Russ Allbery [Tue, 19 Feb 2008 04:49:11 +0000 (04:49 +0000)]
man page macro and hyphen fixes
Fix various unescaped hyphens, lines starting with . that shouldn't be
macros, undefined strings, and misspelled macros in the man pages.
Found via man --warnings on a current Debian unstable system.
ticket: new
component: krb5-doc
Version_Reported: 1.6.3
Target_Version: 1.6.4
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20228
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 7 Feb 2008 07:07:06 +0000 (07:07 +0000)]
more tests for libdb btree page split on zero index
Enhance btree debugging output somewhat to limit key printout to the
key length if the key is not null-terminated.
Add additional test case for the zero-index page split bug; test case
can create a corrupted btree database with records unreachable by
random access but reachable by sequential access. Requires
recompiling with CPPFLAGS='-DDEBUG -DDEBUG_IDX0SPLIT' to correctly
model mpool page reuse that would be present in production conditions.
(CPPFLAGS=-DDEBUG would otherwise explicitly overwrite the contents of
reused pages.)
ticket: new
target_version: 1.6.4
tags: pullup
component: krb5-kdc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20222
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 6 Feb 2008 20:24:19 +0000 (20:24 +0000)]
Remove AppleConnect workaround
AppleConnect fixed their bug and this workaround can be removed.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20221
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 6 Feb 2008 20:22:32 +0000 (20:22 +0000)]
Need CCAPI v2 support for Windows
Added initial checkin of CCAPI v2 shim layer.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20220
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 5 Feb 2008 18:34:10 +0000 (18:34 +0000)]
tools for svn:eol-style fixups
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20219
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 5 Feb 2008 18:33:20 +0000 (18:33 +0000)]
more eol-style
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20218
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 5 Feb 2008 18:25:28 +0000 (18:25 +0000)]
set eol-style
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20217
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 5 Feb 2008 18:18:41 +0000 (18:18 +0000)]
Set EOL style
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20216
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 1 Feb 2008 01:03:11 +0000 (01:03 +0000)]
libdb btree page split on zero index corrupts db
Splitting a btree page on index 0 can corrupt the database if the key
length plus data length is exactly a certain value. This certain size
causes the item to get the left page to itself, and causes the right
page to contain an erroneous additional index "hole" having an
uninitialized value. This bug may be one of the remaining causes of
unexplained database corruption reported over the years. Shawn Emery
provided useful data from actual instances of this corruption.
Add a test case for this bug. (Raw libdb test rather than kdb; the
latter would be much harder.)
ticket: new
target_version: 1.6.4
tags: pullup
component: krb5-kdc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20214
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 31 Jan 2008 15:51:18 +0000 (15:51 +0000)]
Actually pass the nmake arguments to nmake
TargetVersion: 1.7
Component: windows
Ticket: new
Subj: Build automation
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20213
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 29 Jan 2008 22:39:25 +0000 (22:39 +0000)]
CCAPI changes to the mac-specific code to use new kipc changes
ticket: 5878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20212
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 23 Jan 2008 22:10:56 +0000 (22:10 +0000)]
Windows: avoid use of cygwin mkdir and rmdir commands
Microsoft's nmake versions 8.x and 9.x prefer executables over
internal shell commands. This is a change from previous versions.
Cygwin's mkdir and rmdir commands do not have the same semantics
as the cmd.exe shell versions.
Change the definitions of MKDIR and RMDIR to use 'md' and 'rd'
in order to avoid the use of the cygwin versions.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20211
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Wed, 23 Jan 2008 21:26:49 +0000 (21:26 +0000)]
Update build instructions to indicate PATH ordering; add troubleshooting tip about nmake versions
Target_Version: 1.7
Ticket: 5859
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20210
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Tue, 22 Jan 2008 20:41:48 +0000 (20:41 +0000)]
Correct makefile so pingtest builds
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20204
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Tue, 22 Jan 2008 19:14:04 +0000 (19:14 +0000)]
Windows CCAPI snapshot. Should build & pass ping test
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20203
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Tue, 22 Jan 2008 18:34:26 +0000 (18:34 +0000)]
Windows debug message line endings were already correct; revert cci_debugging.c.
Declare cci_thread_init__auxinit instead of defining a new function.
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20202
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Tue, 22 Jan 2008 16:34:31 +0000 (16:34 +0000)]
Make windows debug message line endings match the Mac endings.
Windows needs k5-platform helper function declared explicitly.
Change definition of ccs_pipe_t for windows.
