Ken Raeburn [Sun, 13 Mar 2005 07:34:23 +0000 (07:34 +0000)]
profile library should check high-resolution timestamps if available
With the current profile code, it's possible for a file to be read when
partially written, with the writing of the new file contents being completed
within the same 1-second clock value, causing the profile code not to re-read
the contents. Using a higher-resolution timestamp, available on many systems
now, should help reduce that window. (Checking file sizes should also,
consider doing that separately.)
* configure.in: Check struct stat for fields st_mtimensec,
st_mtimespec.tv_nsec, and st_mtim.tv_usec.
* prof_file.c (profile_update_file_data): If one of them is found, use it as
the fractional part of the timestamp. Do re-read the file if the fractional
parts don't match.
* prof_int.h (struct _prf_data_t): Add new field frac_ts.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17121
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sun, 6 Mar 2005 00:18:30 +0000 (00:18 +0000)]
* sn2princ.c (krb5_sname_to_principal):
conditionalize the use of reverse dns lookups. The default
is to use the existing behavior. rdns can be disabled by
specifying [libdefaults] rdns=false
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17120
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 5 Mar 2005 00:12:44 +0000 (00:12 +0000)]
I think the hpux change here should prevent it from overriding the
user-specified options, but still add in the necessary flags.
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): Expand on error message if failing.
Substitute THREAD_SUPPORT -> 0 or 1 in makefiles. For HP-UX, set
PTHREAD_CFLAGS, not CFLAGS.
ticket: 2929
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17119
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:53:54 +0000 (23:53 +0000)]
* asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int instead of
pointer, do the appropriate error checking.
ticket: 2953
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17118
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 23:50:45 +0000 (23:50 +0000)]
hpux10 has gmtime_r with wrong return type, breaking asn.1 encoder
The hpux10 gmtime_r returns int (0 means success), whereas the POSIX
gmtime_r returns a pointer (NULL means failure).
* configure.in: Check return type of gmtime_r, and define GMTIME_R_RETURNS_INT
if it returns int. If the return type can't be determined, pretend the
function isn't there.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17117
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:06:39 +0000 (02:06 +0000)]
* build.texinfo (HPUX): Update with current state of shared library and thread
support.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17115
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:05:42 +0000 (02:05 +0000)]
ignore more targets and byproducts
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17114
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:04:12 +0000 (02:04 +0000)]
build user-guide.pdf too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17113
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 02:01:55 +0000 (02:01 +0000)]
Build/delete PDF files
* Makefile (PSPDF): New variable.
(admin-guide.pdf, install-guide.pdf): New targets.
(clean-final): Delete PDF files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17112
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Mar 2005 00:05:08 +0000 (00:05 +0000)]
profile_clear_relation doesn't work, iterator still sees deleted nodes
The "deleted" flag was being checked when writing out the file, but
not when iterating through using the profile handle being used to do
the deletions.
* prof_tree.c (profile_node_iterator): After checking skip_num counter, also
skip over deleted nodes.
* prof_test1 (test3): New proc.
(top level): Run it.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17111
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Mar 2005 23:25:32 +0000 (23:25 +0000)]
time-delta parser doesn't work on HP-UX 10
A build on Lenny's machine (built with gcc 2.7, thread support disabled, static
libraries only) is failing tests because the HP header files define "WS" as a
macro that expands to 2, while the delta-t grammar uses "WS" as the name of a
terminal symbol (which under bison turns into a C macro).
Renaming the terminal in the grammar (and custom lexer) fixes the problem.
* x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts with HP-UX
10 header files. Updated all productions.
(mylex): Updated.
* Makefile.in ($(srcdir)/deltat.c): Enable dependencies in maintainer mode.
* deltat.c: Updated.
ticket: new
target_version: 1.4.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17110
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 23 Feb 2005 22:47:14 +0000 (22:47 +0000)]
possible profile null pointer deref in threaded app
There seems to be a problem with a null pointer popping up when
profile_node_iterator reads ...->data->root to start walking through the
contents. Don't have a lot of details, but I've got some patches that might
tighten things up a little.
* prof_tree.c (profile_node_iterator): Check that the root node pointer is not
null; raise assertion failure if it is.
