Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: nss
Commits on Oct 2, 2010
  1. Be more parsimonious with /dev/random when using the NSS PRNG.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24414 dc483132-0cff-0310-8789-dd5450dbe970
  2. Make the NSS back end compile and work again in the presence of the

    ghudson authored
    changes made for Camellia.  The actual Camellia code will take a
    bit more work and is stubbed out for now.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24408 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 30, 2010
  1. Merge r24242:24397 from trunk to branches/nss. This will break the

    ghudson authored
    nss branch build temporarily due to Camellia changes.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24398 dc483132-0cff-0310-8789-dd5450dbe970
  2. Wrap cached symkeys in a structure containing the current pid, so that

    ghudson authored
    we can recognize when they've become invalid due to a fork.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24397 dc483132-0cff-0310-8789-dd5450dbe970
  3. Update NSS branch readme. Give up on the code reorganization bullet

    ghudson authored
    point since it's not a clear win.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24395 dc483132-0cff-0310-8789-dd5450dbe970
  4. Apply Red Hat copyright and license statements (using the one from

    ghudson authored
    NOTICE) to Red Hat contributed code in the NSS back end, per
    suggestion of rfontana@redhat.com.  Update NOTICE to mention the NSS
    back end.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24394 dc483132-0cff-0310-8789-dd5450dbe970
  5. Follow-up to r24365: call both PK11_Finalize and PK11_DestroyContext

    ghudson authored
    to clean up crypto contexts.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24384 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 29, 2010
  1. Remove an NSS branch issue which has been dealt with.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24381 dc483132-0cff-0310-8789-dd5450dbe970
  2. Make DO_FAST_XOR code unconditional in the NSS back end.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24380 dc483132-0cff-0310-8789-dd5450dbe970
  3. Make USE_OPAQUE_KEYS unconditional in the NSS back end.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24379 dc483132-0cff-0310-8789-dd5450dbe970
  4. Remove NSS_LOOKUP_STRING code since we aren't likely to need it.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24374 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 28, 2010
  1. Clean up hash and digest contexts in the back end to avoid refcount

    ghudson authored
    leaks.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24367 dc483132-0cff-0310-8789-dd5450dbe970
  2. Use the PK11_DestroyContext() instead of PK11_Finalize() to destroy

    ghudson authored
    crypto contexts in hmac.c as well.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24366 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 27, 2010
  1. Use the PK11_DestroyContext() instead of PK11_Finalize() to destroy

    ghudson authored
    crypto contexts in enc_gen.c; the latter seems to leak references.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24365 dc483132-0cff-0310-8789-dd5450dbe970
  2. Revert unintended change in last commit to k5_nss_init().

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24364 dc483132-0cff-0310-8789-dd5450dbe970
  3. Fix cleanup handler in k5_nss_init to return an error if there is one.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24361 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 26, 2010
  1. When using stream ciphers with NSS, use a loopback pointer instead of

    ghudson authored
    a bogus length to detect copying, and remember the pid to detect use
    across fork.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24355 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 25, 2010
  1. When NSS is the crypto implementation, use the NSS PRNG. Avoids the

    ghudson authored
    issue that Yarrow's entropy pools would be invalidated by a fork.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24349 dc483132-0cff-0310-8789-dd5450dbe970
  2. In the NSS crypto back end, add mutex protection and fork protection

    ghudson authored
    to the libnss context.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24348 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Sep 11, 2010
  1. In the NSS mit_des_string_to_key_int, zero out pbe_params before

    ghudson authored
    filling it in, to avoid passing uninitialized fields to
    PK11_RawPBEKeyGen.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24305 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Aug 24, 2010
  1. k5_ as an internal prefix is now formally okay, so remove that bullet

    ghudson authored
    point in the nss branch README.BRANCH.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24252 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Aug 21, 2010
  1. Document the nss branch purpose and current issues.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24249 dc483132-0cff-0310-8789-dd5450dbe970
  2. Style pass over the NSS back end.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24248 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Aug 19, 2010
  1. Remove unneeded file in NSS back end.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24247 dc483132-0cff-0310-8789-dd5450dbe970
  2. Make NSS back-end build when the build directory is separate from the

    ghudson authored
    source directory.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24246 dc483132-0cff-0310-8789-dd5450dbe970
  3. Simplify the nss backend configure changes.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24245 dc483132-0cff-0310-8789-dd5450dbe970
  4. Merge changes from branches/krb5-1-8-nss. Omit the t_encrypt.c changes

    ghudson authored
    as they are already handled in a different way on trunk.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24244 dc483132-0cff-0310-8789-dd5450dbe970
  5. Create a branch for the NSS libk5crypto back end.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24243 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 6758

    ghudson authored
    subject: Allow krb5_gss_register_acceptor_identity to unset keytab name
    
    krb5_gss_register_acceptor_identity sets a mutex-locked global (not
    thread-specific) variable containing a keytab name.  This change
    allows the variable to be unset by passing a null value.
    
    A more elegant long-term solution to the problem is Heimdal's
    gss_krb5_import_cred function.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24242 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Aug 12, 2010
  1. ticket: 6755

    ghudson authored
    subject: Add GIC option for password/account expiration callback
    
    Add a new GIC option to specify a callback to receive password and
    account expiration times found in an AS reply.
    
    See also:
    http://k5wiki.kerberos.org/wiki/Projects/Password_expiration_API
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24241 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 2032

    ghudson authored
    In AS replies, set the key-expiration field to the minimum of account
    and password expiration time as specified in RFC 4120.  Reported by
    Mary Cushion <mary@eiger.demon.co.uk>.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24240 dc483132-0cff-0310-8789-dd5450dbe970
  3. Correct the documentation for the start_kadmind keyword in k5test.py.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24239 dc483132-0cff-0310-8789-dd5450dbe970
  4. Remove two unused source files in lib/gssapi/generic.

    ghudson authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24238 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Aug 10, 2010
  1. Move the password expiry warning code out of

    ghudson authored
    krb5_get_init_creds_password() into a helper function.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24237 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Jul 26, 2010
  1. Use xdr_int32 instead of xdr_u_int in xdr_krb5_enctype(), since

    ghudson authored
    enctypes are signed 32-bit values.  Wire representation does not
    change.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24211 dc483132-0cff-0310-8789-dd5450dbe970
Something went wrong with that request. Please try again.