Ken Raeburn [Thu, 10 Jun 2004 21:46:01 +0000 (21:46 +0000)]
* admin.texinfo (Supported Encryption Types): Reflect new AES support in
GSSAPI, but keep a warning about interoperability with old versions.
ticket: 2585
tags: pullup
target_version: 1.3.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16430
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 10 Jun 2004 18:23:48 +0000 (18:23 +0000)]
* Makefile.in (krb5/gssapi_krb5.h): Depend on recursion rule
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16429
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Thu, 10 Jun 2004 02:17:39 +0000 (02:17 +0000)]
Install gssapi_krb5.h from build dir not srcdir
ticket: 2587
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16428
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Wed, 9 Jun 2004 18:30:01 +0000 (18:30 +0000)]
If channel bindings are supplied to server require them to be matched
Based on discussion on kerberos@mit.edu, the decision to allow null
channel bindings from a client to match even when server channel
bindings are supplied is flawed. This decision assumes that we cannot
get server implementations to change even though we are able to deploy
a new Kerberos implementation on the server. In practice the server
implementations in question have actually changed and so the only part
of revision 1.54 of accept_sec_context.c we actually need is the code
to ignore channel bindings if null channel bindings are passed into
the server. Thus the change to allow null channel bindings from the
client to match against any channel bindings on the server is backed
out.
Ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16427
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Jun 2004 00:11:29 +0000 (00:11 +0000)]
ugh. revert last change
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16426
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Jun 2004 00:06:34 +0000 (00:06 +0000)]
* sendto_kdc.c (krb5int_sendtokdc_debug_handler) [!DEBUG]: Define as a macro,
not a variable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16425
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 8 Jun 2004 21:55:40 +0000 (21:55 +0000)]
Run make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16424
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Tue, 8 Jun 2004 21:50:17 +0000 (21:50 +0000)]
Patch from kwc@citi.umich.edu to support
gss_krb5_export_lucid_sec_context and other facilities for NFSv4
implementations.
In order to apply this patch gss_krb5.h needs to be auto-generated so we can expose a 64-bit type for sequence numbers.
Ticket: 2587
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16423
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 20:05:39 +0000 (20:05 +0000)]
* Makefile.in ($(srcdir)/krb5/autoconf.stmp): Always use --include, don't
try --localdir.
(all-recurse): Depend on krb5/autoconf.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16422
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:48:56 +0000 (19:48 +0000)]
* Makefile.in ($(srcdir)/include/config.h.in): Always use --include, never try
--localdir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16421
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:27:57 +0000 (19:27 +0000)]
* aclocal.m4 (CONFIG_RULES): Don't set AUTOCONF, AUTOCONFFLAGS, AUTOHEADER,
AUTOHEADERFLAGS, AUTOCONFINCFLAGS.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16420
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:26:06 +0000 (19:26 +0000)]
* pre.in (AUTOCONF, AUTOHEADER): Always set to autoconf and autoheader
respectively.
(AUTOCONFFLAGS, AUTOHEADERFLAGS): Always set to empty.
* post.in (Makefile): Always run autoconf with --include, don't bother with
--localdir any more. Don't delete autom4te.cache here.
(clean-unix): Delete autom4te.cache.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16419
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 8 Jun 2004 19:05:05 +0000 (19:05 +0000)]
* shlib.conf (*-*-darwin*, *-*-rhapsody*): Add -Wl,-search_paths_first to
linker flags.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16418
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 7 Jun 2004 19:31:23 +0000 (19:31 +0000)]
* kpasswd.c (get_name_from_passwd_file): Do not cast return from
getuid() to int as argument to getpwuid.
* ksetpwd.c: Include time.h for time() prototype.
(main): Return 0 on success.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16417
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 7 Jun 2004 19:25:32 +0000 (19:25 +0000)]
* network.c (paddr): Use unsigned int for length.
(kdc_conn_type): Declare CONN_ enumerated types in connection as
distinct type.
(add_fd): Declare as taking enum type instead of simply
integer. Prevents assignment of interger to an enum.
