oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,070 Commits 2 Branches 2 Tags
git2svn-syncpoint-master
Commit Graph

82 Commits

Author SHA1 Message Date
Love Hornquist Astrand
a66a23bb45 Apply old patch from me that handles client's behind NAT 
Tested by Harald Barth and bugfix by Ragnar Sundblad
 2011-12-15 22:00:00 -08:00
Love Hornquist Astrand
c4d97ae93e encode result code with right length, pointed out by Rangar Sundblad, thanks! 2011-12-11 18:22:29 -08:00
Love Hornquist Astrand
2eb0d6ec82 dont entrust sprintf to encode binary packets 2011-12-11 18:08:05 -08:00
Nicolas Williams
a5e77c578e Deferred hostname canon using name canon rules 2011-10-22 14:54:13 -05:00
Nicolas Williams
e16360e2db Add --keepold option to cpw. 2011-07-22 16:07:05 -05:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Russ Allbery
97648fc257 Disable kpasswdd error replies to completely malformed requests 
Only send an error reply if the request passes basic verification.
Otherwise, kpasswdd would reply to every UDP packet, allowing an
attacker to set up a ping-pong DoS attack via a spoofed UDP packet with
a source address of another UDP service that also replies to every
packet.

Also suppress the error reply if ap_req_len is 0, since this indicates
an error packet.  An error packet may be the result of a ping-pong
attacker pointing us at another kpasswdd.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-03-16 11:50:22 -07:00
Love Hornquist Astrand
290255ee0b Drop optind variable since its only set (and -Wshadow libsystem) 
From Matthias Dieter Wallnöfer
 2009-10-16 08:26:43 -07:00
Love Hörnquist Åstrand
aa5b66d1e8 plug a memory leak. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25324 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-07-15 22:16:49 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
185e54925d use krb5_free_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23321 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-24 23:49:06 +00:00
Love Hörnquist Åstrand
d26d184367 Use hdb_db_dir(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22252 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-09 05:59:34 +00:00
Love Hörnquist Åstrand
2cfc283d68 Fix pointer vs strict alias rules. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21511 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-12 12:43:46 +00:00
Love Hörnquist Åstrand
99cfea62c1 (change): select the realm based on the target principal 
From Gabor Gombas


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17571 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-13 18:51:41 +00:00
Love Hörnquist Åstrand
652da91adb Rename u_intXX_t to uintXX_t 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17447 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-05 10:52:01 +00:00
Love Hörnquist Åstrand
135a36efb2 (doit): when done, close all fd in the sockets array and free it. 
Coverity NetBSD CID#1916


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17024 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-09 17:45:44 +00:00
Love Hörnquist Åstrand
44370849ea Send back a better error-message to the client in case the password 
change was rejected.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16698 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-03 12:54:28 +00:00
Love Hörnquist Åstrand
d9e04327fb (doit): krb5_addr2sockaddr takes a krb5_socklen_t 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15684 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-20 08:46:02 +00:00
Love Hörnquist Åstrand
f4cf20b4df Support multi-realms databases, requires that all the realms are 
configured on the KDC in krb5.conf with [libdefaults]default_realm
stanzas.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14884 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-22 11:03:11 +00:00
Love Hörnquist Åstrand
5921574969 add verifier libraries with kadm5_add_passwd_quality_verifier 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14803 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-15 11:16:32 +00:00
Love Hörnquist Åstrand
0ae2572c5c add --addresses, controls what addresses kpasswd should listen too 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14480 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-05 18:07:22 +00:00
Love Hörnquist Åstrand
d7b12004a6 (change): use the right password when changing the password 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-01-25 18:24:36 +00:00
Love Hörnquist Åstrand
4fd9447d78 (main): parse kdc.conf 
From: Jeffrey Hutzelman <jhutz@cmu.edu>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13122 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-11-18 22:17:12 +00:00
Love Hörnquist Åstrand
20a96e4876 (process): don't free ticket, krb5_free_ticket does that now 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13104 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-11-09 01:12:09 +00:00
Love Hörnquist Åstrand
9442843786 (process): remove a abort() 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12893 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-20 20:27:22 +00:00
Love Hörnquist Åstrand
a87bc35edc add support for Set password protocol as defined by RFC3244 -- 
Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12888 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-20 00:08:06 +00:00
Johan Danielsson
d021221027 (doit): initialise sa_size to size of sockaddr_storage 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11551 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-12-02 14:31:52 +00:00
Johan Danielsson
d0af49b56e include <kadm5/private.h> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11130 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-08-19 15:07:31 +00:00
Assar Westerlund
60263ed4cd (doit): make failing to bind a socket a non-fatal error, and abort if 
no sockets were bound


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10213 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-07-02 16:27:09 +00:00
Assar Westerlund
4aaf97e1b0 adapt to new address functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9944 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-14 06:19:16 +00:00
Assar Westerlund
138e781b89 update to new krb5_mk_error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9769 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-03-26 03:10:33 +00:00
Assar Westerlund
3fe84f5476 add --port option 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9471 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-11 21:33:53 +00:00
Johan Danielsson
835f8fc8e0 de-pointerise auth_context parameter to krb5_mk_rep 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-12-06 21:03:34 +00:00
Assar Westerlund
eeea826567 (add_new_tcp): check for the socket fd being too large to select on 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9113 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-10-08 21:38:27 +00:00
Assar Westerlund
5f648d3799 use socklen_t where appropriate instead of int 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8923 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-09 20:53:11 +00:00
Johan Danielsson
bfb5ec5f4e write a pid file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8895 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-04 11:23:03 +00:00
Assar Westerlund
abe927a06c use kadm5_s_chpass_principal_cond instead of mis-doing it here 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8769 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-07-22 05:57:07 +00:00
Assar Westerlund
61d9788d74 remove sequence numbers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8753 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-07-22 01:07:37 +00:00
Assar Westerlund
f18f6770ca (doit): catch SIGTERM 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8211 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-05-12 11:42:49 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Assar Westerlund
5e0b1e89c7 move out password quality functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6914 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-09-10 10:20:42 +00:00
Johan Danielsson
43c3f079e3 use HDB keytabs; change some error messages; add --realm flag 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6877 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-08-27 09:00:26 +00:00
Johan Danielsson
fe7dc12efd (main): init keytab 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6867 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-08-25 20:46:20 +00:00
Johan Danielsson
8242798b66 add `--keytab' flag 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6861 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-08-24 18:34:38 +00:00
Assar Westerlund
d377c71ac6 (*): simplify by using `struct sockaddr_storage' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6524 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-07-24 18:41:32 +00:00
Assar Westerlund
e2a3a36c3d initialize kadm5 connection for every change (otherwise the modifier 
in the database doesn't get set)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6483 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-07-22 09:53:26 +00:00
Assar Westerlund
1e74b92b89 (change): fetch the salt-type from the entry 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-07-04 14:56:36 +00:00
Assar Westerlund
cc83d2275d (setup_passwd_quality_check): conditionalize on RTLD_NOW 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-05-31 16:42:16 +00:00