krb5.git
16 years agoIn the rlogin tests, expect to see /bin/sh echoed back after sending
Greg Hudson [Fri, 5 Dec 2008 18:30:18 +0000 (18:30 +0000)]
In the rlogin tests, expect to see /bin/sh echoed back after sending
/bin/sh.  If we just look for a shell prompt, we can get out of sync
if the login shell decides to clear the line and redisplay the prompt.
(I see bash redisplaying the prompt in 30-50% of test runs; I don't
know what it's thinking.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21288 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge in fix from ms-krb-integ branch to avoid modifying input data on aead_decrypt...
Sam Hartman [Fri, 5 Dec 2008 14:09:40 +0000 (14:09 +0000)]
Merge in fix from ms-krb-integ branch to   avoid modifying input data on aead_decrypt_compat

ticket: 6274
Status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21287 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix from Marcus Watts for glob-to-regexp conversion bug.
Ken Raeburn [Thu, 4 Dec 2008 22:26:56 +0000 (22:26 +0000)]
Fix from Marcus Watts for glob-to-regexp conversion bug.
Tweaked test case to exercise the bug.

ticket: 5667

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21285 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCleanup warnings
Sam Hartman [Thu, 4 Dec 2008 15:48:18 +0000 (15:48 +0000)]
Cleanup warnings

ticket: 6274
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21280 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge R21122 from mskrb-integ
Sam Hartman [Thu, 4 Dec 2008 15:48:14 +0000 (15:48 +0000)]
Merge R21122 from mskrb-integ

Namespace cleanup

ticket: 6274
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21279 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMerge r21120 from mskrb-integ
Sam Hartman [Thu, 4 Dec 2008 15:48:08 +0000 (15:48 +0000)]
Merge r21120 from mskrb-integ

Refactor code such that an AEAD provider does not need to implement the
older, non-IOV SPIs. Instead, the older APIs will implement their
behaviour on top of the AEAD SPIs, using the wrapper functions in
aead.c.

ticket: 6274
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21278 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMove warning flags to new variables WARN_CFLAGS and WARN_CXXFLAGS, so
Greg Hudson [Wed, 3 Dec 2008 18:21:22 +0000 (18:21 +0000)]
Move warning flags to new variables WARN_CFLAGS and WARN_CXXFLAGS, so
that users can override the debugging and optimization flags
independently of the warning flags.

Remove -Wconversion from the standard set of warning flags since it
warns excessively on perfectly good code, and is designed to aid in
conversion of code from K&R to ANSI C rather than to maintain code
quality.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21273 dc483132-0cff-0310-8789-dd5450dbe970

16 years agomake depend
Sam Hartman [Tue, 2 Dec 2008 21:01:54 +0000 (21:01 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21266 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCrypto IOV API per Projects/AEAD encryption API
Sam Hartman [Tue, 2 Dec 2008 20:10:20 +0000 (20:10 +0000)]
Crypto IOV API per Projects/AEAD encryption API

Merge in the mskrb-crypto-iov branch at r21259 in order to move an
implementation of
http://k5wiki.kerberos.org/wiki/Projects/AEAD_encryption_API onto the
trunk.  This branch contains a subset of the commits on the
mskrb-integ branch that implement the krb5 library part of the crypto
IOV API.

ticket: new
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21263 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove unneeded LEAN_CLIENT #define's
Zhanna Tsitkov [Tue, 2 Dec 2008 19:36:56 +0000 (19:36 +0000)]
Remove unneeded  LEAN_CLIENT #define's

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21261 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoadd k5-platform.h for asprintf
Tom Yu [Tue, 2 Dec 2008 16:57:18 +0000 (16:57 +0000)]
add k5-platform.h for asprintf

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21260 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoConvert many uses of sprintf to snprintf or asprintf
Greg Hudson [Mon, 1 Dec 2008 17:09:59 +0000 (17:09 +0000)]
Convert many uses of sprintf to snprintf or asprintf