(process_tcp_connection): Remove variable assigned to but never used.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16416
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:46:11 +0000 (22:46 +0000)]
* yarrow.c (yarrow_str_error): Now const
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16415
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:44:30 +0000 (22:44 +0000)]
* asn1_encode.c (asn1_encode_generaltime): Use gmtime_r if available
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16414
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:43:15 +0000 (22:43 +0000)]
* str_conv.c (krb5_string_to_timestamp): Use localtime_r if available.
(krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16413
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:42:32 +0000 (22:42 +0000)]
* parse.c (krb5_parse_name): Use assert and abort, not exit
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16412
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 22:35:25 +0000 (22:35 +0000)]
Change all uses of LIB in UNIX makefiles to LIBBASE, for better Windows
compatibility. (Windows nmake exports make variables into the environment, and
LIB is treated by the Windows linker as a search path for libraries, thus
breaking the linking on Windows of anything needing libraries from the search
path in directories where we build libraries on UNIX.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16411
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 21:37:18 +0000 (21:37 +0000)]
Oops
* srv_rcache.c (krb5_get_server_rcache): Don't forget to actually include the
cache type in the cache name, after looking it up.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16410
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 20:29:22 +0000 (20:29 +0000)]
* kuserok.c (krb5_kuserok): Handle draft POSIX versions of getpwnam_r
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16409
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 20:28:39 +0000 (20:28 +0000)]
* prof_file.c (profile_open_file): Handle earlier (draft POSIX) specifications
of getpwuid_r.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16408
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 15:46:30 +0000 (15:46 +0000)]
* configure.in: Check number of arguments to getpwnam_r and getpwuid_r and
define some new macros if they're the four-argument draft POSIX versions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16407
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 01:06:43 +0000 (01:06 +0000)]
* configure.in: Check for getpwnam_r, gmtime_r, and localtime_r
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16406
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Jun 2004 01:05:24 +0000 (01:05 +0000)]
* configure.in: Check for various _r functions needed for thread safety. If
enable-thread-support is specified, complain about any that aren't found.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16405
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 3 Jun 2004 22:50:35 +0000 (22:50 +0000)]
bump some missed version numbers
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16403
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Jun 2004 22:44:18 +0000 (22:44 +0000)]
Oops. Fixes last night's test failures in last night's build..
* com_err.c (com_err_va): In success case, don't then fall through into error
case.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16402
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 3 Jun 2004 21:07:25 +0000 (21:07 +0000)]
update for krb5-1.3.4-beta1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16397
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Jun 2004 02:21:30 +0000 (02:21 +0000)]
Checkpoint notes on thread safety technique and status of various libraries
* threads.txt, thread-safe.txt: New files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16396
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Jun 2004 02:19:23 +0000 (02:19 +0000)]
Closer to thread-safe..
* configure.in: Check for getpwuid_r.
* prof_file.c (profile_open_file) [HAVE_PWD_H && HAVE_GETPWUID_R]: Use
getpwuid_r if available.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16395
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Jun 2004 00:30:02 +0000 (00:30 +0000)]
The com_err library is now probably as thread-safe as it's going to get, on
UNIX; Windows still needs work....
* com_err.c: Include stdlib.h.
(com_err_hook_lock): New mutex.
(com_err_lock_hook_handle): New function.
(com_err_va, set_com_err_hook, reset_com_err_hook): Call com_err_finish_init,
and grab the lock.
* error_message.c: Don't include k5-thread.h.
(com_err_finish_init): New function.
(com_err_initialize): Initialize the new mutex.
* error_table.h: Include k5-thread.h.
(com_err_hook_lock, com_err_finish_init): Declare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16394
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 23:47:36 +0000 (23:47 +0000)]
* k5-thread.h: Error out at compile time if thread support is enabled but the
thread system isn't pthreads. (This is after the code disabling thread support
for non-pthreads systems, so it's a placeholder for now that should never get
invoked.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16393
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 23:41:51 +0000 (23:41 +0000)]
* prng.c (init_once): Variable deleted.
(krb5_c_random_add_entropy): Do the initialization once, using the yarrow_lock
mutex instead of k5_once to protect it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16392
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 23:40:12 +0000 (23:40 +0000)]
* disp_com_err_status.c (init_et): Variable deleted.
