Ken Raeburn [Wed, 30 Jun 2004 23:24:42 +0000 (23:24 +0000)]
Thread-safety for file-based credentials caches
* cc_file.c (krb5_fcc_data): Added a mutex.
(krb5_fcc_read*, krb5_fcc_write, krb5_fcc_store_*, krb5_fcc_open_file,
krb5_fcc_skip_header, krb5_fcc_skip_principal): Verify that the mutex is
locked.
(MAYBE_OPEN): Verify that the mutex is locked; unlock it if returning an error.
(krb5_fcc_initialize, krb5_fcc_start_seq_get, krb5_fcc_get_principal,
krb5_fcc_store, krb5_fcc_set_flags): Lock and unlock the mutex.
(krb5_fcc_close): Likewise. Destroy the mutex when done.
(krb5_fcc_destroy): Merge stdio and non-stdio versions a little more. Destroy
the mutex when done.
(krb5_fcc_resolve): Initialize and lock the mutex.
(krb5_fcc_next_cred): Lock and unlock the mutex. Merge the stdio and non-stdio
branches a little more.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16534
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 30 Jun 2004 21:21:56 +0000 (21:21 +0000)]
* k5-thread.h (k5_debug_assert_locked, k5_debug_assert_unlocked): New macros.
(k5_assert_locked, k5_assert_unlocked): New macros, may or may not call the
debug macros.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16533
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 30 Jun 2004 20:30:54 +0000 (20:30 +0000)]
* libkadm5clnt.exports: Export kadm5_get_admin_service_name
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16532
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 30 Jun 2004 05:00:25 +0000 (05:00 +0000)]
* cc_mslsa.c:
- is_windows_2000() indicates the OS is Windows 2000 or higher
- is_windows_xp() indicates the OS is Windows XP or higher which
indicates that PKERB_QUERY_TKT_CACHE_EX_RESPONSE and
PKERB_TICKET_CACHE_INFO_EX are available.
- does_retrieve_ticket_cache_ticket() checks to see if a Microsoft
private fix is available which adds a new Cache Flag,
KERB_RETRIEVE_TICKET_CACHE_TICKET, which when set causes the
requested ticket to be stored in the LSA cache even when the
TicketFlags and EncType are not set to 0.
- KerbExternalTicketMatch() is a test to determine if two
Microsoft External Tickets are identical
+ use the KerbQueryTicketCacheExMessage LSA call on XP or higher
+ specify the KERB_RETRIEVE_TICKET_CACHE_TICKET flag when it is
available
= The combination of both + items will cause the ClientRealm
to be displayed properly for all cross realm tickets obtained
via the MSLSA
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16528
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 29 Jun 2004 13:15:20 +0000 (13:15 +0000)]
* cc_memory.c (krb5_mcc_free): Don't free the mutex here
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16527
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 28 Jun 2004 22:47:11 +0000 (22:47 +0000)]
Lots of signedness and argument-casting fixes. Some arithmetic
paranoia for seasoning.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16526
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Jun 2004 19:02:51 +0000 (19:02 +0000)]
Missed some log data with last checkin:
* cc_memory.c (struct _krb5_mcc_data): Delete 'next' pointer. Add a mutex.
(krb5_mcc_*): Lock and unlock the mutex as appropriate.
(struct krb5_mcc_list_node): New type, separates the linked-list
container from the data for individual nodes.
(mcc_head): Now points to krb5_mcc_list_node.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16525
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Jun 2004 18:58:53 +0000 (18:58 +0000)]
* cc_memory.c: Include k5-thread.h.
(krb5int_mcc_mutex): New lock.
(krb5_mcc_store): Rewrite.
(NEED_WINDOWS): Don't define.
(krb5_mcc_*): All functions now static.
* cc-int.h (krb5int_mcc_mutex): Declare.
* ccbase.c (krb5int_cc_initialize): Initialize it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16524
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 26 Jun 2004 19:08:46 +0000 (19:08 +0000)]
* ovsec_kadmd.c (log_badverf): Fix a missed rpc_u_int32
ticket: 2601
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16523
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 25 Jun 2004 23:23:36 +0000 (23:23 +0000)]
more namespace cleanup: remove uses of rpc_int32 and rpc_u_int32
ticket: 2601
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16522
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Jun 2004 19:42:10 +0000 (19:42 +0000)]
* k5-platform.h (JOIN4, JOIN4_2, JOIN3, JOIN3_2): Unused macros deleted.