#define strdup -- it's now deprecated on windows.
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20201
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 15 Jan 2008 22:13:27 +0000 (22:13 +0000)]
Add ccs_pipe_compare
Added a pipe comparison function. Forgot it when I was adding
support for non-integer pipe types (such as used by Windows).
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20200
dc483132-0cff-0310-8789-
dd5450dbe970
Russ Allbery [Sun, 30 Dec 2007 06:39:22 +0000 (06:39 +0000)]
improve debugging of ticket verification in ksu
When ksu is built with debugging support and -D is used, print out the
principals being compared before doing the verification rather than
afterwards so that the principals will be printed when the verification
fails.
ticket: new
Component: krb5-appl
Version_Reported: 1.6.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20196
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 22 Dec 2007 03:12:50 +0000 (03:12 +0000)]
Wrap krb5_db_get_principal function with get_principal (which will
eventually release the global lock and reacquire it) and
get_principal_locked (which will retain the global lock), and change
callers to use the wrappers, so we can simplify some ugliness at the call
sites.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20195
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 22 Dec 2007 02:21:15 +0000 (02:21 +0000)]
Implement SWAP16 for Mac without compiler warning
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20194
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 19 Dec 2007 22:33:46 +0000 (22:33 +0000)]
Rename krb4_sendto to set_response since that's what it does
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20193
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 19 Dec 2007 01:41:26 +0000 (01:41 +0000)]
Remove unused args to krb4_sendto and unused global. Use byte-order macros defined elsewhere
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20192
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 19 Dec 2007 01:20:55 +0000 (01:20 +0000)]
Remove excess parameters in formatting log calls
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20191
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 19 Dec 2007 00:51:14 +0000 (00:51 +0000)]
Make some stuff static that we don't need accessible outside kerberos_v4.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20190
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Mon, 17 Dec 2007 15:21:58 +0000 (15:21 +0000)]
Add the CCAPI design sketch to the new directory
TargetVersion: 1.7
Component: krb5-libs
Ticket: new
Subj: Create doc directory
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20188
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Dec 2007 05:14:11 +0000 (05:14 +0000)]
fix CVE-2007-5894: apparent uninit length in ftpd.c:reply()
ticket: 5853
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20182
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Dec 2007 05:01:23 +0000 (05:01 +0000)]
fix CVE-2007-5902: integer overflow in svcauth_gss_get_principal()
ticket: 5855
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20181
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Dec 2007 05:01:07 +0000 (05:01 +0000)]
fix CVE-2007-5971: double-free in gss_krb5int_make_seal_token_v3()
ticket: 5856
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20180
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Dec 2007 04:38:42 +0000 (04:38 +0000)]
fix CVE-2007-5972: double fclose() in krb5_def_store_mkey()
ticket: 5857
target_version: 1.6.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20179
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Dec 2007 04:38:28 +0000 (04:38 +0000)]
fix CVE-2007-5971: free of non-heap pointer in gss_indicate_mechs()
ticket: 5856
tags: pullup
target_version: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20178
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Dec 2007 02:48:52 +0000 (02:48 +0000)]
Remove Mac-specific bit unused in KfM that causes test failures now
under Darwin UNIXy builds.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20177
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 12 Dec 2007 22:32:19 +0000 (22:32 +0000)]
KFW: BUG: KRB5CRED: Set identity data before sending notification
Call tc_set_ident_data() before kcdb_credset_collect(). Make sure the
identity data is set before the credentials change notification is broadcast.
ticket: new
component: windows
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20176
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Coffman [Wed, 12 Dec 2007 14:10:33 +0000 (14:10 +0000)]
copy correct key for lucid context acceptor_subkey
Copy the correct key (acceptor_subkey) to lucid context's acceptor_subkey.
ticket: new
component: krb5-libs
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20175
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 12 Dec 2007 03:45:42 +0000 (03:45 +0000)]
KFW BUG: WIX: 64-bit installer attempts to uninstall 32-bit NSIS
The 64-bit MSI must examine Win64 registry keys and not the 32-bit registry
keys which is where the 32-bit NSIS installation will be detected.
