Jeffrey Altman [Fri, 24 Aug 2007 14:33:09 +0000 (14:33 +0000)]
NIM: Cannot cancel timers which have inserted a WM_TIMER message into the queue
The credentials view in Network Identity Manager displays several user
interface elements that need to be updated periodically such as any
fields that denote the time remaining for a credential or an identity,
or an icon and coloring used to indicate the expiration state. When
the display rows are computed, the credentials view creates a set of
timers that reference each row that times out when that row needs to
be redrawn.
Since the rows change when switching views or when the outline is
recomputed, all the timers are canceled and re-scheduled. However, a
race conditions exists where the timer times-out before it is
canceled, in which case a WM_TIMER message is placed in the
credential window's message queue. Windows does not support
canceling a timer that has already fired and has been placed on the
message queue.
By the time the WM_TIMER message is received by the window, the rows
of the display would have been recomputed and the row that the message
references may not be what it intended to reference. A spurious
WM_TIMER message is harmless when it refers to a row corresponding to
a credential. However, the existing code assumed that if a timer event
is received that referred to an outline row, then that outline must be
an expanded view of an identity, which is currently the only type of
outline row that receives timers. This assumption does not always
hold in the case of a spurious WM_TIMER message and may lead to the
code attempting to use the outline data as a handle to an identity.
The patch fixes the problem by checking if the row is actually an
expanded view of an identity and ignoring the message if it is not.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19857
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 14:29:37 +0000 (14:29 +0000)]
NIM: Context menu selection issues
The handler for WM_CONTEXTMENU in the credentials view of Network
Identity Manager assumed that the context menu was invoked using the
mouse. If it was, then the message parameters would specify the x and
y co-ordinates of the mouse. The context menu can also be invoked via
the keyboard, in which case the x- and y- coordinates are set to
(-1,-1).
An additional problem with the code is that it was not selecting the
row that was right-clicked on if it was not already selected. This
results in the some of the commands on the context menu targetting
credentials that the user didn't intend to target.
This patch adds support for handling the context menu when it is
invoked via the keyboard and also sets the selection to the row that
was right-clicked if the user invokes the context menu using the
mouse.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19856
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 14:28:21 +0000 (14:28 +0000)]
NIM: Color Schemas
The default color scheme used by the Network Identity Manager credentials
display can sometimes cause the text to be difficult to read. In
addition, since some of the colors are derived from colors used by the
current Windows theme, the selection, window background and text
colors may be mismatched with the colors that are hardcoded into the
application.
To rememdy this problem, this patch defines a new set of colors
that will be used with the credentials display. The new scheme
doesn't use a special color to distinguish the default identity which
is already indicated with the text "(Default)" displayed alongside it.
Instead the colors are used to denote the remaining lifetime of
credentials and identities.
Also, the color scheme defines all the colors that it uses instead of
deriving some of them from the Windows color scheme.
All the color information is now kept in the Network Identity Manager
UI schema. The schema automatically maps to the registry, so users
(and deployers) can override the colors by creating the necessary
registry keys and values. The registry keys containing color
information are:
Software\MIT\NetIDMgr\CredWindow\Themes and
Software\MIT\NetIDMgr\CredWindow\Themes\Default
The "Default" key contains the default color scheme. The color value
names are defined in ui\uiconfig.csv under Themes\_Schema
configuration subspace. Each color is represented by a 32-bit number.
The low-order 24 bits contain a COLORREF value. The high-order 8 bits
contain an alpha value which, if non-zero, will be used to blend the
color with the selection color (color value named ClrSelection).
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19855
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 14:26:11 +0000 (14:26 +0000)]
NIM: New command-line options --hide and --show / new command-line help dialog
Add two command-line options to the Network Identity Manager application:
--hide : If there is already an instance of Network Identity Manager
running in the user's session, this will cause the main
window of that instance to be hidden.
--show : Unhides the main window of the running instance.
If no options are specified when starting netidmgr.exe while another
instance is running, the running instance will perform the default
action as configured in the user's preferences. By default, this will
be to show the main window.
The message box that displayed the command-line options if an invalid
option is specified has been replaced with a dialog box that shows the
options in a more readable rich text control. The contents of the
control are specified in ui/lang/<lang>/cmdline.rtf.
Do not edit cmdline.rtf with Microsoft Word. The output of Word is
incompatible with the RichEdit20 component.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19854
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 14:23:14 +0000 (14:23 +0000)]
NIM: Identity Configuration Panel Fixes
In the identity configuration panel of Network Identity Manager, the
user can specify a new identity which can then be configured.