(JOIN__2, JOIN__2_2): Renamed from JOIN2 and JOIN2_2. Insert two underscores
between the tokens supplied. All uses changed to use new macros, and not use
identifiers with leading underscores.
ticket: 2603
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16521
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 25 Jun 2004 12:12:13 +0000 (12:12 +0000)]
gssapi_krb5.h is autogenerated in krb5-1.4 and later (don't pull up)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16520
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 25 Jun 2004 12:11:40 +0000 (12:11 +0000)]
Updated for krb5-1.4 file changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16519
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 25 Jun 2004 12:10:48 +0000 (12:10 +0000)]
gssapi_krb5.h is autogenerated in krb5-1.4 and later (don't pull up)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16518
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Jun 2004 00:54:23 +0000 (00:54 +0000)]
* configure.in: Fix typo in setting krb5_cv_header_sys_param_h_maxhostnamelen
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16517
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 25 Jun 2004 00:07:18 +0000 (00:07 +0000)]
* kpasswd.c (P1, P2): Cosmetic fix for prompts to avoid
double colons.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16516
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 24 Jun 2004 23:15:55 +0000 (23:15 +0000)]
Use null pointer as service name to request host-based service name
ticket: 2613
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16515
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 24 Jun 2004 22:46:21 +0000 (22:46 +0000)]
update copyright, fix comment typo
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16514
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 24 Jun 2004 22:43:58 +0000 (22:43 +0000)]
* cc_file.c (krb5_fcc_read_data): Combine stdio and posix versions of code with
gratuitous minor differences.
(krb5_fcc_read_int32, krb5_fcc_next_cred): Likewise.
(krb5_fcc_read_addr): Likewise. Check that filled-in length field matches the
value we tried to store (i.e., that type conversion didn't throw away
information).
(krb5_fcc_read_authdatum): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16513
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 24 Jun 2004 22:31:45 +0000 (22:31 +0000)]
typo in last change
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16512
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 24 Jun 2004 22:30:16 +0000 (22:30 +0000)]
* threads.c: Reorganize code: One definition of each function, with
per-platform conditional tests inside, instead of per-platform definitions for
each function. Combine common aspects of each function across platforms.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16511
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 24 Jun 2004 20:10:05 +0000 (20:10 +0000)]
use host-based service name for kadmin client
* kadmin.c (kadmin_startup): Use host-based service name from
kadm5_get_admin_service_name() for SEAM compatibility when old
AUTH_GSSAPI not requested.
ticket: new
component: krb5-admin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16510
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 24 Jun 2004 20:08:30 +0000 (20:08 +0000)]
* alt_prof.c (kadm5_get_admin_service_name): Fix call to
kadm5_get_config_params().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16509
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 24 Jun 2004 20:07:29 +0000 (20:07 +0000)]
* client_init.c (_kadm5_init_any)[DEBUG]: Print error from
clnttcp_create().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16508
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 22 Jun 2004 18:18:04 +0000 (18:18 +0000)]
* cc_file.c (my_fopen): Function deleted.
(krb5_fcc_open_file): Use fopen, not my_fopen.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16507
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 22 Jun 2004 18:14:15 +0000 (18:14 +0000)]
Delete preprocessor tests for macintosh, __MWERKS__, applec, and THINK_C, all
part of the pre-Mac OS X support. (Except the bits in the Yarrow code, where
it was part of the upstream source.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16506
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 22 Jun 2004 06:39:43 +0000 (06:39 +0000)]
cc_mslsa.c: Comment out calls to FormatMessage and do not terminate
the program on a failure to generate a message. The existing code fails
on non-English systems. We do not need this code in a library unless we
are logging to the Event Log which is currently not done. Ignore this
for the time being until such time as we decide Event Log entries are
important to us.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16503
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 21 Jun 2004 20:58:34 +0000 (20:58 +0000)]
* threads.c (key_lock): Change to a k5_mutex_t.