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970

16 years agomake depend
Ezra Peisach [Mon, 1 Dec 2008 12:22:12 +0000 (12:22 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21206 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMove cc_mutex code from k5-int.h - where it is globally available to cc-int.h
Ezra Peisach [Mon, 1 Dec 2008 12:16:33 +0000 (12:16 +0000)]
Move cc_mutex code from k5-int.h - where it is globally available to cc-int.h
where it is declared and used.  The functions are not exported by the library -
nor are they used outside lib/krb5/ccache...  For cc_file.h - include cc-int.h.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21205 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoShawn's fix for some iprop bugs, with some tweaks
Ken Raeburn [Mon, 1 Dec 2008 06:48:54 +0000 (06:48 +0000)]
Shawn's fix for some iprop bugs, with some tweaks

Adds an alarm while waiting for kprop connection or authentication in
iprop mode; on timeout, close down the active file descriptor to force
us to bail out and return to the iprop main loop (which may try a full
resync again next time around).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21204 dc483132-0cff-0310-8789-dd5450dbe970

16 years agofix tiny overrun
Ken Raeburn [Mon, 24 Nov 2008 21:06:55 +0000 (21:06 +0000)]
fix tiny overrun

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21183 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSimplify memory management a bit in places, by allocating and freeing
Ken Raeburn [Mon, 24 Nov 2008 21:06:20 +0000 (21:06 +0000)]
Simplify memory management a bit in places, by allocating and freeing
separately, instead of reallocating arrays of pointers to themselves
be reallocated.  Do a better job of initializing arrays of which we
only use a variable-sized part.
Use a temp var instead of lots of long macro invocations.
Fix some overrun-by-one errors in buffer copying.
Clean up some possible leaks.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21182 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoTest with varying numbers of principal name components, of varying lengths.
Ken Raeburn [Mon, 24 Nov 2008 20:27:44 +0000 (20:27 +0000)]
Test with varying numbers of principal name components, of varying lengths.
Test principal modifications, not just additions.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21181 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse profile_free_list as appropriate. Fix memory leaks
Ken Raeburn [Mon, 24 Nov 2008 19:40:23 +0000 (19:40 +0000)]
Use profile_free_list as appropriate.  Fix memory leaks

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21180 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix memory leak caught by valgrind
Ken Raeburn [Mon, 24 Nov 2008 19:19:14 +0000 (19:19 +0000)]
Fix memory leak caught by valgrind

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoNote kprop doesn't do IPv6 yet either
Ken Raeburn [Mon, 17 Nov 2008 22:19:26 +0000 (22:19 +0000)]
Note kprop doesn't do IPv6 yet either

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21135 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoSet krb4 and priocntl flags via site.exp instead of command line
Ken Raeburn [Mon, 17 Nov 2008 21:34:48 +0000 (21:34 +0000)]
Set krb4 and priocntl flags via site.exp instead of command line

Update set of files to clean out at test suite startup, or when
deleting the database.

Improve support for setting up slave test environment.  Don't set
KRB5_KDC_PROFILE except in KDC master and slave environments.  Create
distinct env.sh and env.csh files for different configurations.  Move
kpropd setup proc into common initialization.

Add incremental propagation test: Create new kiprop/$host principal,
update kproplog test for the new data.  "Propagate" the master
database to the slave, add a new principal, start up kpropd, watch for
the "OK" message, and check to see if the new principal exists on the
slave.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21134 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix a memory management bug
Ken Raeburn [Mon, 17 Nov 2008 21:28:04 +0000 (21:28 +0000)]
Fix a memory management bug

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21133 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDon't stick '<null>' in log messages. Run kdb5_util dump with input explicitly from...
Ken Raeburn [Mon, 17 Nov 2008 21:24:29 +0000 (21:24 +0000)]
Don't stick '<null>' in log messages.  Run kdb5_util dump with input explicitly from /dev/null

