summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi
Commit message (Collapse)AuthorAgeFilesLines
...
* Use strdupKen Raeburn2007-07-041-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19671 dc483132-0cff-0310-8789-dd5450dbe970
* Tell Emacs to use C mode for this fileKen Raeburn2007-07-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19660 dc483132-0cff-0310-8789-dd5450dbe970
* On unload, free up g_mechSet and g_mechListKen Raeburn2007-03-021-7/+33
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19201 dc483132-0cff-0310-8789-dd5450dbe970
* Delete more stuff for 'clean' and 'distclean' targetsKen Raeburn2007-03-021-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19198 dc483132-0cff-0310-8789-dd5450dbe970
* valgrind detects uninitialized (but really unused) bytes in 'queue'Ken Raeburn2007-03-011-0/+6
| | | | | | | | | | | | | | | | | | | | | The gsstest program exports a GSSAPI security context to a blob in memory, writes that memory to a file, and reads it back to use it. Under valgrind, the writing phase triggers a warning about uninitialized storage. The "queue" structure as implemented in generic/util_ordering.c holds an array of values, some of which may never be initialized. As far as I can tell, those uninitialized values are never used before being initialized, either, but valgrind doesn't know that. This patch zaps the structure contents (including the array) before using the queue object. ticket: new target_version: 1.6.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19196 dc483132-0cff-0310-8789-dd5450dbe970
* When importing a name with a valid (non-null) handle but a zeroKen Raeburn2007-02-241-1/+4
| | | | | | | | | length, set GSS_S_BAD_NAME but not GSS_S_CALL_INACCESSIBLE_READ. ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19172 dc483132-0cff-0310-8789-dd5450dbe970
* If a reflection is detected, zap the message buffer pointer outputKen Raeburn2007-02-241-1/+4
| | | | | | | | | | argument as well as actually freeing the buffer. (Found while using the gsstest option to exercise error conditions.) ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19171 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize "loopback" field in newly allocated name structureKen Raeburn2007-02-221-0/+1
| | | | | | | ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19170 dc483132-0cff-0310-8789-dd5450dbe970
* Ensure consistancy between prototypes and functionsEzra Peisach2007-02-192-2/+2
| | | | | | | | | | | | I am using an older compiler that is complaining that prototypes do not match the functions they reference. The issue is that a number of prototypes are using "const int foo" while the function is "int foo". From a caller sense it makes no difference - but the compiler is correct they are different. All is now consistant. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19169 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_kt_get_type should return const char *. Ezra Peisach2007-02-051-2/+2
| | | | | | | | | | | | The code returns a pointer to static structures. Just to enforce the assumption that users can not change the returned data. Change prototype of krb5_kt_get_type to return const char *. The other changes are to clean up warnings - no change in code - usage assumed const. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19143 dc483132-0cff-0310-8789-dd5450dbe970
* gss_krb5int_unseal_token_v3() - change bodysize argument to unsigned -Ezra Peisach2007-01-232-2/+3
| | | | | | | which is consistent with how it is invoked and used. Cleans up two signed/unsigned warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19105 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2006-003: mechglue argument handling too laxTom Yu2007-01-0924-277/+827
| | | | | | | | | | | | | | | Fix mechglue argument checks so that output pointers are always initialized regardless of whether the other arguments fail to validate for some reason. This avoids freeing of uninitialized pointers. Initialize the gss_buffer_descs in ovsec_kadmd.c. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970
* If gss_krb5int_unseal_token_v3() unwraps a message of length 0 - freeEzra Peisach2006-12-301-0/+4
| | | | | | | | | | | memory and return in message_buffer a NULL pointer for value. This is consistant with gss_release_buffer in the mechglue implementation in which memory is only freed if the buffer length != 0. ticket: 5233 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19022 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak if defective header present in gss_krb5int_unseal_token_v3Ezra Peisach2006-12-301-1/+3
