Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | Actually remove the #ifdef OLD_COMPAT and NEW_COMPAT code | Karl Ramm | 2012-02-11 | |
| | | | | To my knowledge, this hasn't been enabled by anyone in ages | |||
* | log old-style checksum mismatches too | Karl Ramm | 2012-01-25 | |
| | ||||
* | fix some formatting and whitespace bogons | Karl Ramm | 2012-01-25 | |
| | ||||
* | Try and log more on authentication failures. | Karl Ramm | 2012-01-25 | |
| | ||||
* | New version propagation to replace keyword substitution, part 1 | Karl Ramm | 2011-11-25 | |
| | ||||
* | realm_auth_sendit_nacked fixups | Chaskiel Grundman | 2011-11-18 | |
| | | | | | | | | | | In addition to the packet length problem discussed last night, the realm_auth_sendit_nacked refactor also had a cut-n-paste error. In the unfragmented case, it passed in partnotice.z_uid instead of newnotice.z_uid. In that branch of the if, partnotice is uninitialized... My (derrick's) servers are no longer constantly complaining (in new debug code) that realm_nack_cancel couldn't find the nack to dequeue, so I think I'm done with this problem. | |||
* | It is not the 80s anymore, so we have a printf directive for pointers | Karl Ramm | 2011-10-23 | |
| | ||||
* | Retool our use of configure such that we track it like everyone else does | Karl Ramm | 2011-10-23 | |
| | | | | | i.e. don't keep generated or foreign stuff in our source tree. As a side effect, this lets us use a libtool, etc. from this century | |||
* | It is still not the 80s anymore -- remove all caddr_ts | Karl Ramm | 2011-02-02 | |
| | ||||
* | syslogging for evety tcp-ized packet slows things down too much | Karl Ramm | 2010-12-19 | |
| | ||||
* | Fix typo | Karl Ramm | 2010-12-19 | |
| | ||||
* | Drop stale code for long-lost debugging malloc. | Karl Ramm | 2010-12-19 | |
| | ||||
* | remove a stupid cpp trick | Karl Ramm | 2010-12-19 | |
| | ||||
* | Restate error table dependencies such that make -j doesn't trip over itself | Karl Ramm | 2010-11-06 | |
| | | | | (thanks to wthrowe@mit.edu) | |||
* | Have the makefiles support explicit target directories properly, courtesy ↵ | Karl Ramm | 2010-11-06 | |
| | | | | wthrowe@mit.edu | |||
* | clean up realm_sendit_auth | Karl Ramm | 2010-11-06 | |
| | ||||
* | Clean up xmit | Karl Ramm | 2010-08-24 | |
| | ||||
* | A argument for not doing a "quick change" at 3am. (braino, fixes previous) | Karl Ramm | 2010-08-24 | |
| | ||||
* | Don't leak memory when refragmenting sketchy packets. | Karl Ramm | 2010-08-24 | |
| | ||||
* | stop using MAXHOSTNAMELEN in a variety of places. Also ↵ | Karl Ramm | 2010-08-24 | |
| | | | | nuke-trailing-whitespace. | |||
* | Don't use MAXPATHLEN anymore. | Karl Ramm | 2010-08-24 | |
| | | | | | | | Some systems don't have it, having shaken off the shackles of fixed lengths. Unfortunately rewriting these things "right" in a fashion portable to unembraced-and-extended C libraries is aggravating. So do it wrong until we decide to bite the bullet and demand glib. | |||
* | Fix a leak if ZNewFormatSmallRawNotice fails. (thanks to nelhage@mit.edu for ↵ | Karl Ramm | 2010-08-22 | |
| | | | | noticing) | |||
* | Don't crash if the header mysteriously gets too big. (Thanks to ↵ | Karl Ramm | 2010-08-22 | |
| | | | | nelhage@mit.edu for noticing) | |||
* | Fix some formatting, and add some paranoia about oversized headers. | Karl Ramm | 2010-08-22 | |
| | | | | (Thanks to nelhage@mit.edu for noticing the formatting problem) | |||
* | fix subscriptions-too-wide-breaks-braindump problem | Karl Ramm | 2010-07-28 | |
| | | | | | | | | only send one sub per packet in braindump refactor bdump_send_list_tcp and send_normal_tcp brain dump can now cleanly receive overlarge encrypted packets refactor subscr_send_subs and subscr_send_realm_subs nuke trailing whitespace | |||
* | Fix getting data out of gethostbyname; should fix #69 | Karl Ramm | 2010-07-28 | |
| | ||||
* | It is the twenty-first century, we don't need #ifdef ladders anymore. | Karl Ramm | 2010-03-17 | |
| | ||||
