Ken Raeburn [Tue, 22 Jul 2008 19:34:24 +0000 (19:34 +0000)]
Catch a few more cases of unchecked k5_mutex_lock calls
ticket: 5962
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20567
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 22 Jul 2008 19:15:52 +0000 (19:15 +0000)]
A step towards ensuring we check mutex lock attempt results..
Always use inline function k5_mutex_lock_1 instead of gcc statement
expression, even under gcc.
Under gcc 4, declane k5_mutex_lock_1 and krb5int_mutex_lock with attribute
warn_unused_result.
In k5_mutex_destroy macro, only store destroy code source+line if we succeed
in temporarily locking the mutex.
ticket: 5962
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20566
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 21 Jul 2008 20:59:24 +0000 (20:59 +0000)]
Another check for null return from krb5_cc_default_name
ticket: 5980
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20561
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 21 Jul 2008 20:56:28 +0000 (20:56 +0000)]
Check for null name to krb5_cc_resolve, and return an error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20560
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 20:47:35 +0000 (20:47 +0000)]
This patch addresses the issues raised in this ticket and ticket 5936
(a) In the case where 'cred_handle' != 'verifier_cred_handle'[1]
krb5_gss_accept_sec_context() leaks the 'cred_handle' in the success
case and the failure cases that result in returning from the function
prior to reaching the end of the function.
(b) The meaningful 'minor_status' return value is destroyed during the
cleanup operations.
The approach taken is to add a new 'exit:' label prior to the end of the
function through which all function returns after reaching the 'fail:'
label will goto. After 'exit:', the 'cred_handle' will be released and
if there is a krb5_context 'context' to be freed, the error info will be
saved and krb5_free_context() will be called.
In the success case, the krb5_context is saved in the gss context and we
now set 'context' to NULL to prevent it from being freed.
In order to preserve the minor_status return code, a 'tmp_minor_status'
variable is added that is used after the 'fail:' label in calls to
krb5_gss_delete_sec_context() and krb5_gss_release_cred().
[1] If 'verifier_cred_handle' is non-NULL, then 'cred_handle' is set to
the value of 'verifier_cred_handle'.
ticket: 5442
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20559
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 20:33:53 +0000 (20:33 +0000)]
kadm5_decrypt_key(). This patch prevents the returned keyblock's
enctype from being coerced to the requested 'ktype' if the requested
'ktype' == -1. A ktype of -1 is documented as meaning "to be ignored".
ticket: 5840
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20558
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 20:30:44 +0000 (20:30 +0000)]
krb5_string_to_keysalts()
Fix an infinite loop in the parsing of 'kp'
ticket: 5839
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20557
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 19:43:21 +0000 (19:43 +0000)]
There are two mutex locking issues that Roland Dowdeswell noticed in
the memory ccache. The first one is in cc_memory.c:krb5_mcc_initialize().
When it is free(3)ing the existing credentials it does not lock the
data structures and hence two separate threads can run into issues.
The same problem exists in cc_memory.c:krb5_mcc_destroy().
ticket: 5895
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20555
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 19:20:05 +0000 (19:20 +0000)]
An implementation of opendir() and friends for _WIN32
plus an implementation of the plugin support that makes
use of them.
ticket: 3737
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20554
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 18:48:03 +0000 (18:48 +0000)]
Assign fixed ordinals to comerr32.dll exports
All of the other libraries on Windows have fixed assignments
of ordinals to the exported functions. Assign the ordinals
that were in use in the last public release, kfw 3.2.2, so
that they will remain constant into the future in case additional
exports are added to the library.
ticket: new
component: krb5-libs
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20553
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 21 Jul 2008 18:39:34 +0000 (18:39 +0000)]
When reading from the routing socket, only provide enough space for
the header and ignore the rest of the message. Don't complain about
message size as long as we got the bits of the header we care about.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20552
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 21 Jul 2008 17:44:43 +0000 (17:44 +0000)]
ccdefault.c:
krb5_cc_default_name() is permitted to return a NULL
pointer as a valid output. Passing a NULL pointer to
strcmp() will result in an exception as NULL is not
a valid input parameter to strcmp().
