summaryrefslogtreecommitdiff
path: root/usr/src/lib/gss_mechs
AgeCommit message (Collapse)AuthorFilesLines
2015-10-266352 Updated DC locator for SMB and idmapGordon Ross2-2/+103
Portions contributed by: Matt Barden <Matt.Barden@nexenta.com> Portions contributed by: Kevin Crowe <kevin.crowe@nexenta.com> Portions contributed by: Alek Pinchuk <alek@nexenta.com> Reviewed by: Bayard Bell <bayard.bell@nexenta.com> Reviewed by: Alek Pinchuk <alek.pinchuk@nexenta.com> Reviewed by: Rick McNeal <rick.mcneal@nexenta.com> Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com> Reviewed by: Tony Nguyen <tony.nguyen@nexenta.com> Approved by: Robert Mustacchi <rm@joyent.com>
2015-10-261122 smbsrv should use SPNEGO (inbound authentication)Gordon Ross3-3/+49
Portions contributed by: Matt Barden <Matt.Barden@nexenta.com> Portions contributed by: Kevin Crowe <kevin.crowe@nexenta.com> Portions contributed by: Alek Pinchuk <alek@nexenta.com> Reviewed by: Bayard Bell <bayard.bell@nexenta.com> Reviewed by: Dan Fields <dan.fields@nexenta.com> Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com> Reviewed by: Matt Barden <Matt.Barden@nexenta.com> Approved by: Robert Mustacchi <rm@joyent.com>
2015-02-22872 remove duplicate daemon() definitionsRyan Zezeski3-97/+1
Reviewed by: Garrett D'Amore <garrett@damore.org> Reviewed by: Marcel Telka <marcel@telka.sk> Approved by: Richard Lowe <richlowe@richlowe.net>
2013-08-304072 make clobber leaves trashGordon Ross1-0/+3
Reviewed by: Albert Lee <trisk@nexenta.com> Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Marcel Telka <marcel.telka@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Garrett D'Amore <garrett@damore.org>
2013-08-133971 remove EXPORT_RELEASE_BUILDJosef 'Jeff' Sipek6-19/+0
Reviewed by: Marcel Telka <marcel@telka.sk> Reviewed by: Andy Stormont <andyjstormont@gmail.com> Reviewed by: Igor Kozhukhov <ikozhukhov@gmail.com> Approved by: Dan McDonald <danmcd@nexenta.com>
2013-07-293882 Remove xmod & friendsJosef 'Jeff' Sipek21-403/+6
Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Richard Lowe <richlowe@richlowe.net>
2012-09-222933 compiler warning gags need better granularityRichard Lowe4-4/+20
Reviewed by: Eric Schrock <eric.schrock@delphix.com> Approved by: Garrett D'Amore <garrett@damore.org>
2010-10-13171 adt_get_mask_from_user frees memory before it's usedChris Love1-1/+1
172 duplicate free in gss_accept_sec_context 173 duplicate free in spnego_gss_accept_sec_context Reviewed by: gordon.w.ross@gmail.com Reviewed by: garrett@nexenta.com Approved by: garrett@nexenta.com
2010-08-16PSARC 2010/135 Kerberos Diagnostic Enhancements (umbrella case)Glenn Barry47-732/+3079
6835328 Error messages generated by applications using RPCSEC_GSS are too vague
2010-08-116967252 coredump in mech_krb5.so.1`__profile_remove_realm+0x93Shawn Emery1-4/+13
2010-08-116909129 krb5 keytab management API should be simplified to easily merge keys ↵Shawn Emery4-1/+551
from different realms
2010-06-246916796 OSnet mapfiles should use version 2 link-editor syntaxAli Bahrami8-23/+34