* prof_int.h: Include k5-platform.h.
(struct _prf_data_t): Reorder fields, and insert some padding.
* prof_file.c (scan_shared_trees_locked): Check that the "root" field isn't
null.
(profile_open_file): Update the in-memory file contents after updating the
refcount instead of before.
(profile_update_file_data): If the root node in the file data is null, always
do the update. Check that it's not null before returning a success
indication.
(profile_dereference_data_locked): Scan linked list of file data objects for
sanity check, before and after.
(profile_dereference_data_locked): Don't do it here.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17106
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 17 Feb 2005 23:46:49 +0000 (23:46 +0000)]
* krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message if
SHOW_INITFINI_FUNCS is defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17105
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 16 Feb 2005 20:34:49 +0000 (20:34 +0000)]
Export missing DATA symbols on Windows
ticket: 2924
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17104
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 16 Feb 2005 19:57:15 +0000 (19:57 +0000)]
* init_ctx.c (init_common): Delete redundant library initialization call that
was run only on UNIX. Test assertion that krb5_ui_8 really did get a proper
64-bit type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17103
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 12 Feb 2005 01:14:00 +0000 (01:14 +0000)]
* gss-misc.c: Include autoconf.h. If both time.h and sys/time.h are available,
and they're compatible, include both.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17102
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 12 Feb 2005 00:27:35 +0000 (00:27 +0000)]
* kadmin.c (kadmin_startup): New flag "-N" to prevent fallback to
AUTH_GSSAPI.
* kadmin.M: Describe "-O" and "-N" flags.
ticket: 2913
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17101
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:10:40 +0000 (23:10 +0000)]
missed one file on previous commit
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17100
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 11 Feb 2005 23:09:25 +0000 (23:09 +0000)]
Implement principal name and auth flavor fallback for kadm5 client
library. Adjust test suites to compensate.
ticket: 2913
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17099
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 10 Feb 2005 02:52:08 +0000 (02:52 +0000)]
* gic_pwd.c (krb5_get_init_creds_password): Fix so empty password
string causes prompting and doesn't cause truncation of password
to zero characters.
ticket: 2918
target_version: 1.4.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17098
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:39:32 +0000 (22:39 +0000)]
* gss-threads: New subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Add it.
* configure.in: Configure it. Check for semaphore.h, sem_init, sem_trywait.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17097
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 22:37:38 +0000 (22:37 +0000)]
multithreaded gssapi test prog based on gss-sample w/jaltman+raeburn changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17096
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:19:45 +0000 (02:19 +0000)]
* krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If SHOW_INITFINI_FUNCS
is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17095
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 02:18:19 +0000 (02:18 +0000)]
* et/error_message.c (com_err_initialize, com_err_terminate): If
SHOW_INITFINI_FUNCS is defined, print tracing messages.
* profile/prof_file.c (profile_library_initializer, profile_library_finalizer):
If SHOW_INITFINI_FUNCS is defined, print tracing messages.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17094
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:50:50 +0000 (00:50 +0000)]
Exercise the dynamic loading/unloading of libraries a bit more.
Athena's old IRIX systems fail this test now.
* t_loader.c (verbose): New variable.
(do_close_1): Drop filename argument. Change messages accordingly, and only
display them if verbose. Line up "done" messages vertically.
(do_open_1): Likewise. Add library version argument, used when on AIX, in
combination with RTLD_MEMBER.
(do_open): Don't pass filename. Do pass library version; callers changed.
(do_close): Don't pass filename.
(get_sym_1): Renamed from get_sym, added line number argument. Print messages
if verbose.
(get_sym): New macro.
(xbasename): Function deleted.
(HORIZ): New macro.
(main): Turn off output buffering. Print messages before and after calling
functions in loaded libraries. Disable first set of tests, that don't call any
functions. Test gssapi library without loading any other libraries, then test
it after loading com_err, and unload com_err first.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17093
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:41:40 +0000 (00:41 +0000)]
There is a memory leak here, if a thread has registered some per-thread data
when we delete the key. Fixing it will require walking through the per-thread
data of every thread and freeing the objects... and watching for deadlocks in
the case where a thread is exiting at the same time.
* threads.c (k5_key_delete) [pthread case]: Reset flags and destructor function
pointer to unset state.