Save the output of krb5_cc_default_name() to a variable
and modify the conditional to set the new default ccache
name in the case where there is no existing default
ccache name.
ticket: 5080
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20551
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 20 Jul 2008 21:07:41 +0000 (21:07 +0000)]
Don't set LOCAL_SUBDIRS in many places and SUBDIRS in a few and
default SUBDIRS to LOCAL_SUBDIRS via pre.in. Instead, just set
SUBDIRS in each directory, and don't do anything in pre.in.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20546
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 20 Jul 2008 20:43:55 +0000 (20:43 +0000)]
Drop $(SUBDIRS_@srcdir@) hack, it's not being used any more, and
confuses some versions of make.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20545
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 18 Jul 2008 18:59:47 +0000 (18:59 +0000)]
Use mkstemp(), and fstat() the file to make sure that the mkstemp()
implementation is setting sane file modes.
ticket: 6002
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20543
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jul 2008 06:50:34 +0000 (06:50 +0000)]
Set non-blocking mode on incoming TCP connections.
Don't log EINTR error in select loop.
Log when shutdown signal has been received and acted on.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20541
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jul 2008 06:45:34 +0000 (06:45 +0000)]
On systems with struct rt_msghdr, open a routing socket and wait for
messages; when they come in, if the types suggest a possibility of
network interface reconfiguration, shut down the KDC's networking and
bring it back up again, rescanning the interfaces in the process.
Leaving the ticket open because it should be improved:
* It should only close down sockets on addresses we no longer have, and
bring up sockets only on new addresses.
* If we have IPV6_PKTINFO support, it should only listen for IPv4
routing changes.
* If we also have IP_PKTINFO support, it shouldn't be used at all.
* If we build a KDC on a system with neither struct rt_msghdr nor
IP_PKTINFO (do we have any such?), we'll need another solution.
Thanks to Nico Williams for the routing socket suggestion, and Apple
for the initial (signal-driven) reconfiguration code.
ticket: 6019
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20540
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 18 Jul 2008 06:00:10 +0000 (06:00 +0000)]
Rewrite krb5_db_open flag handling to avoid confusing emacs c-mode
indentation support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20539
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 18 Jul 2008 03:08:38 +0000 (03:08 +0000)]
Revert due to potential file modes race condition
ticket: 6002
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20538
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 18 Jul 2008 00:18:23 +0000 (00:18 +0000)]
Make krb5_rc_io_creat() use mkstemp
ticket: 6002
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20537
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jul 2008 23:40:32 +0000 (23:40 +0000)]
In krb5_rc_io_creat(), unlink any existing rcache file before trying
to create a new rcache. This allows better recovery from corrupt
rcache files.
ticket: 6018
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20536
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 17 Jul 2008 19:04:34 +0000 (19:04 +0000)]
CCAPI side of the patch
ticket: 6035
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20535
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 17 Jul 2008 17:02:41 +0000 (17:02 +0000)]
Removed _t suffix from KIM types
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20534
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 17 Jul 2008 17:00:58 +0000 (17:00 +0000)]
Removed _t suffix from all type names
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20533
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 17 Jul 2008 15:44:43 +0000 (15:44 +0000)]
Apply patch from Mark Phalan to correctly use progname instead of
argv[0].
ticket: 6030
tags: pullup
target_version: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20532
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jul 2008 23:01:54 +0000 (23:01 +0000)]
Apply patch from Mark Phalan to initialize progname before use
ticket: 6028
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20531
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jul 2008 23:01:43 +0000 (23:01 +0000)]
Fix indirection on assignment to minor status
ticket: 5962
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20530
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 16 Jul 2008 22:35:21 +0000 (22:35 +0000)]
Check return value from k5_mutex_lock() to partially mitigate some
assertion failures when mutexes get destroyed out from under us.
ticket: 5962
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20529
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 15 Jul 2008 23:57:03 +0000 (23:57 +0000)]
r1926@ken-wireless: raeburn | 2008-07-15 16:49:17 -0400
ticket: 5947
status: open
Add a test script for the walk_rtree code, and run some test cases
that exercise the problem reported in RT ticket 5947.
r1927@ken-wireless: raeburn | 2008-07-15 19:55:10 -0400
Some more test cases.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20528
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 15 Jul 2008 21:43:35 +0000 (21:43 +0000)]
krb5_get_cred_via_tkt() should null out_cred on errors
Helper function krb5_kdcrep2creds(), called from
krb5_get_cred_via_tkt(), should null its output pointer after freeing
allocated memory, to avoid returning an invalid pointer.
ticket: new
tags: pullup
target_version: 1.6.4
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20527
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Jul 2008 15:19:25 +0000 (15:19 +0000)]
Use RFC 3542's IPV6_RECVPKTINFO if available. (And IP_RECVPKTINFO too.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20515
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Jul 2008 01:15:25 +0000 (01:15 +0000)]
In FREE_SET_DATA, reset the current count as well
ticket: 6019
state: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20514
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Jul 2008 00:55:18 +0000 (00:55 +0000)]
Use all local addresses except loopback addresses, even if a non-loopback
address appears on a loopback interface. This might happen if that's how
your VPN code makes your local address visible.
