Jeffrey Altman [Mon, 25 Apr 2005 17:40:38 +0000 (17:40 +0000)]
the purpose of the krb5_get_credentials call is to
obtain a set of credentials for the caller. the
krb5_cc_store_cred() call is to optimize performance
for future calls. Ignore any errors, since the credentials
are still valid even if we fail to store them in the cache.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17201
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 23 Apr 2005 00:39:18 +0000 (00:39 +0000)]
Move WSAStartup/WSACleanup from DllMain to krb5_init_ctx/krb5_free_ctx
WSAStartup/WSACleanup cannot be called from DllMain without risking
a deadlock when FreeLibrary().
ticket:2980
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17200
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 22 Apr 2005 00:45:48 +0000 (00:45 +0000)]
* implementor.texinfo (Porting Issues): Fix up formatting
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17195
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 22 Apr 2005 00:26:13 +0000 (00:26 +0000)]
* implementor.texinfo (Networking): New chapter node, incorporates Socket API,
IPv6 Support, Local Addresses, and Host Address Lookup.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17194
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 22 Apr 2005 00:23:34 +0000 (00:23 +0000)]
* implementor.texinfo (Thread Shim Layer Implementation): New node.
(Internal Thread API): Move the k5_os_ descriptions there.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17193
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 23:16:26 +0000 (23:16 +0000)]
* implementor.texinfo (Local Addresses): Drop Mac OS 9, add Solaris 9, HP-UX
11.
(IPv6 Support, Host Address Lookup): Update for fake getaddrinfo code moved to
support library.
(Thread System Requirements): Use @code when listing function names. Add a
couple notes about some problematic routines.
(Internal Thread API): Update k5_mutex_t description to indicate there's always
non-OS data included. Describe case where thread support is disabled.
(Advanced Shared Library Requirements): Describe recently raised Windows
DllMain issues. Describe finalization code. Multiple init/fini functions are
now allowed in a library. Describe LIBINITFUNC and LIBFINIFUNC makefile
variables. Mention lib.in can have rules for generating temporary files for
dealing with export lists.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17192
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 23:02:59 +0000 (23:02 +0000)]
* Makefile (clean-tex): Delete *.fns, *.vrs, *.tps too.
(implementor.pdf, implementor.ps, implementor.info): New targets.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17191
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 23:01:30 +0000 (23:01 +0000)]
* build.texinfo (HPUX): Add some notes about the thread support and gcc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17190
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 22:31:54 +0000 (22:31 +0000)]
update release ids
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17189
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 22:28:41 +0000 (22:28 +0000)]
add copyright 2005
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17188
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 21 Apr 2005 21:44:37 +0000 (21:44 +0000)]
Stop generating per-directory sed scripts, and use perl to compute the patterns
on the fly instead. (Next step, someday, integrate this script and depfix.sed,
so we only have to run one script.)
* config/post.in (depend-dependencies): Use (and depend on) depfix2.pl instead
of .depfix2.sed.
(.depfix2.sed): Target deleted.
(DEPTARGETS): Delete .depfix2.sed and .depfix2.tmp.
* util/depgen.sed: Deleted.
* util/depfix2.pl: New file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17187
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 20 Apr 2005 18:36:40 +0000 (18:36 +0000)]
* depgen.sed: Delete faulty check for $(srcdir), and redundant check for $(SRCTOP)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17186
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 20 Apr 2005 03:19:31 +0000 (03:19 +0000)]
* lib/kadm5/configure.in, kadmin/configure.in: Don't invoke AC_CANONICAL_HOST
explicitly, CONFIG_RULES already does it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17185
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 20 Apr 2005 03:10:12 +0000 (03:10 +0000)]
Compute reltopdir at autoconf time instead of at configure time. This has the
happy side effect of stopping autoreconf from creating directories named
"$ac_config_fragdir" all over the source tree.
* aclocal.m4 (fileexists, K5_TOPDIR): New macros.