| | | | | | | | | | If after unsealing the message, the TOK_ID is not 05 04, free memory before returning a defective token error. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19021 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-124-52/+56
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18940 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/krb5/krb/vfy_increds.c (krb5_verify_init_creds): UseTom Yu2006-11-301-13/+2
| | | | | | | | | | | | | krb5_cc_new_unique(). * src/lib/gssapi/krb5/accept_sec_context.c: (rd_and_store_for_creds): Use krb5_cc_new_unique(). ticket: 4805 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18887 dc483132-0cff-0310-8789-dd5450dbe970
* avoid double frees in ccache manipulation around gen_newKen Raeburn2006-11-161-1/+3
| | | | | | | | | | | | * krb5/krb/vfy_increds.c (krb5_verify_init_creds): If krb5_cc_gen_new fails, don't both close and destroy the template ccache. * gssapi/krb5/accept_sec_context.c (rd_and_store_for_creds): Likewise. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18815 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-11-012-6/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18753 dc483132-0cff-0310-8789-dd5450dbe970
* Include gss_libinit.h for gssint_initialize_library() prototypeEzra Peisach2006-10-165-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18721 dc483132-0cff-0310-8789-dd5450dbe970
* Remove all unused variable warnings from treeEzra Peisach2006-10-151-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18712 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-10-063-187/+199
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18652 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/mglueP.h: Add loopback field to opaqueTom Yu2006-08-0711-1/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | structs of gss_ctx_id_t, gss_name_t, gss_cred_id_t to catch some application programming errors. Add new macro GSSINT_CHK_LOOP() which returns non-zero if loopback field doesn't point to itself. * src/lib/gssapi/mechglue/g_accept_sec_context.c (gss_accept_sec_context): * src/lib/gssapi/mechglue/g_acquire_cred.c (gss_add_cred) (gss_acquire_cred): * src/lib/gssapi/mechglue/g_delete_sec_context.c (gss_delete_sec_context): * src/lib/gssapi/mechglue/g_glue.c (gssint_convert_name_to_union_name): * src/lib/gssapi/mechglue/g_imp_name.c (gss_import_name): * src/lib/gssapi/mechglue/g_imp_sec_context.c (gss_import_sec_context): * src/lib/gssapi/mechglue/g_init_sec_context.c (gss_init_sec_context): Set loopback pointers. * src/lib/gssapi/mechglue/g_delete_sec_context.c (gss_delete_sec_context): * src/lib/gssapi/mechglue/g_rel_cred.c (gss_release_cred): * src/lib/gssapi/mechglue/g_rel_name.c (gss_release_name): Call GSSINT_CHK_LOOP() to validate loopback pointer. ticket: 4063 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18417 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c (gss_release_oid): CallTom Yu2006-08-011-0/+3
| | | | | | | | | gssint_initialize_library to ensure mutex is initialized. ticket: 4088 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18397 dc483132-0cff-0310-8789-dd5450dbe970
* Changed GSSAPI opaque types (gss_name_t, gss_cred_id_t, gss_ctx_id_t) fromAlexandra Ellwood2006-07-2513-42/+49
| | | | | | | | | | | | | | void* to pointers to opaque structs. This change removed some casts and introduced or changed a bunch of other casts to suppress warnings. krb5_gss_accept_sec_context(): Fixed a bug found by the above changes where krb5_gss_release_cred() was being called with the wrong argument 2 (gss_cred_id_t instead of gss_cred_id_t*). ticket: 4057 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18396 dc483132-0cff-0310-8789-dd5450dbe970
* gss_canonicalize_name(): Added parens to removeAlexandra Ellwood2006-07-251-4/+4
| | | | | | | | warning from if statement. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18395 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(), kg_caller_provided_ccache_name(): On further reflection Alexandra Ellwood2006-07-193-13/+32
| | | | | | | | | | | | | and testing the correct thing appears to be to have gss_krb5_ccache_name() stop gss_acquire_cred() from searching for the desired name in the cache collection. If the caller sets the ccache name then gss_acquire_cred will only look in that ccache. Added kg_caller_provided_ccache_name() to tell whether or not the caller has actually set the ccache. This should fix the problem for both Mac OS X and Windows. ticket: 4024 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18343 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(): Realized that my previous patch now basically favors theAlexandra Ellwood2006-07-191-6/+6