(k5_key_register): Use k5_ lock routines.
(pthread_getspecific, pthread_setspecific, pthread_key_create,
pthread_key_delete) [HAVE_PRAGMA_WEAK_REF]: Declare weak.
(tsd_if_single) [HAVE_PRAGMA_WEAK_REF]: New variable.
(krb5int_thread_support_init): Do pthread key creation only if pthread code is
loaded.
(krb5int_thread_support_fini): Do pthread key deletion only if pthread code is
loaded.
(k5_key_register, k5_getspecific, k5_setspecific): Use tsd_if_single when
pthread code is not loaded.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16502
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 19 Jun 2004 04:40:58 +0000 (04:40 +0000)]
* cc_mslsa.c: Enforce acceptable enctypes by checking against
the default_tgs_enctypes list instead of the permitted_enctypes
list; only enforce the desired enctype when retrieving tickets
to deliver to an application. do not enforce when attempting
to determine the current principal name. this is important
because specifying an enctype results in a TGS_REQ being sent
to the KDC; close memory leak of krb5_cred objects in
krb5_lcc_retrieve().
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16500
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 19 Jun 2004 02:11:58 +0000 (02:11 +0000)]
fix some 64-bit bugs in RPCSEC_GSS
* auth_gss.h: Add prototype for xdr_rpc_gss_buf.
* authgss_prot.c (xdr_rpc_gss_buf): New function.
(xdr_rpc_gss_cred, xdr_rpc_gss_init_args, xdr_rpc_gss_init_res):
(xdr_rpc_gss_wrap_data, xdr_rpc_gss_unwrap_data): Use
xdr_rpc_gss_buf, to avoid passing a (size_t *) to a xdr_bytes(),
which expects (u_int *).
(xdr_rpc_gss_wrap_data): Use tmplen to avoid passing (size_t *) to
xdr_u_int.
* libgssrpc.exports:
* rename.h: Add xdr_rpc_gss_buf.
* xdr.c (xdr_enum): Fix (kind of) for 64-bit. Still inherently
bogus, due to casting of (enum foo *) to (enum_t *) by callers.
ticket: new
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16499
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:31:47 +0000 (00:31 +0000)]
ignore generated timestamp file autoconf.stmp
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16498
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:30:55 +0000 (00:30 +0000)]
ignore generated file krb5support32.def
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16497
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:30:11 +0000 (00:30 +0000)]
ignore generated file gssapi_krb5.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16496
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:28:06 +0000 (00:28 +0000)]
* mpool/mpool.c (mpool_get, mpool_write): Check that the offset calculation
didn't overflow.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16495
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:25:02 +0000 (00:25 +0000)]
* Makefile.in (SHLIB_EXPLIBS): Add $(LIBS)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16494
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:21:48 +0000 (00:21 +0000)]
* aclocal.m4 (WITH_CC): Use -Wl,-search_paths_first for linking on Darwin.
(KRB5_AC_ENABLE_THREADS): On AIX, add PTHREAD_LIBS to LIBS; don't do it on
other platforms. Override CC with PTHREAD_CC only if CC is not gcc. Don't add
PTHREAD_CFLAGS to CFLAGS; substitute PTHREAD_CFLAGS separately.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16493
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:19:03 +0000 (00:19 +0000)]
* shlib.conf (*-*-darwin*, *-*-rhapsody*): Don't set PICFLAGS or LDFLAGS.
Force static libraries only always, instead of just as the default.
(*-*-aix*): The initfini argument should be "-binitfini". Use -bernotok, not
-berok. Do use the INIT_FINI_PREP command in constructing MAKE_SHLIB_COMMAND.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16492
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:18:18 +0000 (00:18 +0000)]
* pre.in (PTHREAD_CFLAGS): New variable.
(ALL_CFLAGS): Include it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16491
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 19 Jun 2004 00:06:48 +0000 (00:06 +0000)]
* Makefile.in (all-windows): Make autoconf.h in include\krb5 before building
anything else.
(WINMAKEFILES): Add util\support\Makefile.
(util\support\Makefile) [DOS]: New target.
(CE): New variable.
