Ken Raeburn [Wed, 6 Apr 2005 00:15:05 +0000 (00:15 +0000)]
* commands.c (shell): Change 0 to (char*)NULL in execl calls. Patch provided
by Michael Calmer.
ticket: 3000
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17166
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 6 Apr 2005 00:13:02 +0000 (00:13 +0000)]
* krlogind.c (doit): Change 0 to (char*)NULL in execl* calls. Patch provided
by Michael Calmer.
* krshd.c (doit): Likewise.
* login.c (main): Likewise.
ticket: 3000
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17165
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 6 Apr 2005 00:05:10 +0000 (00:05 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17164
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 29 Mar 2005 21:21:14 +0000 (21:21 +0000)]
fix MITKRB5-SA-2005-001 telnet client vuln
* telnet.c (slc_add_reply, slc_end_reply): Fix buffer overflow
vulnerability by checking lengths.
(env_opt_add): Ensure buffer allocation is sufficiently large,
accounting for expansion during IAC quoting.
ticket: new
tags: pullup
version_reported: 1.4
target_version: 1.4.1
component: telnet
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17162
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Mar 2005 18:32:04 +0000 (18:32 +0000)]
Test new k5_getpwuid_r macro
* configure.in: Create makefile in misc.
* Makefile.in (LOCAL_SUBDIRS): Add misc.
* misc/test_getpw.c: New file.
* misc/Makefile.in: New file, based on ../resolve/Makefile.in.
(test_getpw): New target.
(check): Build and run it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17161
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 28 Mar 2005 18:29:53 +0000 (18:29 +0000)]
update dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17160
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:15:55 +0000 (02:15 +0000)]
* import_name.c (krb5_gss_import_name): Use k5_getpwuid_r
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17159
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:06:43 +0000 (02:06 +0000)]
* configure.in: Don't check for getpwuid_r here.
* prof_file.c (profile_open_file): Use k5_getpwuid_r.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17158
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:05:06 +0000 (02:05 +0000)]
* kuserok.c (krb5_kuserok): Use k5_getpwnam_r
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17157
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:02:40 +0000 (02:02 +0000)]
* configure.in: Don't check for getpwnam_r and getpwuid_r in the thread-safety
warnings. The tests done elsewhere in the tree are stricter and may not
agree.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17156
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 02:00:47 +0000 (02:00 +0000)]
This patch tightens up our determination of whether we can use
getpw{nam,uid}_r, and using the set flags, creates macros providing a
consistent API, and if possible thread safety.
* configure.in: Don't check for getpwnam_r and getpwuid_r with AC_CHECK_FUNCS;
use AC_CHECK_FUNC, and only set shell variables. Run stricter tests on return
types and numbers of arguments, and only define the C macros if these
parameters can actually be determined.
* k5-platform.h (k5_getpwnam_r, k5_getpwuid_r): New macros.
ticket: 2982
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17155
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 26 Mar 2005 01:47:46 +0000 (01:47 +0000)]
* Makefile.in ($(srcdir)/krb5/autoconf.stmp): Nuke autom4te.cache directory
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17154
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Mar 2005 21:36:55 +0000 (21:36 +0000)]
shared library support for HP-UX 10
Our somewhat outdated HP-UX support (which was targeted at HP-UX 10, not 11)
does not have support for shared library initialization and finalization
functions, nor for shared library export lists. The former was causing
compilation failures unless shared library support was disabled.
* include/k5-platform.h: Expand on init/fini comments some more.
(MAKE_FINI_FUNCTION): Add an HP-UX specific variant that defines an auxiliary
function fitting the signature of HP-UX 10 library combined
initializer/finalizer functions.
* config/lib.in (hpux10.exports): New target, constructed similar to
osf1.exports but with HP-UX 10.x linker options, no initializers, and "errno"
explicitly added to the export list.