Use a variant of Apple's patch, extended to handle the other variations of
local address determination.
ticket: 6017
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20513
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Jul 2008 22:34:39 +0000 (22:34 +0000)]
Add comment and <TargetConditionals.h> to previous
ticket: 6010
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20512
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Jul 2008 22:34:21 +0000 (22:34 +0000)]
Use #pragma pop on the Mac to ensure that the krb5_gic_opt_ext
structure has the same layout as the public version.
ticket: 6010
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20511
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 10 Jul 2008 20:17:51 +0000 (20:17 +0000)]
CCacheServer crashes iterating over creds which have been destroyed
ccs_list_release was trying to manually delete the iterators with a
broken for loop which skipped iterators. Since the iterators were referenced
by the client, when the client exited it would tell the iterators to release
themselves. The orphaned itertors would attempt to remove themselves from
their list (which had been released) resulting in a crash.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20510
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Jul 2008 02:04:03 +0000 (02:04 +0000)]
Apply patch from Apple to handle missing krb5.conf for zeroconf
situations.
ticket: 5632
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20509
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 9 Jul 2008 21:46:14 +0000 (21:46 +0000)]
Don't print spurious errors to debug logs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20508
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 9 Jul 2008 21:18:51 +0000 (21:18 +0000)]
Add macro so we don't print deprecated warnings while building KfM
Macro is defined in Kerberos5Prefix.h
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20507
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 9 Jul 2008 21:17:06 +0000 (21:17 +0000)]
Use autogenerated darwin.exports files for server frameworks
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20506
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 9 Jul 2008 21:16:01 +0000 (21:16 +0000)]
Don't use "ccache" in error string printed to user
ccache is a confusing abbreviation of credentials cache
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20505
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Jul 2008 20:48:48 +0000 (20:48 +0000)]
Use -dead_strip when linking dynamic libraries on Darwin
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20504
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 9 Jul 2008 19:54:56 +0000 (19:54 +0000)]
add copyright to lib/crypto/enc_provider/aes.c
lib/crypto/enc_provider/aes.c was missing a copyright statement.
Added.
ticket: new
tags: pullup
component: krb5-libs
target_version: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20503
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 8 Jul 2008 17:07:08 +0000 (17:07 +0000)]
Changes to krb5_kt_default_name changed the krb5 ABI. Reverted
API prototype change and added a temporary variable to avoid casting
problems.
ticket: 5432
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20502
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 8 Jul 2008 16:14:28 +0000 (16:14 +0000)]
Add kerberos icon
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20501
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 7 Jul 2008 19:26:50 +0000 (19:26 +0000)]
Add EnableTransactions launchd option to CCacheServer
This prevents the CCacheServer from being killed before it is
done handling all the mach messages.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20500
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 7 Jul 2008 19:08:01 +0000 (19:08 +0000)]
krb5int_gic_opte_copy should copy elements individually
Since we are copying from one structure to another, copy elements.
Using memcpy is fragile.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20499
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sun, 6 Jul 2008 02:30:17 +0000 (02:30 +0000)]
kdc does not compile with glibc 2.8
On Fedora 9, glibc 2.8 is used. The kdc code conditionalizes
IPV6_PKTINFO and HAVE_STRUCT_IN6_PKTINFO in a number of places = but
misses two for the struct one.
/usr/include/netinet/in.h conditionalizes struct in6_pktinfo on
__USE_GNU - which I believe implies a gnu libc extension. People on
the net have defined GNU_SOURCE for various things to compile, etc.
I do note that /usr/include/linux/ipv6.h exists with the same definition.