(V5_SET_TOPDIR): Don't test for AC_LOCALDIR any more. Use K5_TOPDIR computed
at autoconf time, but still verify that the contents are what we expect. Don't
use shell variables in the argument to AC_CONFIG_AUX_DIR.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17184
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 20:38:36 +0000 (20:38 +0000)]
Allow compile-time specification that small code space is desired
* d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): Don't declare
left and right variables as registers.
* f_cksum.c (mit_des_cbc_cksum): Likewise.
* f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): Likewise.
(krb5int_des_cbc_encrypt): For full blocks, use GET_HALF_BLOCK to read and then
xor, instead of processing each byte individually.
(krb5int_des_do_encrypt_2, krb5int_des_do_decrypt_2) [CONFIG_SMALL]: New
functions, wrapping large macros with the DES inner loops.
* f_tables.h (DES_DO_ENCRYPT_1, DES_DO_DECRYPT_1): Renamed from non-_1 names.
(krb5int_des_do_encrypt_2, krb5int_des_do_decrypt_2): Declare if CONFIG_SMALL
is defined.
(DES_DO_ENCRYPT, DES_DO_DECRYPT): Expand to _1 macros or _2 function calls
depending on whether CONFIG_SMALL is defined.
With CONFIG_SMALL defined, on x86/gcc/glibc, this drops about 5K (25%) of the
code/table space.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17183
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 20:19:31 +0000 (20:19 +0000)]
* aesopt.h: On PalmOS, include FloatMgr.h to get endianness flag.
(ENC_UNROLL, DEC_UNROLL, ENC_ROUND, LAST_ENC_ROUND, DEC_ROUND, LAST_DEC_ROUND,
KEY_SCHED): If CONFIG_SMALL is defined, set to NONE or NO_TABLES as
appropriate.
(Latter change drops about 40K -- over 85% -- from AES code/table size in
shared libraries on x86/glibc/gcc.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17182
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 20:14:48 +0000 (20:14 +0000)]
* aes_s2k.c (krb5int_aes_string_to_key): Widen bytes of iteration count before shifting
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17181
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 20:14:10 +0000 (20:14 +0000)]
* Makefile.in (all-unix): Don't build aes-gen by default, leave it for 'make check'
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17180
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 17:01:23 +0000 (17:01 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17179
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 16:58:27 +0000 (16:58 +0000)]
* Makefile.in (BISONFLAGS): Drop -v.
($(srcdir)/deltat.c): Change to source directory before rebuilding, so path to
source tree doesn't get inserted.
(deltat.c rebuilt)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17178
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 13 Apr 2005 16:55:43 +0000 (16:55 +0000)]
Delete definitions of unused macros NEED_SOCKETS and NEED_LOWLEVEL_IO
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17177
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 7 Apr 2005 23:37:39 +0000 (23:37 +0000)]
Work around Makefile quoting problems
ticket: 2992
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17170
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 6 Apr 2005 00:15:05 +0000 (00:15 +0000)]
* commands.c (shell): Change 0 to (char*)NULL in execl calls. Patch provided
by Michael Calmer.
ticket: 3000
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17166
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 6 Apr 2005 00:13:02 +0000 (00:13 +0000)]
* krlogind.c (doit): Change 0 to (char*)NULL in execl* calls. Patch provided
by Michael Calmer.
* krshd.c (doit): Likewise.
* login.c (main): Likewise.
ticket: 3000
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17165
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 6 Apr 2005 00:05:10 +0000 (00:05 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17164
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 29 Mar 2005 21:21:14 +0000 (21:21 +0000)]
fix MITKRB5-SA-2005-001 telnet client vuln
* telnet.c (slc_add_reply, slc_end_reply): Fix buffer overflow
vulnerability by checking lengths.
(env_opt_add): Ensure buffer allocation is sufficiently large,
accounting for expansion during IAC quoting.
ticket: new
tags: pullup
version_reported: 1.4
target_version: 1.4.1
component: telnet
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17162
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Mar 2005 18:32:04 +0000 (18:32 +0000)]
Test new k5_getpwuid_r macro
* configure.in: Create makefile in misc.
