[Heimdal-source-changes] [heimdal/heimdal] 5b223c: roken: do not require use of rk_mkdir on all platf...
GitHub
noreply at github.com
Sön Juli 28 03:18:19 CEST 2013
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 5b223c2caa98068bb51d9c15123cadfe87b13297
https://github.com/heimdal/heimdal/commit/5b223c2caa98068bb51d9c15123cadfe87b13297
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2013-07-27 (Sat, 27 Jul 2013)
Changed paths:
M lib/roken/Makefile.am
M lib/roken/mkdir.c
M lib/roken/roken-common.h
M lib/roken/roken.h.in
M windows/NTMakefile.config
Log Message:
-----------
roken: do not require use of rk_mkdir on all platforms
Although rk_mkdir can be provided on all platforms there is no
reason to require that it be used by unconditionally mapping
mkdir -> rk_mkdir
Change-Id: Ic149500037abf446434332bf6ba67dfb3906cd72
Commit: 37ca3d35a9a0fc239e9a0d04164f41dd82ce493a
https://github.com/heimdal/heimdal/commit/37ca3d35a9a0fc239e9a0d04164f41dd82ce493a
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2013-07-27 (Sat, 27 Jul 2013)
Changed paths:
M windows/NTMakefile.config
Log Message:
-----------
Windows: use roken's rk_rename
Windows CRT rename does not unlink the target if it exists.
Change-Id: Id7bdf5729d418bb22b59ab11d0d5f31ccb7e3577
Commit: 71fb56309c63f51ce9a4e0b6d454b60ff3ea786b
https://github.com/heimdal/heimdal/commit/71fb56309c63f51ce9a4e0b6d454b60ff3ea786b
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2013-07-27 (Sat, 27 Jul 2013)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
_kdc_find_etype consolidation
The 'use_strongest_session_key' block and its alternate should
have similar behavior except for the order in which the enctype
lists are processed. This patchset attempts to consolidate the
exit processing and ensure that the inner loop enctype and key
validation is the same.
Bugs fixed:
1. In the 'use_strongest_session_key' case, the _kdc_is_weak_exception()
test was applied during the client enctype loop which is only
processed for acceptable enctypes. This test is moved to the
local supported enctypes loop so as not to filter out weak keys
when the service principal has an explicit exception.
2. In the 'use_strongest_session_key' case, the possibility of an
enctype having keys with more than one salt was excluded.
3. In the 'use_strongest_session_key' case, the 'key' variable was
not reset to NULL within each loop of the client enctype list.
4. In the '!use_strongest_session_key' case, the default salt test
and is_preauth was inconsistent with the 'use_strongest_session_key'
block.
With this consolidation, if no enctype is selected and the service
principal is permitted to use 1DES, then 1DES is selected. It doesn't
matter whether 'use_strongest_session_key' is in use or not.
Change-Id: Ib57264fc8bc23df64c70d39b4f6de48beeb54739
Compare: https://github.com/heimdal/heimdal/compare/1826106ff4be...71fb56309c63
More information about the Heimdal-source-changes
mailing list