diff options
| author | Marc Horowitz <marc@mit.edu> | 1998-10-30 02:56:35 +0000 |
|---|---|---|
| committer | Marc Horowitz <marc@mit.edu> | 1998-10-30 02:56:35 +0000 |
| commit | 1440ab035ba04550ddbbfbff1ee9b5571e3d95db (patch) | |
| tree | 9d5e8d2e151a930e044c7d0f7c64053d244577a0 /src/kadmin/server | |
| parent | 61ddbf948ba6ee70c1bc049268c3dfa73bc9983e (diff) | |
| download | krb5-1440ab035ba04550ddbbfbff1ee9b5571e3d95db.tar.gz krb5-1440ab035ba04550ddbbfbff1ee9b5571e3d95db.tar.xz krb5-1440ab035ba04550ddbbfbff1ee9b5571e3d95db.zip | |
pull up 3des implementation from the marc-3des branch
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11001 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/server')
| -rw-r--r-- | src/kadmin/server/ChangeLog | 7 | ||||
| -rw-r--r-- | src/kadmin/server/ovsec_kadmd.c | 42 |
2 files changed, 44 insertions, 5 deletions
diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index 22f8214bd0..8131a8695c 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,10 @@ +1998-10-27 Marc Horowitz <marc@mit.edu> + + * ovsec_kadmd.c: add calls to a new function + _svcauth_gssapi_unset_names() to clean up memory when shutting + down. Use krb5_overridekeyname instead of krb5_defkeyname, so the + command line takes precedence over the environment. + Wed Jul 22 00:28:57 1998 Geoffrey King <gjking@mit.edu> * ovsec_kadmd.c (main): Cast gss_nt_krb5_name to diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c index 6ac8709c76..b8a5088d8e 100644 --- a/src/kadmin/server/ovsec_kadmd.c +++ b/src/kadmin/server/ovsec_kadmd.c @@ -3,6 +3,32 @@ * */ +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + #include <stdio.h> #include <signal.h> #include <syslog.h> @@ -64,7 +90,7 @@ void *global_server_handle; * it also restricts us to linking against the Kv5 GSS-API library. * Since this is *k*admind, that shouldn't be a problem. */ -extern char *krb5_defkeyname; +extern char *krb5_overridekeyname; char *build_princ_name(char *name, char *realm); void log_badauth(OM_uint32 major, OM_uint32 minor, @@ -315,7 +341,7 @@ int main(int argc, char *argv[]) htons(addr.sin_port)); } kadm5_destroy(global_server_handle); - krb5_klog_close(); + krb5_klog_close(); exit(1); } memset(&addr, 0, sizeof(addr)); @@ -386,9 +412,10 @@ int main(int argc, char *argv[]) exit(1); } - /* XXX krb5_defkeyname is an internal library global and should - go away */ - krb5_defkeyname = params.admin_keytab; + /* XXX krb5_overridekeyname is an internal library global and should + go away. This is an awful hack. */ + + krb5_overridekeyname = params.admin_keytab; /* * Try to acquire creds for the old OV services as well as the @@ -402,6 +429,7 @@ int main(int argc, char *argv[]) "failing."); fprintf(stderr, "%s: Cannot set GSS-API authentication names.\n", whoami); + _svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); krb5_klog_close(); exit(1); @@ -428,6 +456,7 @@ int main(int argc, char *argv[]) error_message(ret)); fprintf(stderr, "%s: Cannot initialize acl file: %s\n", whoami, error_message(ret)); + _svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); krb5_klog_close(); exit(1); @@ -438,6 +467,7 @@ int main(int argc, char *argv[]) krb5_klog_syslog(LOG_ERR, "Cannot detach from tty: %s", error_message(ret)); fprintf(stderr, "%s: Cannot detach from tty: %s\n", whoami, error_message(ret)); + _svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); krb5_klog_close(); exit(1); @@ -449,6 +479,7 @@ int main(int argc, char *argv[]) krb5_klog_syslog(LOG_INFO, "finished, exiting"); /* Clean up memory, etc */ + _svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); close(s); acl_finish(context, 0); @@ -934,6 +965,7 @@ void do_schpw(int s1, kadm5_config_params *params) error_message(errno)); fprintf(stderr, "Cannot create connecting socket: %s", error_message(errno)); + _svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); krb5_klog_close(); exit(1); |