Permalink
Switch branches/tags
Nothing to show
Commits on Nov 19, 2010
  1. Add Camellia support to the NSS back end. (It was mostly already

    ghudson
    ghudson committed Nov 19, 2010
    there, but we needed a cbc-mac function.)
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24523 dc483132-0cff-0310-8789-dd5450dbe970
  2. Add known-value tests for checksums, encryptions, and derived keys.

    ghudson
    ghudson committed Nov 19, 2010
    Requires exporting a few more symbols from libk5crypto.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24522 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 17, 2010
  1. Change the default number of string-to-key iterations for Camellia

    ghudson
    ghudson committed Nov 17, 2010
    enctypes to 32768, up from the AES default of 4096.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24521 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 16, 2010
  1. Tweak derive_random_sp800_108_cmac to supply the bit length of the

    ghudson
    ghudson committed Nov 16, 2010
    output to the PRF instead of the byte length, for better conformity to
    the NIST document.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24520 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 10, 2010
  1. On the camellia-cts-cmac branch, replace the Camellia CCM enctypes

    ghudson
    ghudson committed Nov 10, 2010
    with enctypes using CTS and CMAC.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24514 dc483132-0cff-0310-8789-dd5450dbe970
  2. Create a branch for Camellia enctypes using CTS with CMAC.

    ghudson
    ghudson committed Nov 10, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-cts-cmac@24513 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 9, 2010
  1. Include <openssl/des.h> in the OpenSSL back end's weak_key.c for the

    ghudson
    ghudson committed Nov 9, 2010
    DES_is_weak_key prototype.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24512 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 6, 2010
  1. ticket: 6814

    ghudson
    ghudson committed Nov 6, 2010
    After a failed kdb5_util load, make a subsequent load operation work
    by removing the remnant temporary files after obtaining a lock.  To
    make this safe, the private contract for temporary DB creation and
    promotion had to be altered, along with many of the DB2 internal
    helper functions.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24511 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 4, 2010
  1. Further kdb_db2 code cleanup: make gen_dbsuffix return a

    ghudson
    ghudson committed Nov 4, 2010
    krb5_error_code to simplify error handling in callers, and discard the
    db_lf_time field which was set but never used.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24510 dc483132-0cff-0310-8789-dd5450dbe970
  2. Remove a stray spawn_shell in the iprop dejagnu tests.

    ghudson
    ghudson committed Nov 4, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24509 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 3, 2010
  1. Simplify kdb_db2's open_db() a little further, avoiding a suspicious

    ghudson
    ghudson committed Nov 3, 2010
    switch fallthrough.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24508 dc483132-0cff-0310-8789-dd5450dbe970
  2. Avoid running off the end of the spares array in db2's page_to_oaddr()

    ghudson
    ghudson committed Nov 3, 2010
    in unrealistically large databases.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24507 dc483132-0cff-0310-8789-dd5450dbe970
  3. Use size_t to hold set counts in net-server.c.

    ghudson
    ghudson committed Nov 3, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24506 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 2, 2010
  1. Clean up the DB2 KDB module code a bit, making it more conformant with

    ghudson
    ghudson committed Nov 2, 2010
    current coding practices.  Mostly namespace changes, but also simplify
    krb5_db2_destroy().
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24505 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 1, 2010
  1. krb5_get_error_message cannot return NULL, and returns "Success" on

    ghudson
    ghudson committed Nov 1, 2010
    error code 0.  Simplify some overly paranoid code accordingly.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24489 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 27, 2010
  1. ticket: 6812

    ghudson
    ghudson committed Oct 27, 2010
    Don't fail out from krb5_get_credentials() if we can't store a ticket
    into the ccache.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24488 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 26, 2010
  1. FILE keytabs have been able to handle write operations since krb5 1.7,

    ghudson
    ghudson committed Oct 26, 2010
    as an apparently unintended side effect of r20594.  Clean up the code
    by combining the identical resolve functions for FILE and WRFILE, and
    removing the code to set up a WRFILE default keytab name in kadmin.c.
    Also fixes a slight display bug; k5test.py needs to be adjusted to
    expect the correct output.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24487 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 6811

    ghudson
    ghudson committed Oct 26, 2010
    subject: Mark Camellia-CCM code as experimental
    target_version: 1.9
    tags: pullup
    
