Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | log old-style checksum mismatches too | 2012-01-25 | ||
| | ||||
* | fix some formatting and whitespace bogons | 2012-01-25 | ||
| | ||||
* | Try and log more on authentication failures. | 2012-01-25 | ||
| | ||||
* | New version propagation to replace keyword substitution, part 1 | 2011-11-25 | ||
| | ||||
* | realm_auth_sendit_nacked fixups | 2011-11-18 | ||
| | | | | | | | | | | In addition to the packet length problem discussed last night, the realm_auth_sendit_nacked refactor also had a cut-n-paste error. In the unfragmented case, it passed in partnotice.z_uid instead of newnotice.z_uid. In that branch of the if, partnotice is uninitialized... My (derrick's) servers are no longer constantly complaining (in new debug code) that realm_nack_cancel couldn't find the nack to dequeue, so I think I'm done with this problem. | |||
* | It is not the 80s anymore, so we have a printf directive for pointers | 2011-10-23 | ||
| | ||||
* | Retool our use of configure such that we track it like everyone else does | 2011-10-23 | ||
| | | | | | i.e. don't keep generated or foreign stuff in our source tree. As a side effect, this lets us use a libtool, etc. from this century | |||
* | It is still not the 80s anymore -- remove all caddr_ts | 2011-02-02 | ||
| | ||||
* | syslogging for evety tcp-ized packet slows things down too much | 2010-12-19 | ||
| | ||||
* | Fix typo | 2010-12-19 | ||
| | ||||
* | Drop stale code for long-lost debugging malloc. | 2010-12-19 | ||
| | ||||
* | remove a stupid cpp trick | 2010-12-19 | ||
| | ||||
* | Restate error table dependencies such that make -j doesn't trip over itself | 2010-11-06 | ||
| | | | | (thanks to wthrowe@mit.edu) | |||
* | Have the makefiles support explicit target directories properly, courtesy ↵ | 2010-11-06 | ||
| | | | | wthrowe@mit.edu | |||
* | clean up realm_sendit_auth | 2010-11-06 | ||
| | ||||
* | Clean up xmit | 2010-08-24 | ||
| | ||||
* | A argument for not doing a "quick change" at 3am. (braino, fixes previous) | 2010-08-24 | ||
| | ||||
* | Don't leak memory when refragmenting sketchy packets. | 2010-08-24 | ||
| | ||||
* | stop using MAXHOSTNAMELEN in a variety of places. Also ↵ | 2010-08-24 | ||
| | | | | nuke-trailing-whitespace. | |||
* | Don't use MAXPATHLEN anymore. | 2010-08-24 | ||
| | | | | | | | Some systems don't have it, having shaken off the shackles of fixed lengths. Unfortunately rewriting these things "right" in a fashion portable to unembraced-and-extended C libraries is aggravating. So do it wrong until we decide to bite the bullet and demand glib. | |||
* | Fix a leak if ZNewFormatSmallRawNotice fails. (thanks to nelhage@mit.edu for ↵ | 2010-08-22 | ||
| | | | | noticing) | |||
* | Don't crash if the header mysteriously gets too big. (Thanks to ↵ | 2010-08-22 | ||
| | | | | nelhage@mit.edu for noticing) | |||
* | Fix some formatting, and add some paranoia about oversized headers. | 2010-08-22 | ||
| | | | | (Thanks to nelhage@mit.edu for noticing the formatting problem) | |||
* | fix subscriptions-too-wide-breaks-braindump problem | 2010-07-28 | ||
| | | | | | | | | only send one sub per packet in braindump refactor bdump_send_list_tcp and send_normal_tcp brain dump can now cleanly receive overlarge encrypted packets refactor subscr_send_subs and subscr_send_realm_subs nuke trailing whitespace | |||
* | Fix getting data out of gethostbyname; should fix #69 | 2010-07-28 | ||
| | ||||
* | It is the twenty-first century, we don't need #ifdef ladders anymore. | 2010-03-17 | ||
| | ||||
* | Refactor error handling slightly in get_tgt | 2009-08-27 | ||
| | | | | | (which coincidentally keeps us from reporting the wrong function with an error code) | |||
