summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi
Commit message (Collapse)AuthorAgeFilesLines
* gss_krb5int_unseal_token_v3() - change bodysize argument to unsigned -Ezra Peisach2007-01-232-2/+3
| | | | | | | which is consistent with how it is invoked and used. Cleans up two signed/unsigned warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19105 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2006-003: mechglue argument handling too laxTom Yu2007-01-0924-277/+827
| | | | | | | | | | | | | | | Fix mechglue argument checks so that output pointers are always initialized regardless of whether the other arguments fail to validate for some reason. This avoids freeing of uninitialized pointers. Initialize the gss_buffer_descs in ovsec_kadmd.c. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970
* If gss_krb5int_unseal_token_v3() unwraps a message of length 0 - freeEzra Peisach2006-12-301-0/+4
| | | | | | | | | | | memory and return in message_buffer a NULL pointer for value. This is consistant with gss_release_buffer in the mechglue implementation in which memory is only freed if the buffer length != 0. ticket: 5233 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19022 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak if defective header present in gss_krb5int_unseal_token_v3Ezra Peisach2006-12-301-1/+3
| | | | | | | | | | If after unsealing the message, the TOK_ID is not 05 04, free memory before returning a defective token error. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19021 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-124-52/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18940 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/vfy_increds.c (krb5_verify_init_creds): UseTom Yu2006-11-301-13/+2
| | | | | | | | | | | | | krb5_cc_new_unique(). * src/lib/gssapi/krb5/accept_sec_context.c: (rd_and_store_for_creds): Use krb5_cc_new_unique(). ticket: 4805 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18887 dc483132-0cff-0310-8789-dd5450dbe970
* avoid double frees in ccache manipulation around gen_newKen Raeburn2006-11-161-1/+3
| | | | | | | | | | | | * krb5/krb/vfy_increds.c (krb5_verify_init_creds): If krb5_cc_gen_new fails, don't both close and destroy the template ccache. * gssapi/krb5/accept_sec_context.c (rd_and_store_for_creds): Likewise. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18815 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-11-012-6/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18753 dc483132-0cff-0310-8789-dd5450dbe970
* Include gss_libinit.h for gssint_initialize_library() prototypeEzra Peisach2006-10-165-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18721 dc483132-0cff-0310-8789-dd5450dbe970
* Remove all unused variable warnings from treeEzra Peisach2006-10-151-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18712 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-063-187/+199
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/mglueP.h: Add loopback field to opaqueTom Yu2006-08-0711-1/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | structs of gss_ctx_id_t, gss_name_t, gss_cred_id_t to catch some application programming errors. Add new macro GSSINT_CHK_LOOP() which returns non-zero if loopback field doesn't point to itself. * src/lib/gssapi/mechglue/g_accept_sec_context.c (gss_accept_sec_context): * src/lib/gssapi/mechglue/g_acquire_cred.c (gss_add_cred) (gss_acquire_cred): * src/lib/gssapi/mechglue/g_delete_sec_context.c (gss_delete_sec_context): * src/lib/gssapi/mechglue/g_glue.c (gssint_convert_name_to_union_name): * src/lib/gssapi/mechglue/g_imp_name.c (gss_import_name): * src/lib/gssapi/mechglue/g_imp_sec_context.c (gss_import_sec_context): * src/lib/gssapi/mechglue/g_init_sec_context.c (gss_init_sec_context): Set loopback pointers. * src/lib/gssapi/mechglue/g_delete_sec_context.c (gss_delete_sec_context): * src/lib/gssapi/mechglue/g_rel_cred.c (gss_release_cred): * src/lib/gssapi/mechglue/g_rel_name.c (gss_release_name): Call GSSINT_CHK_LOOP() to validate loopback pointer. ticket: 4063 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18417 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c (gss_release_oid): CallTom Yu2006-08-011-0/+3
| | | | | | | | | gssint_initialize_library to ensure mutex is initialized. ticket: 4088 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18397 dc483132-0cff-0310-8789-dd5450dbe970
* Changed GSSAPI opaque types (gss_name_t, gss_cred_id_t, gss_ctx_id_t) fromAlexandra Ellwood2006-07-2513-42/+49