* | Refactor error handling slightly in get_tgt | Karl Ramm | 2009-08-27 | |
| | | | | | (which coincidentally keeps us from reporting the wrong function with an error code) | |||
* | get_tgt() should not fail if built krb5-only and it can't find a des key | Karl Ramm | 2009-08-27 | |
| | | | | Also clean up some indentation and add error logging. | |||
* | For now check incoming interrealm stuff with both keyusages because it | Karl Ramm | 2009-08-27 | |
| | | | | turns out that derived-key stuff actually worked if you were using heimdal. | |||
* | krb5_init_keyblock is ugly and I'm not sure what it's doing there anyway | Karl Ramm | 2009-08-22 | |
| | ||||
* | Fix a casefolding bug. [64-bit] | Karl Ramm | 2009-08-22 | |
| | | | | | | | | | | | | | | In valid_utf8_p(), uc was improperly typed and never initialized. On 64-bit systems, this means that success is dependent on previous stack contents. If the upper 32 bits are not zero, the null terminator is not caught and the function continues reading past the end of the string until: 1) Invalid UTF-8 is encountered 2) An invalid unicode codepoint is encountered. 3) segfault 1 and 2 are much more likely, but 3 is a danger. | |||
* | ZCheckSrvAuthentication says "YES", "NO", or "FAILED" | Karl Ramm | 2009-08-10 | |
| | ||||
* | it is the TWENTY-FIRST CENTURY, we can STOP USING K&R | Karl Ramm | 2009-08-09 | |
| | ||||
* | change the prototype variable name "class" to match the actual function ↵ | Karl Ramm | 2009-08-09 | |
| | | | | "class_name" | |||
* | if not HAVE_KRB5_C_DECRYPT, there's no krb5_enc_data type, and oh, look we ↵ | Karl Ramm | 2009-08-09 | |
| | | | | don't use din anyway | |||
* | Factor out code that extacts a sockaddr_in from a notice (and stop using the | Karl Ramm | 2009-07-29 | |
| | | | | | | | deprecated sender_addr macro.) Actually remove the code from realm.c:real_dispatch because nothing was using the result. Ran nuke-trailing-whitespace on all the files I touched, as usual. | |||
* | Refactor ZCheckRealmAuthentication into ZCheckSrvAuthentication. | Karl Ramm | 2009-07-27 | |
| | | | | (also fiddle around with what krb4 checksums are available in krb5-only land) | |||
* | Refactor some gratuitously duplicated code in handle_packet | Karl Ramm | 2009-07-26 | |
| | ||||
* | Remove the chock wedging things into DES mode and hopefully redo the ↵ | Karl Ramm | 2009-07-26 | |
| | | | | | | keyusage stuff such that it actually works. | |||
* | Build on solaris | Karl Ramm | 2009-07-14 | |
| | ||||
* | zephyr.h will pull in zephyr_err.h will pull in com_err.h without having to ↵ | Karl Ramm | 2009-07-13 | |
| | | | | figure out where it is | |||
* | fix some conditional-compilation issues that trip -Wunreachable-code | Karl Ramm | 2009-04-30 | |
| | ||||
* | use less oddball types | Karl Ramm | 2009-04-21 | |
| | ||||
* | For now, host managers have IPv4 addresses. | Karl Ramm | 2009-04-19 | |
| | | | | | | | Really, it almost terrifies me that servers have probably been sending shutdown messages to stack-garbage address families for the past two decades | |||
* | Clean up $Zephyr$s | Karl Ramm | 2009-04-14 | |
| | ||||
* | add defs for datarootdir so configure will Shut Up | Karl Ramm | 2009-04-13 | |
| | | | | | | | | | | Rearrange what libraries get pulled in where, so dpkg-shlibdeps doesn't whine (see a theme here?) (Also so that, say, znol, doesn't have to link with Everything.) This will break platforms that don't do shared-library dependencies. | |||
* | As in [2406], the C preprocessor has seen enough abuse; it is the | Karl Ramm | 2009-04-10 | |
| | | | | | future, so we can abuse inline functions instead. | |||
* | The hash function should probably be unsigned. | Karl Ramm | 2009-04-10 | |
| | | | | | | Also, the C preprocessor has seen enough abuse; it is the future, so we can abuse inline functions instead. | |||
* | kstuff.c: | Karl Ramm | 2009-04-10 | |
| | | | | | | | | | Turn off the replay cache (at least with MIT krb5 1.6) All three authentication checks: Initialize cksum1_buf so gcc will shut up. |