(krb5int_thread_support_init, krb5int_thread_support_fini): If
SHOW_INITFINI_FUNCS is defined, print some tracing messages.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17092
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:23:20 +0000 (00:23 +0000)]
* Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17091
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:20:38 +0000 (00:20 +0000)]
* gss_libinit.c (gssint_lib_init, gssint_lib_fini) [SHOW_INITFINI_FUNCS]: Print tracing messages
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17090
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:14:57 +0000 (00:14 +0000)]
Fix build problem found testing certain combinations of options
* k5-platform.h (PROGRAM_EXITING) [__GNUC__ && !_WIN32 &&
CONSTRUCTOR_ATTR_WORKS && !DELAY_INITIALIZER]: Define as zero.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17089
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 9 Feb 2005 00:11:14 +0000 (00:11 +0000)]
Build system support for a library having more than one init/fini symbol
defined, when using linker options to specify these functions. Now
LIBINITFUNC/LIBFINIFUNC are considered lists of symbols, ordered from
lowest-level (init run first, fini run last) to highest-level.
* lib.in (config.status): Change target to be in $thisconfigdir rather than
local.
(osf1.exports): Create a temporary file then rename into place. Add options
for library init/fini symbols, handling multiple values.
* shlib.conf (case alpha*-dec-osf*): Don't handle init/fini symbols here.
(case mips-sgi-irix*): Handle multiple init/fini symbols. Always set $initfini
before it gets used.
(case *-*-solaris*, not gcc): Handle multiple init/fini symbols.
(case *-*-aix*): Handle multiple fini symbols.
ticket: 2916
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17088
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:12:08 +0000 (23:12 +0000)]
* Makefile.in (config.status): Depend on shlib.conf
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17087
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 4 Feb 2005 23:10:48 +0000 (23:10 +0000)]
* aclocal.m4 (KRB5_AC_ENABLE_THREADS): If thread support is not enabled, zap
the PTHREAD_ variables.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17086
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:09:31 +0000 (01:09 +0000)]
* gssapi.hin: (GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't
define except on Windows.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17085
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:06:56 +0000 (01:06 +0000)]
Makefile.in: fix macro syntax in last change
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17084
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 01:03:27 +0000 (01:03 +0000)]
* t_loader.c: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17083
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:41 +0000 (00:58 +0000)]
don't build anything by default
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17082
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:58:07 +0000 (00:58 +0000)]
* Makefile.in: New file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17081
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:57:17 +0000 (00:57 +0000)]
* configure.in: Look for dlfcn.h. Configure new shlib subdirectory.
* Makefile.in (LOCAL_SUBDIRS): Build in shlib subdir.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17080
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:48:12 +0000 (00:48 +0000)]
* configure.in: Put #ifndef/#define/#endif wrapper into autoconf.h to protect
against multiple inclusions. Don't look for xom.h. Check for dlopen.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17079
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:31:21 +0000 (00:31 +0000)]
* gssapi.hin: Don't conditionally include xom.h here
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17078
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:27:33 +0000 (00:27 +0000)]
* Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_ when
extracting from autoconf.h. Don't look for HAVE_ or USE_ symbols. Add
${include_xom} to the prologue.
(include_xom): New variable.
* gssapi.h: Always include stddef.h unconditionally.
(GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't define.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17077
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 3 Feb 2005 00:26:17 +0000 (00:26 +0000)]
* configure.in: Check for xom.h. Set include_xom to a C include directive or
comment, and substitute it in the Makefiles.
ticket: 2910
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17076
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 28 Jan 2005 05:16:34 +0000 (05:16 +0000)]
* t_walk_rtree.c (main): Free context at end to allow searching
for memory leaks.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17072
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 24 Jan 2005 20:22:57 +0000 (20:22 +0000)]
* post.in (Makefile): Nuke autom4te.cache before and after autoconf runs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17063
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 22 Jan 2005 01:28:14 +0000 (01:28 +0000)]
Irix k5_os_mutex_lock calls k5_pthread_mutex_lock w/ wrong arg
* k5-thread.h (k5_os_mutex_lock): Under Irix, invoke
k5_pthread_mutex_lock() with the k5_os_mutex, not the
pthread_mutex_t.