(g_display_com_err_status): Don't call initialize_ggss_error_table
conditionally; instead, always call gssint_initialize_library.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16391
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 22:54:31 +0000 (22:54 +0000)]
* gss_libinit.c (gssint_lib_init): Initialize error tables here.
(gssint_initialize_library): Don't do it directly here. Make sure
gssint_lib_init has been called, and return the status.
(gssint_lib_fini): Remove error tables here.
(gssint_cleanup_library): Function deleted.
(initialized): Variable deleted.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16390
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 22:38:45 +0000 (22:38 +0000)]
Oops. Add and remove k524 error table too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16389
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 22:35:33 +0000 (22:35 +0000)]
Add/remove error tables in library initialization/termination, not per context.
Use only one library initialization scheme, and install the error tables in
only one place.
* krb5_libinit.c (initialized): Variable deleted, all references removed.
(krb5int_lib_init): Initialize error tables here.
(krb5int_initialize_library): Don't do it here.
* error_tables/Makefile.in (STLIBOBJS, OBJS, SRCS): Drop init_ets code.
* krb/init_ctx.c (init_common): Don't call krb5_init_ets.
(krb5_free_context): Don't call krb5_free_ets.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16388
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 22:29:18 +0000 (22:29 +0000)]
* srv_rcache.c (krb5_get_server_rcache): Use krb5_rc_resolve_full instead of
constructing an rcache object locally.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16387
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 2 Jun 2004 22:25:37 +0000 (22:25 +0000)]
Move definitions of struct krb5_rc_st, struct _krb5_rc_ops, krb5_rc_ops, and
declarations of krb5_rc_register_type, krb5_rc_dfl_ops from k5-int.h to
rc-int.h. Include rc-int.h in the krb5/rcache files that need it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16386
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 2 Jun 2004 21:56:02 +0000 (21:56 +0000)]
fix missing braces in an_to_ln.c security patch
* an_to_ln.c (do_replacement): Patch from Bill Dodd to fix missing
braces in previous security patch.
ticket: new
tags: pullup
target_version: 1.3.4
version_reported: 1.3.4
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16384
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 1 Jun 2004 20:16:38 +0000 (20:16 +0000)]
fix buffer overflow in an_to_ln.c
* an_to_ln.c (rule_an_to_ln): Fix buffer overflow when parsing
principal names into components.
(do_replacement): likewise
(aname_replacer): Support error return from do_replacement
ticket: new
version_reported: 1.3.3
target_version: 1.3.4
tags: pullup
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16381
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 31 May 2004 12:39:16 +0000 (12:39 +0000)]
* kadmin.h, keytab.c: Remove inclusion of k5-int.h
Nothing internal is referenced - krb5.h is sufficient.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16380
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 31 May 2004 04:10:18 +0000 (04:10 +0000)]
* error_message.c (terminated): New variable.
(com_err_terminate): Set it.
(remove_error_table): Check it, warn and abort if set.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16379
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 20:06:15 +0000 (20:06 +0000)]
* aclocal.m4 (KRB5_AC_GCC_ATTRS): On AIX 4, mark the destructor attribute as
always not working, until we can construct a good test for the order of
destructors in the multiple shared library case.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16378
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 20:04:04 +0000 (20:04 +0000)]
* shlib.conf (*-*-aix*): Use linker options for library finalization
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16377
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 07:27:32 +0000 (07:27 +0000)]
* getdate.y: Include krb5.h and kadmin.h.
(get_date): Drop second argument; always use NULL.
* kadmin.h: Include time.h and/or sys/time.h.
(get_date): Declare.
* kadmin.c (get_date): Don't declare.
(kadmin_parse_princ_args, kadmin_parse_policy_args): Drop second argument to
get_date.
* Makefile.in (LOCALINCLUDES): Define.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16376
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 06:05:54 +0000 (06:05 +0000)]
Silence some gcc compilation warnings:
* ksetpwd.c (verify_creds, get_init_creds_opt_init, userinitcontext,
init_creds): Now static.
(main): Remove one of two variables named "ccache".