--HG-- rename : usr/src/cmd/sgs/libelf/common/mapfile-common => usr/src/cmd/sgs/libelf/common/mapfile-vers rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-bindings => usr/src/cmd/sgs/link_audit/common/mapfile-vers-bindings rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-perfcnt => usr/src/cmd/sgs/link_audit/common/mapfile-vers-perfcnt rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-symbindrep => usr/src/cmd/sgs/link_audit/common/mapfile-vers-symbindrep rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-truss => usr/src/cmd/sgs/link_audit/common/mapfile-vers-truss rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-who => usr/src/cmd/sgs/link_audit/common/mapfile-vers-who rename : usr/src/common/mapfiles/i386/map.noexdata => usr/src/common/mapfiles/common/map.noexdata rename : usr/src/lib/libaio/sparc/mapfile-vers => usr/src/lib/libaio/common/mapfile-vers rename : usr/src/lib/libelfsign/common/mapfile.map => usr/src/lib/libelfsign/common/mapfile-vers rename : usr/src/lib/libpthread/sparc/mapfile-vers => usr/src/lib/libpthread/common/mapfile-vers rename : usr/src/lib/librt/amd64/mapfile-vers => usr/src/lib/librt/common/mapfile-vers rename : usr/src/lib/libsys/sparc/mapfile-vers => usr/src/lib/libsys/common/mapfile-vers rename : usr/src/lib/libthread/sparc/mapfile-vers => usr/src/lib/libthread/common/mapfile-vers
2010-06-07PSARC 2010/083 Kerberos Profile APIShawn Emery6-37/+1045
6927135 A simple API should be provided to create a Kerberos system's configuration information
2010-06-076613083 The host specified as the admin_server is not used when sending ↵Shawn Emery1-2/+13
Kerberos KPASSWD request.
2010-05-256940735 CVE-2010-0629 denial of service in kadmindZdenek Kotala1-0/+6
6945196 CVE-2010-1321 GSS-API library null pointer dereference
2010-04-066941204 krb5_fcc_read_addrs() returns garbage on failureMark Phalan1-2/+3
2010-04-066941201 double-frees on error path in krb5_os_hostaddr()Mark Phalan1-6/+2
2010-04-066941191 krb5_send_tgs doesn't do all the error checking it couldMark Phalan1-6/+9
2010-04-066941180 krb5_gss_accept_sec_context doesn't check return value of ↵Mark Phalan1-3/+9
krb5_auth_con_getauthenticator()
2010-04-066941173 logic error in krb5_build_principal_extMark Phalan1-1/+2
2010-04-066941162 krb5_encrypt_helper returns success and an apparently valid buffer ↵Mark Phalan1-3/+6
on malloc failure
2010-04-206794523 rcache could skip fsync(2)s in common cases with a dynamic skew conceptNicolas Williams3-10/+161
2010-04-096938652 krb5_sendto_kdc should initialize the addrlist structuresPeter Shoults2-6/+4
2010-03-256929229 CVE-2010-0628 - denial of service in SPNEGO ↵Glenn Barry1-26/+16
[MITKRB5-SA-2010-002][VU#839413]
2010-03-02PSARC 2010/067 Interim modernization updatesLiane Praza9-521/+5
6915312 ON should be able to build IPS packages natively 6281004 docbook.dtd is obsolete and unused 6490919 strange file in onnv-gate 6878498 update tools proto ${ROOT} to include ${MACH} and make nightly.sh copy it into parent repository 6888427 SVM packages should drop legacy objects 6893530 Some header files can be opened up 6903324 sharemgr should either use isaexec or not build 64-bit commands 6920651 mktpl will inadvertently reuse stale license files for empty license lists 6920674 svvs kmods should not be built during an open build Portions contributed by Rich Lowe <richlowe@richlowe.net> --HG-- rename : usr/src/cmd/oamuser/user/stdprofile => usr/src/cmd/nsadmin/dot-profile.sh rename : usr/src/cmd/nsadmin/profile => usr/src/cmd/nsadmin/etc-profile.sh rename : usr/src/pkgdefs/common_files/i.manifest => usr/src/cmd/svc/common/i.manifest rename : usr/src/pkgdefs/common_files/r.manifest => usr/src/cmd/svc/common/r.manifest rename : usr/src/lib/brand/native/Makefile => usr/src/lib/brand/ipkg/Makefile rename : usr/src/lib/brand/native/zone/Makefile => usr/src/lib/brand/ipkg/zone/Makefile rename : usr/src/lib/brand/native/zone/SUNWblank.xml => usr/src/lib/brand/ipkg/zone/SUNWblank.xml rename : usr/src/lib/brand/native/zone/SUNWdefault.xml => usr/src/lib/brand/ipkg/zone/SUNWdefault.xml rename : usr/src/lib/brand/native/zone/config.xml => usr/src/lib/brand/ipkg/zone/config.xml rename : usr/src/lib/brand/native/zone/platform.xml => usr/src/lib/brand/ipkg/zone/platform.xml rename : usr/src/lib/brand/native/Makefile => usr/src/lib/brand/labeled/Makefile rename : usr/src/lib/brand/native/zone/Makefile => usr/src/lib/brand/labeled/zone/Makefile rename : usr/src/lib/brand/native/zone/config.xml => usr/src/lib/brand/labeled/zone/config.xml rename : usr/src/lib/brand/native/zone/platform.xml => usr/src/lib/brand/labeled/zone/platform.xml rename : usr/src/lib/brand/native/zone/common.ksh => usr/src/lib/brand/shared/common.ksh rename : usr/src/lib/brand/native/zone/query.ksh => usr/src/lib/brand/shared/query.ksh rename : usr/src/lib/brand/native/zone/uninstall.ksh => usr/src/lib/brand/shared/uninstall.ksh rename : usr/src/pkgdefs/common_files/i.rbac => usr/src/lib/libsecdb/common/i.rbac rename : usr/src/pkgdefs/common_files/r.rbac => usr/src/lib/libsecdb/common/r.rbac rename : usr/src/pkgdefs/license_files/cr_ATT => usr/src/pkg/license_files/cr_ATT rename : usr/src/pkgdefs/SUNWfipe/cr_Intel => usr/src/pkg/license_files/cr_Intel.SUNWfipe rename : usr/src/pkgdefs/SUNWintgige/cr_Intel => usr/src/pkg/license_files/cr_Intel.SUNWintgige rename : usr/src/pkgdefs/license_files/cr_Sun => usr/src/pkg/license_files/cr_Sun rename : usr/src/pkgdefs/SUNWgrub/grubcredits => usr/src/pkg/license_files/grubcredits rename : usr/src/pkgdefs/SUNWcsl/lic_AMD => usr/src/pkg/license_files/lic_AMD rename : usr/src/pkgdefs/license_files/lic_CDDL => usr/src/pkg/license_files/lic_CDDL rename : usr/src/pkgdefs/SUNWemlxs/lic_Emulex => usr/src/pkg/license_files/lic_Emulex rename : usr/src/pkgdefs/license_files/lic_GPLv2 => usr/src/pkg/license_files/lic_GPLv2 rename : usr/src/pkgdefs/CPQary3/lic_HP => usr/src/pkg/license_files/lic_HP rename : usr/src/tools/opensolaris/BINARYLICENSE.txt => usr/src/pkg/license_files/lic_OSBL rename : usr/src/pkgdefs/license_files/lic_OSBL_preamble => usr/src/pkg/license_files/lic_OSBL_preamble rename : usr/src/pkgdefs/SUNWqlc/lic_Qlogic => usr/src/pkg/license_files/lic_Qlogic rename : usr/src/pkgdefs/SUNWhwdata/LICENSE => usr/src/pkg/license_files/lic_SUNWhwdata rename : usr/src/pkgdefs/SUNWroute/copyright.in => usr/src/pkg/license_files/lic_SUNWroute rename : usr/src/pkgdefs/SUNWgss/gss_license => usr/src/pkg/license_files/lic_gss rename : usr/src/pkgdefs/license_files/license_in_headers => usr/src/pkg/license_files/license_in_headers rename : usr/src/uts/intel/os/solaris.xpm.gz => usr/src/uts/intel/os/solaris.xpm
2010-02-266889700 __krb5_get_init_creds_password leaks krb5_gic_opt_ext *opteWill Fiveash1-2/+3
2010-02-196906079 Memory leaks when gss_accept_sec_context is called multiple times ↵Mark Phalan1-3/+1
with same security context
2010-01-066905659 krb5_732430005 leaks memoryMark Phalan1-2/+9
2010-01-066806014 unable to join domain using kerberos via tcp when no SRV ↵Mark Phalan1-1/+35
_kerberos-master._tcp is in DNS
