Commit Graph

2723 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
71fc6141d5 TESTS += test_keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15172 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 05:08:29 +00:00
Love Hörnquist Åstrand
db19fc890c (krb4_kt_remove_entry): plug memory leak, avoid crashing on empty keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15171 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 05:03:30 +00:00
Love Hörnquist Åstrand
46c23b1852 document behavior of krb5_kt_remove_entry
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15170 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:49:15 +00:00
Love Hörnquist Åstrand
ed2c4b3694 (mkt_remove_entry): check if there isn't any entries in the keytab
before removing any since that leads to bad pointer arithmetic and
crashing. From: Wynn Wilkes <wwilkes@vintela.com>.
Make the function return KRB5_KT_NOTFOUND if the entry wasn't in the
keytab (just like the filebased keytab).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15169 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:44:40 +00:00
Love Hörnquist Åstrand
f97a50a117 test memory corruption in MEMORY keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15168 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:38:30 +00:00
Love Hörnquist Åstrand
e84fad2e0e zero out content of all krb5_free_x_content like functions to make sure data doesnt get reused, idea from Wynn Wilkes <wwilkes@vintela.com>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15167 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:21:57 +00:00
Love Hörnquist Åstrand
b926505f3f document KRB5_GC_EXPIRED_OK
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15166 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:07:38 +00:00
Love Hörnquist Åstrand
485b61db15 add krb5_cc_new_unique
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15165 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:05:17 +00:00
Love Hörnquist Åstrand
fd9149ac7d (fcc_get_first): check return value from malloc, memset the structure,
make sure cursor doesn't point to freed memory on failure.
From: Wynn Wilkes <wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15164 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 17:46:46 +00:00
Love Hörnquist Åstrand
d84fcc39fe update (c), .Dd
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15162 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 14:19:11 +00:00
Love Hörnquist Åstrand
e238fb8fde document KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15161 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 14:18:47 +00:00
Love Hörnquist Åstrand
6c3ab75789 Remove expired credentials, based on patches and comments from Anders
Magnusson <ragge@ltu.se> and Wynn Wilkes <wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15160 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 11:48:06 +00:00
Love Hörnquist Åstrand
2dd7796261 (krb5_get_forwarded_creds): honor
KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED and create unencrypted
(ENCTYPE_NULL) credentials. for use with old mit server and java based
ones as they can't handle encrypted KRB-CRED. Note that the option
needs to turned on because if the consumer sends the KRB-CRED in clear
bad things will happen.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15150 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:12:29 +00:00
Love Hörnquist Åstrand
682ff3fef0 (krb5_init_context): register krb5_javakt_ops
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15149 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:08:28 +00:00
Love Hörnquist Åstrand
d5cfe0c7fd KRB5_GC_EXPIRED_OK: expired credentials is ok to return from
krb5_get_credentials.
KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED: make forward credentials be
unencrypted, for compatibility with mit kerberos and java kerberos.
krb5_javakt_ops: export


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15148 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:06:30 +00:00
Love Hörnquist Åstrand
f9ca795602 Add new keytab file format JAVA14 that doesn't the use extended kvnos,
as hinted, this is needed for Java's Kerberos implementation.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15147 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-16 21:13:42 +00:00
Love Hörnquist Åstrand
a3c6124483 handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15116 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 19:40:39 +00:00
Love Hörnquist Åstrand
4aaf4dd6bd document krb5_storage_is_flags
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15112 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 10:46:46 +00:00
Love Hörnquist Åstrand
9aa1875790 make more pretty, from Björn Sandell
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15110 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 09:21:06 +00:00
Love Hörnquist Åstrand
23f6210e8f (krb5_kuserok): use POSIX_GETPWNAM_R instead of HAVE_GETPWNAM_R
From: Dave Love <d.love@dl.ac.uk>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15103 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-09 15:41:45 +00:00
Love Hörnquist Åstrand
db171a26fd (krb5_print_address): catch when the custom print v6-adresss don't fit
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15098 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-07 07:50:24 +00:00
Love Hörnquist Åstrand
32ad0c150f spelling
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15089 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-05 14:07:48 +00:00
Love Hörnquist Åstrand
1ef7caec57 expand on what "trailing component" means
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15087 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:44:34 +00:00
Johan Danielsson
82fa25b5c4 put address comparison in separate function
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15085 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:25:04 +00:00
Johan Danielsson
67b2fd15f7 check the user's ~/.k5login.d directory for access files, all of which
is handled like the regular ~/.k5login