($(CE)test1.h, $(CE)test2.h, $(CE)test1.c, $(CE)test2.c): New targets.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16490
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 23:58:13 +0000 (23:58 +0000)]
* win-pre.in (SLIB): New variable
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16489
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 23:43:47 +0000 (23:43 +0000)]
* k5-platform.h (MAKE_INIT_FUNCTION, CALL_INIT_FUNCTION, INITIALIZER_RAN): Use
the linker-driven version for Windows. The auxinit function definition needs
an argument list.
(MAKE_FINI_FUNCTION): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16488
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 23:36:57 +0000 (23:36 +0000)]
* Makefile.in (SLIBS, SDEF, S_GLUE, COMERR_GLUE, PROF_GLUE, SGLUE): New
variables.
(NO_GLUE): Deleted.
(CGLUE, PGLUE): Use new separate glue files instead of no_glue.
(SRES) [WIN32]: New variable.
($(SRES), $(SLIB)) [WIN32]: New targets.
($(CLIB), $(PLIB), $(KLIB), $(GLIB)) [WIN32]: Depend on and link against
$(SLIB) too.
($(SDEF)): New target. Generate Windows export list from common symbol list.
($(COMERR_GLUE), $(PROF_GLUE), $(S_GLUE)): New targets.
* win_glue.c (control): Reference add/remove_error_table only if building for
krb4 library. Add calls to library init/fini functions for other libraries.
For support library, also call a hook function on DLL_THREAD_DETACH. If no
recognized library-specific macro is defined, don't compile.
(DllMain): Do call control() on DLL_THREAD_DETACH.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16487
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 23:25:57 +0000 (23:25 +0000)]
* Makefile.in (OBJFILEDEP, OBJFILELIST) [DOS]: Include locally built object
files.
(OBJFILE, LIBOBJS, LOCALINCLUDES) [DOS]: Define.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16486
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 23:24:08 +0000 (23:24 +0000)]
* Makefile.in (OBJFILELIST, OBJFILEDEP) [DOS]: Depend on locally built objects
too.
(OBJFILE, LIBOBJS) [DOS]: Define.
($(BUILDTOP)/include/gssapi/gssapi.h, generic/gssapi.h, krb5/gssapi_err_krb5.h,
generic/gssapi_err_generic.h, krb5/gssapi_krb5.h) [DOS]: Disable dependencies
on Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16485
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 22:56:45 +0000 (22:56 +0000)]
* version.rc: Add info for support library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16484
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 22:51:37 +0000 (22:51 +0000)]
* Makefile.in (all-windows): Build support directory
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16483
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 22:49:55 +0000 (22:49 +0000)]
* Makefile.in (BUILDTOP, LIBNAME, XTRA, OBJFILE): Define for Windows.
(LIBOBJS): Define.
($(BUILDTOP)/include/krb5/autoconf.h): Disable rule on Windows.
* threads.c (tls_idx, key_lock, destructors, destructors_set): New variables
for Windows.
(krb5int_thread_support_init, krb5int_thread_support_fini, k5_key_register,
k5_getspecific, k5_setspecific, k5_key_delete, krb5int_thread_detach_hook):
New functions for Windows. Some are just placeholders.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16482
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 22:47:27 +0000 (22:47 +0000)]
* Makefile.in ($(OUTPRE)test_et.exe): New target.
(check-windows): Build and run test_et.exe.
* error_message.c: Include autoconf.h.
(HAVE_STRERROR) [_WIN32]: Don't define.
(error_message) [_WIN32]: Check for range WSABASEERR+[0,1100) instead of
all values under 12000. Use k5_getspecific and k5_setspecific for local buffer.
* test_et.c (EXPORT_LIST): Define on Windows.
(main): Use add/remove_error_table, not the initialize_ routines.
