Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: tags/KfM_6.0b2
Commits on Dec 12, 2006
  1. Tagging for KfM 6.0b2

    lxs authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/tags/KfM_6.0b2@18939 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 6, 2006
  1. ticket: 5003

    tlyu authored
    version_fixed: 1.6
    
    pull up r18923 from trunk
    
     r18923@cathode-dark-space:  lxs | 2006-12-05 18:21:56 -0500
     ticket: new
     owner: tlyu
     target_version: 1.6
     subject: krb5_cc_remove should work for the CCAPI
     tags: pullup
     
     Implemented a working krb5_cc_remove for the CCAPI cache type.  Added a 
     private support function krb5_creds_compare() which checks if two krb5_creds
     are identical.  This function should be needed by implementations of 
     krb5_cc_remove for other ccache types.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18928 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 2, 2006
  1. krb5-1.6-beta1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18913 dc483132-0cff-0310-8789-dd5450dbe970
  2. re-do patchlevel.h for krb5-1.6-beta1

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18911 dc483132-0cff-0310-8789-dd5450dbe970
  3. make depend

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18909 dc483132-0cff-0310-8789-dd5450dbe970
  4. krb5-1.6-beta1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18908 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 1, 2006
  1. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18906 dc4831…

    tlyu authored
    …32-0cff-0310-8789-dd5450dbe970
  2. pullup r18904 from trunk

    tlyu authored
     r18904@cathode-dark-space:  tlyu | 2006-12-01 18:36:41 -0500
     update for krb5-1.6-beta1
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18905 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 4973

    tlyu authored
    version_fixed: 1.6
    
    pull up r18896 from trunk
    
     r18896@cathode-dark-space:  coffman | 2006-12-01 14:36:38 -0500
     subject: send a new request with the new padata returned by krb5_do_preauth_tryagain()
     ticket: new
     Component: krb5-libs
     Target_Version: 1.6
     Tags: pullup
     
         Send another request containing the padata obtained from tryagain.
     
         * src/include/k5-int.h
         Update prototype
     
         * src/lib/krb5/krb/get_in_tkt.c
         Send pointer to the request.padata so krb5_do_preauth_tryagain()
         can update the request to be sent.
     
         * src/lib/krb5/krb/preauth2.c
         If a module returns modified padata, add it to the return_padata
         and return.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18903 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 4972

    tlyu authored
    version_fixed: 1.6
    
    pull up r18895 from trunk
    
     r18895@cathode-dark-space:  coffman | 2006-12-01 14:18:26 -0500
     subject: Return edata from non-"PA_REQUIRED" preauth types
     ticket: new
     Target_Version: 1.6
     tags: pullup
     Component: krb5-kdc
     
         * src/kdc/kdc_preauth.c (check_padata)
         Return e-data from any failing preauth module.
         Save the e-data and return value from the first failing module.
         If a subsequent module marked as PA_REQUIRED fails, return
         its e-data and error instead.
     
         * src/kdc/kdc_preauth.c (load_preauth_plugins)
         Quiet compiler warning by setting pointer to NULL.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18902 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 4689

    tlyu authored
    version_fixed: 1.6
    
    pull up r18894 from trunk
    
     r18894@cathode-dark-space:  tlyu | 2006-12-01 13:41:49 -0500
     ticket: 4689
     tags: pullup
     
     bump minor versions due to API additions
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18901 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 4941

    tlyu authored
    version_fixed: 1.6
    
    pull up r18892 from trunk
    
     r18892@cathode-dark-space:  tlyu | 2006-12-01 11:40:46 -0500
     ticket: 4941
     tags: pullup
     
     	* src/appl/telnet/libtelnet/kerberos5.c (kerberos5_send):
     	Conditionalize debugging printfs.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18900 dc483132-0cff-0310-8789-dd5450dbe970
  7. ticket: 4788

    tlyu authored
    version_fixed: 1.6
    
    pull up r18897 from trunk
    
     r18897@cathode-dark-space:  tlyu | 2006-12-01 15:57:04 -0500
     ticket: 4788
     tags: pullup
     target_version: 1.6
     component: krb5-libs
     
     	* src/lib/krb5/ccache/cc_file.c: Adapted patch from Roland
     	Dowdeswell to avoid possible double-free conditions on certain
     	errors.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18899 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 4739

    tlyu authored
    version_fixed: 1.6
    
    pull up r18877 from trunk
    
     r18877@cathode-dark-space:  jander | 2006-11-29 16:50:02 -0500
     ticket: 4739
     status: open
     
     Implemented CCAPI v3 specific ccache collection cursor.
     
