Commit Graph

1078 Commits

Author SHA1 Message Date
Love Hornquist Astrand
4d0d3b9535 remove other _krb5_key_data 2011-03-12 13:53:24 -08:00
Love Hornquist Astrand
9427bcc22e log more version numbers 2011-01-03 12:12:18 +01:00
Love Hornquist Astrand
965836509b switch to hdb_fetch_kvno 2010-11-28 11:43:02 -08:00
Asanka C. Herath
2f8031c1d1 Cast dlsym() returns before use 2010-11-24 15:33:10 -05:00
Asanka C. Herath
880d728e02 Un-const as necessary to silence compiler warnings 2010-11-24 15:33:07 -05:00
Asanka C. Herath
e8dd4bfaf3 Windows: Build kadm5 tools in a separate build-step
The application manifests for Heimdal can't be built until the
libraries are built.  Since tools depend on application manifests, we
need to build them separately.
2010-11-24 15:32:21 -05:00
Asanka C. Herath
f40fe926ad Windows: Comprehensive clean target 2010-11-24 15:32:13 -05:00
Patrik Lundin
d5e4619738 Fix order of arguments given to memchr().
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-09-30 21:30:33 -07:00
Asanka Herath
e1136ba112 Windows: Annotate symbols for libkadm5srv 2010-09-14 08:03:40 -04:00
Asanka Herath
48017d046a Windows: Build test binaries for kadm5 2010-09-14 08:03:40 -04:00
Asanka Herath
ba44354336 Windows: Check exported symbols
During a test run, cross check the Windows exports list against the
version-script files.  For the test to pass, all symbols on either
list should be accounted for.

If there are symbols that are specific to Windows or symbols that are
not included on Windows, they should be annotated in the .def file as
follows:

    ;!  non_windows_symbol

    	common_symbol

        windows_only_symbol ;!
2010-08-20 13:06:55 -04:00
Asanka Herath
cdcdc5cad5 Windows: Version information for binaries 2010-08-20 13:06:54 -04:00
Asanka Herath
d83611238a Windows: Build a single heimdal.dll
Heimdal.dll is a combination of libasn1, libwind, libhcrypto, libhx509
and libkrb5.
2010-08-20 13:06:54 -04:00
Asanka Herath
ea4d8dbfdb Windows: Use EXEPREP and DLLPREP macros for processing binaries
Once DLLs and EXEs are built, they need to have their manifests
processed and signed.  These steps are encapsulated in the EXEPREP and
DLLPREP Makefile macros.  Use them instead of invoking each processing
macro individually.
2010-08-20 13:04:06 -04:00
Asanka Herath
869e970f5d Use rk_socket_t in lib/kadm5/init_c.c 2010-08-20 13:03:37 -04:00
Asanka Herath
e9160dbcfa Support parallelized builds on Windows 2010-08-20 13:03:32 -04:00
Patrik Lundin
b749ee7921 Remove print that fools kpasswdd.
The output from this print is considered an error message which makes
kpasswdd reject a password even though "APPROVED" is printed afterwards.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-07-23 10:42:34 -07:00
Patrik Lundin
606c549626 Explicitly read input from STDIN.
Kpasswdd supplies the principal name as an argument to the external
script which makes <> try to read from a file with that name.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-07-23 10:42:04 -07:00
Love Hornquist Astrand
f4f59121c3 allow password reuse for a short time after it was set last time
Patch from Harald Barth
2010-05-28 13:40:37 -07:00
Russ Allbery
bc3d8992cd Don't attempt to load a password quality verifier from NULL
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.

If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-02-02 20:46:23 -08:00
Russ Allbery
3441bbb98e Clarify documentation of password quality check modules
Be clearer in the info documentation that the part of the policy
name before the colon is the name of the module, not the static
string "module".  State explicitly that "builtin" can be used as the
module name to identify built-in policies.

Use the same terminology in kadm5_pwcheck(3) as the info documentation,
changing test-name to policy-name and vendor to module-name.  State
explicitly how the module name and policy name are used to select which
policies to run.