ticket: new
component: windows
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20174
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Mon, 3 Dec 2007 14:52:11 +0000 (14:52 +0000)]
Remove no-longer-needed include of Kerberos.h
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20173
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Wed, 21 Nov 2007 14:05:43 +0000 (14:05 +0000)]
Conditionalize #pragma mark with TARGET_OS_MAC; remove any Windows #pragma disable
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20168
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Tue, 20 Nov 2007 16:46:22 +0000 (16:46 +0000)]
Disable warnings about #pragma mark
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
Subj: Tweaks for 1.7 build on Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20167
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 15 Nov 2007 14:14:15 +0000 (14:14 +0000)]
On Windows, UINT64_MAX isn't defined; define it
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20166
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 15 Nov 2007 14:11:31 +0000 (14:11 +0000)]
On Windows, UINT64_MAX isn't defined; get it from k5-platform.h
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20165
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 14 Nov 2007 22:34:53 +0000 (22:34 +0000)]
The khm_show_main_window() function is no longer called
at startup with khm_nCmdShow == SW_SHOWMINIMIZED in order to
hide the main application by calling khm_hide_main_window().
Instead, the main application window is simply never shown.
As a result, khm_show_main_window() needs to respond to
khm_nCmdShow == SW_SHOWMINIMIZED not by hiding the window
but by changing the khm_nCmdShow state to SW_SHOW and then
calling ShowWindow().
This change will address the problem whereby "Show NIM Window"
had to be triggered twice by the user when the process
was started in a minimized state.
ticket: 5842
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20164
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 4 Nov 2007 04:37:16 +0000 (04:37 +0000)]
Include k5-platform.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20163
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 1 Nov 2007 08:18:23 +0000 (08:18 +0000)]
Use 0 and 1 instead of relying on TRUE/FALSE being defined everywhere
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20162
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 1 Nov 2007 08:08:32 +0000 (08:08 +0000)]
Conditionalize "#pragma mark" on TARGET_OS_MAC.
Don't use "#pragma warning" when not on Windows. (In fact, the just-added uses
shouldn't be needed if the above conditional is done right, so one of them was
deleted.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20161
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Wed, 31 Oct 2007 17:16:56 +0000 (17:16 +0000)]
On Windows, disable a pragma warning; add comment about what a pipe is
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
Subj: Work on compiling the CCAPI test suite on Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20160
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 11:37:57 +0000 (11:37 +0000)]
Set GNU warning options in CFLAGS and CXXFLAGS separately, avoiding options
in CXXFLAGS that G++ doesn't support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20159
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 07:23:08 +0000 (07:23 +0000)]
Add some dependencies
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20158
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 07:05:40 +0000 (07:05 +0000)]
Correct the filenames in comments
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20157
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 06:59:11 +0000 (06:59 +0000)]
Test more installed headers for C++ compatibility
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20156
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 06:07:44 +0000 (06:07 +0000)]
Set CXX_LINK, CXX_LINK_STATIC, and CXX_LINK_SHARED, parallel to CC_ versions.
Assumes for now that libpath, rpath, ldflags, pthread flags and such
apply to both C and C++ compilers.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20155
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 31 Oct 2007 05:40:23 +0000 (05:40 +0000)]
Use ac_cv_c_compiler_gnu instead of copying it to krb5_cv_prog_gcc
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20154
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Oct 2007 23:33:46 +0000 (23:33 +0000)]
Include k5-platform.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20153
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 30 Oct 2007 23:27:09 +0000 (23:27 +0000)]
Don't use GNU make features
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20152
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 29 Oct 2007 23:38:11 +0000 (23:38 +0000)]
Define htonll, ntohll using k5_ versions if needed. Drop Mac-specific bits
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20151
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 29 Oct 2007 23:30:49 +0000 (23:30 +0000)]
On Mac, include TargetConditionals.h and architecture/byte_order.h,
and use OSSwapInt{16,32,64} for SWAP* macros.
Add k5_htonll and k5_ntohll functions. (Implementation assumes the
swapping is its own reverse on all platforms we support.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20150
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 29 Oct 2007 22:00:53 +0000 (22:00 +0000)]
Test that C++ code can use our installed headers
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20149
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Mon, 29 Oct 2007 15:44:46 +0000 (15:44 +0000)]
CredentialsCache.h needs uint32_t and other definitions which aren't in Windows. Get the definitions from win-mac.h
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
Subj: Work on compiling the CCAPI test suite on Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20148
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 26 Oct 2007 23:24:04 +0000 (23:24 +0000)]
Checkpoint some incomplete UNIX makefiles
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20147
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 23 Oct 2007 21:38:49 +0000 (21:38 +0000)]
delete unused configure.in
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20145
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 23 Oct 2007 19:42:05 +0000 (19:42 +0000)]
Include time.h for time()
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20144
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Oct 2007 19:18:53 +0000 (19:18 +0000)]
Set close-on-exec flag in most places where file descriptors are
opened in our libraries (in case another application thread spawns a
new process) and in the KDC programs (in case a plugin library spawns
a new process).
Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup
dup2 pipe. In: util lib plugins kdc kadmin/server krb524.
The various programs are less critical than the libraries, as any
well-written plugin that spawns a new process should close all file
descriptors it doesn't need to communicate with the new process.
This approach also isn't bulletproof, as the call to set the
close-on-exec flag is necessarily a separate call from creating the
file descriptor, and the fork call could happen in between them. So
plugins should be careful regardless of this patch; it will only
reduce the window of potential lossage should a plugin be poorly
written. (AFAIK there are currently no plugins that spawn processes
where this would be a problem.)
Update dependencies.
ticket: 5561
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 22 Oct 2007 18:26:14 +0000 (18:26 +0000)]
Check dependencies for fakeka.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20142
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 20 Oct 2007 00:48:40 +0000 (00:48 +0000)]
Don't leak fd on fork error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20136
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 18 Oct 2007 15:22:43 +0000 (15:22 +0000)]
KFW: BUG: WIX: Beta value hard coded
The beta variable value was inadvertantly committed as part of
ticket 5820 (Revision 20117). The build script needs to
export this value when appropriate.
ticket: new
component: windows
tags: pullup
target: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20128
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 18 Oct 2007 00:14:01 +0000 (00:14 +0000)]
Reject socket fds > FD_SETSIZE
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20127
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 16 Oct 2007 20:39:06 +0000 (20:39 +0000)]
fixed mispelling in kadmin error message
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20126
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 12 Oct 2007 23:08:30 +0000 (23:08 +0000)]
There appears to be a bug either in the WiX engine or the Windows Installer 3.1.
The "File" type on the Registry Search property is supposed to provide the full
path name. Instead, we are being given just the directory as if it were being
processed with the "Directory" type.
We can avoid this for a REG_SZ value by using the "Raw" type because we are
sure that the string is not going to begin with a '#' character.
Because the full path was not being obtained for the UPGRADENSIS property, the
Uninstall routine was unable to CreateProcess() the uninstall program.
This commit also includes addition debugging in the NSIS Uninstall custom
handler to report the path and the GetLastError() value when the uninstall
fails. This will be logged in the msiexec log file and displayed in a
MessageBox.
ticket: 5820
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20119
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 12 Oct 2007 19:18:04 +0000 (19:18 +0000)]
Set the Shortcut string to match the base product name
ticket: 5820
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20118
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 12 Oct 2007 19:01:38 +0000 (19:01 +0000)]
KFW: BUG: WIX: Improve Usability of multiple architecture MSI installations, remove non-unique GUID component identifiers, and include Beta ID in the package name
The WiX installation package suffered from several problems:
* The Beta ID was not being included in the package name.
Fixed this by swapping the priority of "Release" and "Beta".
"Beta" is an official release that has a beta value.
A non-release has a datestamp as part of the package name.
* There were duplicate GUID values being used for registry components.
This would prevent proper removal of the components on uninstall.
* 64-bit Installers were being constructed with the 32-bit installer
schema. This prevented side-by-side installation of the 64-bit and
32-bit versions. This also permitted 64-bit installers to be
installed on 32-bit systems.
* The 64-bit and 32-bit installers had the same package name.
64-bit and 32-bit are now identified in the package name.
* 64-bit files were being installed to the WOW64 environment.
ticket: new
component: windows
tags: pullup
target_version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20117
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 10 Oct 2007 21:22:14 +0000 (21:22 +0000)]
ccs_lock_status_grant_lock granting wrong lock
ccs_lock_status_grant_lock sometimes tries to grant the wrong lock
because it is not keeping track of where it got moved to. Reorganized
code so it is easier to read and doesn't look up the lock twice.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20116
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 10 Oct 2007 21:20:00 +0000 (21:20 +0000)]
cci_array_move not returning correct new position
cci_array_move should return correct new position when moving
from and to the same spot.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20115
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 10 Oct 2007 21:17:05 +0000 (21:17 +0000)]
cc_ccache_store_credentials should return ccErrBadCredentialsVersion
cc_ccache_store_credentials should return ccErrBadCredentialsVersion when
the principal for that version is not set on the ccache.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20114
dc483132-0cff-0310-8789-
dd5450dbe970
Justin Anderson [Wed, 10 Oct 2007 20:17:42 +0000 (20:17 +0000)]
update expected error for cc_initialize with ccapi_version_2 to match new value, CC_BAD_API_VERSION (9)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20113
dc483132-0cff-0310-8789-
dd5450dbe970
Justin Anderson [Wed, 10 Oct 2007 19:02:54 +0000 (19:02 +0000)]
simple multithreaded locking test for ccapi
ticket: 5459
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20112
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 10 Oct 2007 18:27:37 +0000 (18:27 +0000)]
Add enhanced error messages to new error return cases, explaining the
(fairly generic) errors codes.