* Makefile.in (LOCAL_SUBDIRS): Add misc.
* misc/test_getpw.c: New file.
* misc/Makefile.in: New file, based on ../resolve/Makefile.in.
(test_getpw): New target.
(check): Build and run it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17161
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Mar 2005 18:29:53 +0000 (18:29 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17160
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:15:55 +0000 (02:15 +0000)]
* import_name.c (krb5_gss_import_name): Use k5_getpwuid_r
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17159
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:06:43 +0000 (02:06 +0000)]
* configure.in: Don't check for getpwuid_r here.
* prof_file.c (profile_open_file): Use k5_getpwuid_r.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17158
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:05:06 +0000 (02:05 +0000)]
* kuserok.c (krb5_kuserok): Use k5_getpwnam_r
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17157
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:02:40 +0000 (02:02 +0000)]
* configure.in: Don't check for getpwnam_r and getpwuid_r in the thread-safety
warnings. The tests done elsewhere in the tree are stricter and may not
agree.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17156
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:00:47 +0000 (02:00 +0000)]
This patch tightens up our determination of whether we can use
getpw{nam,uid}_r, and using the set flags, creates macros providing a
consistent API, and if possible thread safety.
* configure.in: Don't check for getpwnam_r and getpwuid_r with AC_CHECK_FUNCS;
use AC_CHECK_FUNC, and only set shell variables. Run stricter tests on return
types and numbers of arguments, and only define the C macros if these
parameters can actually be determined.
* k5-platform.h (k5_getpwnam_r, k5_getpwuid_r): New macros.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17155
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 01:47:46 +0000 (01:47 +0000)]
* Makefile.in ($(srcdir)/krb5/autoconf.stmp): Nuke autom4te.cache directory
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17154
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Mar 2005 21:36:55 +0000 (21:36 +0000)]
shared library support for HP-UX 10
Our somewhat outdated HP-UX support (which was targeted at HP-UX 10, not 11)
does not have support for shared library initialization and finalization
functions, nor for shared library export lists. The former was causing
compilation failures unless shared library support was disabled.
* include/k5-platform.h: Expand on init/fini comments some more.
(MAKE_FINI_FUNCTION): Add an HP-UX specific variant that defines an auxiliary
function fitting the signature of HP-UX 10 library combined
initializer/finalizer functions.
* config/lib.in (hpux10.exports): New target, constructed similar to
osf1.exports but with HP-UX 10.x linker options, no initializers, and "errno"
explicitly added to the export list.
* shlib.conf (*-*-hpux*): Combine PICFLAGS setting with SHLIB_EXPFLAGS and
LDCOMBINE setting. Add linker option "-c hpux10.exports" to LDCOMBINE. Set
SHLIB_EXPORT_FILE_DEP to hpux10.exports. Set use_linker_fini_option.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17153
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Mar 2005 21:28:30 +0000 (21:28 +0000)]
threaded test program built even with thread support disabled
* Makefile.in (all-unix): Use @THREAD_SUPPORT@ and helper targets to build
programs only if thread support is enabled.
(all-unix-0, all-unix-1): New helper targets.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17152
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 23 Mar 2005 04:00:16 +0000 (04:00 +0000)]
* dnsglue.h: Define ns_rr_class to ns_rr_cl if ns_rr_class doesn't
exist.
ticket: 2906
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17145
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 23 Mar 2005 03:14:10 +0000 (03:14 +0000)]
* x-deltat.y (wsnum): Add missing semicolon following YYERROR,
which was preventing bison-1.75 from producing compilable C
output.
ticket: new
version_reported: 1.4
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17140
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 22 Mar 2005 22:49:11 +0000 (22:49 +0000)]
* gic_keytab.c (krb5_get_init_creds_keytab): When calling
krb5_get_init_creds() for the second time (with use_master=1),
also accept KRB5_REALM_UNKNOWN as a soft error, and use the result
from the first call to krb5_get_init_creds(). This can happen
when no master KDC is configured.