(main) [EXPORT_LIST]: Don't test error_table_name, it's not in the export list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16481
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jun 2004 22:45:00 +0000 (22:45 +0000)]
* win-mac.h (HAVE_STRERROR, SYS_ERRLIST_DECLARED): Define
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16480
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jun 2004 23:34:49 +0000 (23:34 +0000)]
oops, forgot something
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16479
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jun 2004 23:14:19 +0000 (23:14 +0000)]
* default.exp (setup_krb5_conf): Default to not using SRV records
to look up KDCs, to avoid timeouts on KRBTEST.COM's DNS servers.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16478
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jun 2004 21:11:00 +0000 (21:11 +0000)]
* ser_sctx.c (kg_ctx_size, kg_ctx_externalize): Adjust for new
field cred_rcache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16477
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jun 2004 18:05:47 +0000 (18:05 +0000)]
* libgssrpc.exports: Update
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16476
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Jun 2004 02:23:21 +0000 (02:23 +0000)]
* util_validate.c (g_save): Call gssint_initialize_library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16475
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Jun 2004 01:56:34 +0000 (01:56 +0000)]
Purge make targets and variables (and a few files) relating to the old,
unmaintained Mac OS 9 (and earlier) support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16473
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jun 2004 22:14:21 +0000 (22:14 +0000)]
more rpc namespace cleanup
* auth_gss.h: Conditionalize log_debug, log_status, log_hexdump
prototypes on GSSRPC__IMPL.
* rename.h: More namespace fixes.
ticket: new
status: open
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16471
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jun 2004 20:18:10 +0000 (20:18 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16470
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jun 2004 20:17:00 +0000 (20:17 +0000)]
* depfix.sed: Delete /os/usr/include as well, to cope with an
athena hack. (#include "/os/usr/include/sys/rwstlock.h" in
sys/vnode.h)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16469
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jun 2004 03:11:54 +0000 (03:11 +0000)]
This commit merges the RPCSEC_GSS integration branch onto the trunk.
Remaining work includes:
* Default to using kadmin/fqdn for SEAM compatibility
* Namespace cleanups and other API tweaks -- this API is not stable yet
* Fix lib/rpc/unit-test testsuite to test RPCSEC_GSS in addition to
AUTH_GSSAPI
Additional work will be tracked in separate tickets. This merge is
bracketed between the tags "tlyu-umich-rpc-merge-pre" and
"tlyu-umich-rpc-merge-post".
ticket: 2578
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16467
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jun 2004 02:37:23 +0000 (02:37 +0000)]
ok, let's try this again..
* accept_sec_context.c (krb5_gss_accept_sec_context): Only null
out the auth_context's rcache if it was provided by acceptor
creds; this prevents a leak.
* delete_sec_context.c (krb5_gss_delete_sec_context): Only null
out the auth_context's rcache if it was provided by acceptor
creds; this prevents a leak.
* gssapiP_krb5.h (krb5_gss_ctx_id_rec): Add cred_rcache to track
whether acceptor creds provided an rcache.
ticket: 2600
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16465
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Jun 2004 02:36:44 +0000 (02:36 +0000)]
* Makefile.in (LOCALINCLUDES): Add $srcdir/os
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16464
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Jun 2004 02:36:06 +0000 (02:36 +0000)]
* krb5_libinit.c: Include os-proto.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16463
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Jun 2004 02:32:33 +0000 (02:32 +0000)]
* Makefile.in (SHLIB_RDIRS): Set
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16462
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 19:08:04 +0000 (19:08 +0000)]
* krb5_libinit.c (krb5int_lib_init): Initialize krb5int_us_time_mutex
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16455
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 19:06:13 +0000 (19:06 +0000)]
Localize the OS-specific bits of retrieving the current time a bit more.
** not yet tested on Windows **
* c_ustime.c: Include k5-thread.h.
(get_time_now): New function, holds system-dependent code.
(krb5int_us_time_mutex): New mutex.
(struct time_now): New type.
(last_time): New variable, replaces old last_tv, last_sec, last_usec.
(krb5_crypto_us_timeofday): Rewrite. Do locking around access to previously
returned value, and ensure that we don't return duplicate values.
* os-proto.h: Include k5-thread.h.