The existing code didn't check if the identity specified by the user
already exists. The patch adds the check. If the identity already
exists, the user is notified as such.
Another bug prevented the user from configuring an identity that was
added back in following the deletion of the same identity during the
same session. The deleted status of the identity was not reset when
it was added back.
Additionally, this patch adds code that has already been added to the
new credentials dialog to apply Windows XP theme textures to the child
dialogs used as tab panels in the configuration dialog. Child dialogs
don't automatically adjust the theme settings based on whether it is
nested inside a tab control. The theme must be applied manually.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19853
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 14:20:31 +0000 (14:20 +0000)]
NIM: resource leak in khui_action_trigger()
The khui_action_trigger() function in the Network Identity Manager API
creates a copy of the current user interface context (which contains
information about the credentials and identities that are currently
selected) before triggering the requested action. Then it will use
the copy to restore the user interface context to its previous state.
A coding error results in the copy of the context to never be
released. As a result there is a resource leak.
The attached patch fixes the leak by releasing the context once it
is no longer needed.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19852
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 13:53:46 +0000 (13:53 +0000)]
no unistd.h on Windows
do not include unistd.h on Windows because it doesn't exist
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19851
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 24 Aug 2007 13:51:31 +0000 (13:51 +0000)]
cleanup src/lib/gssapi/krb5/error_map.h on Windows
during 'clean' delete the generated file error_map.h
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19850
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 23 Aug 2007 16:53:53 +0000 (16:53 +0000)]
Add documentation for CCAPI
Added Doxygen-based documentation to CredentialsCache.h and checked
in a copy of the html output of that documentation.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19849
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 23 Aug 2007 07:11:21 +0000 (07:11 +0000)]
Use -Wno-format-zero-length if GCC version supports it
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19848
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Mon, 20 Aug 2007 19:24:11 +0000 (19:24 +0000)]
Added errmap.h to the generate-files-mac target
ticket: 5654
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19846
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Mon, 20 Aug 2007 14:50:41 +0000 (14:50 +0000)]
read_entropy_from_device on partial read will not fill buffer
read_entropy_from_device() will loop in read until the desired number
of bytes are read from the device (/dev/random, /dev/urandom). I have
observed that for /dev/random, if there is not enough bits available
for reading - it will return a partial read. The code would loop in
this case, but never advance the location to place the new bytes -
hence the start of the buffer would be filled again - leaving the tail
end as stack garbage.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19845
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 16 Aug 2007 22:59:49 +0000 (22:59 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19832
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 16 Aug 2007 22:55:06 +0000 (22:55 +0000)]
remap mechanism-specific status codes in mechglue/spnego
This patch creates a mapping in the mechglue/spnego code to modify
mechanism status codes when passing them back to the application, so
that mechglue's display_status dispatcher can determine the correct
mechanism to dispatch to.
This is part of the "get enhanced error messages from gssapi
applications" project; ticket 5590 has updates to the Kerberos 5
mechanism to extract enhanced error messages (when there are any) from
the Kerberos library.
util/gen.pl, util/t_*.pm: New code generation script and templates.
lib/gssapi/generic: Add a new, global mapping that enumerates the
{mechOID,status} pairs as they're seen, allowing a magic mechOID value
to indicate com_err error codes from mechglue and spnego, and
reserving status code 0 for unknown errors. Preload the Kerberos
"wrong principal" error code once for each mechanism OID used for
Kerberos, so the entries get fixed positions (1-3) in the table.
lib/gssapi/gss_libinit.c: Call the initializer and destructor
functions.
lib/gssapi/mechglue, lib/gssapi/spnego: Enter all mechanism-generated
or locally-generated status codes into the mapping table, and return
the table index to the application. Do the reverse in display_status,
to get the messages from the mechanism..
lib/rpc: Define new function gssrpcint_printf to use for debugging
instead of printf, to redirect output away from dejagnu; add a couple
more debugging calls. Check for minor status codes 1-3 now instead of
KRB5KRB_AP_WRONG_PRINC.
tests/dejagnu/krb-standalone/gssftp.exp: Test getting more detailed
error messages back, by having the ftp client attempt to authenticate
to a non-existent service, and examining the error message for the
service principal name.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19831
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 16 Aug 2007 21:58:35 +0000 (21:58 +0000)]
(krb5_gss_internal_release_oid): Always clear *minor_status
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19830
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 16 Aug 2007 15:09:58 +0000 (15:09 +0000)]
Only do fake-install in pkinit if building pkinit
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19829
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 16 Aug 2007 01:52:10 +0000 (01:52 +0000)]
Change prototype for g_token_size to match function declaration later
in file. (OM_Uint32 changed to unsigned int). On a 64 bit architecture, they
are different.