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21132 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoLog more info if ulog_replay fails. Correctly use supplied keytab name
Ken Raeburn [Mon, 17 Nov 2008 21:14:03 +0000 (21:14 +0000)]
Log more info if ulog_replay fails.  Correctly use supplied keytab name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21131 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse correct update log file name in messages
Ken Raeburn [Mon, 17 Nov 2008 21:12:01 +0000 (21:12 +0000)]
Use correct update log file name in messages

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21130 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoLite Client - the following calls are server-side functions:
Zhanna Tsitkov [Mon, 17 Nov 2008 21:04:06 +0000 (21:04 +0000)]
Lite Client - the following calls are server-side functions:
decode_krb5_authenticator,
krb5_auth_con_getauthenticator,
krb5_copy_authenticator,
krb5_ser_authenticator_init
Take them out for the Lite CLient.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21129 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoPERF: Introduced a new function krb5_is_permitted_enctype_ext to replace multiple...
Zhanna Tsitkov [Mon, 17 Nov 2008 19:28:24 +0000 (19:28 +0000)]
PERF: Introduced a new function krb5_is_permitted_enctype_ext to replace multiple calls to krb5_is_permitted_enctype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21128 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix test bug: kpropd -S exits after success
Ken Raeburn [Wed, 12 Nov 2008 22:11:43 +0000 (22:11 +0000)]
Fix test bug: kpropd -S exits after success

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21079 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd basic kprop test, and a little more debugging support
Ken Raeburn [Wed, 12 Nov 2008 21:49:35 +0000 (21:49 +0000)]
Add basic kprop test, and a little more debugging support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21078 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDelete replay cache before exiting with success indication
Ken Raeburn [Mon, 10 Nov 2008 23:34:50 +0000 (23:34 +0000)]
Delete replay cache before exiting with success indication

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21068 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoGenerate separate master-KDC and slave-KDC config files, with
Ken Raeburn [Mon, 10 Nov 2008 22:43:21 +0000 (22:43 +0000)]
Generate separate master-KDC and slave-KDC config files, with
different names for the database files.  (Slave config files unused as
yet.)  Ensure that the master-KDC environment is used when running
kadmin.local or kdb5_util.  Define and use a new proc for deleting all
KDC database and keytab files.

Set KPASSWD in default.exp.

Run kadmin, pwchange, pwhist, gssftp, telnet, v4gssftp tests only once each.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21067 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix a krsh bug introduced in r21001 which could cause garbage at the
Greg Hudson [Mon, 10 Nov 2008 18:45:17 +0000 (18:45 +0000)]
Fix a krsh bug introduced in r21001 which could cause garbage at the
beginning of the command string.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21065 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDelete the pass (one of twelve) that does all KDC exchanges with TCP;
Ken Raeburn [Mon, 10 Nov 2008 18:27:42 +0000 (18:27 +0000)]
Delete the pass (one of twelve) that does all KDC exchanges with TCP;
add a test case that sets that up and runs kinit.

Add a new support proc that allows running a test only once despite
multiple passes; use it for the tcp and iprop tests.

According to one totally unscientific measurement, this reduces the
tests/dejagnu tests run from ~4200 to ~3800, and cuts over 8% off the
run time of those tests, without IMNSHO reducing the effectiveness of
the testing.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21064 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn pa_sam(), free the outer krb5_data structure returned by
Greg Hudson [Mon, 10 Nov 2008 17:18:56 +0000 (17:18 +0000)]
In pa_sam(), free the outer krb5_data structure returned by
encode_krb5_sam_response.

ticket: 6211

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21063 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoProperly free sam_challenge in pa_sam()
Greg Hudson [Mon, 10 Nov 2008 16:59:59 +0000 (16:59 +0000)]
Properly free sam_challenge in pa_sam()

ticket: 6210

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21062 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRe-add repaired iprop (really, update-log creation) test case
Ken Raeburn [Fri, 7 Nov 2008 23:51:42 +0000 (23:51 +0000)]
Re-add repaired iprop (really, update-log creation) test case

