| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
It has been unused since 2009 when Ken decided that the routing log
messages were too verbose (commit 91fc077c96926dd60).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ure.c, though k is a short, the literal 1 is of type 'int', and
so the operation 'k + 1' is performed at the (32-bit) width of int,
and therefore the "%d" format string is correct.
In accept_sec_context.c, the 'length' field of krb5_data is an
unsigned type, so checking for a negative value has no effect.
In net-server.c, the helper routine rtm_type_name() is only used
in code that is disabled with #if 0 conditionals; make the
definition also disabled in the same way to avoid warnings of an
unused function.
In kdc_authdata.c, equality checks in double parentheses elicit
a warning from clang. The double-parentheses idiom is normally used
to indicate that an assignment is being performed, but the value of
the assignment is also to be used as the value for the conditional.
Since assignment and equality checking differ only by a single
character, clang considers this worthy of a warning. Since the extra
set of parentheses is redundant and against style, it is correct to
remove them.
In several places (sim_server.c, dump.c, kdb5_destroy.c,
ovsec_kadmd.c), there are declarations of extern variables relating
to getopt() functionality that are now unused in the code. Remove
these unused variables.
|
| |
|
|
|
|
|
|
|
|
|
| |
Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make
sure to use DEFINES for local defines (not DEFS). Remove some other
unnecessary makefile content.
|
|
|
|
|
| |
It's a lot of code, and trace logging should cover most of the cases
where it's useful.
|
| |
|
|
|
|
|
| |
Mostly this gets rid of the trailing space on line 2 after
bb76891f5386526bdf91bc790c614fc9296cb5fa.
|
|
|
|
|
|
|
| |
Since there is no overlap between the clpreauth and kdcpreauth
interface declarations, there's no particular reason to combine them
into one header. For backward compatibility and convenience, leave
behind a preauth_plugin.h which includes both.
|
|
|
|
|
|
| |
Make kdc_active_realm a local variable in every function that needs
it. Pass it around in various state structures as needed. Keep the
macros that reference its members remain for now.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream libverto depends on dynamic loading and in particular on
dladdr(), which is not universal. To avoid this dependency, stub out
support for module loading (by replacing module.c) and instead
integrate the k5ev module directly into the bundled verto library.
This change removes the need to link, include, and invoke libverto
differently depending on whether we're using the bundled library; we
can always just link with -lverto and call verto_default().
bigredbutton: whitespace
ticket: 7351 (new)
|
|
|
|
|
|
|
| |
read(2) returns an ssize_t, not an int. We want to compare this
value against several unsigned size_ts, so make a local copy.
Also cast to int for printing; size_t can be wider than int, but
these values should be small.
|
|
|
|
|
|
|
|
|
|
|
|
| |
asserts may be compiled out with -DNDEBUG, so it's wrong to use an
assert expression with an important side effect.
(We also have scores of side-effecting asserts in test programs, but
those are less important and can be dealt with separately.)
ticket: 7105
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25760 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The configure-time options to enable and disable IPv6 support have
been deprecated for some time, but the checks for OS support were
kept. This removes those checks, and unconditionally compiles in the
IPv6 support.
There was a configure-time test to see if the macro INET6 needed to be
defined in order to enable (visibility of) OS support for IPv6, which
was needed on an IRIX system we tested with. That check is retained,
but the revised code is untested on IRIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25719 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add an event_context callback to kdcpreauth. Adjust the internal KDC
and main loop interfaces to pass around the event context, and expose
it to kdcpreauth modules via the rock.
ticket: 7019
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25475 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Also fix pkinit_crypto_nss.c struct initializers and add parens to a
ternary operator in do_as_req.c for better indentation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Coverity found some minor-to-medium bugs in some recent changes; fix
them.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25299 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
From npmccallum@redhat.com with changes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25291 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
Several of the u.tcp fields were also used for RPC connections. The
overlap between u.tcp.addr_s and u.rpc.closed could confuse
free_socket() into causing a null pointer dereference inside
svc_getreqset().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25231 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
In the KDC, set up signals in the worker process child after forking
from the monitor process. From npmccallum@redhat.com.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25176 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Also mark fd events as reinitiable so they survive the fork. From
npmccallum@redhat.com.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25175 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
When we build with the internal verto, we include verto-k5ev.h in
order to create loops. When we build with the system verto, we don't
include that header file. Add depfix logic and pre.in variables to
avoid depending on verto-k5ev.h for a system verto build.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25173 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
When we have conditionally built bundled source, we need logic in
depfix.pl and variables in pre.in to avoid depending on the bundled
verto.h in generated dependencies. Add that logic for verto.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25170 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
Give libverto-k5ev a header file. When using the internal verto
library, link against -lverto-k5ev and use verto_default_k5ev()
instead of verto_default(), bypassing the module loading logic and
making static builds possible.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25166 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
by it not figuring out the control flow (initialization and use both
tied to some other variable).
DB2 code not included.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25146 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25137 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25135 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
We use void pointers as temporaries in other uses of ADD(), so do so
here as well. The type-safe type would be verto_ev **.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25134 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25133 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
From npmccallum@redhat.com.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25132 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
From npmccallum@redhat.com.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25128 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 6918
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
and license comments.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
verbiage in Makefile.in files. For correctness of output, every
Makefile.in mydir= definition is changed to use $(S) instead of /.
ticket: 6826
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24506 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
should not respond to a packet
* Do not generate an error response in this case
* Drop a TCP connection if we are not going to respond to it.
kdc: add KRB5KDC_ERR_DISCARD
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24406 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Add support for a krb5kdc -w option which causes the KDC to spawn
worker processes which can process requests in parallel. See also:
http://k5wiki.kerberos.org/wiki/Projects/Parallel_KDC
ticket: 6783
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24328 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24298 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
happens to coincide with what setup_a_rpc_listener does.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24153 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24152 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24151 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make gssrpc work over IPv6 TCP sockets provided that the client
creates and connects/binds the sockets and doesn't query their
addresses or use bindresvport(). Make kadmin work within those
constraints and handle IPv6. Specific changes:
* Make svctcp_create() able to extract the port from an IPv6 socket,
using a new helper function getport().
* Make clnttcp_create() handle a null raddr value if *sockp is set.
* Make kadm5_get_service_name() use getaddrinfo() to canonicalize the
admin server name.
* Make libkadm5clnt's init_any() responsible for connecting its socket
using a new helper function connect_to_server(), which uses
getaddrinfo instead of gethostbyname. Pass a null address to
clnttcp_create().
* Make libapputil's net-server.c set up IPv6 as well as IPv4 listener
ports for RPC connections.
* Adjust the error code expected in a libkadm5 unit test.
ticket: 6746
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24147 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24119 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Re-integrates the forked versions of network.c in kdc and
kadmin/server. Server-specific initialization and SIGHUP-reset code
is moved into other source files; the more generic network-servicing
code is merged and moved into apputils library already used by both
programs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23811 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23456 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
configure script:
$(SRCTOP) --> $(top_srcdir)
$(srcdir)/$(thisconfigdir) --> $(top_srcdir)
$(thisconfigdir) --> $(BUILDTOP)
$(myfulldir) --> $(mydir)
ticket: 6583
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
make reindent
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
internals.
Make depend.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22775 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
bigredbutton: whitespace
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22769 dc483132-0cff-0310-8789-dd5450dbe970
|