| | | | | | | | | | | | | | void* to pointers to opaque structs. This change removed some casts and introduced or changed a bunch of other casts to suppress warnings. krb5_gss_accept_sec_context(): Fixed a bug found by the above changes where krb5_gss_release_cred() was being called with the wrong argument 2 (gss_cred_id_t instead of gss_cred_id_t*). ticket: 4057 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18396 dc483132-0cff-0310-8789-dd5450dbe970
* gss_canonicalize_name(): Added parens to removeAlexandra Ellwood2006-07-251-4/+4
| | | | | | | | warning from if statement. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18395 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(), kg_caller_provided_ccache_name(): On further reflection Alexandra Ellwood2006-07-193-13/+32
| | | | | | | | | | | | | and testing the correct thing appears to be to have gss_krb5_ccache_name() stop gss_acquire_cred() from searching for the desired name in the cache collection. If the caller sets the ccache name then gss_acquire_cred will only look in that ccache. Added kg_caller_provided_ccache_name() to tell whether or not the caller has actually set the ccache. This should fix the problem for both Mac OS X and Windows. ticket: 4024 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18343 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(): Realized that my previous patch now basically favors theAlexandra Ellwood2006-07-191-6/+6
| | | | | | | | | | ccache over the desired name. Added a KLL function to search for the desired name, favoring the default ccache. ticket: 4024 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18341 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(): Fixed KLL support to try the default ccache first ifAlexandra Ellwood2006-07-181-13/+19
| | | | | | | | | it is set. ticket: 4024 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18340 dc483132-0cff-0310-8789-dd5450dbe970
* reverse test for copy_oid_set in lib/gssapi/krb5/indicate_mechs.cTom Yu2006-07-171-1/+1
| | | | | | | | | | | * src/lib/gssapi/krb5/indicate_mechs.c: Reverse sense of test, since gssint_copy_oid_set() returns 0 on success. ticket: new target_version: 1.5.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18330 dc483132-0cff-0310-8789-dd5450dbe970
* make gss_unwrap match prototypeTom Yu2006-07-011-2/+2
| | | | | | | | | | | | | * src/lib/gssapi/mechglue/g_unseal.c (gss_unwrap): Make match prototype. ticket: new tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18310 dc483132-0cff-0310-8789-dd5450dbe970
* g_delete_sec_context.c: undo type cast change from last Jeffrey Altman2006-06-301-1/+1
| | | | | | | | commit that is wrong. ticket: 3968 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18289 dc483132-0cff-0310-8789-dd5450dbe970
* corrections to gssapi mechglue Jeffrey Altman2006-06-302-5/+2
| | | | | | | | | | | g_delete_sec_context.c: use the correct type during assignment g_init_sec_context.c; prevent memory leak and make code more readable ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18288 dc483132-0cff-0310-8789-dd5450dbe970
* re-order inclusions in spnego_mech.c to avoid breaking system headersTom Yu2006-06-291-1/+1
| | | | | | | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c: Move inclusion of gssapiP_spnego.h to after mglueP.h. mglueP.h includes k5-thread.h, which pulls in the pthread headers, which on at least some Tru64 versions is vulnerable to definitions of non-reserved macro names such as CONTEXT, which is defined in gssapiP_spnego.h. ticket: new tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-build git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18273 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/gssapi/Makefile.in: Merge the new target into the existingKen Raeburn2006-06-291-2/+1
| | | | | | | | | | target list with generated headers mostly in subdirectories, which happens to be inside a "##DOS##!if 0" block, since the all-recurse target isn't defined for Windows. ticket: 3955 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18272 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-06-292-18/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18271 dc483132-0cff-0310-8789-dd5450dbe970
* remove unused lib/gssapi/mechglue/g_utils.cTom Yu2006-06-292-286/+0
| | | | | | | | | | | | | * src/lib/gssapi/mechglue/g_utils.c: Remove. * src/lib/gssapi/mechglue/Makefile.in (SRCS, OBJS, STLIBOBJS): Remove g_utils.*. ticket: new version_reported: 1.5 target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18263 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/mglueP.h (struct gss_config): RemoveTom Yu2006-06-293-20/+0