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21044 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoBack out iprop test; it's not working right after all
Ken Raeburn [Fri, 7 Nov 2008 23:12:18 +0000 (23:12 +0000)]
Back out iprop test; it's not working right after all

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21043 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoTest that an iprop update log gets properly created and updated
Ken Raeburn [Fri, 7 Nov 2008 21:56:40 +0000 (21:56 +0000)]
Test that an iprop update log gets properly created and updated

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21042 dc483132-0cff-0310-8789-dd5450dbe970

16 years agofix typo in 'file delete' change
Ken Raeburn [Fri, 7 Nov 2008 19:44:10 +0000 (19:44 +0000)]
fix typo in 'file delete' change

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21041 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse 'file delete' instead of spawning an 'rm' process
Ken Raeburn [Fri, 7 Nov 2008 00:15:50 +0000 (00:15 +0000)]
Use 'file delete' instead of spawning an 'rm' process

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21026 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRecognize 'ticket expired' when trying to get a root shell
Ken Raeburn [Thu, 6 Nov 2008 23:54:16 +0000 (23:54 +0000)]
Recognize 'ticket expired' when trying to get a root shell

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21025 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix a kadmin bug introduced in a recent set of string handling
Greg Hudson [Thu, 6 Nov 2008 15:49:00 +0000 (15:49 +0000)]
Fix a kadmin bug introduced in a recent set of string handling
conversions.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21019 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoOnly look for IPv4 addresses for the kpasswd server. This is just a
Ken Raeburn [Wed, 5 Nov 2008 17:47:00 +0000 (17:47 +0000)]
Only look for IPv4 addresses for the kpasswd server.  This is just a
workaround for other parts of the code failing to cope with IPv6
addresses, and won't work in an IPv6-only environment; the problem
should still be fixed for real.

ticket: 5595

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21004 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be used
Greg Hudson [Wed, 5 Nov 2008 17:08:47 +0000 (17:08 +0000)]
Rename krb5int_buf_cstr to krb5int_buf_data, since k5bufs can be used
for binary data as well as C string data.  The buffer will always have
a null byte at krb5int_buf_len bytes regardless of whether it contains
C string data.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21003 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd more svn:ignore entries for generated files
Greg Hudson [Wed, 5 Nov 2008 16:47:24 +0000 (16:47 +0000)]
Add more svn:ignore entries for generated files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21002 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoConvert many uses of strcpy/strcat (and sometimes sprintf) to accepted
Greg Hudson [Wed, 5 Nov 2008 16:19:01 +0000 (16:19 +0000)]
Convert many uses of strcpy/strcat (and sometimes sprintf) to accepted
string-handling functions.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoReplace strcpy/strcat/sprintf uses in a couple of sample code files
Greg Hudson [Wed, 5 Nov 2008 16:09:22 +0000 (16:09 +0000)]
Replace strcpy/strcat/sprintf uses in a couple of sample code files
with strncpy/strncat.  Since this is sample code, we can't rely on
build system support for asprintf/strlcpy/strlcat.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21000 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCheck in Nalin's patch, and a test case for changing passwords via kinit
Ken Raeburn [Tue, 4 Nov 2008 01:50:02 +0000 (01:50 +0000)]
Check in Nalin's patch, and a test case for changing passwords via kinit
when +needchange is set.  Update dependencies.

ticket: 5867

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20966 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDon't build dependencies for fakeka.c
Ken Raeburn [Tue, 4 Nov 2008 01:46:06 +0000 (01:46 +0000)]
Don't build dependencies for fakeka.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20965 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoDon't build dependencies for v4rcp.c.
Ken Raeburn [Tue, 4 Nov 2008 01:19:59 +0000 (01:19 +0000)]
Don't build dependencies for v4rcp.c.
Rebuild dependencies for k5-buf.h, and without krb4 support.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd _with_password credential acquisition functions to KIM API
Alexandra Ellwood [Mon, 3 Nov 2008 22:50:08 +0000 (22:50 +0000)]
Add _with_password credential acquisition functions to KIM API