(k5_pthread_assert_locked,unlocked): If DEBUG_THREADS not used, provide
correct prototype. Add missing close paren.
Test programs show that under irix, the mutex locking/unlocking code was
working - even with the wrong memory use... I do not understand why.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17062
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 18 Jan 2005 17:33:56 +0000 (17:33 +0000)]
* configure.in: When looking for setupterm() - look in
libcurses/libncurses even if termcap library found.
This is a GCC 4.0 fix.. Otherwise we get conflicting declarations of setupterm
in a header file and in the telnet client.
ticket: 2876
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17053
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 18 Jan 2005 17:29:46 +0000 (17:29 +0000)]
* threads.c (k5_key_delete) [ENABLE_THREADS && !_WIN32]: Don't abort,
just leak resources for now.
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17052
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 18 Jan 2005 08:07:47 +0000 (08:07 +0000)]
re-initialize 'terminated' variable to 0 during initialization routine
ticket: 2888
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17051
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 23:57:51 +0000 (23:57 +0000)]
Some applications such as Eudora on Windows load and unload the Kerberos
libraries as part of a plug-in. Plugins are often loaded for a specific
purpose and then unregistered. In order to support this model, the libraries
must restore the library state to the uninitialized state when the library
is unloaded.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17050
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 17 Jan 2005 19:10:31 +0000 (19:10 +0000)]
krb5_unparse_name(), krb5_unparse_name_ext():
prevent dereferencing of pointer if 'name' or 'size' are NULL
ticket: new
tags: pullup
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17049
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:37:27 +0000 (17:37 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
fixed as introduced in ticket #2541. Do not rely on knowledge that
upon failure from krb5_cc_retrieve_cred, returned credential data
is untouched.
Testsuite passes all tests, but would like another set of eyes to look over code
before closing ticket.
ticket: 2885
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17048
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 17 Jan 2005 17:32:26 +0000 (17:32 +0000)]
subject; krb5_do_preauth could attempt to free NULL pointer
* preauth2.c (krb5_do_preauth): Upon error in decoding
krb5_type_info{,2}, on failure, do not call krb5_free_type_info
with a null pointer.
The only way to reach this code is to set a preauth list requesting for ETYPE_INFO
or ETYPE_INFO2 in a call to krb5_get_in_tkt_with_password.
Before sending the request, krb5_do_preauth tries to parse a NULL length asn1 buffer,
fails and tries to free a null pointer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17047
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 Jan 2005 21:40:23 +0000 (21:40 +0000)]
* rc_dfl.c: Move the extraction of the struct dfl_data
from the krb5_rcache after obtaining the lock, not before.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17046
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 15 Jan 2005 06:34:08 +0000 (06:34 +0000)]
* cp_key_cnt.c, copy_princ.c:
prevent krb5_copy_principal() and krb5_copy_keyblock() from
calling malloc(0). On platforms in which malloc(0) returns
NULL, these functions will return an ENOMEM error the way
they were written.
ticket: 2881
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17045
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 23:50:22 +0000 (23:50 +0000)]
* k5-thread.h [HAVE_PTHREAD && HAVE_PRAGMA_WEAK_REF]: Mark pthread_self and
pthread_equal as weak references.
ticket: 2878
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17041
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Jan 2005 21:52:15 +0000 (21:52 +0000)]
Fix braino in previous change to xdr_bytes. New test case for
RPCSEC_GSS fixed-size buffers.
ticket: 2877
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17039
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Jan 2005 06:02:01 +0000 (06:02 +0000)]
* authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid
size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ.
(xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of
MAX_NETOBJ_SZ.
* xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since
it'll be uninitialized then. Shuts up Purify.
ticket: 2877
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17038
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 05:18:31 +0000 (05:18 +0000)]
fix calling convention for thread support fns
This depends on a change to k5-thread.h that was included with a checkin I did
earlier for 2878.
* threads.c (k5_mutex_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats): Define as KRB5_CALLCONV.
(krb5int_mutex_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats) [_WIN32]: Undef macros before defining functions.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17037
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 05:03:48 +0000 (05:03 +0000)]
* k5-thread.h (k5_pthread_assert_locked): Only call pthread_equal if
thread support is loaded.