* | get_tgt() should not fail if built krb5-only and it can't find a des key | 2009-08-27 | ||
| | | | | Also clean up some indentation and add error logging. | |||
* | For now check incoming interrealm stuff with both keyusages because it | 2009-08-27 | ||
| | | | | turns out that derived-key stuff actually worked if you were using heimdal. | |||
* | krb5_init_keyblock is ugly and I'm not sure what it's doing there anyway | 2009-08-22 | ||
| | ||||
* | Fix a casefolding bug. [64-bit] | 2009-08-22 | ||
| | | | | | | | | | | | | | | In valid_utf8_p(), uc was improperly typed and never initialized. On 64-bit systems, this means that success is dependent on previous stack contents. If the upper 32 bits are not zero, the null terminator is not caught and the function continues reading past the end of the string until: 1) Invalid UTF-8 is encountered 2) An invalid unicode codepoint is encountered. 3) segfault 1 and 2 are much more likely, but 3 is a danger. | |||
* | ZCheckSrvAuthentication says "YES", "NO", or "FAILED" | 2009-08-10 | ||
| | ||||
* | it is the TWENTY-FIRST CENTURY, we can STOP USING K&R | 2009-08-09 | ||
| | ||||
* | change the prototype variable name "class" to match the actual function ↵ | 2009-08-09 | ||
| | | | | "class_name" | |||
* | if not HAVE_KRB5_C_DECRYPT, there's no krb5_enc_data type, and oh, look we ↵ | 2009-08-09 | ||
| | | | | don't use din anyway | |||
* | Factor out code that extacts a sockaddr_in from a notice (and stop using the | 2009-07-29 | ||
| | | | | | | | deprecated sender_addr macro.) Actually remove the code from realm.c:real_dispatch because nothing was using the result. Ran nuke-trailing-whitespace on all the files I touched, as usual. | |||
* | Refactor ZCheckRealmAuthentication into ZCheckSrvAuthentication. | 2009-07-27 | ||
| | | | | (also fiddle around with what krb4 checksums are available in krb5-only land) | |||
* | Refactor some gratuitously duplicated code in handle_packet | 2009-07-26 | ||
| | ||||
* | Remove the chock wedging things into DES mode and hopefully redo the ↵ | 2009-07-26 | ||
| | | | | | | keyusage stuff such that it actually works. | |||
* | Build on solaris | 2009-07-14 | ||
| | ||||
* | zephyr.h will pull in zephyr_err.h will pull in com_err.h without having to ↵ | 2009-07-13 | ||
| | | | | figure out where it is | |||
* | fix some conditional-compilation issues that trip -Wunreachable-code | 2009-04-30 | ||
| | ||||
* | use less oddball types | 2009-04-21 | ||
| | ||||
* | For now, host managers have IPv4 addresses. | 2009-04-19 | ||
| | | | | | | | Really, it almost terrifies me that servers have probably been sending shutdown messages to stack-garbage address families for the past two decades | |||
* | Clean up $Zephyr$s | 2009-04-14 | ||
| | ||||
* | add defs for datarootdir so configure will Shut Up | 2009-04-13 | ||
| | | | | | | | | | | Rearrange what libraries get pulled in where, so dpkg-shlibdeps doesn't whine (see a theme here?) (Also so that, say, znol, doesn't have to link with Everything.) This will break platforms that don't do shared-library dependencies. | |||
* | As in [2406], the C preprocessor has seen enough abuse; it is the | 2009-04-10 | ||
| | | | | | future, so we can abuse inline functions instead. | |||
* | The hash function should probably be unsigned. | 2009-04-10 | ||
| | | | | | | Also, the C preprocessor has seen enough abuse; it is the future, so we can abuse inline functions instead. | |||
* | kstuff.c: | 2009-04-10 | ||
| | | | | | | | | | Turn off the replay cache (at least with MIT krb5 1.6) All three authentication checks: Initialize cksum1_buf so gcc will shut up. | |||
* | This needs to be positive. (are you sure?) | 2009-04-08 | ||
| |