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16375
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 05:59:46 +0000 (05:59 +0000)]
* clnt_tcp.c: Include string.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16374
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 05:57:29 +0000 (05:57 +0000)]
* k5-int.h (krb5int_crypto_init, krb5int_prng_init): Declare
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16373
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 30 May 2004 05:44:10 +0000 (05:44 +0000)]
* setenv.c: Include string.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16372
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 28 May 2004 03:44:33 +0000 (03:44 +0000)]
Add prototypes for library init and fini functions. Makefile dependencies
updated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16371
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 27 May 2004 23:07:50 +0000 (23:07 +0000)]
* win-pre.in (CP): Copy nul: plus the file, to avoid carrying over the original
modification time, since some of our makefiles depend on $(CP) updating the
timestamp. Use binary mode for the copy, because default/ASCII seems to cause
a ^Z to be added to the file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16369
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)]
* yarrow.c (krb5int_yarrow_final): Call
krb5int_yarrow_cipher_final before zeroing out reference to
memory.
* ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory
allocated by krb5int_yarrpw_cipher_init().
These cleanup handlers are now invoked in the library "fini" handlers.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16368
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 26 May 2004 13:10:49 +0000 (13:10 +0000)]
* cc_mslsa.c: GetMSTGT(). Add krb5_context
parameter to allow krb5_get_permitted_enctype() to be called
instead of using a hardcoded list of enctypes which may change
in the future.
krb5_lcc_get_name(): fix return value if Kerberos is not supported.
ticket: 2574
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16364
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 26 May 2004 04:36:44 +0000 (04:36 +0000)]
* cc_mslsa.c: GetMSTGT() Initialize pTicketRequest to NULL to prevent
inadvertant deallocation.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16363
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 25 May 2004 21:48:02 +0000 (21:48 +0000)]
* aesopt.h (PLATFORM_BYTE_ORDER): Treat _WIN32 as always
little-endian. Default to little-endian if there's no other
compile-time way to detect endianness, noting it as a guess.
(SAFE_IO): Error out if SAFE_IO is not set and endianness was
guessed.
ticket: 2564
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16362
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 25 May 2004 18:09:45 +0000 (18:09 +0000)]
* keytab.c (krb5_ktkdb_get_entry): Change local variable rom int
to krb5_boolean to match prototype for as argument to
krb5_c_enctype_compare.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16361
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 25 May 2004 18:07:49 +0000 (18:07 +0000)]
* conv_creds.c (krb5int_encode_v4tkt): Unsigned vs signed warning fix
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16360
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 25 May 2004 18:06:13 +0000 (18:06 +0000)]
* aes.c (krb5int_aes_encrypt): Signed/unsigned warning fix
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16359
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 21:04:34 +0000 (21:04 +0000)]
* t_encrypt.c (compare_results): Declare static.
(main): Free allocated memory before exit.
* t_nfold.c (fold_kerberos): Change nbytes argument to unsigned.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16358
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 20:41:23 +0000 (20:41 +0000)]
krb5_rc_io_open_internal might try to invoke with negative argument
* rc_io.c (krb5_rc_io_open_internal): If file could not be open,
do not invoke close negative argument.
Ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16357
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 20:24:23 +0000 (20:24 +0000)]
* t_ser.c (ser_keytab_test): Cleanup memory leak of forgetting to
close keytab.
* chpw.c: Add parenthesis around assignments in conditionals.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16356
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 19:53:16 +0000 (19:53 +0000)]
* t_cc.c (cc_test): Clean up memory leaks in tests
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16355
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 19:45:01 +0000 (19:45 +0000)]
* configure.in: When generating prtest, use AC_CONFIG_FILES
instead of K5_GEN_FILE so that a chmod may be added to make the
script executable.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16354
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 19:43:17 +0000 (19:43 +0000)]
(main): Invoke krb5_free_context at exit to allow
checking for memory leaks.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16353
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 24 May 2004 19:33:33 +0000 (19:33 +0000)]
* kdb5_mkdums.c (main): Fix memory leak of master principal at exit
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16352
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 23 May 2004 17:20:09 +0000 (17:20 +0000)]
Use compile-time tests using system headers to determine byte order on AIX.