     	* src/lib/krb5/ccache/ccbase.c: Added CCAPI v3 entry to list of type cursors
     
     	* src/lib/krb5/ccache/ccapi/stdcc.h:
     	* src/lib/krb5/ccache/ccapi/stdcc.c: Implemented CCAPI v3 cursor functionality.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18898 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 30, 2006
  1. ticket: 4799

    tlyu authored
    pull up r18837 from trunk
    
     r18837@cathode-dark-space:  coffman | 2006-11-17 14:56:35 -0500
     ticket: 4799
     Target_Version: 1.6
     Tags: pullup
     
     Didn't include header changes in the previous commit.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18891 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 4799

    tlyu authored
    version_fixed: 1.6
    
    pull up r18836 from trunk
    
     r18836@cathode-dark-space:  coffman | 2006-11-17 14:48:17 -0500
     subject: update krb5_c_keylength function, create krb5_c_random_to_key function
     ticket: new
     Target_Version: 1.6
     Tags: pullup
     
     Modify the keylength function to return both keybytes and keylength.
     Change the name of the function and source file to reflect this.
     
     Add a function, krb5_c_random_to_key() that takes random input data
     of the right length (keybytes) and produce a valid key for a given
     enctype.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18890 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 408

    tlyu authored
    version_fixed: 1.6
    
    pull up r18887 from trunk
    
     r18887@cathode-dark-space:  tlyu | 2006-11-30 17:42:16 -0500
     ticket: 4805
     tags: pullup
     component: krb5-libs
     
     	* src/lib/krb5/krb/vfy_increds.c (krb5_verify_init_creds): Use
     	krb5_cc_new_unique().
     
     	* src/lib/gssapi/krb5/accept_sec_context.c:
     	(rd_and_store_for_creds): Use krb5_cc_new_unique().
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18889 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 3091

    tlyu authored
    version_fixed: 1.6
    
    pull up r18857 from trunk
    
     r18857@cathode-dark-space:  tlyu | 2006-11-17 20:53:27 -0500
     ticket: 3091
     tags: pullup
     
     	* src/lib/krb5/ccache/ccbase.c (krb5int_cc_getops): Internal
     	function to fetch ops vector given ccache prefix string.
     	(krb5_cc_new_unique): New function to generate a new unique
     	ccache of a given type.
     
     	* src/include/krb5/krb5.hin: Prototype for krb5_cc_new_unique().
     
     	* src/lib/krb5/libkrb5.exports:
     	* src/lib/krb5_32.def: Add krb5_cc_new_unique().
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18888 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 4942

    tlyu authored
    version_fixed: 1.6
    
    pull up r18873 from trunk
    
     r18873@cathode-dark-space:  coffman | 2006-11-28 19:17:52 -0500
     ticket: new
     subject: skip all modules in plugin if init function fails
     Target_Version: 1.6
     Tags: pullup
     Component: krb5-kdc
     
     If the plugin initialization function fails, skip all modules in
     the plugin, not just the first.  Also, print the error message from
     the plugin if supplied.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18886 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 4846

    tlyu authored
    version_fixed: 1.6
    
    pull up r18859 from trunk
    
     r18859@cathode-dark-space:  coffman | 2006-11-21 19:53:34 -0500
     subject: fix debug messages
     ticket: new
     Tags: pullup
     Target_Version: 1.6
     
     Change debugging messages so they print salt value correctly
     and clean up warnings when compiling with DEBUG.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18885 dc483132-0cff-0310-8789-dd5450dbe970
  7. ticket: 4841

    tlyu authored
    version_fixed: 1.6
    component: krb5-libs
    
    pull up r18858 from trunk
    
     r18858@cathode-dark-space:  coffman | 2006-11-21 09:37:11 -0500
     ticket: new
     subject: free error message when freeing context
     Target_Version: 1.6
     Tags: pullup
     
     Call krb5_clear_error_message() to free any allocated error message
     before freeing the context.
     
     The condition that triggered this was a plugin library which fails to
     load because of unresolved references.  It appears dlopen() on Linux
     leaks four bytes for each failing library in this situation.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18884 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 4928

    tlyu authored
    version_fixed: 1.6
    
    pull up r18865 from trunk
    
     r18865@cathode-dark-space:  tlyu | 2006-11-27 23:57:55 -0500
     ticket: new
     target_version: 1.6
     tags: pullup
     subject: krb5int_copy_data_contents shouldn't free memory it didn't allocate
     component: krb5-libs
     
     	* src/lib/krb5/krb/copy_data.c (krb5int_copy_data_contents): Don't
     	free outdata on malloc failure; we didn't allocate outdata.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18883 dc483132-0cff-0310-8789-dd5450dbe970
  9. ticket: 4860

    tlyu authored
    version_fixed: 1.6
    
    pull up r18862 from trunk
    
     r18862@cathode-dark-space:  hartmans | 2006-11-22 12:43:41 -0500
     ticket: new
     Subject: library fragments to front of line
     target_version: 1.6
     tags: pullup
     