ticket: 2974
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17132
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Sun, 20 Mar 2005 15:20:38 +0000 (15:20 +0000)]
threads.c (thread_termination): Free array of pointers to thread-specific data (t) on thread termination. Use existing mutex to prevent the deletion of the array from interfering with the global list of thread specific data (used for library termination)
ticket: 2971
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17129
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:35:29 +0000 (06:35 +0000)]
The current wconfig.c does not treat @MAINT@ as a comment. Until we
have one that does, override the use of @MAINT@ on Windows.
ticket: 2962
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17128
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:32:39 +0000 (06:32 +0000)]
krb5_c_is_keyed_cksum() is a boolean function. It cannot safely return
an error value. Change the error condition to return False (0) instead
of 0xFFFFFFFF.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17127
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:17:05 +0000 (06:17 +0000)]
Fix dangerous 64-bit time_t * to long * conversion
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17126
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:46:26 +0000 (19:46 +0000)]
* v4gssftp.exp: Identify file correctly for top-level error messages
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17125
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:32:53 +0000 (19:32 +0000)]
* default.exp (start_tail): Make 'standalone' an additional argument.
(start_kerberos_daemons): Pass it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17124
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:24:48 +0000 (19:24 +0000)]
* Makefile.in (EXTRADEPSRCS): Define
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17123
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 13 Mar 2005 08:16:34 +0000 (08:16 +0000)]
st_mtim.tv_nsec, not tv_usec
ticket: 2959
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17122
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 13 Mar 2005 07:34:23 +0000 (07:34 +0000)]
profile library should check high-resolution timestamps if available
With the current profile code, it's possible for a file to be read when
partially written, with the writing of the new file contents being completed
within the same 1-second clock value, causing the profile code not to re-read
the contents. Using a higher-resolution timestamp, available on many systems
now, should help reduce that window. (Checking file sizes should also,
consider doing that separately.)
* configure.in: Check struct stat for fields st_mtimensec,
st_mtimespec.tv_nsec, and st_mtim.tv_usec.
* prof_file.c (profile_update_file_data): If one of them is found, use it as
the fractional part of the timestamp. Do re-read the file if the fractional
parts don't match.
* prof_int.h (struct _prf_data_t): Add new field frac_ts.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17121
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sun, 6 Mar 2005 00:18:30 +0000 (00:18 +0000)]
* sn2princ.c (krb5_sname_to_principal):
conditionalize the use of reverse dns lookups. The default
is to use the existing behavior. rdns can be disabled by
specifying [libdefaults] rdns=false
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 5 Mar 2005 00:12:44 +0000 (00:12 +0000)]
I think the hpux change here should prevent it from overriding the
user-specified options, but still add in the necessary flags.
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): Expand on error message if failing.
Substitute THREAD_SUPPORT -> 0 or 1 in makefiles. For HP-UX, set
PTHREAD_CFLAGS, not CFLAGS.
ticket: 2929
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17119
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:53:54 +0000 (23:53 +0000)]
* asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int instead of
pointer, do the appropriate error checking.
ticket: 2953
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17118
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:50:45 +0000 (23:50 +0000)]
hpux10 has gmtime_r with wrong return type, breaking asn.1 encoder
The hpux10 gmtime_r returns int (0 means success), whereas the POSIX
gmtime_r returns a pointer (NULL means failure).
* configure.in: Check return type of gmtime_r, and define GMTIME_R_RETURNS_INT
if it returns int. If the return type can't be determined, pretend the
function isn't there.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17117
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:06:39 +0000 (02:06 +0000)]
* build.texinfo (HPUX): Update with current state of shared library and thread
support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17115
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:05:42 +0000 (02:05 +0000)]
ignore more targets and byproducts
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17114
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:04:12 +0000 (02:04 +0000)]
build user-guide.pdf too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17113
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:01:55 +0000 (02:01 +0000)]
Build/delete PDF files
* Makefile (PSPDF): New variable.
(admin-guide.pdf, install-guide.pdf): New targets.