(k5_pthread_mutex_unlock): Use k5_pthread_assert_locked instead of
duplicating it.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17036
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 04:40:16 +0000 (04:40 +0000)]
* prof_file.c (profile_open_file): If mutex creation fails, free storage
directly instead of calling profile_close_file.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17035
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:39:24 +0000 (03:39 +0000)]
* cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock, file_is_locked
deleted.
(krb5_fcc_open_file, krb5_fcc_close_file, dereference, krb5_fcc_resolve,
krb5_fcc_generate_new, krb5_fcc_set_flags): Don't set or check them.
ticket: 2874
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17034
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:27:51 +0000 (03:27 +0000)]
* prng.c (krb5int_prng_init): Incorporate do_yarrow_init body. Don't check
inited variable.
(inited): Variable deleted.
(krb5_c_random_make_octets, krb5int_prng_cleanup): Don't check it.
(do_yarrow_init): Deleted.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17033
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:24:48 +0000 (03:24 +0000)]
* yarrow.c (yarrow_reseed_locked): Renamed from krb5int_yarrow_reseed and made
static.
(Yarrow_detect_fork, yarrow_input_maybe_locking, krb5int_yarrow_output_Block):
Call it.
(krb5int_yarrow_reseed): New function, grabs lock and calls the old version.
(krb5int_yarrow_final): Hold the lock until after clearing the Yarrow context
data.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17032
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:19:39 +0000 (03:19 +0000)]
More paranoid checking...
* k5-thread.h (k5_os_mutex) [pthread case]: Add new field "owner" if
DEBUG_THREADS.
(k5_pthread_mutex_lock, k5_pthread_mutex_unlock, k5_pthread_assert_locked): New
macros/functions; if DEBUG_THREADS, set or check the owner field.
(K5_OS_MUTEX_PARTIAL_INITIALIZER) [pthread case && DEBUG_THREADS]: Set the
owner field. If PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP is defined, use it.
(k5_os_mutex_lock, k5_os_mutex_unlock, k5_os_mutex_assert_locked) [pthread
case]: Use k5_pthread_ versions.
(k5_mutex_destroy): Update the location data with the mutex locked, before
destroying it.
(k5_mutex_unlock): Update the location data while the mutex is still locked,
and check the assertion that the mutex really is locked. Convert inline
function to macro.
* k5-thread.h (krb5int_mutex_lock_update_stats,
krb5int_mutex_unlock_update_stats, krb5int_mutex_report_stats)
[!DEBUG_THREADS_STATS]: Declare KRB5_CALLCONV.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17031
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:15:41 +0000 (03:15 +0000)]
* error_message.c (com_err_terminate): Lock the list mutex before walking
through it; unlock and destroy it afterwards.
ticket: 2878
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17030
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 14 Jan 2005 03:12:21 +0000 (03:12 +0000)]
profile code never destroys its per-file mutexes
* prof_file.c (profile_free_file_data): Destroy mutex before freeing containing
structure.
ticket: new
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17029
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 13 Jan 2005 11:51:51 +0000 (11:51 +0000)]
* ftpd.c: GCC 4.0 fixes... Move static declaration of gunique out
of function.
ticket: 2876
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17026
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 13 Jan 2005 11:51:30 +0000 (11:51 +0000)]
correction to previous commit. do not call krb5_gss_release_cred()
if the cred was not acquired. destroy each field of the cred one
piece at a time based upon what was allocated.
ticket: 2875
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17025
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 13 Jan 2005 11:32:47 +0000 (11:32 +0000)]
Tree does not compile with GCC 4.0
* yarrow.c: Declare yarrow_gate_locked static before first use.
GCC 4.0 snapshots are more particular about using a static function
before a prototype is given.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17024
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Thu, 13 Jan 2005 08:19:06 +0000 (08:19 +0000)]
Fix the calls to krb5_gss_release_cred to pass in the correct type.
This fixes a mutex leak.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17023
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 13 Jan 2005 00:35:17 +0000 (00:35 +0000)]
* prng.c (read_entropy_from_device): Use ssize_t, not size_t, so
read() returning -1 doesn't cause trouble.
ticket: 2871
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17020
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 18:24:44 +0000 (18:24 +0000)]
* default.exp (start_tail): New proc. Handles GNU tail race condition with
less delay than the old code that was in start_kerberos_daemons.