ticket: 5581
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19828
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Thu, 16 Aug 2007 01:40:50 +0000 (01:40 +0000)]
compilation failure with IRIX native compiler
gss_release_buffer takes OM_uint32* as an argument, not OM_uint32.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19827
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Wed, 15 Aug 2007 00:31:01 +0000 (00:31 +0000)]
sprintf conversion to snprintf in r19703 introduced some signed/unsigned
warnings. Cleanup.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19823
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 14 Aug 2007 18:22:58 +0000 (18:22 +0000)]
t_ser should no longer use kdb libraries
Remove the call to krb5_db_fini() - as rest of the db code was pulled
during DAL integration. This removes dependency on db libraries -
alter Makefile.in.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19822
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Tue, 14 Aug 2007 18:11:36 +0000 (18:11 +0000)]
Free memory leak in do_test() from asprintf integration
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19821
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Tue, 14 Aug 2007 02:54:15 +0000 (02:54 +0000)]
remove inadvertent commit of symbols temporarily exported in
a sandbox to permit building of pkinit code on Windows.
ticket: 5645
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19819
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Sat, 11 Aug 2007 15:15:44 +0000 (15:15 +0000)]
export krb5_get_profile
Export krb5_get_profile. Remove comment saying it should be
added and just do it.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19818
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Fri, 10 Aug 2007 14:37:04 +0000 (14:37 +0000)]
Simulate changing views when the REFRESH action is run and when credentials are updated.
This makes the symptoms go away but does not solve whatever the underlying problem is.
I missed this change yesterday.
This should be added to kfw-3_2_1-beta2.
Ticket: 5604
Tags: pullup
Target_Version: 1.6.3
Tags: Pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19813
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 9 Aug 2007 20:09:48 +0000 (20:09 +0000)]
need more dylib_file specs for darwin
Currently the KDB LDAP plugin won't build on Mac OS X 10.4 if a tree
hasn't been previously installed, because it can't find the libraries
that we haven't installed yet. (Finding earlier versions isn't
sufficient, if symbols are needed that are not present in the
installed versions.)
Add -dylib_file specs for libkadm5srv and libkdb to LDCOMBINE, in
addition to libkrb5support that was already there.
Unfortunately, this makes shlib.conf dependent on more library version
numbers.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19771
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 9 Aug 2007 14:52:15 +0000 (14:52 +0000)]
Simulate changing views when the REFRESH action is run and when credentials are updated
This makes the symptoms go away but does not solve whatever the underlying problem is.
Ticket: 5604
Tags: pullup
Target_Version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19770
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 9 Aug 2007 13:31:11 +0000 (13:31 +0000)]
Control watermark display with registry entry; document the registry entry
Ticket: 5609
Tags: pullup
Target_Version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19769
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 9 Aug 2007 13:22:59 +0000 (13:22 +0000)]
The background color is changed to COLOR_WINDOW
Ticket: 5607
Tags: pullup
Target_Version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19768
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Aug 2007 22:16:44 +0000 (22:16 +0000)]
Get rid of some old SunOS 4 config stuff
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19762
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 8 Aug 2007 17:45:37 +0000 (17:45 +0000)]
Patch developed by kpkoch with style changes from jaltman
The size/position of the main application window is
internally updated in response to WM_MOVE messages but is
only written to the registry after a timeout period. This
is done due to the large number of WM_MOVE messages that
can be delivered during a windows drag / resize operation
involving the user or explorer shell's tile and cascade
operations. (or those involving third party desktop managers.)
In NIM 1.8 two different application view modes (standard
and advanced) replaced the single view mode in previous
releases. The size/position update logic was not modified
to take into consideration the possibility that a user might
move/resize the window and then quickly toggle modes before
the new location or size were recorded to the registry.
This change ensures that when a mode change occurs, via a
call to khm_set_main_window_mode(), that the current
location/size will be written to the registry and any
outstanding timer, MW_RESIZE_TIMER, will be cleared.
