Add strtoll()/strtoull() to lib/roken
Add stdint.h to lib/roken (Windows only)
Add logic to detect whether to use lib/roken's stdint.h based on
Visual Studio version
Add include of stdint.h in generated ASN.1 code
Export missing symbols for 64-bit integers in lib/asn1
Export missing symbols for FAST
Add missing sources to kdc/NTMakefile
Fix issue in kuserok
Fix bsearch issues
This reverts commit c25af51232 because
otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a
KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
kadm5_c_destroy was not freeing the kadm5_client_context, just its
contents. Also free the context itself.
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
When retrying authentication after a password change of an expired
password, use the new password instead of the original one. Also,
pass in the correct length for the new password buffer to
change_password and zero the buffer that holds the new password on
function exit.
Signed-off-by: Russ Allbery <rra@stanford.edu>
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
The 64-bit integer support changed the logic for deciding when an
INTEGER should map to a signed or unsigned 32- or 64-bit integer
type. The upshot is that two places where we had {0, INT_MAX}
ranges needed to be changed to be {0, UINT_MAX}.
We need to tweak the integer type mapping logic to have a bias for
unsigned integer types. Unsigned is better.
ASN.1 INTEGERs will now compile to C int64_t or uint64_t, depending
on whether the constraint ranges include numbers that cannot be
represented in 32-bit ints and whether they include negative
numbers.
Template backend support included. check-template is now built with
--template, so we know we're testing it.
Tests included.
Included is a default plugin that searches a sorted text file where
every line is of the form:
<unparsed-principal>[<whitespace><username>]
If the username is missing in a matching line then an error is
returned. If a matching line is not found then the next plugin will
be allowed to run, if any.