* shlib.conf (*-*-hpux*): Combine PICFLAGS setting with SHLIB_EXPFLAGS and
LDCOMBINE setting. Add linker option "-c hpux10.exports" to LDCOMBINE. Set
SHLIB_EXPORT_FILE_DEP to hpux10.exports. Set use_linker_fini_option.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17153
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 25 Mar 2005 21:28:30 +0000 (21:28 +0000)]
threaded test program built even with thread support disabled
* Makefile.in (all-unix): Use @THREAD_SUPPORT@ and helper targets to build
programs only if thread support is enabled.
(all-unix-0, all-unix-1): New helper targets.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17152
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 23 Mar 2005 04:00:16 +0000 (04:00 +0000)]
* dnsglue.h: Define ns_rr_class to ns_rr_cl if ns_rr_class doesn't
exist.
ticket: 2906
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17145
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 23 Mar 2005 03:14:10 +0000 (03:14 +0000)]
* x-deltat.y (wsnum): Add missing semicolon following YYERROR,
which was preventing bison-1.75 from producing compilable C
output.
ticket: new
version_reported: 1.4
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17140
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 22 Mar 2005 22:49:11 +0000 (22:49 +0000)]
* gic_keytab.c (krb5_get_init_creds_keytab): When calling
krb5_get_init_creds() for the second time (with use_master=1),
also accept KRB5_REALM_UNKNOWN as a soft error, and use the result
from the first call to krb5_get_init_creds(). This can happen
when no master KDC is configured.
ticket: 2974
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17132
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Sun, 20 Mar 2005 15:20:38 +0000 (15:20 +0000)]
threads.c (thread_termination): Free array of pointers to thread-specific data (t) on thread termination. Use existing mutex to prevent the deletion of the array from interfering with the global list of thread specific data (used for library termination)
ticket: 2971
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17129
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:35:29 +0000 (06:35 +0000)]
The current wconfig.c does not treat @MAINT@ as a comment. Until we
have one that does, override the use of @MAINT@ on Windows.
ticket: 2962
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17128
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:32:39 +0000 (06:32 +0000)]
krb5_c_is_keyed_cksum() is a boolean function. It cannot safely return
an error value. Change the error condition to return False (0) instead
of 0xFFFFFFFF.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17127
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 15 Mar 2005 06:17:05 +0000 (06:17 +0000)]
Fix dangerous 64-bit time_t * to long * conversion
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17126
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:46:26 +0000 (19:46 +0000)]
* v4gssftp.exp: Identify file correctly for top-level error messages
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17125
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:32:53 +0000 (19:32 +0000)]
* default.exp (start_tail): Make 'standalone' an additional argument.
(start_kerberos_daemons): Pass it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17124
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 14 Mar 2005 19:24:48 +0000 (19:24 +0000)]
* Makefile.in (EXTRADEPSRCS): Define
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17123
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 13 Mar 2005 08:16:34 +0000 (08:16 +0000)]
st_mtim.tv_nsec, not tv_usec
ticket: 2959
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17122
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 13 Mar 2005 07:34:23 +0000 (07:34 +0000)]
profile library should check high-resolution timestamps if available
With the current profile code, it's possible for a file to be read when
partially written, with the writing of the new file contents being completed
within the same 1-second clock value, causing the profile code not to re-read
the contents. Using a higher-resolution timestamp, available on many systems
now, should help reduce that window. (Checking file sizes should also,
consider doing that separately.)
* configure.in: Check struct stat for fields st_mtimensec,
st_mtimespec.tv_nsec, and st_mtim.tv_usec.
* prof_file.c (profile_update_file_data): If one of them is found, use it as
the fractional part of the timestamp. Do re-read the file if the fractional
parts don't match.
* prof_int.h (struct _prf_data_t): Add new field frac_ts.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17121
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sun, 6 Mar 2005 00:18:30 +0000 (00:18 +0000)]
* sn2princ.c (krb5_sname_to_principal):
conditionalize the use of reverse dns lookups. The default
is to use the existing behavior. rdns can be disabled by
specifying [libdefaults] rdns=false
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 5 Mar 2005 00:12:44 +0000 (00:12 +0000)]
I think the hpux change here should prevent it from overriding the
user-specified options, but still add in the necessary flags.
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): Expand on error message if failing.