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15083 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:11:22 +00:00
Love Hörnquist Åstrand
1b4b266006 (krb5_ui_method_read_string): use the fill in length
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15059 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 21:01:33 +00:00
Love Hörnquist Åstrand
9f219c721d Now that we fixed the signed-ness of nonce for windows, remove the
code that removed the signed bit. Instead add comment that they still
need to be the same (Kerberos protocol nonce and pk-init nonce) for Windows.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15055 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:52:57 +00:00
Love Hörnquist Åstrand
9b38bf74d1 Don't declare des_salt &c as static with incomplete type (invalid in
c89, at least).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15053 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:11:59 +00:00
Love Hörnquist Åstrand
6985bebfc1 include <crypt.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15052 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:08:35 +00:00
Love Hörnquist Åstrand
a8f9738a23 if we are using PKINIT, strip of the highest bit to make windows
PK-INIT happy. Also make the nonces the same, again for windows, they
are using pk-init-9.

XXX check if it isn't the that nonce is an unsigned variable so its
just a asn1 mismatch.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15043 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 16:24:00 +00:00
Love Hörnquist Åstrand
a4f747ea8e Pass prompter data to the prompter function, implement a UI prompter
function wrapping the kerberos prompter function so that the the
OpenSSL ENGINE can ask for a password when loading the private key.

From: Douglas E. Engert


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15040 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 16:12:18 +00:00
Love Hörnquist Åstrand
ab541001cc #include <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15036 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:19:58 +00:00
Love Hörnquist Åstrand
ce927eeff5 include <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15035 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:18:27 +00:00
Love Hörnquist Åstrand
74e7222461 add <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15033 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:15:38 +00:00
Love Hörnquist Åstrand
51a75cda5e use LIB_com_err for libkrb5.la
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15018 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 13:50:41 +00:00
Love Hörnquist Åstrand
5081487496 (krb5_set_config_files): ignore permission denied on configuration
files, user might no be allowed to read /var/heimdal/kdc.conf


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14997 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-28 09:04:10 +00:00
Love Hörnquist Åstrand
1f6a02ddd4 define _POSIX_PTHREAD_SEMANTICS so we get posix getpwnam_r
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14971 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-27 08:24:02 +00:00
Love Hörnquist Åstrand
1da385e5b6 (acc_gen_new): remove debug printf
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14946 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 21:54:01 +00:00
Love Hörnquist Åstrand
ed8f5734cb use the unexport the oid_to_enctype
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14922 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 14:14:49 +00:00
Love Hörnquist Åstrand
f8c1fbfbe4 unexport the oid_to_enctype function, not for external consumers
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14921 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 14:14:17 +00:00
Love Hörnquist Åstrand
0e573162cb document krb5_cc_new_unique
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14919 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 13:57:33 +00:00
Love Hörnquist Åstrand
7e27a05d9a (krb5_cc_new_unique): new function to create a new credential cache
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14918 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 13:52:01 +00:00
Love Hörnquist Åstrand
ea79507d4f simplify error handling
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14911 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 13:44:02 +00:00
Love Hörnquist Åstrand
44a72140b6 more spelling
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14907 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 07:52:03 +00:00
Love Hörnquist Åstrand
15c32cbc1d update .Dd
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14906 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 07:49:34 +00:00
Love Hörnquist Åstrand
6a3813781d spelling, from Björn Sandell <biorn@dce.chalmers.se>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14905 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 07:46:59 +00:00
Love Hörnquist Åstrand
c632869a80 spelling, from Björn Sandell <biorn@dce.chalmers.se>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14904 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 07:31:48 +00:00
Love Hörnquist Åstrand
b792ea5a2a libkrb5_la_SOURCES += v4_glue.c
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14903 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-23 21:16:57 +00:00
Love Hörnquist Åstrand
2d3b49f0c0 forward declaration of _krb5_krb_auth_data
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14898 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-23 19:42:28 +00:00
Love Hörnquist Åstrand
ca6053358a Move the kerberos v4 replacement functions to v4_glue.c
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14897 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-23 19:40:57 +00:00