Needed for kinit password option.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20963 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoBIND_8_COMPAT no longer needed in Leopard
Alexandra Ellwood [Mon, 3 Nov 2008 22:47:10 +0000 (22:47 +0000)]
BIND_8_COMPAT no longer needed in Leopard

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20962 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoApply Apple patch to null out key->contents after freeing on failure,
Greg Hudson [Mon, 3 Nov 2008 21:05:25 +0000 (21:05 +0000)]
Apply Apple patch to null out key->contents after freeing on failure,
eliminating the possibility that the pointer will be used after free.

ticket: 6247

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix conditionals from last change
Ken Raeburn [Mon, 3 Nov 2008 20:50:42 +0000 (20:50 +0000)]
Fix conditionals from last change

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20960 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMaybe include printf.o in t_k5buf build
Ken Raeburn [Mon, 3 Nov 2008 20:48:04 +0000 (20:48 +0000)]
Maybe include printf.o in t_k5buf build

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20959 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoApply a patch from Apple to correct a few memory leaks
Greg Hudson [Mon, 3 Nov 2008 19:47:40 +0000 (19:47 +0000)]
Apply a patch from Apple to correct a few memory leaks

ticket: 6201

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20958 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIf we're not making asn1buf_insert_octet an inline function, then make
Ken Raeburn [Mon, 3 Nov 2008 18:41:33 +0000 (18:41 +0000)]
If we're not making asn1buf_insert_octet an inline function, then make
asn1buf_size, asn1buf_ensure_space, and asn1buf_expand static in
asn1buf.c, for better optimization.

Recode asn1buf_ensure_space to directly return the result of asn1buf_expand.
Don't check for NULL before malloc/realloc in asn1buf_expand.

Fix a couple minor signedness warnings.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20957 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoApply an adapted Sun patch to fix error string leaks in kadmind
Greg Hudson [Mon, 3 Nov 2008 18:22:18 +0000 (18:22 +0000)]
Apply an adapted Sun patch to fix error string leaks in kadmind

ticket: 6202

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20956 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoKerberosAgent bindings causing crashes
Justin Anderson [Fri, 31 Oct 2008 19:37:18 +0000 (19:37 +0000)]
KerberosAgent bindings causing crashes

Attempting to fix a hard to reproduce bug with bindings by handling not applicable keys a little better.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20945 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoNo . at end of strings
Alexandra Ellwood [Fri, 31 Oct 2008 19:35:22 +0000 (19:35 +0000)]
No . at end of strings

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20944 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd a few safeties to the k5buf code, to make static analysis tools happier
Greg Hudson [Fri, 31 Oct 2008 18:35:28 +0000 (18:35 +0000)]
Add a few safeties to the k5buf code, to make static analysis tools happier

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20943 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAvoid duplicate identical dialogs in KIM
Alexandra Ellwood [Fri, 31 Oct 2008 17:11:47 +0000 (17:11 +0000)]
Avoid duplicate identical dialogs in KIM

Added KIM_DUPLICATE_UI_REQUEST_ERR error so UI can indicate it cancelled
its dialog due to getting multiple identical dialogs at the same time.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20942 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse the k5buf module instead of strcpy/strcat in several places
Greg Hudson [Thu, 30 Oct 2008 19:32:50 +0000 (19:32 +0000)]
Use the k5buf module instead of strcpy/strcat in several places

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20941 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoKerberosAgent now saves successfully authenticated identities to favorites automatica...
Justin Anderson [Wed, 29 Oct 2008 21:58:56 +0000 (21:58 +0000)]
KerberosAgent now saves successfully authenticated identities to favorites automatically when they were acquired through the Enter Identity dialog

ticket: 6222

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20940 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoClear auth prompt on success or cancel. Leave change password fields filled in when...
Justin Anderson [Wed, 29 Oct 2008 21:14:39 +0000 (21:14 +0000)]
Clear auth prompt on success or cancel. Leave change password fields filled in when password is incorrect, to save user from reentering new password

ticket: 6221

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20939 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemoved unnecessary code that was resetting options whenever the
Alexandra Ellwood [Wed, 29 Oct 2008 21:07:40 +0000 (21:07 +0000)]
Removed unnecessary code that was resetting options whenever the
array changes in the background.  The problem is that any external
change to the ticket list will cause this to happen, even when the
options dialog is open.

