time, and place the structures which tie everything together
into their own file (crypto-algs.c)
Add a non-installed library (librfc3961) and test program
(test_rfc3961) which builds a minimal rfc3961 crypto library, and
checks that it is usable.