(krb5int_us_time_mutex): Declare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16454
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 15 Jun 2004 18:57:17 +0000 (18:57 +0000)]
don't leak rcaches in accept_sec_context
* accept_sec_context.c (krb5_gss_accept_sec_context): Don't null
out rcache of auth_context prior to free if rcache was temporarily
allocated; this prevents leaking rcaches.
ticket: new
version_reported: 1.3.4
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16453
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 18:36:03 +0000 (18:36 +0000)]
* libkrb5.exports: Drop krb5_init_ets, krb5_free_ets, krb5_kt_default_vno, and
krb5int_profile_shared_data.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16452
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 18:35:19 +0000 (18:35 +0000)]
* exports.crypto, exports.des425, exports.kdb5, exports.krb5: Unused files deleted
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16451
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 17:52:23 +0000 (17:52 +0000)]
* rc_io.c (dir, dirlen): Top-level variables deleted.
(getdir): Now returns the pointer, doesn't set top-level variables.
(GETDIR): Set local variables dir and dirlen using the function's return value.
(krb5_rc_io_creat, krb5_rc_io_open_internal): Add the new local variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16450
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 17:49:09 +0000 (17:49 +0000)]
* kt_file.c (krb5_kt_default_vno): Replaced variable with macro
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16449
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 17:47:25 +0000 (17:47 +0000)]
* Makefile.in (SHLIB_EXPLIBS): Add $(LIBS)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16448
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jun 2004 17:45:55 +0000 (17:45 +0000)]
* Makefile.in (SHLIB_DIRS, SHLIB_EXPLIBS, SHLIB_EXPDEPLIBS): Set to depend on
the new support library.
(SHLIB_LIBS): Don't define.
* configure.in: Use BUILD_LIBRARY_WITH_DEPS instead of the no-deps version.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16447
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 14 Jun 2004 21:29:29 +0000 (21:29 +0000)]
Updated to split libraries and clients into separate build systems. Note; this is not aware of build changes on the trunk
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16445
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Jun 2004 18:11:48 +0000 (18:11 +0000)]
* libkrb5support.exports: Drop krb5int_foreach_localaddr
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16444
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 14 Jun 2004 15:07:20 +0000 (15:07 +0000)]
Modified Header Generation target so it runs autoconf and builds the autogenerated headers for the split libraries and clients build systems
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16441
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 14 Jun 2004 05:05:38 +0000 (05:05 +0000)]
* init_sec_context.c (krb5_gss_init_sec_context): Fix pointer
assignment when retrieving k5_context from existing
context_handle.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16440
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Jun 2004 01:11:15 +0000 (01:11 +0000)]
* pty-int.h (_AIX && _THREAD_SAFE): Undefine _THREAD_SAFE
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16439
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Jun 2004 01:09:43 +0000 (01:09 +0000)]
* Makefile.in (include/generated.stmp): New intermediate target file, to
prevent repeated generation of unchanging header files.
(include/config.h, include/db-config.h): Depend on it.
($(srcdir)/include/autoconf.stmp, $(srcdir)/include/config.h.in): Likewise.
(clean-includes): Delete the new intermediate target files.
* configure.in: Generate include/generated.stmp when config.status is run.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16438
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Jun 2004 18:57:03 +0000 (18:57 +0000)]
update for 1.3.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16434
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 11 Jun 2004 01:22:16 +0000 (01:22 +0000)]
* Makefile.in (gssapi_krb5.h): Add Windows version of generation rule
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16432
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 11 Jun 2004 01:08:23 +0000 (01:08 +0000)]
* asn1_encode.c (asn1_encode_generaltime): Fix memcpy argument to actually
be a pointer.
(asn1_encode_enumerated): Drop "const" from scalar argument type.
* asn1_encode.h (asn1_encode_integer, asn1_encode_enumerated,
asn1_encode_unsigned_integer, asn1_encode_octetstring,
asn1_encode_charstring, asn1_encode_printablestring,
asn1_encode_ia5string, asn1_encode_generaltime,
asn1_encode_generalstring): Drop "const" from scalar argument types.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16431
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Jun 2004 21:46:01 +0000 (21:46 +0000)]
* admin.texinfo (Supported Encryption Types): Reflect new AES support in
GSSAPI, but keep a warning about interoperability with old versions.