| | | | | | | | | | | | | | | | | gssint_userok and pname_to_uid, as we don't implement things which use them. * src/lib/gssapi/krb5/krb5_gss_glue.c (KRB5_GSS_CONFIG_INIT): * src/lib/gssapi/spnego/spnego_mech.c (spnego_mechanism): Update for struct gss_config changes. ticket: 3954 tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18262 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c: Remove various unusedTom Yu2006-06-291-342/+3
| | | | | | | | | | | | | | header inclusions, local variables, and macro definitions. (gss_indicate_mechs): (build_mechSet): (updateMechList): (gssint_get_mechanism): (loadConfigFile): Remove disabled code. ticket: 3951 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18261 dc483132-0cff-0310-8789-dd5450dbe970
* gssapi compilation errors on WindowsJeffrey Altman2006-06-297-11/+76
| | | | | | | | | | | | | | | | | | | | | | | | src/Makefile.in: generate lib/gssapi/spnego/Makefile src/lib/gssapi/Makefile.in: build mechglue and spnego src/lib/gssapi/krb5/init_sec_context.c: do not include kdc only symbols on windows src/lib/gssapi/mechglue/g_utils.c: no strings.h on Windows src/lib/gssapi/mechglue/Makefile.in: construct mechglue.lst src/lib/gssapi/spnego/Makefile.in: construct spnego.lst src/lib/gssapi/spnego/spnego_mech.c: k5-int.h must be included before krb5.h in order to prevent mixed definitions of time_t on windows ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18259 dc483132-0cff-0310-8789-dd5450dbe970
* check calling conventions specified for WindowsKen Raeburn2006-06-291-2/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we're making changes on UNIX, sometimes we update the Windows export list but forget to make sure we've annotated the function declaration in the header file with a calling convention specification. This patch checks the krb5 and gssapi public headers against the Windows export lists (which are annotated with calling-convention and other info in comments), and flags any inconsistencies in public interfaces. * util/def-check.pl: Be quiet about normal stuff by default; accept a "-v" option to be verbose. Exit with non-zero status if something wrong is detected. Fix some problems in parsing gssapi header files. Handle DECSCRIPTION and HEAPSIZE directives in .def files, and DATA annotation in comments. * include/Makefile.in (verify-calling-conventions-krb5): New target. (all-unix): Depend on it in maintainer mode. * lib/gssapi/Makefile.in (verify-calling-conventions-gssapi): New target. (all-unix): Depend on it in maintainer mode. (merged-gssapi-header.h): New target; assemble public headers into one input file. (clean-misc-unix): New target; delete merged-gssapi-header.h. (clean-unix): Depend on it. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18258 dc483132-0cff-0310-8789-dd5450dbe970
* autoconf 2.60 compatibilityKen Raeburn2006-06-285-6/+6
| | | | | | | | | | | Change all file substitutions so that @-patterns start at the beginning of their lines, as now required by autoconf 2.60 (released Monday). ticket: new target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18249 dc483132-0cff-0310-8789-dd5450dbe970
* make gssint_get_mechanism match prototypeTom Yu2006-06-261-2/+1
| | | | | | | | | | | | * src/lib/gssapi/mechglue/g_initialize.c (gssint_get_mechanism): Protoize, and make match mglueP.h. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18230 dc483132-0cff-0310-8789-dd5450dbe970
* fix typo in MS_BUG_TEST case in krb5_gss_glue.cTom Yu2006-06-231-1/+1
| | | | | | | | | | | | * src/lib/gssapi/krb5/krb5_gss_glue.c (krb5_mech_configs_hack): Fix typo in MS_BUG_TEST case. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18208 dc483132-0cff-0310-8789-dd5450dbe970
* fix signedness warnings in spnego_mech.cTom Yu2006-06-231-66/+82
| | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c: Fix numerous signedness warnings. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18207 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c: Remove unused variablesTom Yu2006-06-221-3/+1
| | | | | | | | | | and include gss_libinit.h to clean up warnings. Patch from Michael Calmer. ticket: 3918 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18202 dc483132-0cff-0310-8789-dd5450dbe970
* Apply (modified) patches from Michael Calmer to fix some warningsTom Yu2006-06-222-17/+8
| | | | | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c (get_req_flags): Remove unused var. (get_negTokenResp): Fix signedness bug. (make_spnego_tokenInit_msg): Remove unused vars (make_spnego_tokenTarg_msg): Initialize uninitialized vars. * src/lib/gssapi/spnego/gssapiP_spnego.h: Delete TWRITE_STR. ticket: 3905 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18198 dc483132-0cff-0310-8789-dd5450dbe970