The logic to save the location/size has been extracted
into the new static function main_wnd_save_sizepos().
main_wnd_save_sizepos() is only called after the application
window has been created.
ticket: 5613
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19760
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Wed, 8 Aug 2007 05:04:45 +0000 (05:04 +0000)]
In krb5_preauth_context ftable should be
struct krb5plugin_preauth_client_ftable_v1 *
instead of
struct krb5plugin_preauth_client_ftable_v0 *
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19759
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 8 Aug 2007 05:00:05 +0000 (05:00 +0000)]
Only build pkinit plugin if a sufficiently recent version of OpenSSL is available
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19758
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 7 Aug 2007 20:13:11 +0000 (20:13 +0000)]
Release mechtok_out in spnego_gss_init_sec_context.
Reported by Markus Moeller.
ticket: 5629
version_reported: 1.6.1
target_version: 1.6.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19757
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 6 Aug 2007 15:19:50 +0000 (15:19 +0000)]
missing comma
The pkinit additions in revision 18973 left out a comma after the
last function in the list. This caused builds that did not define
DESIGNATED_INITIALIZERS to break.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19755
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Mon, 6 Aug 2007 15:11:03 +0000 (15:11 +0000)]
KRB5_CALLCONV must be specified inside parens
When declaring a function pointer, the function type
modifiers must be inside the parentheses.
return-type (modifers * function-name) (parameters)
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19754
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Coffman [Mon, 6 Aug 2007 13:57:26 +0000 (13:57 +0000)]
Remove these files that were not intended to be moved onto the trunk
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19753
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sat, 4 Aug 2007 08:37:13 +0000 (08:37 +0000)]
Add missing @end quotation
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19752
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 4 Aug 2007 00:02:42 +0000 (00:02 +0000)]
krb5_fcc_generate_new() doesn't work with mkstemp()
If mkstemp() is available, the new ccache file gets created but the
subsequent open(O_CREAT|O_EXCL) call fails because the file was
already created by mkstemp(). Apply patch from Apple to keep the file
descriptor open.
ticket: new
tags: pullup
target_version: 1.6.3
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19749
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 3 Aug 2007 21:16:19 +0000 (21:16 +0000)]
Based on Apple's patch, during the referrals loop, check to see if the
session key enctype of a returned credential for the final service is
among the enctypes explicitly selected by the application, and retry
with old_use_conf_ktypes if it is not.
ticket: 4950
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19748
dc483132-0cff-0310-8789-
dd5450dbe970
Jeffrey Altman [Fri, 3 Aug 2007 13:22:23 +0000 (13:22 +0000)]
NIM: apply does not update saved values of general identities cfg page
The general identities configuration panel failed to update the saved values
of the DefaultMonitor, DefaultAllowAutoRenew, and DefaultSticky options after
the "Apply" button was pressed. This resulted in the subsequent value changed
states being incorrect.
This patch saves the values.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19747
dc483132-0cff-0310-8789-
dd5450dbe970
Ezra Peisach [Fri, 3 Aug 2007 02:36:26 +0000 (02:36 +0000)]
Add internal prototype for krb5_preauth_supply_preauth_data(). Clean up
some shadow variable warnings, make depend...
ticket: 5617
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19746
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Coffman [Wed, 1 Aug 2007 22:09:13 +0000 (22:09 +0000)]
Add PKINIT support
Pull up PKINIT support onto the trunk.
Changes from the version in branch users/coffman/pkinit are:
- Update the preauth plugin interface version to avoid
conflict with any existing plugins.
- Add a pkcs11.h locally to the pkinit code rather than
depending on opensc being installed.
ticket: new
Target_Version: 1.6.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19745
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 Aug 2007 00:01:31 +0000 (00:01 +0000)]
Define snprintf along with vsnprintf for Windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19742
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 1 Aug 2007 00:00:25 +0000 (00:00 +0000)]
Don't define vsnprintf for Windows here
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19741
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Tue, 31 Jul 2007 20:23:02 +0000 (20:23 +0000)]
Implemented and tested cc_ccache_wait_for_change()
ticket: 4644
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19740
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:39:48 +0000 (04:39 +0000)]
Set KTFILEP field to null any time we close the file
ticket: 3099
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19739
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:39:21 +0000 (04:39 +0000)]
Debugged version of patch worked up with Luke
Adds a callback to krb5int_sendto to examine the response and indicate
whether to quit the loop or not. For sendto_kdc, keep going if the
returned error is "service unavailable". Updated all other callers to
pass a null function pointer, which means to always break out of the
loop on any response (the old behavior).
ticket: 3334
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19738
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:39:05 +0000 (04:39 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19737
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:38:46 +0000 (04:38 +0000)]
Check for null file handle in get_next.