Substitute THREAD_SUPPORT -> 0 or 1 in makefiles. For HP-UX, set
PTHREAD_CFLAGS, not CFLAGS.
ticket: 2929
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17119
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:53:54 +0000 (23:53 +0000)]
* asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int instead of
pointer, do the appropriate error checking.
ticket: 2953
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17118
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:50:45 +0000 (23:50 +0000)]
hpux10 has gmtime_r with wrong return type, breaking asn.1 encoder
The hpux10 gmtime_r returns int (0 means success), whereas the POSIX
gmtime_r returns a pointer (NULL means failure).
* configure.in: Check return type of gmtime_r, and define GMTIME_R_RETURNS_INT
if it returns int. If the return type can't be determined, pretend the
function isn't there.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17117
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:06:39 +0000 (02:06 +0000)]
* build.texinfo (HPUX): Update with current state of shared library and thread
support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17115
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:05:42 +0000 (02:05 +0000)]
ignore more targets and byproducts
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17114
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:04:12 +0000 (02:04 +0000)]
build user-guide.pdf too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17113
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:01:55 +0000 (02:01 +0000)]
Build/delete PDF files
* Makefile (PSPDF): New variable.
(admin-guide.pdf, install-guide.pdf): New targets.
(clean-final): Delete PDF files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17112
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 00:05:08 +0000 (00:05 +0000)]
profile_clear_relation doesn't work, iterator still sees deleted nodes
The "deleted" flag was being checked when writing out the file, but
not when iterating through using the profile handle being used to do
the deletions.
* prof_tree.c (profile_node_iterator): After checking skip_num counter, also
skip over deleted nodes.
* prof_test1 (test3): New proc.
(top level): Run it.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17111
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Mar 2005 23:25:32 +0000 (23:25 +0000)]
time-delta parser doesn't work on HP-UX 10
A build on Lenny's machine (built with gcc 2.7, thread support disabled, static
libraries only) is failing tests because the HP header files define "WS" as a
macro that expands to 2, while the delta-t grammar uses "WS" as the name of a
terminal symbol (which under bison turns into a C macro).
Renaming the terminal in the grammar (and custom lexer) fixes the problem.
* x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts with HP-UX
10 header files. Updated all productions.
(mylex): Updated.
* Makefile.in ($(srcdir)/deltat.c): Enable dependencies in maintainer mode.
* deltat.c: Updated.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 23 Feb 2005 22:47:14 +0000 (22:47 +0000)]
possible profile null pointer deref in threaded app
There seems to be a problem with a null pointer popping up when
profile_node_iterator reads ...->data->root to start walking through the
contents. Don't have a lot of details, but I've got some patches that might
tighten things up a little.
* prof_tree.c (profile_node_iterator): Check that the root node pointer is not
null; raise assertion failure if it is.
* prof_int.h: Include k5-platform.h.
(struct _prf_data_t): Reorder fields, and insert some padding.
* prof_file.c (scan_shared_trees_locked): Check that the "root" field isn't
null.
(profile_open_file): Update the in-memory file contents after updating the
refcount instead of before.
(profile_update_file_data): If the root node in the file data is null, always
do the update. Check that it's not null before returning a success
indication.
(profile_dereference_data_locked): Scan linked list of file data objects for
sanity check, before and after.
(profile_dereference_data_locked): Don't do it here.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17106
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Feb 2005 23:46:49 +0000 (23:46 +0000)]
* krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message if
SHOW_INITFINI_FUNCS is defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17105
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 16 Feb 2005 20:34:49 +0000 (20:34 +0000)]
Export missing DATA symbols on Windows
ticket: 2924
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17104
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Feb 2005 19:57:15 +0000 (19:57 +0000)]
* init_ctx.c (init_common): Delete redundant library initialization call that
was run only on UNIX. Test assertion that krb5_ui_8 really did get a proper
64-bit type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Feb 2005 01:14:00 +0000 (01:14 +0000)]
* gss-misc.c: Include autoconf.h. If both time.h and sys/time.h are available,
and they're compatible, include both.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17102
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 12 Feb 2005 00:27:35 +0000 (00:27 +0000)]
* kadmin.c (kadmin_startup): New flag "-N" to prevent fallback to
AUTH_GSSAPI.