(clean-final): Delete PDF files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17112
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 00:05:08 +0000 (00:05 +0000)]
profile_clear_relation doesn't work, iterator still sees deleted nodes
The "deleted" flag was being checked when writing out the file, but
not when iterating through using the profile handle being used to do
the deletions.
* prof_tree.c (profile_node_iterator): After checking skip_num counter, also
skip over deleted nodes.
* prof_test1 (test3): New proc.
(top level): Run it.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17111
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Mar 2005 23:25:32 +0000 (23:25 +0000)]
time-delta parser doesn't work on HP-UX 10
A build on Lenny's machine (built with gcc 2.7, thread support disabled, static
libraries only) is failing tests because the HP header files define "WS" as a
macro that expands to 2, while the delta-t grammar uses "WS" as the name of a
terminal symbol (which under bison turns into a C macro).
Renaming the terminal in the grammar (and custom lexer) fixes the problem.
* x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts with HP-UX
10 header files. Updated all productions.
(mylex): Updated.
* Makefile.in ($(srcdir)/deltat.c): Enable dependencies in maintainer mode.
* deltat.c: Updated.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 23 Feb 2005 22:47:14 +0000 (22:47 +0000)]
possible profile null pointer deref in threaded app
There seems to be a problem with a null pointer popping up when
profile_node_iterator reads ...->data->root to start walking through the
contents. Don't have a lot of details, but I've got some patches that might
tighten things up a little.
* prof_tree.c (profile_node_iterator): Check that the root node pointer is not
null; raise assertion failure if it is.
* prof_int.h: Include k5-platform.h.
(struct _prf_data_t): Reorder fields, and insert some padding.
* prof_file.c (scan_shared_trees_locked): Check that the "root" field isn't
null.
(profile_open_file): Update the in-memory file contents after updating the
refcount instead of before.
(profile_update_file_data): If the root node in the file data is null, always
do the update. Check that it's not null before returning a success
indication.
(profile_dereference_data_locked): Scan linked list of file data objects for
sanity check, before and after.
(profile_dereference_data_locked): Don't do it here.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17106
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Feb 2005 23:46:49 +0000 (23:46 +0000)]
* krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message if
SHOW_INITFINI_FUNCS is defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17105
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 16 Feb 2005 20:34:49 +0000 (20:34 +0000)]
Export missing DATA symbols on Windows
ticket: 2924
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17104
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Feb 2005 19:57:15 +0000 (19:57 +0000)]
* init_ctx.c (init_common): Delete redundant library initialization call that
was run only on UNIX. Test assertion that krb5_ui_8 really did get a proper
64-bit type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Feb 2005 01:14:00 +0000 (01:14 +0000)]
* gss-misc.c: Include autoconf.h. If both time.h and sys/time.h are available,
and they're compatible, include both.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17102
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 12 Feb 2005 00:27:35 +0000 (00:27 +0000)]
* kadmin.c (kadmin_startup): New flag "-N" to prevent fallback to
AUTH_GSSAPI.
* kadmin.M: Describe "-O" and "-N" flags.
ticket: 2913
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17101
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:10:40 +0000 (23:10 +0000)]
missed one file on previous commit
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17100
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:09:25 +0000 (23:09 +0000)]
Implement principal name and auth flavor fallback for kadm5 client
library. Adjust test suites to compensate.
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17099
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Feb 2005 02:52:08 +0000 (02:52 +0000)]
* gic_pwd.c (krb5_get_init_creds_password): Fix so empty password
string causes prompting and doesn't cause truncation of password
to zero characters.
ticket: 2918
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17098
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:39:32 +0000 (22:39 +0000)]
* gss-threads: New subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Add it.
* configure.in: Configure it. Check for semaphore.h, sem_init, sem_trywait.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17097
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:37:38 +0000 (22:37 +0000)]
multithreaded gssapi test prog based on gss-sample w/jaltman+raeburn changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17096
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:19:45 +0000 (02:19 +0000)]
* krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If SHOW_INITFINI_FUNCS
is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17095
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:18:19 +0000 (02:18 +0000)]
* et/error_message.c (com_err_initialize, com_err_terminate): If
SHOW_INITFINI_FUNCS is defined, print tracing messages.