Patch from Luke Howard.
ticket: 5471
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19736
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:38:32 +0000 (04:38 +0000)]
Provide {,v}asprintf prototypes if needed
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19735
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:38:18 +0000 (04:38 +0000)]
Check whether a prototype for vasprintf is needed
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19734
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 27 Jul 2007 04:37:50 +0000 (04:37 +0000)]
If no salt is included with the key data, set the salt length field to 0.
Bug report and patch from Nalin Dahyabhai.
ticket: 5545
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19733
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jul 2007 19:50:37 +0000 (19:50 +0000)]
Updated API version to 7 because we added the wait_for_change functions
ticket: 4644
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19732
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Wed, 25 Jul 2007 19:29:39 +0000 (19:29 +0000)]
Added callback support for wait_for_change functions
ticket: 4644
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19731
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Sun, 22 Jul 2007 09:17:20 +0000 (09:17 +0000)]
Include k5-platform.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19729
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jul 2007 08:51:58 +0000 (08:51 +0000)]
Pull out code for looking up the current time, comparing the offset of
a supplied timestamp against the configured maximum clock skew, and
possibly generating an error message, into a separate routine.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19722
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jul 2007 07:59:38 +0000 (07:59 +0000)]
declare xasprintf
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19721
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 20 Jul 2007 03:20:36 +0000 (03:20 +0000)]
provide more useful error message when running kpropd on command line
The way kpropd indicates that it's supposed to be connected to the network
is by printing out a socket error:
kpropd: getpeername: Socket operation on non-socket
With this patch, it's a bit more friendly:
./kpropd: Standard input does not appear to be a network socket.
(Not run from inetd, and missing the -S option?)
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19720
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 19 Jul 2007 21:13:01 +0000 (21:13 +0000)]
Made callback code generic so that change time callbacks can use it as well
ticket: 4644
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19719
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 19 Jul 2007 21:10:57 +0000 (21:10 +0000)]
Added new autogenerated file to generate-files-mac target
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19718
dc483132-0cff-0310-8789-
dd5450dbe970
Alexandra Ellwood [Thu, 19 Jul 2007 18:32:44 +0000 (18:32 +0000)]
ccs_pipe_t needs copy and release functions
On Windows it is an allocated type.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19717
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 13 Jul 2007 00:12:52 +0000 (00:12 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19710
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:35:24 +0000 (23:35 +0000)]
Use [v]snprintf or asprintf instead of unchecked sprintf and separate allocation size calculations
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19709
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:35:09 +0000 (23:35 +0000)]
Create and use xasprintf akin to xmalloc, returns pointer on success or exits on error
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19708
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:34:55 +0000 (23:34 +0000)]
Recommend snprintf/asprintf. Specify 'static inline'. Use @code for in6addr_any
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19707
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:34:41 +0000 (23:34 +0000)]
Missed a sprintf->snprintf switch
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19706
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:34:21 +0000 (23:34 +0000)]
Avoid unchecked sprintf in some KDC-side programs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19705
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:34:04 +0000 (23:34 +0000)]
Avoid unchecked sprintf in some more support code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19704
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:33:25 +0000 (23:33 +0000)]
Avoid use of unchecked sprintf in libraries. Use asprintf if the
output buffer is allocated according to the size of data to be
written, or snprintf otherwise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 12 Jul 2007 23:32:45 +0000 (23:32 +0000)]
Nuke disabled support for ancient .klogin syntax
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19702
dc483132-0cff-0310-8789-
dd5450dbe970
Justin Anderson [Thu, 12 Jul 2007 17:57:37 +0000 (17:57 +0000)]
Filled in dummy descriptions. Also, no longer errors out of test with ccIteratorEnd
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19701
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 12 Jul 2007 17:55:06 +0000 (17:55 +0000)]
Add #ifdef WIN32 section
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19700
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 12 Jul 2007 17:52:52 +0000 (17:52 +0000)]
#include of Kerberos.h removed. It can't work on Windows and looks like its not needed on the Mac, either
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19699
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 12 Jul 2007 14:46:56 +0000 (14:46 +0000)]
Added dummy Description arguments where needed. Compiles on Windows now
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19694
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Thu, 12 Jul 2007 14:45:47 +0000 (14:45 +0000)]
Added dummy Description arguments where needed. Compiles on Windows now
TargetVersion: 1.7
Component: krb5-libs
Ticket: 5594
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19693
dc483132-0cff-0310-8789-
dd5450dbe970
Kevin Koch [Wed, 11 Jul 2007 20:31:54 +0000 (20:31 +0000)]
TargetVersion: 1.7
Component: krb5-libs
Ticket: new
Subj: Work on compiling the CCAPI test suite on Windows.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19692
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jul 2007 07:02:08 +0000 (07:02 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19688
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 10 Jul 2007 06:55:08 +0000 (06:55 +0000)]
Get rid of .o files when cleaning
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19687
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Thu, 5 Jul 2007 19:10:52 +0000 (19:10 +0000)]
Set PERL
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19677
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 05:58:12 +0000 (05:58 +0000)]
Make error_map.h depend on ktemplate.pm too
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19675
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 05:57:30 +0000 (05:57 +0000)]
Add a note at the start of the output reminding the reader that it's a generated file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19674
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 05:47:49 +0000 (05:47 +0000)]
Handle 'Credentials cache file <path> not found'
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19673
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 05:46:24 +0000 (05:46 +0000)]
gss krb5 mech enhanced error messages
Save detailed error messages (usually from the krb5 library) in
per-thread storage, mapping each error code to the most recently
produced message for it. Return the message from display_status.