ticket: 2585
tags: pullup
target_version: 1.3.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16430
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Jun 2004 18:23:48 +0000 (18:23 +0000)]
* Makefile.in (krb5/gssapi_krb5.h): Depend on recursion rule
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16429
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 10 Jun 2004 02:17:39 +0000 (02:17 +0000)]
Install gssapi_krb5.h from build dir not srcdir
ticket: 2587
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16428
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 9 Jun 2004 18:30:01 +0000 (18:30 +0000)]
If channel bindings are supplied to server require them to be matched
Based on discussion on kerberos@mit.edu, the decision to allow null
channel bindings from a client to match even when server channel
bindings are supplied is flawed. This decision assumes that we cannot
get server implementations to change even though we are able to deploy
a new Kerberos implementation on the server. In practice the server
implementations in question have actually changed and so the only part
of revision 1.54 of accept_sec_context.c we actually need is the code
to ignore channel bindings if null channel bindings are passed into
the server. Thus the change to allow null channel bindings from the
client to match against any channel bindings on the server is backed
out.
Ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16427
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Jun 2004 00:11:29 +0000 (00:11 +0000)]
ugh. revert last change
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16426
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Jun 2004 00:06:34 +0000 (00:06 +0000)]
* sendto_kdc.c (krb5int_sendtokdc_debug_handler) [!DEBUG]: Define as a macro,
not a variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16425
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 8 Jun 2004 21:55:40 +0000 (21:55 +0000)]
Run make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16424
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 8 Jun 2004 21:50:17 +0000 (21:50 +0000)]
Patch from kwc@citi.umich.edu to support
gss_krb5_export_lucid_sec_context and other facilities for NFSv4
implementations.
In order to apply this patch gss_krb5.h needs to be auto-generated so we can expose a 64-bit type for sequence numbers.
Ticket: 2587
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16423
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 20:05:39 +0000 (20:05 +0000)]
* Makefile.in ($(srcdir)/krb5/autoconf.stmp): Always use --include, don't
try --localdir.
(all-recurse): Depend on krb5/autoconf.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16422
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:48:56 +0000 (19:48 +0000)]
* Makefile.in ($(srcdir)/include/config.h.in): Always use --include, never try
--localdir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16421
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:27:57 +0000 (19:27 +0000)]
* aclocal.m4 (CONFIG_RULES): Don't set AUTOCONF, AUTOCONFFLAGS, AUTOHEADER,
AUTOHEADERFLAGS, AUTOCONFINCFLAGS.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16420
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:26:06 +0000 (19:26 +0000)]
* pre.in (AUTOCONF, AUTOHEADER): Always set to autoconf and autoheader
respectively.
(AUTOCONFFLAGS, AUTOHEADERFLAGS): Always set to empty.
* post.in (Makefile): Always run autoconf with --include, don't bother with
--localdir any more. Don't delete autom4te.cache here.
(clean-unix): Delete autom4te.cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16419
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:05:05 +0000 (19:05 +0000)]
* shlib.conf (*-*-darwin*, *-*-rhapsody*): Add -Wl,-search_paths_first to
linker flags.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16418
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 7 Jun 2004 19:31:23 +0000 (19:31 +0000)]
* kpasswd.c (get_name_from_passwd_file): Do not cast return from
getuid() to int as argument to getpwuid.
* ksetpwd.c: Include time.h for time() prototype.
(main): Return 0 on success.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16417
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 7 Jun 2004 19:25:32 +0000 (19:25 +0000)]
* network.c (paddr): Use unsigned int for length.
(kdc_conn_type): Declare CONN_ enumerated types in connection as
distinct type.
(add_fd): Declare as taking enum type instead of simply
integer. Prevents assignment of interger to an enum.
(process_tcp_connection): Remove variable assigned to but never used.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16416
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:46:11 +0000 (22:46 +0000)]
* yarrow.c (yarrow_str_error): Now const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16415
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:44:30 +0000 (22:44 +0000)]
* asn1_encode.c (asn1_encode_generaltime): Use gmtime_r if available
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16414
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:43:15 +0000 (22:43 +0000)]
* str_conv.c (krb5_string_to_timestamp): Use localtime_r if available.
(krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16413
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:42:32 +0000 (22:42 +0000)]
* parse.c (krb5_parse_name): Use assert and abort, not exit
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16412
dc483132-0cff-0310-8789-
dd5450dbe970