2009-12-286908688 SPNEGO assertion failure if CIFS client specifies IP address of serverShawn Emery1-0/+6
2009-12-286885561 Unable to verify PAC server's signature in Windows 2008 domain w/ ↵Shawn Emery1-4/+10
2003 domain functional level
2009-11-096899293 Use of uninitialized variable in krb5_sname_to_principal on error pathMark Phalan1-2/+3
2009-11-096898348 'idmapd' core reported with thread 'ad_disc_get_DomainController'Mark Phalan1-1/+1
2009-11-106565115 Bug in krb5_get_credentials_core() functionMark Phalan1-6/+16
2009-11-126885980 Need case-insensitive keytab lookups for MS interopShawn Emery6-26/+120
6885387 gsskrb5_extract_authz_data_from_sec_context() fails with service ticket sent by Windows 7 client 6858400 kclient cant join Windows AD domain if hostname is 20 characters or longer 6867203 Solaris acceptors fail in Windows 2000 environment 6868908 Solaris acceptors should have returned KRB5KRB_AP_ERR_MODIFIED for Microsoft interoperability 6867208 Windows client cannot recover from KRB5KRB_AP_ERR_SKEW error
2009-10-126887388 New SPNEGO features for CIFS are DOAGlenn Barry1-23/+23
6888759 EXPORT_SRC build broken after push of CR 6808598
2009-09-21PSARC 2009/418 Kerberos V5 PAC APIGlenn Barry33-4607/+8867
6283931 SPNEGO needs to follow latest RFC 6808598 krb5 APIs needed to create and parse PAC data 6817447 libgss and various mechs are hiding both the real minor_status and the error token
2009-07-296864230 hiho, hiho, it'ch chtime for CH to gojmcp1-1/+0
Portions contributed by Rich Lowe
2009-06-026802931 krb5 nfs allows access to shares without credentials by symlinking ↵Peter Shoults1-3/+4
to someone else's cred cache 6840235 Some slight changes need to be made to gssd_getuid.c to be more readable
2009-05-196822062 multiple vulnerabilities in SPNEGO, ASN.1 decoder (CVE-2009-0847, ↵Peter Shoults3-44/+44
CVE-2009-0845, CVE-2009-0844) 6822066 ASN.1 decoder frees uninitialized pointer (CVE-2009-0846)
2009-02-266801333 mech_krb5 is using deprecated libresolv functions which are not MT safe1-1/+2
2009-02-116777148 idmap fails to auto-discover AD due to ldap_sasl_bind failure6-9/+172
2009-02-106798660 Cadmium .NOT file processing problem with CWD relative file pathsAli Bahrami8-63/+121
Contributed by Richard Lowe 6785284 Mapfile versioning rules need to be more visible to gatelings 6800164 Standard file exclusion mechanism needed for Cadmium tools
2008-12-116782682 krb5_recvauth() should return NULL for auth_context on failure1-1/+3
2009-01-14PSARC 2008/778 asprintf, vasprintfRoger A. Faulkner1-2/+3
4508459 Solaris should have asprintf() and vasprintf() functions
2008-10-296704459 assert defined in k5-thread.h produces number of false positives1-2/+2
2008-10-276756312 krb5int_pbkdf2_hmac_sha1() should not call C_DestroyObject() after ↵1-7/+6
C_GenerateKey() fails
2008-10-246756928 Kerberos incorrectly displays the error message "krb5 conf file not ↵1-5/+4
configured"
2008-10-24PSARC/2008/631 Kerberos PKINITMark Phalan194-5098/+11521
PSARC/2008/358 removal of kadm5.keytab 6698059 Resync with mit 1.6.3 (pkinit) 6749302 pam_krb5 auth fails with key table entry not found
2008-09-08Contributed by Palle Lyckegaard <palle@lyckegaard.dk>John Sonnenschein4-28/+16
4930079 many Makefiles redefine "CP", causing problems for incrementals
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-27 08:29:44 +0000