I believe that ipv6 support in the kdc will not work with these changes - but
the tree compiles.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20498
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Jul 2008 19:00:16 +0000 (19:00 +0000)]
stop exporting a few symbols internal to aes implementation
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20497
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 1 Jul 2008 17:50:30 +0000 (17:50 +0000)]
Added type checking for 64-bit platforms
ticket: 6001
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20495
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 1 Jul 2008 17:38:36 +0000 (17:38 +0000)]
krb5_get_error_message returns const char *
Changed temporary variables to use const char *
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20494
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 30 Jun 2008 22:07:06 +0000 (22:07 +0000)]
memcpy(NULL, ptr, 0) is invalid, so don't do it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20492
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 30 Jun 2008 22:03:49 +0000 (22:03 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20491
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 27 Jun 2008 19:46:33 +0000 (19:46 +0000)]
Big endian stash file support
Added support for stash files with a consistent endianness (big endian)
so that one can migrate a KDC from a machine with one endianess to
a machine with the other endianess. Used by Kerberos for Macintosh.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20489
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 05:41:26 +0000 (05:41 +0000)]
Check for strdup failure. Fix a memory leak in one failure case
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20488
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 04:47:23 +0000 (04:47 +0000)]
misc uninitialized-storage accesses
Fix some miscellaneous uninitialized-storage uses, mainly in unlikely error
paths.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20487
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 04:18:38 +0000 (04:18 +0000)]
fix ktutil listing with timestamp
ktutil's "list -t" option is supposed to show the timestamp stored in
the keytab file. Instead, it shows some random (uninitialized) value,
interpreted as a timestamp.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20486
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 03:33:14 +0000 (03:33 +0000)]
use-after-free bugs
Fix some bugs with storage being used immediately after being freed.
None look like anything an attacker can really manipulate AFAICT.
ticket: new
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 03:20:48 +0000 (03:20 +0000)]
When returning an error, don't also pass back an invalid pointer
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20484
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 03:14:39 +0000 (03:14 +0000)]
call kg_delete_lucidctx_id before freeing, not after
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20483
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 02:51:09 +0000 (02:51 +0000)]
Memory leak, and possible freed-memory dereference, in an error (small
allocation failure) path.
ticket: 5997
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20482
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 02:47:06 +0000 (02:47 +0000)]
misc memory leaks
Fix various memory leaks that show up mostly in error cases (e.g.,
failure to allocate one small object, and then we forget to free
another one).
ticket: new
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20481
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 01:26:08 +0000 (01:26 +0000)]
fix free of automatic storage
Fix a possible free of automatic storage that can happen on an
(unlikely) encoding failure.
ticket: new
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20480
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 00:31:59 +0000 (00:31 +0000)]
Don't do FD_SETSIZE check on Windows.
Also, for form's sake, use closesocket instead of close inside the check.
Kevin or Jeff, could you please verify that the code works again?
ticket: 5925
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20479
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 00:22:43 +0000 (00:22 +0000)]
Fix off-by-one error in range check on file descriptor number
ticket: new
target_version: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20478
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jun 2008 00:20:33 +0000 (00:20 +0000)]
Fix possible null pointer deref, possible uninit ptr use, possible
leak in unlikely small-allocation failure case.
ticket: new
target_version: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20477
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 26 Jun 2008 18:07:47 +0000 (18:07 +0000)]
Apple PKINIT LKDC support
ticket: 5968
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20476
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jun 2008 21:21:56 +0000 (21:21 +0000)]
Rolled back patch because tickets 4495 and 5124 fix this bug
in a different way.
ticket: 5991
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20474
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jun 2008 20:01:01 +0000 (20:01 +0000)]
krb5_do_preauth_tryagain should check for NULL padata
Fixed so krb5_do_preauth_tryagain no longer crashes on NULL padata but
instead returns an error.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20473
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jun 2008 19:50:11 +0000 (19:50 +0000)]
kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvno
Added lines to copy these fields.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20472
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jun 2008 19:14:07 +0000 (19:14 +0000)]
Add new launchd flags to CCacheServer plist file
Added LimitLoadToSessionType "Background" to launch the
CCacheServer once per user rather than only for GUI
sessions.
Added ThrottleInterval key to allow the CCacheServer to
relaunch frequently.
Set CFFIXED_USER_HOME environment variable to prevent the
CCacheServer from accessing the user's home directory.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20471
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 25 Jun 2008 18:30:25 +0000 (18:30 +0000)]
Bump minor version number. Update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20470
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 25 Jun 2008 18:05:08 +0000 (18:05 +0000)]
kdb library now depends on gssrpc; add it to link commands
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20469
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 25 Jun 2008 18:00:39 +0000 (18:00 +0000)]
Pull in xdr_sizeof from tirpc2.3 (which has the same license as our current rpc code)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20468
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 24 Jun 2008 17:51:09 +0000 (17:51 +0000)]
Include kdb_log.h for missing prototypes. Declare conv_princ_2db &
conv_princ_2ulog as static as they are not exported or used outside this file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20466
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 24 Jun 2008 05:04:29 +0000 (05:04 +0000)]
Merge from branch sun-iprop
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jun 2008 17:09:36 +0000 (17:09 +0000)]
Suppress some glibc issues found on x86_64
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20445
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jun 2008 00:11:26 +0000 (00:11 +0000)]
Remove unused file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20434
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 19 Jun 2008 21:01:10 +0000 (21:01 +0000)]
Remove test115 for 'bad client params', no longer appropriate
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20429
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 18 Jun 2008 19:36:49 +0000 (19:36 +0000)]
This patch is derived from a patch originally submitted to RT
by: Nik Conwell <nik@bu.edu>
krb5_set_real_time() accepts as input the time of the KDC
or an application server as a combination of seconds and
microseconds. Often it is the case that the time source
does not provide the real time with less than one second
granularity. Up until this patch such a caller would fill
in the microseconds parameter as zero. krb5_set_real_time()
would treat the zero microseconds as the actual reported
time and compute a microsecond based offset.
