Marco Molteni
e242c40746
Verify the existence of the keytab for tcp_server, gssapi_server
...
appl/test/tcp_server and gssapi_server try to open the keytab file only when processing a connection.
This patch verifies the existence of the keytab file on program startup, so that troubleshooting is easier. In addition it adds some comments.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2012-05-01 23:01:19 +02:00
Love Hornquist Astrand
dd267e8fc3
heimbase can't depend on roken.h since its not built at this time
...
if we need to have this dependency heimbase needs to be moved into lib/s
2012-05-01 22:48:57 +02:00
Roland C. Dowdeswell
2c5ec44d39
Look for auth_to_local in the default realm's realm section...
...
...rather than the authenticated principal's realm section. We do
this both to maintain compatibility with MIT and because it makes
more sense. We should likely also fix the auth_to_local_names as
cursory inspection reveals that it has the same incompatibility.
2012-04-19 23:43:12 +01:00
Tony Acero
e2b6a449ce
Windows: Visual Studio 10 support for installers
...
Change-Id: I845986247abf607694d2438afaffa6ea7d6fd5c4
2012-04-11 15:18:52 -04:00
Jeffrey Altman
9be792055c
generated files must #include config if supported
...
The source files generated by compile_et and asn1-compile must
begin with:
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
This permits conditional includes based on HAVE_STDINT_H and
HAVE_UNISTD_H to work.
Change-Id: Iefe25317ac3cb1970793748b8318174bcd7a087f
2012-04-10 17:17:33 -04:00
Jeffrey Altman
8e2762f907
Fix Windows build of mcache.c
...
Commit c04aa9e082
specified the
mutex type, pthread_mutex_t, directly instead of using the
abstraction, HEIMDAL_MUTEX.
Change-Id: Iedfc46163140cf23014d357cc8ccc9f0e6224327
2012-04-10 15:41:23 -04:00
Love Hörnquist Åstrand
c04aa9e082
more mutex locking from Jaudeep Padhye
2012-04-05 23:10:33 -07:00
Samuel Thibault
fbf44ea51d
Fix compilation of kafs on Hurd.
...
kafs now defines two ioctls, define the GNU _IOT constants.
This was originally submitted to the Debian Heimdal package:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483281
Signed-Off-By: Jelmer Vernooij <jelmer@debian.org >
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org >
2012-04-05 22:55:01 -07:00
Samuel Thibault
0ef0446645
Properly activate the pthread support on GNU/Hurd.
...
Originally submitted as a patch to the Debian Heimdal package:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483281
Signed-Off-By: Jelmer Vernooij <jelmer@debian.org >
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org >
2012-04-05 22:55:01 -07:00
Russ Allbery
39460d0045
Remove duplicate __gss_krb5_mechanism_oid_desc definition
...
__gss_krb5_mechanism_oid_desc is now defined in gssapi/gssapi_oid.h,
so remove the definition in gssapi/gssapi_krb5.h in favor of including
that header.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org >
2012-04-05 22:55:01 -07:00
Love Hörnquist Åstrand
ec152cdf1a
drain pool for each request
2012-04-05 22:55:01 -07:00
Love Hörnquist Åstrand
497eb5a4a4
add description
2012-04-05 22:55:01 -07:00
Roland C. Dowdeswell
67d9094665
Allow hxtool to process multiple --pk-init-principal args.
2012-04-05 20:20:19 +01:00
Viktor Dukhovni
eee3333b76
Handle multiple SANs correctly in KDC pkinit certs
...
Signed-off-by: Roland C. Dowdeswell <elric@imrryr.org >
2012-04-05 20:20:00 +01:00
Simon Wilkinson
10133ece1a
hcrypto: Use correct size for memset in md2
...
md2.c was doing memset(m, 0, sizeof(m)), and so was only clearing
the first 4 bytes of the passed md2 structure in MD2_Final. Fix
this to clear the entire structure, as expected.
2012-03-31 19:06:59 -04:00
Jelmer Vernooij
15696d9b90
telnet.1: Avoid undefined macro 'B'.
...
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org >
2012-03-18 11:25:55 -07:00
Nicolas Williams
839ab87c10
Regression test iprop of key rollover and del_enctype
2012-03-15 18:57:35 -05:00
Nicolas Williams
ef9012aef5
Fix ipropd-slave assert when doing del_enctype
...
Change a paranoid heim_assert into something better. Update block
comment.
Next commit: add a test for del_enctype and iprop.
2012-03-15 18:57:32 -05:00
Nicolas Williams
ca6a22276e
Test that we copy forwardable/renewable flags from TGT in TGS-REQ
2012-03-14 23:58:40 -05:00
Nicolas Williams
3f86831c6c
Fix earlier fix for not passing forwardable and friends in TGS-REQs
2012-03-14 23:45:31 -05:00
Jeffrey Altman
48d255561e
Windows: install heimtools not heimtool
...
Change-Id: Ie439dd6d2819d7a7088be19f7ecd49863df7ac79
2012-03-13 23:57:00 -04:00
Jeffrey Altman
8257cc2232
Plugin functions should be KRB5_LIB_CALL
...
