summaryrefslogtreecommitdiff
path: root/server/kstuff.c
Commit message (Collapse)AuthorAge
* ZCheckSrvAuthentication: free the auth context and the authenticator way earlierGravatar Karl Ramm2013-10-25
|
* ZCheckRealmAuthentication is no more.Gravatar Karl Ramm2013-09-30
|
* autoconf check for krb5_free_unparsed_nameGravatar Karl Ramm2013-08-08
|
* Call krb5_unparse_name in server/kstuff.cGravatar David Benjamin2013-08-08
| | | | Looks like it's the same as free right now, but may as well call the right one.
* Clean up warningsGravatar Jeffrey Hutzelman2013-02-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Eliminate compiler warnings due to various issues (listed below). This allows Zephyr to build cleanly under GCC versions ranging from 4.1.0 to 4.7.2 with all of the options shown below: -g -O2 -Wall -Werror -Wno-deprecated-declarations -Wmissing-declarations -Wpointer-arith -Wstrict-prototypes -Wshadow -Wextra -Wno-missing-field-initializers -Wno-unused-parameter and, on recent versions, -Wunreachable-code Test builds were done - On Ubuntu 12.10 (Quantal Quetzal) using both MIT Kerberos 1.10.1 and Heimdal 1.6, without krb4 and both with and without C-Ares and Hesiod - On Fedora 14 using Heimdal 0.6, without C-Ares or Hesiod and both with and without krb4 (KTH Kerberos 1.3rc2) - On Fedora Core 3, Fedora Core 5, Fedora 7, and Fedora 10, using Heimdal 0.6 and without C-Ares, Hesiod, or krb4 It also allows clean builds on Solaris 10 under the Sun Studio 12 (9/07) C compiler with the following options: -g -fd -v -errfmt -errhdr=%user -errtags=yes -errwarn=%all -erroff=E_OLD_STYLE_FUNC_DECL,E_ENUM_TYPE_MISMATCH_ARG,E_ARG_INCOMPATIBLE_WITH_ARG ... and under Solaris 9 with the Sun Forte 7 (3/02) C compiler with the above options and -erroff=E_FUNC_HAS_NO_RETURN_STMT. Solaris builds were done with Heimdal 0.6 and without C-Ares, Hesiod, or krb4. The following types of issues are addressed in this change: - Parameters and local variables with the same names as library functions - Parameters and local variables with the same names as globals - Declarations for exported global variables missing from headers - Prototypes for exported functions missing from headers - Missing 'static' on functions that shouldn't be exported - Old-style function declarations - Duplicate declarations - Type mismatches - Unused variables and functions - Uninitialized variables - Forward references to enums - Necessary header files not included - Violations of the aliasing rules, where GCC was able to detect them - Missing braces on if blocks that might be empty - Attempts to do pointer arithmetic on pointers of type void *, which is not permitted in standard C. - An attempt to pass a function pointer via a void * parameter, which is not permitted in standard C. Instead, we now pass a pointer to a structure, which then contains the required function pointer. - Unnecessary inclusion of <krb5_err.h>, which is already included by <krb5.h> when the former exists, and might not be protected against double inclusion, depending on which com_err was used. - Missing include of <com_err.h>, which was masked by the fact that it is included by headers generated by e2fsprogs compile_et - Use of com_err() with a non-constant value in place of the format string, which in every case was a fixed-size buffer in which a message was built using sprintf(!). Both the calls to sprintf and the fixed-size buffers have been removed, in favor of just letting com_err() do the formatting. - Various cases where X library functions expecting a parameter of type wchar_t * were instead passed a parameter of type XChar2b *. The two types look similar, but are not the same and are _not_ interchangeable. - An overly-simplistic configure test which failed to detect existence of <term.h> on Solaris, due to not including <curses.h>. - Using the wrong type for the flags output of krb5_auth_con_getflags() when building against Heimdal. A configure test is added to detect the correct type.
* ZCheckSrvAuthentication: fix auth context leakGravatar Jeffrey Hutzelman2012-11-24
| | | | | Fix a leak in which we fail to free a Kerberos authentication context in ZCheckSrvAuthentication if getting or setting the context flags fails.
* log old-style checksum mismatches tooGravatar Karl Ramm2012-01-25
|
* fix some formatting and whitespace bogonsGravatar Karl Ramm2012-01-25
|
* Try and log more on authentication failures.Gravatar Karl Ramm2012-01-25
|
* It is still not the 80s anymore -- remove all caddr_tsGravatar Karl Ramm2011-02-02
|
* For now check incoming interrealm stuff with both keyusages because itGravatar Karl Ramm2009-08-27
| | | | turns out that derived-key stuff actually worked if you were using heimdal.
* ZCheckSrvAuthentication says "YES", "NO", or "FAILED"Gravatar Karl Ramm2009-08-10
|
* Refactor ZCheckRealmAuthentication into ZCheckSrvAuthentication.Gravatar Karl Ramm2009-07-27
| | | | (also fiddle around with what krb4 checksums are available in krb5-only land)
* Remove the chock wedging things into DES mode and hopefully redo the ↵Gravatar Karl Ramm2009-07-26
| | | | | | keyusage stuff such that it actually works.