     * src/plugins/kdb/ldap/libkdb_ldap/Makefile.in: Fix fragments substitutions so the makefile works with autoconf 2.60
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18882 dc483132-0cff-0310-8789-dd5450dbe970
  10. ticket: 3322

    tlyu authored
    version_fixed: 1.6
    
    pull up r18879 from trunk
    
     r18879@cathode-dark-space:  tlyu | 2006-11-30 15:50:02 -0500
     ticket: 3322
     target_version: 1.6
     tags: pullup
     
     	* src/lib/krb5/krb/gc_via_tkt.c (check_reply_server): New function
     	to check server principal in reply.  Ensures that the reply is
     	self-consistent, allows rewrites if canonicalization is requested,
     	and allows limited rewrites of TGS principals if canonicalization
     	is not requested.
     	(krb5_get_cred_via_tkt): Move server principal checks into
     	check_reply_server().
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18881 dc483132-0cff-0310-8789-dd5450dbe970
  11. ticket: 4955

    tlyu authored
    version_fixed: 1.6
    
    pull up r18878 from trunk
    
     r18878@cathode-dark-space:  tlyu | 2006-11-30 15:46:32 -0500
     ticket: 4955
     tags: pullup
     
     	* src/lib/krb5/krb/gc_frm_kdc.c: Also do style cleanup.
     	(krb5_get_cred_from_kdc_opt): If server principal was rewritten,
     	fall back unless it was rewritten to a TGS principal.  This fixes
     	a bug when a MS AD rewrites the service principal into a
     	single-component NETBIOS-style name. If we get a referral back to
     	the immediately preceding realm, fall back to non-referral
     	handling.  This fixes the changepw failure.  To prevent memory
     	leaks, when falling back to non-referral handling, free any tgts
     	previously obtained by the initial non-referral do_traversal()
     	call.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18880 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 29, 2006
  1. ticket: 4739

    jander authored
    status: open
    
    Accidental commit to 1.6 instead of trunk. Reverting.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18876 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 4739

    jander authored
    status: open
    
    Implemented CCAPI v3 specific ccache collection cursor.
    
    	* src/lib/krb5/ccache/ccbase.c: Added CCAPI v3 entry to list of type cursors
    
    	* src/lib/krb5/ccache/ccapi/stdcc.c: Implemented CCAPI v3 cursor functionality.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18875 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 28, 2006
  1. ticket: 4921

    tlyu authored
    pull up r18864 from trunk
    
     r18864@cathode-dark-space:  jaltman | 2006-11-27 13:59:21 -0500
     ticket: new
     subject: documentation updates for KFW 3.1
     tags: pullup
     
       Documentation updates including new screen shots for KFW 3.1
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18870 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 4861

    tlyu authored
    pull up r18863 from trunk
    
     r18863@cathode-dark-space:  jaltman | 2006-11-22 13:11:16 -0500
     ticket: new
     subject: KFW 3.1 commits for Final Release
     tags: pullup
     
        KfW 3.1 final (NetIDMgr 1.1.8.0)
        
        nidmgr32.dll (1.1.8.0)
        
        - When detecting IP address changes, wait for things to settle down
          before setting of the IP address change notification.
        
        krb5cred.dll (1.1.8.0)
        
        - Fixed the Kerberos 5 configuration dialog which didn't handle
          setting the default realm properly.  Setting the default realm now
          sets the correct string in krb5.ini.
        
        - Changing the default realm now marks the relevant configuration node
          as dirty, and enabled the 'Apply' button.
        
        - Changing the 'renewable', 'forwardable' and 'addressless' checkboxes
          in the identity configuration panels now mark the relevant
          configuration nodes as dirty, and enables the 'Apply' button.
        
        - The location of the Kerberos 5 configuration file is now read-only
          in the Kerberos 5 configuration dialog.
        
        - Set the maximum number of characters for the edit controls in the
          configuration dialog.
        
        krb4cred.dll (1.1.8.0)
        
        - The location of the Kerberos 4 configuration files are now read-only
          in the Kerberos 4 configuration dialog.
        
        - Handles setting the ticket string.
        
        - Changing the ticket string now marks the relevant configuration node
          as dirty, and enables the 'Apply' button.
        
