Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: tags/krb5-1-6-…
Commits on Jul 6, 2007
  1. tag krb5-1.6.2

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/tags/krb5-1-6-2-final@19680 dc483132-0cff-0310-8789-dd5450dbe970
  2. README and patchlevel.h for krb5-1.6.2

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19679 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Jun 26, 2007
  1. ticket: 5586

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19637 from trunk
    
     r19637@cathode-dark-space:  tlyu | 2007-06-26 14:08:35 -0400
     ticket: new
     target_version: 1.6.2
     tags: pullup
     subject: fix MITKRB5-SA-2007-005 [CVE-2007-2798/VU#554257]
     
     Truncate the principal names when logging a rename operation to avoid
     a stack buffer overflow.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19639 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5585

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19636 from trunk
    
     r19636@cathode-dark-space:  tlyu | 2007-06-26 14:08:20 -0400
     ticket: new
     target_version: 1.6.2
     tags: pullup
     subject: fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]
     
     CVE-2007-2442/VU#356961: The RPC library can free an uninitialized
     pointer.  This may lead to execution of arbitrary code.
     
     CVE-2007-2443/VU#365313: The RPC library can write past the end of a
     stack buffer.  This may (but is unlikely to) lead to execution of
     arbitrary code.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19638 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Jun 20, 2007
  1. ticket: 5551

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19536 from trunk
    
     r19536@cathode-dark-space:  hartmans | 2007-04-29 17:55:04 -0400
     ticket: new
     subject: rd_req_decoded needs to deal with referral realms
     Target_Version: 1.6.2
     Tags: pullup
     
       * Fix handling of null realm in krb5_rd_req_decoded; now we treat a
     null realm as a default realm there, as we do in the keytab code.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19598 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5551

    tlyu authored
    pull up r18817 as prereq for r19536
    
     r18817@cathode-dark-space:  raeburn | 2006-11-15 20:20:47 -0500
     * rd_req_dec.c: Whitespace changes in function headers.
     (krb5_rd_req_decoded_opt): Include more info in error text for AP_WRONG_PRINC
     and NOPERM_ETYPE errors.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19597 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Jun 19, 2007
  1. ticket: 5579

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19582 from trunk
    
     r19582@cathode-dark-space:  tlyu | 2007-06-18 17:07:37 -0400
     ticket: new
     subject: krb5_walk_realm_tree leaks in capaths case
     target_version: 1.6.2
     tags: pullup
     
     Markus Moeller reports a leak in krb5_get_credentials() which was then
     traced down to profile strings leaking from within
     krb5_walk_realm_tree().  A pointer to a profile string was getting
     overwritten without the string being freed when *cap_nodes[0] == '.'.
     Fix is to free the string prior to overwriting the pointer if the
     pointer is non-null.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19593 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5573

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19572 from trunk
    
     r19572@cathode-dark-space:  jaltman | 2007-06-11 18:14:56 -0400
     ticket: 5573
     tags: pullup
     
     This patch adds src/include/krb5/krb5.h to the MSI installer SDK component.
     (Thanks to Asanka Herath for the patch.)
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19592 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 5554

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19541 from trunk
    
     r19541@cathode-dark-space:  jaltman | 2007-05-03 18:57:05 -0400
     ticket: new
     subject: Modify WIX installer to better support upgrading betas
     component: windows
     tags: pullup
     
     The WIX installers did not upgrade previous installations with the same
     version number as the current package being installed.  This would leave
     multiple installations of KFW x.y.z registered as being installed on the
     machine even though only the most recent install is being used.
     
     This commit instructs the Windows Installer to uninstall previous installations
     with the same version number (the Maximum Upgrade version) as the package
     that is being installed while ensuring that the package being installed 
     will not be uninstalled if the installation is being modified or repaired.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19591 dc483132-0cff-0310-8789-dd5450dbe970
  4. back to krb5-1.6.1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19590 dc483132-0cff-0310-8789-dd5450dbe970
Commits on May 2, 2007
  1. patchlevel and winlevel for kfw-3.2.0

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19539 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5552

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19537 from trunk
    
     r19537@cathode-dark-space:  jaltman | 2007-05-01 21:31:50 -0400
     ticket: 5552
     tags: pullup
     
       k5-int.h, gic_opt.c
     
       The krb5_get_init_creds_password() and krb5_get_init_creds_keytab() 
       functions permit the gic_opts parameter to be NULL.   This is not
       taken into account when testing the value with the macros
       krb5_gic_opt_is_extended() and krb5_gic_opt_is_shadowed().
       Nor is it taken into account within krb5int_gic_opte_copy() which 
       is called by krb5int_gic_opt_to_opte() when the input parameter is
       not a krb5_gic_opt_ext structure.
     