(start_kerberos_daemons): Call start_tail for both log files.
ticket: 2873
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17019
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 12 Jan 2005 17:18:28 +0000 (17:18 +0000)]
Fix some potential resource leaks in dnsglue.c
ticket: 2872
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17018
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 12 Jan 2005 04:57:22 +0000 (04:57 +0000)]
2005-01-11 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c:
- do not free krb5_creds if krb5_copy_creds fails
- cause MSTicketToMITTicket to return failure if
krb5_copy_data fails
ticket: 2870
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17017
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 03:47:58 +0000 (03:47 +0000)]
* krb-root/rlogin.exp (start_rlogin_daemon): Use built-in sleep command.
* krb-root/telnet.exp (start_telnet_daemon): Likewise.
* krb-standalone/gssftp.exp (start_ftp_daemon): Use built-in sleep command.
* krb-standalone/rcp.exp (start_rsh_daemon): Likewise.
* krb-standalone/rsh.exp (start_rsh_daemon): Likewise.
* krb-standalone/sample.exp (start_sserver_daemon): Likewise.
* krb-standalone/v4gssftp.exp (start_ftp_daemon): Likewise.
* krb-standalone/v4krb524d.exp (start_k524_daemon): Likewise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17016
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 03:46:51 +0000 (03:46 +0000)]
* default.exp (start_kerberos_daemons): Format date internally rather than
running "date".
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17015
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 12 Jan 2005 01:06:04 +0000 (01:06 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Free credentials retrieved from
ccache before returning. Based on patch from fumihiko kakuma
<kakuma@valinux.co.jp>. Also whitespace changes for readability.
ticket: 2541
tags: pullup
target_version: 1.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17014
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 9 Jan 2005 06:05:02 +0000 (06:05 +0000)]
* k5-int.h (krb5int_zap_data): Fix preprocessor test for Windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17013
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 9 Jan 2005 06:03:56 +0000 (06:03 +0000)]
* k5-thread.h (KRB5_CALLCONV, KRB5_CALLCONV_C): Define if not defined.
(krb5int_mutx_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats) [!DEBUG_THREADS_STATS]: Declare, with KRB5_CALLCONV.
(k5_debug_make_loc): Change "lineno" to type int.
(k5_debug_make_loc): Likewise for argument "line".
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17012
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 8 Jan 2005 00:29:19 +0000 (00:29 +0000)]
* crc-32.h (mit_crc32): Remove gratuitous "const" in argument declaration
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17011
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 6 Jan 2005 20:31:21 +0000 (20:31 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17007
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 5 Jan 2005 07:51:46 +0000 (07:51 +0000)]
Add new function krb5_boolean krb5_is_thread_safe(void) to library.
This function simply reports whether or not ENABLE_THREADS was specified
at compile time. It is meant to be used by applications which need to
know whether or not multithread libraries must be initialized OR
whether or not calls to Kerberos library functions from multi-threaded
applications must be protected by an application global mutex.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17003
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 5 Jan 2005 07:45:21 +0000 (07:45 +0000)]
* win-mac.h: define NEED_INSIXADDR_ANY for ipv6 symbol
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17002
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 5 Jan 2005 07:41:30 +0000 (07:41 +0000)]
Makefile.in: add krb5 support library to windows klist executable
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17001
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 Jan 2005 02:59:53 +0000 (02:59 +0000)]
* configure.in: Check for uint32_t and int32_t in system headers
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16999
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 Jan 2005 02:35:02 +0000 (02:35 +0000)]
* Makefile.in (krb5.h): Don't pull in autoconf SIZEOF macros
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16998
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 5 Jan 2005 00:50:54 +0000 (00:50 +0000)]
* threads.c (krb5int_mutex_lock_update_stats,
krb5int_mutex_unlock_update_stats, krb5int_mutex_report_stats) [_WIN32
&& !DEBUG_THREADS_STATS]: Define empty versions for Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16997
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 4 Jan 2005 17:03:48 +0000 (17:03 +0000)]
fix typo
ticket: 2861
version_fixed:
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16996
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Jan 2005 21:07:25 +0000 (21:07 +0000)]
* implementor.texinfo (Porting Issues): New chapter with a bunch of notes from
email I sent regarding porting to pSOS.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16992
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Jan 2005 20:31:31 +0000 (20:31 +0000)]
update thread support doc
* threads.txt, thread-safety.txt: Updates.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16991
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Jan 2005 20:29:58 +0000 (20:29 +0000)]
* build.texinfo (The util Directory): Add the new support library.