Also removed unused function resetOptions.

ticket: 6224

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20938 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoOnly prompt automatically from GUI apps
Alexandra Ellwood [Wed, 29 Oct 2008 20:39:47 +0000 (20:39 +0000)]
Only prompt automatically from GUI apps

Direct callers such as kinit need command line prompts.
Do not automatically prompt (via krb5 or gssapi calls)
unless the caller has loaded GUI libraries.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20937 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove saved password if it fails to get tickets
Alexandra Ellwood [Wed, 29 Oct 2008 20:36:49 +0000 (20:36 +0000)]
Remove saved password if it fails to get tickets

Note that if preauth is turned on the password may be removed for
other reasons.  This is because preauth failing can mean several
things.  Better to always remove it than have the user sometimes
get stuck though.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20936 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoKerberosAgent hangs changing pw for passwordless identities
Justin Anderson [Wed, 29 Oct 2008 19:36:06 +0000 (19:36 +0000)]
KerberosAgent hangs changing pw for passwordless identities

Trying to change the password for an identity which only uses non-password authentication methods left KerberosAgent with a spinning progress indicator. Problem was with auth sheet not being ended.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20935 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoCleanup memory leaks in test program for dynamically allocated buffers..
Ezra Peisach [Tue, 28 Oct 2008 22:43:49 +0000 (22:43 +0000)]
Cleanup memory leaks in test program for dynamically allocated buffers..

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20934 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUpdate the exports file for krb5int_buf_add_fmt
Greg Hudson [Tue, 28 Oct 2008 22:09:12 +0000 (22:09 +0000)]
Update the exports file for krb5int_buf_add_fmt

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20933 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoIn the k5buf module, add a function to append formatted data to a
Greg Hudson [Tue, 28 Oct 2008 22:03:35 +0000 (22:03 +0000)]
In the k5buf module, add a function to append formatted data to a
buffer.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20932 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoThe last change to plugins.c erroneously passes a size_t as a field
Greg Hudson [Tue, 28 Oct 2008 20:28:52 +0000 (20:28 +0000)]
The last change to plugins.c erroneously passes a size_t as a field
width to asprintf.  Address the signed/unsigned warning cleanup using
a cast instead.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20931 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoEliminate use of strcpy/strcat/sprintf in wconfig.c. Use memcpy since
Greg Hudson [Tue, 28 Oct 2008 20:21:50 +0000 (20:21 +0000)]
Eliminate use of strcpy/strcat/sprintf in wconfig.c.  Use memcpy since
we cannot rely on libkrb5support to give us the good stuff.  Also fix
up (to some extent) an assumption that size_t == int.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20930 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd the k5buf string module to libkrb5support
Greg Hudson [Tue, 28 Oct 2008 15:34:29 +0000 (15:34 +0000)]
Add the k5buf string module to libkrb5support

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20929 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUnsigned/signed warnings cleanup
Ezra Peisach [Tue, 28 Oct 2008 13:37:47 +0000 (13:37 +0000)]
Unsigned/signed warnings cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20928 dc483132-0cff-0310-8789-dd5450dbe970

16 years agolocalize format strings, not final error string
Alexandra Ellwood [Mon, 27 Oct 2008 21:01:00 +0000 (21:01 +0000)]
localize format strings, not final error string

errors.c should localize the incoming format string, not
the string produced by vasprintf.  The format string is
constant and thus can be added to a localization table,
whereas the output string is not.