       This commit makes two changes:
     
       (1) it modifies the macros to ensure that the value is non-NULL
           before evaluation.
     
       (2) it modifies krb5int_gic_opte_copy() to avoid copying the 
           original values with memcpy() when the input is NULL.
           
       In addition, the code was audited to ensure that the flag
       KRB5_GET_INIT_CREDS_OPT_SHADOWED is properly set and that when
       it is set, that the allocated krb5_gic_opt_ext structure is 
       freed by krb5_get_init_creds_password() and 
       krb5_get_init_creds_keytab().
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19538 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 26, 2007
  1. back to krb5-1.6.1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19533 dc483132-0cff-0310-8789-dd5450dbe970
  2. patchlevel and winlevel for kfw-3.2.0-beta3

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19531 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 5547

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19529 from trunk
    
     r19529@cathode-dark-space:  jaltman | 2007-04-25 18:55:58 -0400
     ticket: new
     subject: profile stores empty string values without double quotes
     tags: pullup
     
             prof_parse.c (need_double_quotes):
             The profile library will happily read in right hand values
             that represent the empty string by parsing "".  However,
             when storing the same empty string back to a file, the 
             empty string is written without the double quotes.
     
             This means that
     
                     [section] foo = ""
     
             becomes
     
                     [section] foo =
     
             which is invalid input.  A subsequent attempt to parse the
             profile will result in an invalid input error.  
     
             KFW and KFM's realm editors can inadvertently produce an 
             invalid krb5 profile if one of the ignored sections of the
             input profile contains a right hand value that is "".
     
             This patch was produced by Asanka Herath and it was reviewed
             by jaltman and lxs.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19530 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 25, 2007
  1. ticket: 5546

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19526 from trunk
    
     r19526@cathode-dark-space:  tlyu | 2007-04-25 17:19:07 -0400
     ticket: new
     target_version: 1.6.2
     tags: pullup
     subject: race condition in referrals fallback
     
     	* src/lib/krb5/krb/gc_frm_kdc.c (krb5_get_cred_from_kdc_opt):
     	During referrals fallback, set *tgts to NULL after freeing.  This
     	avoids returning a pointer to freed memory when the first call to
     	do_traversal() obtains some TGTs and the subsequent
     	krb5_cc_retrieve_cred() of the final-hop TGT succeeds (due to some
     	other thread or process storing that TGT into the ccache), causing
     	second do_traversal() call (which would re-initialize *tgts) to
     	not execute.  Race condition found during KfW-3.2 testing.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19528 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5541

    tlyu authored
    version_fixed: 1.6.2
    
    pull up r19520 from trunk
    
     r19520@cathode-dark-space:  raeburn | 2007-04-22 20:30:40 -0400
     ticket: new
     subject: remove debugging code accidentally left in ftp/cmds.c
     
     Debugging code I added months ago in ftp/cmds.c and forgot to remove
     has apparently escaped notice until now.  Markus Moeller reports
     seeing a bunch of "cmds.c: at line (number)" lines printed when he
     connects to a server.
     
     This patch removes those lines.  A couple other debugging statements
     that test for the debug flag being set on the command line are left
     in.
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19527 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 23, 2007
  1. back to krb5-1.6.1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19525 dc483132-0cff-0310-8789-dd5450dbe970
  2. fix typo

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19523 dc483132-0cff-0310-8789-dd5450dbe970
  3. patchlevel and winlevel for kfw-3.2.0-beta2

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19522 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 20, 2007
  1. krb5-1.6.1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19518 dc483132-0cff-0310-8789-dd5450dbe970
  2. README and patchlevel.h for krb5-1.6.1

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19516 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 5539

    tlyu authored
    version_fixed: 1.6.1
    
    pull up r19513 from trunk
    
     r19513@cathode-dark-space:  kpkoch | 2007-04-20 16:41:42 -0400
     Ticket: new
     Tags: Pullup
     Target_Version: 1.6.1
     
     Add /REPOSITORY EXPORT option.
     
     Adjust abbreviations: /svntag is now 't' so /src can be 's' so /repository can have the abbreviation 'r.'
     
     Process /NOLOG.
     
     Write out ignored command line options as ones being passed to NMAKE (via build.pl).
     