ticket: 5777
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20111
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 10 Oct 2007 17:54:49 +0000 (17:54 +0000)]
Run the script to verify all Windows-exported krb5 functions have the
right calling convention markers in the header files, on Windows.
Always, for lack of a separate "maintainer mode" like we have on UNIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 9 Oct 2007 04:03:59 +0000 (04:03 +0000)]
kt_file.c: Support multiple iterators active simultaneously, using a
counter. In get_entry, if the file was already open, rewind it to
just after the version number, and don't close it when done. Don't
allow add or remove calls if any iterator is active.
t_keytab.c: Test mixing two iterators with get_entry calls.
ticket: 5777
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20109
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 9 Oct 2007 00:36:13 +0000 (00:36 +0000)]
Log port number with IPV6_V6ONLY socket option status.
Recognize and ignore Appletalk address type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20108
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 5 Oct 2007 15:23:53 +0000 (15:23 +0000)]
NIM: BUG: APP: New edit controls should be marked ES_AUTOHSCROLL
The EDIT controls used to accept input from the user must be set to
support automatic horizontal scrolling. Otherwise, the number of input
characters is arbitrarily restricted based upon the font selected by
the user as part of the active Windows theme.
Horizontal scrolling is enabled with the ES_AUTOHSCROLL flag during
control construction.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20101
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Fri, 5 Oct 2007 01:26:34 +0000 (01:26 +0000)]
KfW Build: add new installer build files to copyfiles.xml
Files were added to the installer build area. They also need to be added to the copylist, so that they are copied to the staging area, where the installer is built.
Ticket: new
Tags: pullup
Target_Version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20099
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 4 Oct 2007 22:13:13 +0000 (22:13 +0000)]
Will Fiveash and Mark Phalan report that kadmin's unlock command calls
kadm5_lock() instead of of kadm5_unlock(). Apply the obvious fix.
ticket: 4136
target_version: 1.6.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20094
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 3 Oct 2007 20:13:55 +0000 (20:13 +0000)]
Removed NOP line of code from krb5_fcc_next_cred()
cursor = (krb5_cc_cursor *) fcursor;
does nothing for a function with a prototype
krb5_fcc_next_cred(krb5_context context, krb5_ccache id,
krb5_cc_cursor *cursor, krb5_creds *creds)
The correct line of code would be:
*cursor = (krb5_cc_cursor) fcursor;
Except it isn't necessary because fcursor isn't modified
by krb5_fcc_next_cred(). Looks like code was copied from
krb5_fcc_start_seq_get() and since the line was a NOP
no one noticed it.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20085
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 3 Oct 2007 16:03:59 +0000 (16:03 +0000)]
Add documentation for error codes used for flow control
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20084
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 3 Oct 2007 00:17:27 +0000 (00:17 +0000)]
Apply patch from Nalin Dahyabhai to correctly handle delegated
credentials if ret_flags is null.
ticket: 5802
target_version: 1.6.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20082
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 2 Oct 2007 18:47:57 +0000 (18:47 +0000)]
cc_initalize(ccapi_version_2) should return CC_BAD_API_VERSION not CC_NOT_SUPP
ticket: new
target_version: 1.7
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 1 Oct 2007 23:48:57 +0000 (23:48 +0000)]
Initialize options for _alloc interface to same defaults as for _init
ticket: 5800
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20064
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 20:09:55 +0000 (20:09 +0000)]
remove error tables by pointer
On Windows, it is possible for the same DLL to be loaded
into a process multiple times as separate instances. Each
time a DLL is loaded it registers its error tables at different
locations in the process address space. Removing the tables
by base instead of pointer value can result in the error table
list pointing at invalid memory.
ticket: new
tags: pullup
target_version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20040
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 1 Oct 2007 19:21:49 +0000 (19:21 +0000)]
def-check.pl needs to ignore ordinals in .def file
Otherwise, the UNIX build blows out now that the Windows export lists
have been updated. Silly consistency checks....