(Installing the Binaries): Discuss parallel builds under GNU make.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16990
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Jan 2005 20:27:16 +0000 (20:27 +0000)]
* implementor.texinfo (Host Address Lookup): Document Mac OS X issues
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16989
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 3 Jan 2005 19:30:18 +0000 (19:30 +0000)]
krb5_parse_name not thread-safe, not responsive to environment changes
As Ezra noted, krb5_parse_name saves away the default realm the first
time it looks it up, and will never look it up again, even if the
config file has changed, the context isn't the same one, etc. It also
used a static variable which wasn't thread-safe.
With this patch, we still won't catch changes in the config file
specification after the default realm has been looked up for a given
krb5_context, because it's cached in the context too, but this will at
least be more responsive, and thread safe.
* parse.c (krb5_parse_name): Don't cache the default realm name.
ticket: new
target_version: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16988
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 30 Dec 2004 22:08:18 +0000 (22:08 +0000)]
run "make depend"
In most library directories, this just affects where the line breaks
are. In most other directories, it's just dropping a trailing blank
line. One or two files really do have updated dependencies.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16987
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 30 Dec 2004 22:05:12 +0000 (22:05 +0000)]
Do the target object file name hacking in "make depend" earlier, before the
line breaks are recomputed, instead of after. This will result in lots of
whitespace changes in dependencies in directories that build library object
files, but the final output is nicer (fewer long lines), and running "make
depend" uses one fewer invocation of sed (balancing out the extra one I added
in another checkin earlier today).
* config/post.in (.depend): Don't do target name munging here.
(.depfix2.sed): Pass extra value $(STLIBOBJS).
* util/depfix.sed: Don't change foo.o to $(OUTPRE)foo.$(OBJEXT) here.
* util/depgen.sed: Add new argument for STLIBOBJS. Do the OUTPRE/OBJEXT
substitution here, and if STLIBOBJS is non-empty, add foo.so and foo.po while
we're at it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16986
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 30 Dec 2004 21:12:41 +0000 (21:12 +0000)]
* post.in (.depend): Delete blank lines in generated file.
(DEP_CFG_VERIFY, DEP_VERIFY, depend-verify-*, .depend-verify-*, .depfix2.sed):
Move all the flag files to $(BUILDTOP) so there'll be only one of each.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16985
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 28 Dec 2004 13:27:30 +0000 (13:27 +0000)]
Memory leak in asn1_decode_generaltime
When decoding a kerberos time, if the asn1 time is 19700101000000Z (i.e. time_t
of 0) - 15 bytes of memory are lost.
* asn1_decode.c (asn1_decode_generaltime): Fix memory leak when
time sent is "19700101000000Z".
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16983
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Sat, 25 Dec 2004 15:29:39 +0000 (15:29 +0000)]
Memory leaks in ccache due to thread integration
* cc_file.c (krb5_fcc_close): Free the cache id.
(dereference): When removing fcc_set entry from list, free the
pointer as well.
The first was accidently dropped in the dereference code writing.
The cache id pointer is never freed.
The second error is the removal of the krb5_fcc_data from the linked list.
The fcc_set is removed from the chain, but the memory for the removed fcc_set
is never freed.
ticket:new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16981
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 21 Dec 2004 05:18:12 +0000 (05:18 +0000)]
* def-check.pl: Check for PRIVATE or INTERNAL annotations in defs
file.
ticket: 2796
version_reported: 1.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16976
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 21 Dec 2004 05:15:25 +0000 (05:15 +0000)]
* krb5.hin: Flag krb5_principal2salt as KRB5_CALLCONV_WRONG
ticket: 2840
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16975
dc483132-0cff-0310-8789-
dd5450dbe970