Note that this change depends on error_message also
localizing error table strings (which it does for KfM
already).

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20927 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove empty declaration of struct _krb5_kt_ops after the fully defined structure
Ezra Peisach [Mon, 27 Oct 2008 19:01:12 +0000 (19:01 +0000)]
Remove empty declaration of struct _krb5_kt_ops after the fully defined structure

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20926 dc483132-0cff-0310-8789-dd5450dbe970

16 years agosigned vs. unsigned warnings cleanup
Ezra Peisach [Mon, 27 Oct 2008 18:59:08 +0000 (18:59 +0000)]
signed vs. unsigned warnings cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20925 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove kproplog on make clean
Ezra Peisach [Mon, 27 Oct 2008 18:58:07 +0000 (18:58 +0000)]
Remove kproplog on make clean

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20924 dc483132-0cff-0310-8789-dd5450dbe970

16 years agopartial rewrite of the ASN.1 encoders
Ken Raeburn [Sat, 25 Oct 2008 07:03:11 +0000 (07:03 +0000)]
partial rewrite of the ASN.1 encoders

Instead of a pile of macros generating code, that have to be threaded
together in just the right way to get a valid ASN.1 encoding, we now
have a pile of macros for defining data structures describing the
objects and the ASN.1 types they should be encoded as, which
structures are interpreted by recursive invocations of an encoder
engine; there should be somewhat less rope for accidentally creating
invalid encodings.  The new macros are commented in asn1_k_encode.c.

Putting most of the work into the encoder engine also reduces the code
size (in one configuration, including LDAP-KDB and PKINIT encoders,
code size went from 37K to <16K, though 10K of tables were added, and
the PKINIT encoders are still open-coded).

Some encoder interfaces have been revised to be more regular -- all
now take one pointer to const argument (no two-input encoders, no
pointer-to-non-const-pointer-to-const).  A few encoders were
eliminated or disabled because they were neither used nor exported
from the library.

The LDAP-KDB encoder has been converted, but the PKINIT encoders have
not as there are no regression tests for them currently.

There is still plenty of room for improvement; some notes on specific
ideas have been added.

String encoding primitives have been combined to reduce code size.  A
primitive for encoding bit strings has been added.

Some miscellaneous warnings in the decoders have been cleaned up.

A new dejagnu test case is added that ensures that KRB-SAFE messages
get exercised.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20923 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoMore regression tests for ASN.1 encoders
Ken Raeburn [Sat, 25 Oct 2008 05:58:13 +0000 (05:58 +0000)]
More regression tests for ASN.1 encoders

Export encode_krb5_sam_response_2 and encode_krb5_enc_sam_response_enc_2
via accessor.  Add encode tests for encode_krb5_sam_key,
_enc_sam_response_enc, _predicted_sam_response, _sam_response_2,
_enc_sam_response_enc_2.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20922 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokrb5_build_principal_ext walks off beginning of array
Alexandra Ellwood [Fri, 24 Oct 2008 20:54:12 +0000 (20:54 +0000)]
krb5_build_principal_ext walks off beginning of array

On error, krb5_build_principal_ext walks off the beginning of the
array by using i-- in a conditional when it should be using --i
(so that it actually compares the value of i that will be used
below).

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20920 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse strlcpy instead of strcpy in many places
Greg Hudson [Fri, 24 Oct 2008 20:07:00 +0000 (20:07 +0000)]
Use strlcpy instead of strcpy in many places

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokrb5_build_principal_va does not allocate krb5_principal
Alexandra Ellwood [Fri, 24 Oct 2008 19:46:41 +0000 (19:46 +0000)]
krb5_build_principal_va does not allocate krb5_principal

krb5_build_principal_va does not allocate the outer krb5_principal,
making it useless for generating krb5_principals which can be freed
with krb5_free_principal.  Added krb5_build_principal_alloc_va which
allocates the krb5_principal.