* kstuff.c:Gravatar Karl Ramm2009-04-10
| | | | | | | | | Turn off the replay cache (at least with MIT krb5 1.6) All three authentication checks: Initialize cksum1_buf so gcc will shut up.
* be more paranoid about what fields we are checksummingGravatar Karl Ramm2009-04-04
|
* amd64 anecdotally cares about the difference between NULL and 0 in some contextsGravatar Karl Ramm2009-04-03
|
* fix yet another instance of the checksum computationGravatar Karl Ramm2009-04-03
|
* keep track of total # of incoming header fields, and cksum appropriatelyGravatar Karl Ramm2009-03-24
|
* notice->z_other_fields[notice->z_num_other_fields] is either going toGravatar Karl Ramm2009-03-23
| | | | | | | be NULL, something Wrong^TM, or off the end of z_other_fields. bad all around.
* there's no particular reason that the interrealm code on a krb5-only serverGravatar Karl Ramm2009-03-22
| | | | | shouldn't be able to deal with incoming old-style packets
* build everything successfully with -Wall -WerrorGravatar Karl Ramm2009-03-02
|
* Fix a bunch of return codes to be more descriptiveGravatar Karl Ramm2008-12-21
| | | | | | | MAX_PRINCIPAL_SIZE des hack
* collapse state of some non-debugging #if [01]'d codeGravatar Karl Ramm2008-01-21
|
* no more NOENCRYPTIONGravatar Karl Ramm2008-01-21
|
* cast args to des_ecb_encrypt and des_quad_cksum to squash last warningsGravatar Karl Ramm2008-01-21
|
* passes gcc -Wall with no warnings other than des cryppt C_block sadness and ↵Gravatar Karl Ramm2008-01-21
| | | | getsid problem
* de K&RifyGravatar Karl Ramm2008-01-21
|
* ostensibly accept both sorts of authentication when offering brain dumps, ↵Gravatar Karl Ramm2007-12-28
| | | | and have a command line switch to choose between the sort you use when getting them
* ostensibly better diagnostic outputGravatar Karl Ramm2007-12-25
|
* /afs/andrew.cmu.edu/usr18/cg2v/zephyr-krb5-server-20071215+.diffGravatar Karl Ramm2007-12-25
|
* applied athena-update-branch patchGravatar Karl Ramm2007-12-25
|
* Remove kopt.c and the caching things that depend on it.Gravatar Garry Zacheiss2004-02-29
|
* Reintroduce checksum enforcement changes.Gravatar Greg Hudson2001-04-10
|
* Reintroduce rev 1.23.Gravatar Greg Hudson2001-03-05
|
* Revert rev 1.22; we're not ready to start enforcing checksums onGravatar Greg Hudson2001-03-05
| | | | | | all operations yet. Also revert rev 1.23, because I got confused. We'll reintroduce it shortly.
* Changes from CMU:Gravatar Garry Zacheiss2001-02-26
| | | | | * Better interrealm support: be prepared to try old and new style checksumming, and make NOENCRYPTION case work.
* Remove an old compatibility compromise from back when we started requiringGravatar Greg Hudson2000-02-11
| | | | | checksums on messages. With this change, you can't fiddle with subs if you don't have a valid checksum.
* Some RCS ID cleanup: delete $Log$ and replace other RCS keywords with $Id$.Gravatar Greg Hudson1999-01-22
|
* From epeisach: Use Code_t instead of int to match prototypes.Gravatar Greg Hudson1997-10-16
|
* Pull in sources from zephyr locker. See /mit/zephyr/repository forGravatar Greg Hudson1997-09-14
| | | | detailed change information.
* GetKerberosData was trying to pass a struct instead of a ulong, asGravatar Richard Basch1993-11-21
| | | | was expected by krb_rd_req() [metcalf@lcs]
* Changed <strings.h> to <string.h>, bcopy to memcpy [ANSI]Gravatar Richard Basch1993-11-19
| | | | Include <zephyr/krb_err.h> if we have Kerberos.
* Changed bcopy/bzero to _BCOPY/_BZERO (defined in <zephyr/zephyr_conf.h>)Gravatar Richard Basch1993-09-24
|
* saber complains about pure assignment statements in ifs-Gravatar Lucien Van Elsen1992-08-14
|
* free the zstring when freeing up AuthEnt structGravatar Lucien Van Elsen1992-01-17
|
* Converted back to ANSI C (with ifdef's for standard C)Gravatar Lucien Van Elsen1991-12-04
|
* Removed some unused code.Gravatar Kenneth G Raeburn1990-12-11
| | | | Now logs source address when authentication fails.
* Don't log messages about zero-length authenticators.Gravatar Kenneth G Raeburn1990-11-16
|
* C++ conversion and lots of modifications from summer & fall workGravatar Kenneth G Raeburn1990-11-13
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 09:41:03 +0000