Rephrase a few sentences, add a paragraph break, and fix a few typos
for clarity.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-01-15 23:33:25 +00:00
Russ Allbery
80317bbd20 Pass external password quality program name as first argument
Pass the path to the external password quality program as the first
argument to the program and the principal as the second argument, as is
conventional, rather than passing only the principal.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2010-01-14 23:38:17 +00:00
Love Hornquist Astrand
dd9e076e47 reorder to remove if (0); 2009-12-25 10:45:26 +01:00
Love Hornquist Astrand
15cff173a2 Use #ifdef SIGXCPU instead of #ifndef NO_SIGXCPU 2009-12-25 10:44:40 +01:00
Love Hornquist Astrand
f798af41a0 change #ifdef to make this compile 2009-12-23 14:31:28 +01:00
Love Hornquist Astrand
160ddd0e43 use rk_closesocket 2009-12-23 14:06:37 +01:00
Asanka Herath
a0ae9f5a0e Merge remote branch 'h-github/master' into win32-port2
* h-github/master: (64 commits)
  refix socket wrappers with rk_
  Patch from Secure Endpoints/Asanka Herath for windows support
  unset KRB5CCNAME
  its really just LIBADD more most of them
  correct quoting
  Use -lpthread for modern freebsd instead
  clean KRB5CCNAME and KRB5_CONFIG, require test to reset them
  more up ${env_setup}
  use PTHREADS_LIBADD for freebsd6 and newer
  add PTHREAD_LIBADD
  add PTHREAD_LIBADD
  add PTHREAD_LIBADD
  switch to PTHREADS_LIBADD
  log what the error string say too
  More debug logging
  sprinkle more 'echo "test failed"'
  sprinkle 'echo "test failed"'
  use calloc(), indent more prettier
  in sh, equal compare is really = for strings, not ==
  Check for duplicates, already loaded mechs
  ...

Conflicts (resolved):
	lib/krb5/auth_context.c
	lib/krb5/changepw.c
	lib/krb5/context.c
	lib/krb5/error_string.c
	lib/krb5/kuserok.c
	lib/krb5/libkrb5-exports.def.in
	lib/krb5/net_write.c
	lib/krb5/store_fd.c
	lib/krb5/test_cc.c
	lib/roken/strerror_r.c
2009-12-21 13:44:00 -05:00
Love Hornquist Astrand
4835144bb2 Install kadm5-pwcheck.h header
Prompted by bug from Russ Allbery
2009-12-09 22:40:10 +01:00
Love Hornquist Astrand
c867fd3e2e Make libtool pull in the depenency on libldap
Put in explicy depenency on libdap so that libtool
might to the right thing for us.

Patch from Jan Rekorajski
2009-12-08 00:15:10 -08:00
Love Hornquist Astrand
f1c0c1bba3 prefix SOCKET symbols with rk_ 2009-11-25 05:29:18 +01:00
Love Hornquist Astrand
c6bbdb545b First drop of Windows build infrastructure from Secure Endpoints 2009-11-24 12:12:53 -08:00
Asanka Herath
c6b8fad5dc Consistency updates for lib/kadm5 and don't check fd_set size if it's not necessary 2009-11-24 10:18:20 -08:00
Asanka Herath
aa058a6a63 Typos and fixes for init_c.c to not include stuff we don't have 2009-11-24 10:17:50 -08:00
Asanka Herath
39d89e9fca Export .def for libkadm5srv 2009-11-24 10:15:14 -08:00
Asanka Herath
6a88c16dea Use wait_for_process() to wait for processes created with simple_exec* 2009-11-24 10:12:45 -08:00
Asanka Herath
bf5b934b06 Include roken.h before including other Heimdal headers 2009-11-24 10:12:45 -08:00
Asanka Herath
d84119813e No AF_UNIX on Windows and no SIGPIPE and SIGXCPU 2009-11-24 10:12:44 -08:00
Asanka Herath
246e60891c NTMakefile for kadm5 port 2009-11-24 10:12:44 -08:00
Asanka Herath
b1063ea8fc Initial Windows port 2009-11-24 10:11:14 -08:00
Love Hornquist Astrand
a9e58b7e77 don't set flags when we are not asked to 2009-11-22 17:14:47 -08:00
Love Hornquist Astrand
5e13cd2e0d provide default when there is no default 2009-11-22 14:11:24 -08:00
Love Hornquist Astrand
6f4b693fe5 krb5.conf is in 5, sort
From Jeremy C. Reed
2009-10-24 14:15:48 -07:00
Love Hornquist Astrand
6f6a384257 [HEIMDAL-646] malloc(0) checks for AIX 2009-10-11 18:02:56 -07:00
Love Hornquist Astrand
b4013ca830 [HEIMDAL-646] malloc(0) checks for AIX 2009-10-11 17:33:02 -07:00
Love Hornquist Astrand
75aebbf616 [HEIMDAL-646] malloc(0) checks for AIX 2009-10-11 17:32:38 -07:00
Love Hornquist Astrand
d3d9e5ecb5 free sp on error/full send 2009-10-06 11:19:27 -07:00
Love Hornquist Astrand
ff87429593 Make LDAP code fetch less attributes from LDAP server when KDC is asking
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
2009-10-03 13:20:41 -07:00
Love Hornquist Astrand
dc4e8669ea Abstract out asn1_compile and slc 2009-09-16 00:12:13 -07:00
Love Hornquist Astrand
3b761fddc0 check the clients with current_version, and if client have newer, whine 2009-09-05 14:41:03 -07:00
Love Hornquist Astrand
03b6f9a09b Don't send diffs to dead slaves 2009-09-05 14:31:49 -07:00