(cf ticket 2551, already pulled up and marked resolved)
* configure.in: Check for sys/param.h too.
* include/db-int.h: Include sys/param.h if available.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16351
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 May 2004 14:48:14 +0000 (14:48 +0000)]
* kfw.nsi, kfw-fixed.nsi, utils.nsi:
- replace the UpdateDLL macro with the ReplaceDLL macro
- use ReplaceDLL to install all .exe and .dll files
this will allow the installer to work even when some files
are loaded by modules which cannot be terminated such as
Network Providers (afslogon.dll for example)
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16340
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 May 2004 12:57:05 +0000 (12:57 +0000)]
The memory allocated by ConstructTicketRequest is not LSA memory
and must be freed with LocalFree().
ticket: 2561
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16339
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 May 2004 04:08:08 +0000 (04:08 +0000)]
2004-05-15 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c:
Do not use the FAILED() macro to test the result of ConstructTicketRequest().
ConstructTicketRequest() returns positive errors and FAILED() only considers
negative values to be a failure condition.
Also, close potential memory leak of LSA allocated memory.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16338
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Fri, 14 May 2004 21:14:22 +0000 (21:14 +0000)]
Pass architecture environment to krb5 build system
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16336
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 08:11:35 +0000 (08:11 +0000)]
* libgssapi_krb5.exports: Remove et_*, generic_*, gssint_*, initialize_*, kg_* symbols
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16333
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 04:38:58 +0000 (04:38 +0000)]
Link test programs against thread support library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16332
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 13 May 2004 03:16:24 +0000 (03:16 +0000)]
* send_tgs.c: krb5_send_tgs() was broken in the case of a KRB_ERROR
message. The krb5_response message_type field was never set
resulting in stack garbage being used instead. This would
break code which used transitive cross-realm to obtain service
tickets.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16331
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 02:25:22 +0000 (02:25 +0000)]
* k5-thread.h: On IRIX, with threads enabled, reject gcc older than v3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16330
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 02:24:29 +0000 (02:24 +0000)]
* k5-thread.h: On IRIX, if gcc is older than v3, tell the user to get a newer
one, and error out.
(We need weak reference support for pthread_once, gcc 2.95 doesn't
support them, but gcc 3, which has been out for nearly 3 years, does.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16329
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 00:57:34 +0000 (00:57 +0000)]
* shlib.conf (*-*-linux*): Use GNU linker's --retain-symbols-file option to
implement export list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16328
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 00:50:15 +0000 (00:50 +0000)]
* Makefile.in (DEPLIBS, MLIBS, SHLIB_EXPDEPS, SHLIB_EXPLIBS): Add the new support library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16327
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 13 May 2004 00:49:11 +0000 (00:49 +0000)]
* libk5crypto.exports: Add the DES tables back in; libdes425 uses them directly
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16326
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 7 May 2004 23:29:38 +0000 (23:29 +0000)]
* configure.in: Check for endian.h and machine/endian.h.
* aes/aesopt.h (PLATFORM_BYTE_ORDER): Check for _MIPSEB, _MIPSEL. If endian.h
or machine/endian.h is available, include it instead of sys/param.h. Don't
mess around with multibyte character constants.
ticket: 2551
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16323
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 7 May 2004 23:26:43 +0000 (23:26 +0000)]
* configure.in: Check for machine/endian.h too.
* include/db-int.h: Include machine/endian.h if available. Check for
__LITTLE_ENDIAN__ and __BIG_ENDIAN__, _MIPSEB and _MIPSEL.
ticket: 2551
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16322
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 7 May 2004 19:18:17 +0000 (19:18 +0000)]
Patch from Matt Crawford to allow matching on realm in cross-realm
authentication for krb5_aname_to_lname.
Ticket: 957
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16321
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 6 May 2004 03:15:37 +0000 (03:15 +0000)]
* threads.c (krb5int_thread_support_fini) [!ENABLE_THREADS]: Provide a dummy
function for now.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16320
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 6 May 2004 03:13:56 +0000 (03:13 +0000)]
* fake-addrinfo.c: Deleted
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16319
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 6 May 2004 02:28:25 +0000 (02:28 +0000)]
Start using our first bit of per-thread storage
* error_message.c (buffer): Static variable deleted.