Added krb5int_build_principal_alloc_va which is used by KIM to avoid
code duplication. KIM's kim_identity_create_from_components takes
the first component as an argument because principals with no
components cannot be represented with the KIM UI.  Modified KIM
to use this new API.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20918 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd test for kim_identity_create_from_components
Alexandra Ellwood [Fri, 24 Oct 2008 19:40:35 +0000 (19:40 +0000)]
Add test for kim_identity_create_from_components

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20917 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd build system support for strlcpy and strlcat on platforms which do
Greg Hudson [Fri, 24 Oct 2008 17:12:00 +0000 (17:12 +0000)]
Add build system support for strlcpy and strlcat on platforms which do
not provide it natively.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20916 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAmend svn:ignore properties to include more generated files
Greg Hudson [Fri, 24 Oct 2008 16:22:59 +0000 (16:22 +0000)]
Amend svn:ignore properties to include more generated files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20915 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse CFStringGetCStringPtr if possible to avoid wasting memory
Alexandra Ellwood [Fri, 24 Oct 2008 00:58:38 +0000 (00:58 +0000)]
Use CFStringGetCStringPtr if possible to avoid wasting memory
since CFStringGetMaximumSizeForEncoding is wasteful for UTF8.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20914 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoAdd support for localizing krb5 errors on Mac OS X.
Alexandra Ellwood [Fri, 24 Oct 2008 00:57:10 +0000 (00:57 +0000)]
Add support for localizing krb5 errors on Mac OS X.
Split into a separate function to make it easier to add
support for other localization techniques.

ticket: 6245

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20913 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoUse snprintf instead of strcpy/strcat in many places
Greg Hudson [Thu, 23 Oct 2008 19:59:05 +0000 (19:59 +0000)]
Use snprintf instead of strcpy/strcat in many places

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFree global mach ports on library unload
Alexandra Ellwood [Thu, 23 Oct 2008 17:50:43 +0000 (17:50 +0000)]
Free global mach ports on library unload

ticket: 6248

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20911 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoFix previous commit by adding "extern" to header declarations for
Tom Yu [Wed, 22 Oct 2008 21:17:07 +0000 (21:17 +0000)]
Fix previous commit by adding "extern" to header declarations for
SPNEGO mechanism OID stuff.  It was causing tentative definition
issues on the Mac.  (where there are constraints about common-block
symbols)

ticket: 6015

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20910 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoKIM should only display error dialogs if it has displayed UI already
Alexandra Ellwood [Wed, 22 Oct 2008 20:41:34 +0000 (20:41 +0000)]
KIM should only display error dialogs if it has displayed UI already

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20909 dc483132-0cff-0310-8789-dd5450dbe970

16 years agoRemove ipc message sent on cc_context_release
Alexandra Ellwood [Wed, 22 Oct 2008 20:40:29 +0000 (20:40 +0000)]
Remove ipc message sent on cc_context_release

IPC message was causing problems when called from thread fini function
(via krb5_stdcc_shutdown).

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20908 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokim_identity_change_password_with_credential leaks krb5_creds
Alexandra Ellwood [Tue, 21 Oct 2008 21:56:10 +0000 (21:56 +0000)]
kim_identity_change_password_with_credential leaks krb5_creds

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20907 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokim_os_library_get_caller_name leaks file path
Alexandra Ellwood [Tue, 21 Oct 2008 21:54:51 +0000 (21:54 +0000)]
kim_os_library_get_caller_name leaks file path

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20906 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokim_ccache_iterator_next leaks principal
Alexandra Ellwood [Tue, 21 Oct 2008 21:54:00 +0000 (21:54 +0000)]
kim_ccache_iterator_next leaks principal

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20905 dc483132-0cff-0310-8789-dd5450dbe970

16 years agokim_preferences should free old identity before overwriting
Alexandra Ellwood [Tue, 21 Oct 2008 21:52:29 +0000 (21:52 +0000)]
kim_preferences should free old identity before overwriting

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20904 dc483132-0cff-0310-8789-dd5450dbe970