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20039
dc483132-0cff-0310-8789-
dd5450dbe970
Justin Anderson [Mon, 1 Oct 2007 18:39:59 +0000 (18:39 +0000)]
- null params are always expected to result in ccErrBadParam.
- clarified some test descriptions
ticket: 5459
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20036
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 16:15:39 +0000 (16:15 +0000)]
Process WM_CLOSE for the command-line option dialog
ticket: 5798
tags: pullup
target_version: 1.6.3
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20035
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:32:26 +0000 (05:32 +0000)]
NIM: BUG: APP: notification icon tooltip wrong string
The Network Identity Manager notification icon can display a tooltip
when the user hovers the mouse cursor over it. It is currently used
to indicate the default identity (if one is found). However, when
retrieving the name of the default identity, the size of the buffer
was left unspecified. This patch specifies the correct buffer size.
The function called with the incorrect buffer size was
kcdb_identity_get_name(). That function does not write more than
KCDB_IDENT_MAXCCH_NAME characters regardless of the size of the buffer
specified, and the buffer that was passed in is allocated to be this
size. No buffer overrun was present in the existing code, although
the behavior was incorrect.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20034
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:31:02 +0000 (05:31 +0000)]
When Network Identity Manager starts, the credentials display
enumerates known identities and displays them if necessary. However,
as plug-ins load and the list of known identities, their properties
and credentials change, the order of the displayed list will also
change.
The existing code does not deal well in respect to tracking the
current selection when the list of identities and credentials change.
This results in inconsistent behavior where the identity that was
originally at the top of the list maintains its selection state while
the identity at the top of the list after all the plug-ins have loaded
will receive focus.
This patch fixes this problem by explicitly setting focus and
selection to the identity or credential at the current cursor location
following a change in the credentials list.
ticket: 5782
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20033
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:29:38 +0000 (05:29 +0000)]
The credentials display in Network Identity Manager colors the
background of identity headings based on the expiration state of the
credentials that belong to the identity.
This patch changes the behavior to color these headings based on the
existence and expiration state of identity credentials. With this
change, only identities that have valid identity credentials will
appear in green.
The same logic is used when drawing the menu items in the "Set
default" sub-menu in the notification icon.
ticket: 5783
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20032
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:27:29 +0000 (05:27 +0000)]
NIM: BUG: APP: notification icon state
Currently, the notification icon that is created by Network Identity
Manager indicates the status of all the known credentials. If any
credential belonging to any identity is expired or in a critical
state, the icon will change color to indicate this.
This patch changes the behavior to only indicate the status of
credentials belonging to the default identity. The expiration state
of credentials that do not belong to the default identity no longer
affect the appearance of the notification icon.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20031
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:25:34 +0000 (05:25 +0000)]
NIM: BUG: APP: identity data corruption
The credentials display in Network Identity Manager uses a cached set
of properties for each identity that has credentials. The existing
code used the wrong field of the khui_credwnd_identity structure to
store the credentials type name associated with an identity, resulting
in a corrupt data structure.
This patch fixes the code to use the correct field.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20030
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:20:51 +0000 (05:20 +0000)]
NIM: BUG: APP: View-Select columns
Change "View columns" to "Select columns" in the "View" menu of
Network Identity Manager to be consistent with other Windows
applications.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20029
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 05:19:05 +0000 (05:19 +0000)]
NIM: BUG: APP: leaking prompts in obtain new credentials dialog
The Kerberos v5 plug-in for Network Identity Manager was not clearing
the list of prompts properly when a user changes the active identity
in the new credentials dialog. The stale prompts would be visible to
the user if the newly selected identity is invalid or the new identity
cannot be validated.
This patch clears the prompts if there is an identity change.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20028
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 03:22:07 +0000 (03:22 +0000)]
add descriptions of credential flags, identity icons, and push-pins
update screen shots
add credits to Fermilabs and Stanford University.
other changes for kfw 3.2.2 release.
ticket: 5789
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20027
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 1 Oct 2007 03:20:06 +0000 (03:20 +0000)]
fix the description of the notification icon status colors
ticket: 5789
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20026
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sun, 30 Sep 2007 20:50:45 +0000 (20:50 +0000)]
NIM: BUG: LIB: deadlock in kmq
Do not obtain a critical section that is already being held:
"cs_kmq_types"
Update the docs to indicate the additional restriction.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20025
dc483132-0cff-0310-8789-
dd5450dbe970