* kadmin.M: Describe "-O" and "-N" flags.
ticket: 2913
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17101
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:10:40 +0000 (23:10 +0000)]
missed one file on previous commit
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17100
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:09:25 +0000 (23:09 +0000)]
Implement principal name and auth flavor fallback for kadm5 client
library. Adjust test suites to compensate.
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17099
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Feb 2005 02:52:08 +0000 (02:52 +0000)]
* gic_pwd.c (krb5_get_init_creds_password): Fix so empty password
string causes prompting and doesn't cause truncation of password
to zero characters.
ticket: 2918
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17098
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:39:32 +0000 (22:39 +0000)]
* gss-threads: New subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Add it.
* configure.in: Configure it. Check for semaphore.h, sem_init, sem_trywait.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17097
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:37:38 +0000 (22:37 +0000)]
multithreaded gssapi test prog based on gss-sample w/jaltman+raeburn changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17096
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:19:45 +0000 (02:19 +0000)]
* krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If SHOW_INITFINI_FUNCS
is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17095
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:18:19 +0000 (02:18 +0000)]
* et/error_message.c (com_err_initialize, com_err_terminate): If
SHOW_INITFINI_FUNCS is defined, print tracing messages.
* profile/prof_file.c (profile_library_initializer, profile_library_finalizer):
If SHOW_INITFINI_FUNCS is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17094
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:50:50 +0000 (00:50 +0000)]
Exercise the dynamic loading/unloading of libraries a bit more.
Athena's old IRIX systems fail this test now.
* t_loader.c (verbose): New variable.
(do_close_1): Drop filename argument. Change messages accordingly, and only
display them if verbose. Line up "done" messages vertically.
(do_open_1): Likewise. Add library version argument, used when on AIX, in
combination with RTLD_MEMBER.
(do_open): Don't pass filename. Do pass library version; callers changed.
(do_close): Don't pass filename.
(get_sym_1): Renamed from get_sym, added line number argument. Print messages
if verbose.
(get_sym): New macro.
(xbasename): Function deleted.
(HORIZ): New macro.
(main): Turn off output buffering. Print messages before and after calling
functions in loaded libraries. Disable first set of tests, that don't call any
functions. Test gssapi library without loading any other libraries, then test
it after loading com_err, and unload com_err first.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17093
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:41:40 +0000 (00:41 +0000)]
There is a memory leak here, if a thread has registered some per-thread data
when we delete the key. Fixing it will require walking through the per-thread
data of every thread and freeing the objects... and watching for deadlocks in
the case where a thread is exiting at the same time.
* threads.c (k5_key_delete) [pthread case]: Reset flags and destructor function
pointer to unset state.
(krb5int_thread_support_init, krb5int_thread_support_fini): If
SHOW_INITFINI_FUNCS is defined, print some tracing messages.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17092
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:23:20 +0000 (00:23 +0000)]
* Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17091
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:20:38 +0000 (00:20 +0000)]
* gss_libinit.c (gssint_lib_init, gssint_lib_fini) [SHOW_INITFINI_FUNCS]: Print tracing messages
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17090
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:14:57 +0000 (00:14 +0000)]
Fix build problem found testing certain combinations of options
* k5-platform.h (PROGRAM_EXITING) [__GNUC__ && !_WIN32 &&
CONSTRUCTOR_ATTR_WORKS && !DELAY_INITIALIZER]: Define as zero.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17089
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:11:14 +0000 (00:11 +0000)]
Build system support for a library having more than one init/fini symbol
defined, when using linker options to specify these functions. Now
LIBINITFUNC/LIBFINIFUNC are considered lists of symbols, ordered from
lowest-level (init run first, fini run last) to highest-level.
* lib.in (config.status): Change target to be in $thisconfigdir rather than
local.
(osf1.exports): Create a temporary file then rename into place. Add options
for library init/fini symbols, handling multiple values.
* shlib.conf (case alpha*-dec-osf*): Don't handle init/fini symbols here.