Plugin functions should be KRB5_LIB_CALL for speed on Windows.
Change-Id: Iaa4dcf73fd2e29e3f95feede5217eac4eaded4e2
2012-03-13 23:56:11 -04:00
Jeffrey Altman
cb6f7ea40e
do not include stdint.h unprotected
...
In most cases stdint.h should be inherited from roken.h.
In those cases where it cannot be, it must be protected by
#ifdef HAVE_STDINT_H
Change-Id: I46cbaeab1d65939468f84179aeeef7e4f898b0bb
2012-03-13 23:54:27 -04:00
Love Hörnquist Åstrand
25e533421a
wrap SOL_SOCKET, SO_PEERCRED in ifdef __linux__
2012-03-11 10:18:43 -07:00
Love Hörnquist Åstrand
faf39cf6ce
wrap __weak_alias with _LIBC
2012-03-11 10:13:47 -07:00
Love Hörnquist Åstrand
979de1dfd0
wrap __weak_alias with _LIBC
2012-03-11 10:13:42 -07:00
Love Hörnquist Åstrand
472141be03
log each error message that is on a very high debug level
2012-03-10 10:23:57 -08:00
Love Hörnquist Åstrand
7b411b3993
fixup logic for prompting for password
2012-03-10 09:59:34 -08:00
Love Hörnquist Åstrand
d791e70894
support ipv6
2012-03-07 07:58:50 -08:00
Roland C. Dowdeswell
92b243a638
We must unlock before close.
2012-03-07 11:17:26 +00:00
Love Hörnquist Åstrand
a20fe9b0ad
assert refcount != 0
2012-03-06 19:50:15 -08:00
Roland C. Dowdeswell
b37b991a6f
We need heimtools.c which I derived from kcc.c.
2012-03-06 17:22:29 +00:00
Roland C. Dowdeswell
0c0a4ff071
Add require-pwchange flag to HDB and honour it if present in mit-db:.
...
Also remove +requires_pwchange on passwd changes.
2012-03-06 11:39:20 +00:00
Roland C. Dowdeswell
6de861263a
Provide support for enctype aliases for ease of use.
...
This should be compatible with MIT krb5 at least from my memory.
2012-03-06 09:34:43 +00:00
Roland C. Dowdeswell
635f5ef5b4
Make kinit print ``Password incorrect'' if it gets KRB5_GET_IN_TKT_LOOP.
2012-03-06 09:28:31 +00:00
Love Hörnquist Åstrand
9d6b30cb8b
remove kcc droppings
2012-03-06 00:07:17 -08:00
Jelmer Vernooij
2b365b2327
Rename kcc to heimtools.
...
This should prevent naming clashes with other utilities named 'kcc'.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org >
2012-03-06 00:06:26 -08:00
Love Hörnquist Åstrand
4d749f20e6
make header rebuilding work with automake
2012-02-29 22:03:00 -08:00
Love Hörnquist Åstrand
2a11d93bc0
define DEVELOPER_MODE when --enable-developer
2012-02-29 21:58:48 -08:00
Love Hörnquist Åstrand
25fc1a6464
rebuild krb5-protos.h and krb5-private.h if in maintainer-mode
2012-02-29 21:56:07 -08:00
Love Hörnquist Åstrand
053c44e100
Rename over old file, but only if it changed
2012-02-29 21:56:07 -08:00
Roland C. Dowdeswell
3ec78180ce
Update krb5-config.
...
We update krb5-config to support --all, --deps, and --vendor. So,
now if you specify --libs, you will only get those libraries that
are required for dynamic linking. If you are linking statically,
you must provide --deps. We also allow multiple libraries to be
specified on the command line for applications that use, say, gssapi
and krb5. And we elide -L and -I args if they have the prefix=/usr
as that's implied. We also update the --help output to be a little
more verbose.
2012-02-29 17:27:58 +00:00
Love Hörnquist Åstrand
a8c51aa594
add basic sqlite tests (from Nico)
2012-02-29 08:32:57 -08:00
Love Hörnquist Åstrand
b83452dd37
Wno-unused-result (not supported on gcc-4.2)
2012-02-29 08:31:58 -08:00
Love Hörnquist Åstrand
65987846fd
make bind principal a common function
2012-02-28 00:03:20 -08:00
Roland C. Dowdeswell
5b2d65fa2b
We need to remove +requires_pwchange on passwd changes.
2012-02-27 11:04:24 +00:00
Roland C. Dowdeswell
0da84c0c3a
Add require-pwchange flag to HDB and honour it if present in mit-db:.
2012-02-27 10:19:54 +00:00
Roland C. Dowdeswell
91f2de8d1a
Remove libedit's aclocal.m4 and ltmain.sh as they are generated.
2012-02-25 20:33:52 +00:00
Roland C. Dowdeswell
932c4c1859
We use a struct defined in sys/un.h.
2012-02-25 17:19:44 +00:00
Roland C. Dowdeswell
12b24ad876
Add a server side implementation of kadm5_create_principal_3().
2012-02-24 18:56:30 +00:00