| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| |
|
|
| |
So that the packaging will still work with the libtoolize on lenny
|
| | |
|
| | |
|
| |
|
|
|
| |
i.e. don't keep generated or foreign stuff in our source tree.
As a side effect, this lets us use a libtool, etc. from this century
|
| |
|
|
|
| |
Does everything still work if configure checks for iconv_open rather
than the mysterious libiconv_open? Tune into an autobuilder near you...
|
| | |
|
| |
|
|
| |
Fixes #58
|
| | |
|
| |
|
|
| |
Fixes #72
|
| |
|
|
| |
So it can check for a keytab rather than a srvtab. Fixes #43.
|
| |
|
|
|
|
|
| |
The fact that the Heimdal and MIT APIs are subtly different strikes again.
I am honestly starting to wonder if they make it look this similar just
to frustrate people; I only don't believe it because neither team seems
like that sort of person. Fixes #74.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Since these are constants used in the protocol be explicit about what values
the C compiler is assigning them, and that they can't be arbitrarily
rearranged.
Also, since we were promising strings for describing them in zephyr.h
actually define the array.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
notice->z_authent_authent_len will be zero.
|
| |
|
|
|
|
| |
with SO_REUSADDR set on a given port, other people can also open listening
sockets with SO_REUSEADDR set, so turn SO_REUSADDR back off after we've
bound our port.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
the pointer
|
| | |
|
| | |
|
| |
|
|
| |
(thanks to wthrowe@mit.edu)
|
| |
|
|
| |
wthrowe@mit.edu
|
| |
|
|
|
|
| |
Call it cares consistently, though.
(regenerate configure, pulling in a new config.{guess,sub})
|
| |
|
|
| |
and it breaks the build when there isn't a utmp.h
|
| |
|
|
| |
ignore TAGS
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
nuke-trailing-whitespace.
|
| |
|
|
|
|
|
| |
Some systems don't have it, having shaken off the shackles of fixed
lengths. Unfortunately rewriting these things "right" in a fashion
portable to unembraced-and-extended C libraries is aggravating. So do it
wrong until we decide to bite the bullet and demand glib.
|
| | |
|
| |
|
|
|
| |
Don't free the incoming notice if we don't know for sure there's one.
Drop the message on read error in the tty case.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
I am becoming increasingly enamored with the fall-through on error
clean-up-everything-at-the-end style of C error handling and resource
management.
Also remove some misleading/useless/wrong comments.
(also fix a problem in the tickets expired case where it was using
the wrong (possibly undefined) authenticator lengh)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per Nelson Elhage:
find_or_insert_uid sorts 'buffer' by the uid, which is a
remotely-provided field. However, in order to expire uids, it does:
while (num && (now - buffer[start % size].t) > CLOCK_SKEW)
start++, num--;
start %= size;
i.e. starts from the start of the queue and goes until it finds
something sufficiently new. Since the queue ordering is
attacker-controlled, we can send an arbitrarily-long sequence of
decreasing uids, consuming memory and forcing the client into an
ever-growing quadratic loop to insert them at the beginning.
--
Solve this by not keeping the buffer sorted; just tack the incoming
uids on the end. This way an attacker can make us keep five minutes
worth of UIDs, but only five minutes, and also anecdotally a client
under attack spends all of its CPU sort uids.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
krb5 actually checks in mk_req and fails if the ticks are expired,
rather than giving you an authenticator that would fail and, handing
you the session key that you'd already negotiated. This causes (meh)
sending auth to fail as opposed to just ending up unauthentic and
(poor) verifiable messages to look unauthentic or forged.
So get the session key from the ccache without checking the expiration
time, and have the cert routine skip making an authenticator if
krb5_mk_req_extended says the ticket is expired.
|
| | |
|
Karl Ramm