(case mips-sgi-irix*): Handle multiple init/fini symbols. Always set $initfini
before it gets used.
(case *-*-solaris*, not gcc): Handle multiple init/fini symbols.
(case *-*-aix*): Handle multiple fini symbols.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17088
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:12:08 +0000 (23:12 +0000)]
* Makefile.in (config.status): Depend on shlib.conf
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17087
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:10:48 +0000 (23:10 +0000)]
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): If thread support is not enabled, zap
the PTHREAD_ variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17086
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:09:31 +0000 (01:09 +0000)]
* gssapi.hin: (GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't
define except on Windows.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17085
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:06:56 +0000 (01:06 +0000)]
Makefile.in: fix macro syntax in last change
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17084
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:03:27 +0000 (01:03 +0000)]
* t_loader.c: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17083
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:41 +0000 (00:58 +0000)]
don't build anything by default
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17082
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:07 +0000 (00:58 +0000)]
* Makefile.in: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:57:17 +0000 (00:57 +0000)]
* configure.in: Look for dlfcn.h. Configure new shlib subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Build in shlib subdir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17080
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:48:12 +0000 (00:48 +0000)]
* configure.in: Put #ifndef/#define/#endif wrapper into autoconf.h to protect
against multiple inclusions. Don't look for xom.h. Check for dlopen.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17079
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:31:21 +0000 (00:31 +0000)]
* gssapi.hin: Don't conditionally include xom.h here
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17078
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:27:33 +0000 (00:27 +0000)]
* Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_ when
extracting from autoconf.h. Don't look for HAVE_ or USE_ symbols. Add
${include_xom} to the prologue.
(include_xom): New variable.
* gssapi.h: Always include stddef.h unconditionally.
(GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't define.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17077
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:26:17 +0000 (00:26 +0000)]
* configure.in: Check for xom.h. Set include_xom to a C include directive or
comment, and substitute it in the Makefiles.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17076
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 28 Jan 2005 05:16:34 +0000 (05:16 +0000)]
* t_walk_rtree.c (main): Free context at end to allow searching
for memory leaks.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17072
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 24 Jan 2005 20:22:57 +0000 (20:22 +0000)]
* post.in (Makefile): Nuke autom4te.cache before and after autoconf runs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17063
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 22 Jan 2005 01:28:14 +0000 (01:28 +0000)]
Irix k5_os_mutex_lock calls k5_pthread_mutex_lock w/ wrong arg
* k5-thread.h (k5_os_mutex_lock): Under Irix, invoke
k5_pthread_mutex_lock() with the k5_os_mutex, not the
pthread_mutex_t.
(k5_pthread_assert_locked,unlocked): If DEBUG_THREADS not used, provide
correct prototype. Add missing close paren.
Test programs show that under irix, the mutex locking/unlocking code was
working - even with the wrong memory use... I do not understand why.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17062
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 18 Jan 2005 17:33:56 +0000 (17:33 +0000)]
* configure.in: When looking for setupterm() - look in
libcurses/libncurses even if termcap library found.
This is a GCC 4.0 fix.. Otherwise we get conflicting declarations of setupterm
in a header file and in the telnet client.
ticket: 2876
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17053
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 18 Jan 2005 17:29:46 +0000 (17:29 +0000)]
* threads.c (k5_key_delete) [ENABLE_THREADS && !_WIN32]: Don't abort,
just leak resources for now.
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17052
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 18 Jan 2005 08:07:47 +0000 (08:07 +0000)]
re-initialize 'terminated' variable to 0 during initialization routine
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17051
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 23:57:51 +0000 (23:57 +0000)]
Some applications such as Eudora on Windows load and unload the Kerberos
libraries as part of a plug-in. Plugins are often loaded for a specific
purpose and then unregistered. In order to support this model, the libraries
must restore the library state to the uninitialized state when the library
is unloaded.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17050
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 19:10:31 +0000 (19:10 +0000)]
krb5_unparse_name(), krb5_unparse_name_ext():
prevent dereferencing of pointer if 'name' or 'size' are NULL
ticket: new
tags: pullup
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17049
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:37:27 +0000 (17:37 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
fixed as introduced in ticket #2541. Do not rely on knowledge that
upon failure from krb5_cc_retrieve_cred, returned credential data
is untouched.