(com_err_initialize): Register cleanup support for com_err thread-specific data
key.
(error_message): Use a per-thread dynamically-allocated buffer instead of
static storage, for the case where an unknown error code is given. If any
errors occur allocating or tracking the buffer, return a fixed message.
* t_com_err.c: Include stdlib.h. If TEST_THREADS is defined, include
pthread.h.
(run): Renamed from main, changed signature.
(main): New function. Just call run, or if TEST_THREADS is defined, create a
thread to call it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16318
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 6 May 2004 01:33:56 +0000 (01:33 +0000)]
Since the AES code builds, and doesn't do any configure-time byte order checks
that I noticed, something similar ought to work for the DB code. This is the
first cut; nightly testing builds should tell us if it's sufficient on most of
the platforms we work on.
* include/db-int.h: Include stdlib.h, and endian.h if available.
(LITTLE_ENDIAN, BIG_ENDIAN, BYTE_ORDER): If not defined, and if versions with
one or two leading underscores are defined, define the no-underscore form in
terms of the with-underscore one.
(DB_BYTE_ORDER): Define by checking LITTLE_ENDIAN, BIG_ENDIAN, and BYTE_ORDER;
report an error if that doesn't work. Don't check WORDS_BIGENDIAN.
* Makefile.in (all-prerecurse): Make sure headers generated by config.status
are up to date.
(include/config.h, $(srcdir)/include/config.h.in, include/db-config.h): New
rules.
* configure.in: Don't check byte order here. Check for endian.h.
ticket: 2551
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16317
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 6 May 2004 00:12:52 +0000 (00:12 +0000)]
* libkrb5.exports: Export krb5int_foreach_localaddr for now
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16316
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:50:42 +0000 (22:50 +0000)]
* libobj.in (OBJS.ST, OBJS.SH, OBJS.PF): Depend on Makefile
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16315
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:44:46 +0000 (22:44 +0000)]
Rename header file foreachaddr.c to foreachaddr.h, now that it isn't
mostly static functions to be compiled in.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16314
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:37:38 +0000 (22:37 +0000)]
build dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16313
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:33:23 +0000 (22:33 +0000)]
* pre.in (SUPPORT_LIBNAME, SUPPORT_DEPLIB, SUPPORT_LIB): New variables.
(KRB5_BASE_LIBS): Add $(SUPPORT_LIB).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16312
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:21:35 +0000 (22:21 +0000)]
* localaddr.c: Incorporate foreach_localaddr implementation. Export it as
krb5int_foreach_localaddr.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16311
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:18:01 +0000 (22:18 +0000)]
* foreachaddr.c: Implementation moved to lib/krb5/os/localaddr.c.
(krb5int_foreach_localaddr): Declare.
(foreach_localaddr): New macro.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16310
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 22:10:39 +0000 (22:10 +0000)]
* foreachaddr.c: Deleted. Code moved to lib/krb5/os/localaddr.c.
* Makefile.in (SRCS, STLIBOBJS): Updated.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16309
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 01:19:43 +0000 (01:19 +0000)]
* configure.in: Enable dependency support for shared lib.
* Makefile.in (test_et, t_com_err): Depend on, and link against, the new
support library.
(SHLIB_EXPDEPS, SHLIB_EXPLIBS, SHLIB_RDIRS, SHLIB_DIRS): New variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16308
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 01:16:27 +0000 (01:16 +0000)]
* Makefile.in (SHLIB_EXPLIBS): Include $(LIBS).
(SHLIB_RDIRS): Use $(KRB5_LIBDIR), for lack of anything better.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16307
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 01:14:53 +0000 (01:14 +0000)]
* configure.in: Include dependency support for shared library build
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16306
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 00:47:59 +0000 (00:47 +0000)]
* threads.c (k5_key_register, destructors, k5_setspecific) [!ENABLE_THREADS]:
Update to fit declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16305
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 May 2004 00:31:38 +0000 (00:31 +0000)]
* Makefile.in (LOCAL_SUBDIRS): Build support library
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16304
dc483132-0cff-0310-8789-
dd5450dbe970