    Add a comment noting that the Camellia-CCM code in 1.9 is
    experimental.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24486 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 6770

    ghudson
    ghudson committed Oct 26, 2010
    Add a kg_encrypt_inplace() utility function to the krb5 GSS mech, and
    use it where we do in-place encryption of checksums in the non-CFX
    seal tokens with raw DES enctypes.  Avoids a harmless but incorrect
    in-place memcpy().
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24485 dc483132-0cff-0310-8789-dd5450dbe970
  4. Make k5-buf.h comments consistent with coding style.

    ghudson
    ghudson committed Oct 26, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24484 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 6809

    ghudson
    ghudson committed Oct 26, 2010
    target_version: 1.9
    tags: pullup
    
    Set *conf_state on successful return from
    gss_krb5int_make_seal_token_v3_iov, fixing a case where it wasn't
    always set by gss_wrap_iov.  Patch from aberry@likewise.com.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24483 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 25, 2010
  1. ticket: 6787

    ghudson
    ghudson committed Oct 25, 2010
    target_version: 1.9
    tags: pullup
    
    When we create a temporary memory ccache for use within a
    krb5_gss_cred_id_rec, set a flag to indicate that the ccache should be
    destroyed rather than closed.  Patch from aberry@likewise.com.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24482 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 6796

    ghudson
    ghudson committed Oct 25, 2010
    target_version: 1.9
    tags: pullup
    
    Use safer output parameter handling in
    krb5_gss_acquire_cred_impersonate_name and its subsidiary helpers.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24481 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 6793

    ghudson
    ghudson committed Oct 25, 2010
    target_version: 1.9
    tags: pullup
    
    In acquire_init_cred in the GSS krb5 mech, don't intern cred->name,
    since it's not used as an output parameter.  Fixes a memory leak.
    Reported by aberry@likewise.com.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24480 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 24, 2010
  1. Whitespace.

    ghudson
    ghudson committed Oct 24, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24479 dc483132-0cff-0310-8789-dd5450dbe970
  2. Whitespace.

    ghudson
    ghudson committed Oct 24, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24478 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 23, 2010
  1. Fix adjustment of counter.

    raeburn
    raeburn committed Oct 23, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24477 dc483132-0cff-0310-8789-dd5450dbe970
  2. Declare xdr_purgekeys_arg.

    raeburn
    raeburn committed Oct 23, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24476 dc483132-0cff-0310-8789-dd5450dbe970
  3. Declare kadmin_purgekeys.

    raeburn
    raeburn committed Oct 23, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24475 dc483132-0cff-0310-8789-dd5450dbe970
  4. Declare krb5_set_error_message_fl.

    raeburn
    raeburn committed Oct 23, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24474 dc483132-0cff-0310-8789-dd5450dbe970
  5. Include k5-int.h for function declarations.

    raeburn
    raeburn committed Oct 23, 2010
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24473 dc483132-0cff-0310-8789-dd5450dbe970
  6. In profile-reading performance test, print microseconds not milliseco…

    raeburn
    raeburn committed Oct 23, 2010
    …nds.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24472 dc483132-0cff-0310-8789-dd5450dbe970
  7. Try harder to retain the "brand" string in the shared library.

    raeburn
    raeburn committed Oct 23, 2010
    Make the brand array non-static, and actually use the value in (the
    infrequently-called) krb5_init_secure_context.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24471 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 6810

    ghudson
    ghudson committed Oct 23, 2010
    subject: Better	libk5crypto NSS	fork safety
    target_version:	1.9
    tags: pullup
    
    Use SECMOD_RestartModules() from the forthcoming NSS 3.12.9 release to
    make the libk5crypto back end work after a fork.  Add a test program
    to exercise fork detection in the NSS back end.  Add a configure-time
    version check to ensure that we're using NSS 3.12.9 or later.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24470 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Oct 22, 2010
  1. Make it possible to override CRYPTO_IMPL_CFLAGS and CRYPTO_IMPL_LIBS at

    ghudson
    ghudson committed Oct 22, 2010
    make time.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24469 dc483132-0cff-0310-8789-dd5450dbe970