Testsuite passes all tests, but would like another set of eyes to look over code
before closing ticket.
ticket: 2885
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17048
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:32:26 +0000 (17:32 +0000)]
subject; krb5_do_preauth could attempt to free NULL pointer
* preauth2.c (krb5_do_preauth): Upon error in decoding
krb5_type_info{,2}, on failure, do not call krb5_free_type_info
with a null pointer.
The only way to reach this code is to set a preauth list requesting for ETYPE_INFO
or ETYPE_INFO2 in a call to krb5_get_in_tkt_with_password.
Before sending the request, krb5_do_preauth tries to parse a NULL length asn1 buffer,
fails and tries to free a null pointer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17047
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 Jan 2005 21:40:23 +0000 (21:40 +0000)]
* rc_dfl.c: Move the extraction of the struct dfl_data
from the krb5_rcache after obtaining the lock, not before.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17046
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 Jan 2005 06:34:08 +0000 (06:34 +0000)]
* cp_key_cnt.c, copy_princ.c:
prevent krb5_copy_principal() and krb5_copy_keyblock() from
calling malloc(0). On platforms in which malloc(0) returns
NULL, these functions will return an ENOMEM error the way
they were written.
ticket: 2881
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17045
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 23:50:22 +0000 (23:50 +0000)]
* k5-thread.h [HAVE_PTHREAD && HAVE_PRAGMA_WEAK_REF]: Mark pthread_self and
pthread_equal as weak references.
ticket: 2878
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17041
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Jan 2005 21:52:15 +0000 (21:52 +0000)]
Fix braino in previous change to xdr_bytes. New test case for
RPCSEC_GSS fixed-size buffers.
ticket: 2877
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17039
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Jan 2005 06:02:01 +0000 (06:02 +0000)]
* authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid
size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ.
(xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of
MAX_NETOBJ_SZ.
* xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since
it'll be uninitialized then. Shuts up Purify.
ticket: 2877
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17038
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 05:18:31 +0000 (05:18 +0000)]
fix calling convention for thread support fns
This depends on a change to k5-thread.h that was included with a checkin I did
earlier for 2878.
* threads.c (k5_mutex_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats): Define as KRB5_CALLCONV.
(krb5int_mutex_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats) [_WIN32]: Undef macros before defining functions.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17037
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 05:03:48 +0000 (05:03 +0000)]
* k5-thread.h (k5_pthread_assert_locked): Only call pthread_equal if
thread support is loaded.
(k5_pthread_mutex_unlock): Use k5_pthread_assert_locked instead of
duplicating it.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17036
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 04:40:16 +0000 (04:40 +0000)]
* prof_file.c (profile_open_file): If mutex creation fails, free storage
directly instead of calling profile_close_file.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17035
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:39:24 +0000 (03:39 +0000)]
* cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock, file_is_locked
deleted.
(krb5_fcc_open_file, krb5_fcc_close_file, dereference, krb5_fcc_resolve,
krb5_fcc_generate_new, krb5_fcc_set_flags): Don't set or check them.
ticket: 2874
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17034
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:27:51 +0000 (03:27 +0000)]
* prng.c (krb5int_prng_init): Incorporate do_yarrow_init body. Don't check
inited variable.
(inited): Variable deleted.
(krb5_c_random_make_octets, krb5int_prng_cleanup): Don't check it.
(do_yarrow_init): Deleted.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17033
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:24:48 +0000 (03:24 +0000)]
* yarrow.c (yarrow_reseed_locked): Renamed from krb5int_yarrow_reseed and made
static.
(Yarrow_detect_fork, yarrow_input_maybe_locking, krb5int_yarrow_output_Block):
Call it.
(krb5int_yarrow_reseed): New function, grabs lock and calls the old version.
(krb5int_yarrow_final): Hold the lock until after clearing the Yarrow context
data.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17032
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:19:39 +0000 (03:19 +0000)]
More paranoid checking...