Currently not implemented for a few cases where the krb5 mechanism
returns a minor status code of 0, or another value different from the
libkrb5 error code.
Other functions are available to store a generic string or formatted
message, but aren't used much at present.
Tested with these errors in context establishment:
* missing ccache (libkrb5 shows pathname if FILE: type)
* missing keytab (libkrb5 shows pathname if FILE: type)
* server principal unknown (libkrb5 shows server principal)
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19672
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 04:27:32 +0000 (04:27 +0000)]
Use strdup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19671
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 04:26:14 +0000 (04:26 +0000)]
Use global spawn_id
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19670
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 04:06:54 +0000 (04:06 +0000)]
Perl code for generating "map" routines from a common template with
supplied type info.
* ktemplate.pm: Code for parsing a command line and writing out a
supplied template with substitutions.
* gen-map.pl: Parameter info and template for "map" type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19669
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 04:03:44 +0000 (04:03 +0000)]
Add a new per-thread datum for error message info in gssapi krb5 mech
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19668
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 04:00:36 +0000 (04:00 +0000)]
Some handy debugging code for gssapi errors in credential acquisition; currently disabled
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19667
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 03:51:45 +0000 (03:51 +0000)]
If error is KDC_ERR_S_PRINCIPAL_UNKNOWN, report the server name
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19666
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 03:49:52 +0000 (03:49 +0000)]
In file-not-found case, report the filename sought
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19665
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 01:58:06 +0000 (01:58 +0000)]
Remove debugging message accidentally left in
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19664
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 01:49:17 +0000 (01:49 +0000)]
Save a detailed message for FCC_NOFILE including the file name
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19663
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Wed, 4 Jul 2007 01:04:13 +0000 (01:04 +0000)]
When skipping debugging '-->' data, only take through the end of the line
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19662
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jul 2007 22:51:53 +0000 (22:51 +0000)]
Report in make output when updating OBJS.ST/SH/PF
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19661
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Tue, 3 Jul 2007 19:09:20 +0000 (19:09 +0000)]
Tell Emacs to use C mode for this file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19660
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 2 Jul 2007 19:13:05 +0000 (19:13 +0000)]
Test for va_copy should be a link test, not a compile test
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19659
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Mon, 2 Jul 2007 19:11:53 +0000 (19:11 +0000)]
Include k5-platform.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19658
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 29 Jun 2007 02:37:57 +0000 (02:37 +0000)]
Check for error indication from localtime.
In a few cases this means changing internal function signatures to
allow for passing back the error indication up the call stack.
Thanks to Domagoj Babic for pointing out the possible null pointer
dereferences that would result if localtime fails.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19656
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 29 Jun 2007 02:32:02 +0000 (02:32 +0000)]
Define a localtime_r wrapper around localtime if the system doesn't
provide localtime_r, instead of handling it in-line. Check for error
indication from localtime_r. Call localtime_r only once instead of
each time around the loop.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19655
dc483132-0cff-0310-8789-
dd5450dbe970
Ken Raeburn [Fri, 29 Jun 2007 01:55:08 +0000 (01:55 +0000)]
Under gcc, declare k5_v?asprintf with format attribute
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19654
dc483132-0cff-0310-8789-
dd5450dbe970
projects / krb5.git / log