* remove unimplemented/unused mechglue functionsTom Yu2006-06-218-407/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | * src/lib/gssapi/mechglue/Makefile.in (SRCS, STLIBOBJS): Delete g_userok, gssd_pname_to_uid. * src/lib/gssapi/mechglue/mechglue.h: Delete gssd_pname_to_uid, gss_initialize. * src/lib/gssapi/mechglue/mglueP.h: Delete gssint_userok, gssd_pname_to_uid, gssint_get_mechanism_ext, gss_acquire_cred_with_password_sfct, gss_mechanism_ext. * src/lib/gssapi/g_userok.c: * src/lib/gssapi/g_indicate_mechs.c: * src/lib/gssapi/gen_oids.c: * src/lib/gssapi/gssd_pname_to_uid: Delete. * src/lib/gssapi/mechglue/g_initialize.c: Delete gssint_get_mechanism_ext. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18187 dc483132-0cff-0310-8789-dd5450dbe970
* cease export of krb5_gss_*Tom Yu2006-06-211-37/+0
| | | | | | | | | | | | | | | * src/lib/gssapi/libgssapi_krb5.exports: Cease export of krb5 mechanism entry points which were once equivalent to GSS-API entry points. These were never public interfaces, and calling them directly now can cause problems. Also, cease export of some other internal symbols. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18185 dc483132-0cff-0310-8789-dd5450dbe970
* fix parallel builds for libgssTom Yu2006-06-201-1/+1
| | | | | | | | | | | | * src/lib/gssapi/Makefile.in (SUBDIROBJLISTS): Add missing spnego directory. ticket: new target_version: 1.5 tags: pullup component: krb5-build git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18176 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/libgssapi_krb5.exports: AddTom Yu2006-06-151-0/+1
| | | | | | gss_inquire_mechs_for_name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18143 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/krb5/gssapiP_krb5.h: Restore prototype ofTom Yu2006-06-152-2/+5
| | | | | | | | | krb5_gss_release_oid() for now. * src/lib/gssapi/krb5/rel_oid.c (krb5_gss_release_oid): Restore for now. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18142 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-06-155-11/+228
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18141 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/Makefile.in (mydir):Tom Yu2006-06-152-2/+2
| | | | | | | * src/lib/gssapi/spnego/Makefile.in (mydir): Point to correct locations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18140 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branches/mechglue. Initial integration of Sun-donatedTom Yu2006-06-1462-1739/+7961
| | | | | | | | | | | | | | | | mechglue and SPNEGO implementations. Additional changes outside of src/lib/gssapi: * src/configure.in: Add lib/gssapi/mechglue and lib/gssapi/spnego to list of directories to output Makefile in. * src/lib/rpc/unit-test/rpc_test.0/expire.exp (expired): Update regexp for mechglue. * src/tests/dejagnu/krb-standalone/v4gssftp.exp (v4ftp_test): Update "Miscellaneous failure" regexp for mechglue. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18131 dc483132-0cff-0310-8789-dd5450dbe970
* Always initialize the output token in gss_init_sec_context as requiredRuss Allbery2006-06-121-0/+2
| | | | | | | | | | by RFC 2744 section 5.19. The krb5 code did this but the generic code didn't, causing a double-free in OpenSSH. Ticket: 3086 Version_Reported: 1.3.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18114 dc483132-0cff-0310-8789-dd5450dbe970
* If krb5_gss_canonicalize_name is given GSS_C_NULL_OID as the mechanism,Russ Allbery2006-06-121-1/+2
| | | | | | | | | | assume krb5 using similar logic as other library functions rather than failing. Patch provided by Daniel Kahn Gillmor. Ticket: 3467 Version_Reported: 1.4.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18113 dc483132-0cff-0310-8789-dd5450dbe970
* Free requested-enctype list when freeing up credentials. Reported by RainerKen Raeburn2006-06-081-0/+4
| | | | | | | | Weikusat. ticket: 3790 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18093 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid memory leak in error path. Reported by Rainer WeikusatKen Raeburn2006-06-081-1/+3
| | | | | | ticket: 3791 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18088 dc483132-0cff-0310-8789-dd5450dbe970
* Merge about 1/3 of the remaining configure scripts into the top level. ThisKen Raeburn2006-05-314-25/+6
| | | | | | still leaves out appl and tests, and static library and plugin directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18068 dc483132-0cff-0310-8789-dd5450dbe970
* Rename locate.h to locate_plugin.h. Change references, update dependenciesKen Raeburn2006-05-242-45/+45
| | | | | | ticket: 3784 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18037 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-09-29 22:31:26 +0000