* profile/prof_file.c (profile_library_initializer, profile_library_finalizer):
If SHOW_INITFINI_FUNCS is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17094
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:50:50 +0000 (00:50 +0000)]
Exercise the dynamic loading/unloading of libraries a bit more.
Athena's old IRIX systems fail this test now.
* t_loader.c (verbose): New variable.
(do_close_1): Drop filename argument. Change messages accordingly, and only
display them if verbose. Line up "done" messages vertically.
(do_open_1): Likewise. Add library version argument, used when on AIX, in
combination with RTLD_MEMBER.
(do_open): Don't pass filename. Do pass library version; callers changed.
(do_close): Don't pass filename.
(get_sym_1): Renamed from get_sym, added line number argument. Print messages
if verbose.
(get_sym): New macro.
(xbasename): Function deleted.
(HORIZ): New macro.
(main): Turn off output buffering. Print messages before and after calling
functions in loaded libraries. Disable first set of tests, that don't call any
functions. Test gssapi library without loading any other libraries, then test
it after loading com_err, and unload com_err first.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17093
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:41:40 +0000 (00:41 +0000)]
There is a memory leak here, if a thread has registered some per-thread data
when we delete the key. Fixing it will require walking through the per-thread
data of every thread and freeing the objects... and watching for deadlocks in
the case where a thread is exiting at the same time.
* threads.c (k5_key_delete) [pthread case]: Reset flags and destructor function
pointer to unset state.
(krb5int_thread_support_init, krb5int_thread_support_fini): If
SHOW_INITFINI_FUNCS is defined, print some tracing messages.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17092
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:23:20 +0000 (00:23 +0000)]
* Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17091
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:20:38 +0000 (00:20 +0000)]
* gss_libinit.c (gssint_lib_init, gssint_lib_fini) [SHOW_INITFINI_FUNCS]: Print tracing messages
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17090
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:14:57 +0000 (00:14 +0000)]
Fix build problem found testing certain combinations of options
* k5-platform.h (PROGRAM_EXITING) [__GNUC__ && !_WIN32 &&
CONSTRUCTOR_ATTR_WORKS && !DELAY_INITIALIZER]: Define as zero.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17089
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:11:14 +0000 (00:11 +0000)]
Build system support for a library having more than one init/fini symbol
defined, when using linker options to specify these functions. Now
LIBINITFUNC/LIBFINIFUNC are considered lists of symbols, ordered from
lowest-level (init run first, fini run last) to highest-level.
* lib.in (config.status): Change target to be in $thisconfigdir rather than
local.
(osf1.exports): Create a temporary file then rename into place. Add options
for library init/fini symbols, handling multiple values.
* shlib.conf (case alpha*-dec-osf*): Don't handle init/fini symbols here.
(case mips-sgi-irix*): Handle multiple init/fini symbols. Always set $initfini
before it gets used.
(case *-*-solaris*, not gcc): Handle multiple init/fini symbols.
(case *-*-aix*): Handle multiple fini symbols.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17088
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:12:08 +0000 (23:12 +0000)]
* Makefile.in (config.status): Depend on shlib.conf
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17087
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:10:48 +0000 (23:10 +0000)]
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): If thread support is not enabled, zap
the PTHREAD_ variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17086
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:09:31 +0000 (01:09 +0000)]
* gssapi.hin: (GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't
define except on Windows.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17085
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:06:56 +0000 (01:06 +0000)]
Makefile.in: fix macro syntax in last change
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17084
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:03:27 +0000 (01:03 +0000)]
* t_loader.c: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17083
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:41 +0000 (00:58 +0000)]
don't build anything by default
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17082
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:07 +0000 (00:58 +0000)]
* Makefile.in: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:57:17 +0000 (00:57 +0000)]
* configure.in: Look for dlfcn.h. Configure new shlib subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Build in shlib subdir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17080
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:48:12 +0000 (00:48 +0000)]
* configure.in: Put #ifndef/#define/#endif wrapper into autoconf.h to protect
against multiple inclusions. Don't look for xom.h. Check for dlopen.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17079
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:31:21 +0000 (00:31 +0000)]
* gssapi.hin: Don't conditionally include xom.h here
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17078
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:27:33 +0000 (00:27 +0000)]
* Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_ when
extracting from autoconf.h. Don't look for HAVE_ or USE_ symbols. Add
${include_xom} to the prologue.