        - Fixed the plug-in initialization code to perform the initial ticket
          listing at the end of the initializaton process.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18869 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 17, 2006
  1. ticker: 4803

    tlyu authored
    pull up r18841 from trunk
    
     r18841@cathode-dark-space:  jaltman | 2006-11-17 18:24:59 -0500
     ticket: new
     subject: one more commit for kfw 3.1 beta 4
     tags: pullup
     
       - when the krb5 prompter callback function is called,
         set the focus to the first input field provided by
         the caller.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18851 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 4802

    tlyu authored
    pull up r18842 from trunk
    
     r18842@cathode-dark-space:  jaltman | 2006-11-17 18:41:40 -0500
     ticket: 4802
     
         krb5_get_init_creds_password:
     
     	remove unintentionally committed code not meant for 1.4 branch
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18850 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 4802

    tlyu authored
    pull up r18840 from trunk
    
     r18840@cathode-dark-space:  jaltman | 2006-11-17 18:14:27 -0500
     ticket: new
     tags: pullup
     subject: reset use_master flag when master_kdc cannot be found 
     
        krb5_get_init_creds_password:
     
     	if the master_kdc cannot be identified reset the use_master
        	flag.  otherwise, the krb5_get_init_creds("kadmin/changepw")
     	call will attempt to communicate with the master_kdc that
     	cannot be reached.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18849 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 4798

    tlyu authored
    pull up r18828 from trunk
    
     r18828@cathode-dark-space:  jaltman | 2006-11-17 12:23:24 -0500
     ticket: new
     subject: commits for KFW 3.1 Beta 4
     tags: pullup
     
          KfW 3.1 beta 4 (NetIDMgr 1.1.6.0)
          
          nidmgr32.dll (1.1.6.0)
          
          - Fix a race condition where the initialization process might be
            flagged as complete even if the identity provider hasn't finished
            initialization yet.
          
          krb5cred.dll (1.1.6.0)
          
          - When assigning the default credentials cache for each identity,
            favor API and FILE caches over MSLSA if they exist.
          
          - When renewing an identity which was the result of importing
            credentials from the MSLSA cache, attempt to re-import the
            credentials from MSLSA instead of renewing the imported credentials.
          
          - Prevent possible crash if a Kerberos 5 context could not be obtained
            during the renewal operation.
          
          - Prevent memory leak in the credentials destroy handler due to the
            failure to free a Kerberos 5 context.
          
          - Properly match principals and realms when importing credentials from
            the MSLSA cache.
          
          - Determine the correct credentials cache to place imported
            credentials in by checking the configuration for preferred cache
            name.
          
          - Keep track of identities where credentials imports have occurred.
          
          - When setting the default identity, ignore the KRB5CCNAME environment
            variable.
          
          - Do not re-compute the credentials cache and timestamps when updating
            an identity.  The cache and timestamp information is computed when
            listing credentials and do not change between listing and identity
            update.
          
          - When refreshing the default identity, also handle the case where the
            default credentials cache does not contain a principal, but the name
            of the cache can be used to infer the principal name.
          
          - Invoke a listing of credentials after a successful import.
          
          - Do not free a Kerberos 5 context prematurely during plug-in
            initialization.
          
          netidmgr.exe (1.1.6.0)
          
          - Fix the UI context logic to handle layouts which aren't based around
            identities.
          
          - Don't try to show a property sheet when there are no property pages
            supplied for the corresponding UI context.
          
          - Use consistent context menus.
          
          - Bring a modal dialog box to the foreground when it should be active.
          
          - Do not accept action triggers when the application is not ready to
            process actions yet.
          
          - Do not force the new credentials dialog to the top if there's
            already a modal dialog box showing.
          
          - Change the default per-identity layout to also group by location.
          
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18835 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 16, 2006
  1. ticket: 4775

    tlyu authored
    version_fixed: 1.6
    
    pull up r18816 from trunk
    
     r18816@cathode-dark-space:  raeburn | 2006-11-15 20:19:01 -0500
     ticket: new
     subject: include realm in "can't resolve KDC" error message
     target_version: 1.6
     tags: pullup
     
     * locate_kdc.c (krb5int_locate_server): Store an error message for
     REALM_CANT_RESOLVE error that lists the realm.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18826 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 4774

    tlyu authored
    version_fixed: 1.6
    
    pull up r18815 from trunk
    
     r18815@cathode-dark-space:  raeburn | 2006-11-15 20:14:14 -0500
     ticket: new
     subject: avoid double frees in ccache manipulation around gen_new
     target_version: 1.6
     tags: pullup
     
     * krb5/krb/vfy_increds.c (krb5_verify_init_creds): If krb5_cc_gen_new fails,
     don't both close and destroy the template ccache.
     * gssapi/krb5/accept_sec_context.c (rd_and_store_for_creds): Likewise.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18825 dc483132-0cff-0310-8789-dd5450dbe970
Something went wrong with that request. Please try again.