During a one second window subsequent calls to
krb5_set_real_time() would have an ever increasing offset
size until the number of seconds is incremented. This
in turn produces a side effect in which the microseconds
value of the local clock is effectively erased.
If there are multiple processes or threads on the same
machine each requesting service tickets using the same
client principal for the same service principal where
the number of seconds reported by the KDC are equivalent,
then they will now all create authenticators with
exactly the same timestamp. As a result, the authenticating
service will detect a replay attack even though the
authenticators are actually unique. The replay cache
only maintains a tuple of client, server and timestamp.
This patch modifies the interpretation of the microseconds
parameter. If -1 is specified, the microseconds offset is
ignored.
ticket: 5924
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20413
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 18 Jun 2008 18:14:55 +0000 (18:14 +0000)]
Disable check for invalid client-side admin config parameters in the
config file. Since KDC configuration parameters can now be put in
krb5.conf, this doesn't make sense any more.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20411
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 18 Jun 2008 15:37:27 +0000 (15:37 +0000)]
cci_credentials_iterator_release using wrong message ID
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20410
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 11 Jun 2008 22:53:22 +0000 (22:53 +0000)]
Factor out repeated code for looking up string, port, or deltat config params
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20395
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 11 Jun 2008 17:46:35 +0000 (17:46 +0000)]
Don't build spx.o, since we never enable SPX
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20392
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 11 Jun 2008 17:42:56 +0000 (17:42 +0000)]
New target 'undepend' for temporarily removing generated dependency info
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20390
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jun 2008 22:46:53 +0000 (22:46 +0000)]
Don't use private copy of syslog.h. Rebuild dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jun 2008 22:15:25 +0000 (22:15 +0000)]
Warn against new uses of kadm5_config_params.dbname field
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20384
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jun 2008 22:03:01 +0000 (22:03 +0000)]
Get rid of handling of set-but-unused kadm5_config_params.admin_dbname
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20383
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jun 2008 21:49:55 +0000 (21:49 +0000)]
Remove documentation for no-longer-supported admin_dbname argument
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20382
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jun 2008 21:43:41 +0000 (21:43 +0000)]
Get rid of handling of set-but-unused kadm5_config_params.admin_lockfile
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20381
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 9 Jun 2008 22:15:23 +0000 (22:15 +0000)]
Don't check for NULL before calling free or krb5_xfree
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20379
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 8 Jun 2008 05:22:25 +0000 (05:22 +0000)]
Report file name in detailed cache creation error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20371
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 8 Jun 2008 05:19:50 +0000 (05:19 +0000)]
Do hash stuff with unsigned math
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20370
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 6 Jun 2008 21:26:51 +0000 (21:26 +0000)]
Annotate that 'protocol' in svc_register means an IPPROTO_ value
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20367
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 6 Jun 2008 17:30:28 +0000 (17:30 +0000)]
On Mac OS X, try poking launchd to get the portmapper launched before
we try to connect to it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20364
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 6 Jun 2008 17:27:50 +0000 (17:27 +0000)]
Check for GSS_C_NO_CREDENTIAL before loop check
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20363
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jun 2008 22:03:20 +0000 (22:03 +0000)]
We're not using this makedepend implementation any more
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20362
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2008 17:48:59 +0000 (17:48 +0000)]
Revert a few const specs to reduce warnings
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20358
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2008 00:13:25 +0000 (00:13 +0000)]
Fix various minor format-string issues
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20356
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jun 2008 00:07:43 +0000 (00:07 +0000)]
Passing 0 to krb5_build_principal requires a cast
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20355
dc483132-0cff-0310-8789-
dd5450dbe970