(include_xom): New variable.
* gssapi.h: Always include stddef.h unconditionally.
(GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't define.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17077
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:26:17 +0000 (00:26 +0000)]
* configure.in: Check for xom.h. Set include_xom to a C include directive or
comment, and substitute it in the Makefiles.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17076
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 28 Jan 2005 05:16:34 +0000 (05:16 +0000)]
* t_walk_rtree.c (main): Free context at end to allow searching
for memory leaks.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17072
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 24 Jan 2005 20:22:57 +0000 (20:22 +0000)]
* post.in (Makefile): Nuke autom4te.cache before and after autoconf runs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17063
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 22 Jan 2005 01:28:14 +0000 (01:28 +0000)]
Irix k5_os_mutex_lock calls k5_pthread_mutex_lock w/ wrong arg
* k5-thread.h (k5_os_mutex_lock): Under Irix, invoke
k5_pthread_mutex_lock() with the k5_os_mutex, not the
pthread_mutex_t.
(k5_pthread_assert_locked,unlocked): If DEBUG_THREADS not used, provide
correct prototype. Add missing close paren.
Test programs show that under irix, the mutex locking/unlocking code was
working - even with the wrong memory use... I do not understand why.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17062
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 18 Jan 2005 17:33:56 +0000 (17:33 +0000)]
* configure.in: When looking for setupterm() - look in
libcurses/libncurses even if termcap library found.
This is a GCC 4.0 fix.. Otherwise we get conflicting declarations of setupterm
in a header file and in the telnet client.
ticket: 2876
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17053
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 18 Jan 2005 17:29:46 +0000 (17:29 +0000)]
* threads.c (k5_key_delete) [ENABLE_THREADS && !_WIN32]: Don't abort,
just leak resources for now.
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17052
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 18 Jan 2005 08:07:47 +0000 (08:07 +0000)]
re-initialize 'terminated' variable to 0 during initialization routine
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17051
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 23:57:51 +0000 (23:57 +0000)]
Some applications such as Eudora on Windows load and unload the Kerberos
libraries as part of a plug-in. Plugins are often loaded for a specific
purpose and then unregistered. In order to support this model, the libraries
must restore the library state to the uninitialized state when the library
is unloaded.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17050
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 19:10:31 +0000 (19:10 +0000)]
krb5_unparse_name(), krb5_unparse_name_ext():
prevent dereferencing of pointer if 'name' or 'size' are NULL
ticket: new
tags: pullup
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17049
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:37:27 +0000 (17:37 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
fixed as introduced in ticket #2541. Do not rely on knowledge that
upon failure from krb5_cc_retrieve_cred, returned credential data
is untouched.
Testsuite passes all tests, but would like another set of eyes to look over code
before closing ticket.
ticket: 2885
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17048
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:32:26 +0000 (17:32 +0000)]
subject; krb5_do_preauth could attempt to free NULL pointer
* preauth2.c (krb5_do_preauth): Upon error in decoding
krb5_type_info{,2}, on failure, do not call krb5_free_type_info
with a null pointer.
The only way to reach this code is to set a preauth list requesting for ETYPE_INFO
or ETYPE_INFO2 in a call to krb5_get_in_tkt_with_password.
Before sending the request, krb5_do_preauth tries to parse a NULL length asn1 buffer,
fails and tries to free a null pointer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17047
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 Jan 2005 21:40:23 +0000 (21:40 +0000)]
* rc_dfl.c: Move the extraction of the struct dfl_data
from the krb5_rcache after obtaining the lock, not before.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17046
dc483132-0cff-0310-8789-
dd5450dbe970