     Generate GetOptions argument from the <Config> section of the config.xml file.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19515 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 5537

    tlyu authored
    version_fixed: 1.6.1
    
    pull up r19509 from trunk
    
     r19509@cathode-dark-space:  kpkoch | 2007-04-19 16:04:08 -0400
     Ticket: new
     
     Modify Unix find test to only check the current directory for the non-existent a.tmp.
     
     When the pismere area is under the script area (as in Jeff's setup on afs), the find test slogs through 100MB of files and occasionally finds an a.tmp.  
     
     This correct the erroneous 'unix find not found' errors and improves performance noticeably when using afs.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19514 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 19, 2007
  1. ticket: 5521

    tlyu authored
    pull up r19507 from trunk
    
     r19507@cathode-dark-space:  kpkoch | 2007-04-19 14:03:16 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Rollback previous change.  This version is the same as R19472.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19508 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Apr 18, 2007
  1. ticket: 5527

    tlyu authored
    version_fixed: 1.6.1
    
    pull up r19458 from trunk
    
     r19458@cathode-dark-space:  jaltman | 2007-04-13 03:21:25 -0400
     ticket: 5527
     
          sdkfiles.xml - add msi-deployment-guide.txt
     
          copyfiles.xml - add msi-deployment-guide.txt
             and do not copy netiddev.chm twice
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19506 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 5527

    tlyu authored
    pull up r19454 from trunk
    
     r19454@cathode-dark-space:  jaltman | 2007-04-13 01:20:43 -0400
     ticket: new
     subject: kfw build - include netidmgr_userdoc.pdf in zip file
     component: windows
     tags: pullup
     
     Include netidmgr_userdoc.pdf in zip file.  The leash_userdoc.pdf 
     should be pulled from the zip when leash32.exe is removed.
     
     
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19505 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 5521

    tlyu authored
    version_fixed: 1.6.1
    
    pull up r19489 from trunk
    
     r19489@cathode-dark-space:  kpkoch | 2007-04-17 23:00:49 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Factor repository access out of bkw.pl into repository1.pl.
     
     Modify bkw.pl to use an initial config file to fetch the sources and then use the config file from those sources to do the build.  This way, the description of how to build the sources is in the config file that is part of the sources.  It is possible and probably reasonable for the initial config file to be the same as the tagged version.  Output all the options used.
     
     Add bootstrap.xml - a sample minimal config file, sufficient to fetch the sources from a repository.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19504 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 5521

    tlyu authored
    pull up r19472 from trunk
    
     r19472@cathode-dark-space:  kpkoch | 2007-04-14 14:06:26 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Leave built installers in their temp areas and change final copy step to copy them into <out> from their new location.  Delay cleaning up the temp areas until after that copy.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19503 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 5521

    tlyu authored
    pull up r19469 from trunk
    
     r19469@cathode-dark-space:  kpkoch | 2007-04-13 18:29:58 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Implement environment variable settings from the config xml file.  See notes in bkwconfig.xml.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19502 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 5521

    tlyu authored
    pull up r19465 from trunk
    
     r19465@cathode-dark-space:  kpkoch | 2007-04-13 14:11:35 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Add BUILD_KFW=1 & DEBUG_SYMBOL=1 to build.pl invocation.
     Align setting of RELEASE/DEBUG/BETA with release notes.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19501 dc483132-0cff-0310-8789-dd5450dbe970
  7. ticket: 5521

    tlyu authored
    pull up r19464 from trunk
    
     r19464@cathode-dark-space:  kpkoch | 2007-04-13 09:00:30 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Typo.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19500 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 5521

    tlyu authored
    pull up r19451 from trunk
    
     r19451@cathode-dark-space:  kpkoch | 2007-04-12 23:00:21 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Only copy install/[wix|nsi] areas into install builder temp areas.
     Write site-local files to those temp areas.  Now tagged files stay in the staging area and are incorporated into the installers.  The substituted files are only in the installer build temp areas.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19499 dc483132-0cff-0310-8789-dd5450dbe970
  9. ticket: 5521

    tlyu authored
    pull up r19434 from trunk
    
     r19434@cathode-dark-space:  kpkoch | 2007-04-12 13:28:36 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Locate unixfind correctly in $config, again.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19498 dc483132-0cff-0310-8789-dd5450dbe970
  10. ticket: 5521

    tlyu authored
    pull up r19433 from trunk
    
     r19433@cathode-dark-space:  kpkoch | 2007-04-12 12:30:03 -0400
     Target_Version: 1.6.1
     Ticket: 5521
     Tags: pullup
     
     Locate unixfind correctly in $config.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19497 dc483132-0cff-0310-8789-dd5450dbe970
Something went wrong with that request. Please try again.