* k5-thread.h (k5_os_mutex) [pthread case]: Add new field "owner" if
DEBUG_THREADS.
(k5_pthread_mutex_lock, k5_pthread_mutex_unlock, k5_pthread_assert_locked): New
macros/functions; if DEBUG_THREADS, set or check the owner field.
(K5_OS_MUTEX_PARTIAL_INITIALIZER) [pthread case && DEBUG_THREADS]: Set the
owner field. If PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP is defined, use it.
(k5_os_mutex_lock, k5_os_mutex_unlock, k5_os_mutex_assert_locked) [pthread
case]: Use k5_pthread_ versions.
(k5_mutex_destroy): Update the location data with the mutex locked, before
destroying it.
(k5_mutex_unlock): Update the location data while the mutex is still locked,
and check the assertion that the mutex really is locked. Convert inline
function to macro.
* k5-thread.h (krb5int_mutex_lock_update_stats,
krb5int_mutex_unlock_update_stats, krb5int_mutex_report_stats)
[!DEBUG_THREADS_STATS]: Declare KRB5_CALLCONV.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17031
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:15:41 +0000 (03:15 +0000)]
* error_message.c (com_err_terminate): Lock the list mutex before walking
through it; unlock and destroy it afterwards.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17030
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:12:21 +0000 (03:12 +0000)]
profile code never destroys its per-file mutexes
* prof_file.c (profile_free_file_data): Destroy mutex before freeing containing
structure.
ticket: new
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17029
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 13 Jan 2005 11:51:51 +0000 (11:51 +0000)]
* ftpd.c: GCC 4.0 fixes... Move static declaration of gunique out
of function.
ticket: 2876
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17026
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 13 Jan 2005 11:51:30 +0000 (11:51 +0000)]
correction to previous commit. do not call krb5_gss_release_cred()
if the cred was not acquired. destroy each field of the cred one
piece at a time based upon what was allocated.
ticket: 2875
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17025
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 13 Jan 2005 11:32:47 +0000 (11:32 +0000)]
Tree does not compile with GCC 4.0
* yarrow.c: Declare yarrow_gate_locked static before first use.
GCC 4.0 snapshots are more particular about using a static function
before a prototype is given.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17024
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 13 Jan 2005 08:19:06 +0000 (08:19 +0000)]
Fix the calls to krb5_gss_release_cred to pass in the correct type.
This fixes a mutex leak.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17023
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 13 Jan 2005 00:35:17 +0000 (00:35 +0000)]
* prng.c (read_entropy_from_device): Use ssize_t, not size_t, so
read() returning -1 doesn't cause trouble.
ticket: 2871
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17020
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 18:24:44 +0000 (18:24 +0000)]
* default.exp (start_tail): New proc. Handles GNU tail race condition with
less delay than the old code that was in start_kerberos_daemons.
(start_kerberos_daemons): Call start_tail for both log files.
ticket: 2873
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17019
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 12 Jan 2005 17:18:28 +0000 (17:18 +0000)]
Fix some potential resource leaks in dnsglue.c
ticket: 2872
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17018
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 12 Jan 2005 04:57:22 +0000 (04:57 +0000)]
2005-01-11 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c:
- do not free krb5_creds if krb5_copy_creds fails
- cause MSTicketToMITTicket to return failure if
krb5_copy_data fails
ticket: 2870
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17017
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 03:47:58 +0000 (03:47 +0000)]
* krb-root/rlogin.exp (start_rlogin_daemon): Use built-in sleep command.
* krb-root/telnet.exp (start_telnet_daemon): Likewise.
* krb-standalone/gssftp.exp (start_ftp_daemon): Use built-in sleep command.
* krb-standalone/rcp.exp (start_rsh_daemon): Likewise.
* krb-standalone/rsh.exp (start_rsh_daemon): Likewise.
* krb-standalone/sample.exp (start_sserver_daemon): Likewise.
* krb-standalone/v4gssftp.exp (start_ftp_daemon): Likewise.
* krb-standalone/v4krb524d.exp (start_k524_daemon): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17016
dc483132-0cff-0310-8789-
dd5450dbe970