| | | | | | | | | | ccache over the desired name. Added a KLL function to search for the desired name, favoring the default ccache. ticket: 4024 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18341 dc483132-0cff-0310-8789-dd5450dbe970
* acquire_cred(): Fixed KLL support to try the default ccache first ifAlexandra Ellwood2006-07-181-13/+19
| | | | | | | | | it is set. ticket: 4024 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18340 dc483132-0cff-0310-8789-dd5450dbe970
* reverse test for copy_oid_set in lib/gssapi/krb5/indicate_mechs.cTom Yu2006-07-171-1/+1
| | | | | | | | | | | * src/lib/gssapi/krb5/indicate_mechs.c: Reverse sense of test, since gssint_copy_oid_set() returns 0 on success. ticket: new target_version: 1.5.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18330 dc483132-0cff-0310-8789-dd5450dbe970
* make gss_unwrap match prototypeTom Yu2006-07-011-2/+2
| | | | | | | | | | | | | * src/lib/gssapi/mechglue/g_unseal.c (gss_unwrap): Make match prototype. ticket: new tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18310 dc483132-0cff-0310-8789-dd5450dbe970
* g_delete_sec_context.c: undo type cast change from last Jeffrey Altman2006-06-301-1/+1
| | | | | | | | commit that is wrong. ticket: 3968 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18289 dc483132-0cff-0310-8789-dd5450dbe970
* corrections to gssapi mechglue Jeffrey Altman2006-06-302-5/+2
| | | | | | | | | | | g_delete_sec_context.c: use the correct type during assignment g_init_sec_context.c; prevent memory leak and make code more readable ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18288 dc483132-0cff-0310-8789-dd5450dbe970
* re-order inclusions in spnego_mech.c to avoid breaking system headersTom Yu2006-06-291-1/+1
| | | | | | | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c: Move inclusion of gssapiP_spnego.h to after mglueP.h. mglueP.h includes k5-thread.h, which pulls in the pthread headers, which on at least some Tru64 versions is vulnerable to definitions of non-reserved macro names such as CONTEXT, which is defined in gssapiP_spnego.h. ticket: new tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-build git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18273 dc483132-0cff-0310-8789-dd5450dbe970
* * lib/gssapi/Makefile.in: Merge the new target into the existingKen Raeburn2006-06-291-2/+1
| | | | | | | | | | target list with generated headers mostly in subdirectories, which happens to be inside a "##DOS##!if 0" block, since the all-recurse target isn't defined for Windows. ticket: 3955 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18272 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2006-06-292-18/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18271 dc483132-0cff-0310-8789-dd5450dbe970
* remove unused lib/gssapi/mechglue/g_utils.cTom Yu2006-06-292-286/+0
| | | | | | | | | | | | | * src/lib/gssapi/mechglue/g_utils.c: Remove. * src/lib/gssapi/mechglue/Makefile.in (SRCS, OBJS, STLIBOBJS): Remove g_utils.*. ticket: new version_reported: 1.5 target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18263 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/mglueP.h (struct gss_config): RemoveTom Yu2006-06-293-20/+0
| | | | | | | | | | | | | | | | | gssint_userok and pname_to_uid, as we don't implement things which use them. * src/lib/gssapi/krb5/krb5_gss_glue.c (KRB5_GSS_CONFIG_INIT): * src/lib/gssapi/spnego/spnego_mech.c (spnego_mechanism): Update for struct gss_config changes. ticket: 3954 tags: pullup target_version: 1.5 version_reported: 1.5 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18262 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c: Remove various unusedTom Yu2006-06-291-342/+3
| | | | | | | | | | | | | | header inclusions, local variables, and macro definitions. (gss_indicate_mechs): (build_mechSet): (updateMechList): (gssint_get_mechanism): (loadConfigFile): Remove disabled code. ticket: 3951 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18261 dc483132-0cff-0310-8789-dd5450dbe970
* gssapi compilation errors on WindowsJeffrey Altman2006-06-297-11/+76
| | | | | | | | | | | | | | | | | | | | | | | | src/Makefile.in: generate lib/gssapi/spnego/Makefile src/lib/gssapi/Makefile.in: build mechglue and spnego src/lib/gssapi/krb5/init_sec_context.c: do not include kdc only symbols on windows src/lib/gssapi/mechglue/g_utils.c: no strings.h on Windows src/lib/gssapi/mechglue/Makefile.in: construct mechglue.lst src/lib/gssapi/spnego/Makefile.in: construct spnego.lst src/lib/gssapi/spnego/spnego_mech.c: k5-int.h must be included before krb5.h in order to prevent mixed definitions of time_t on windows ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18259 dc483132-0cff-0310-8789-dd5450dbe970
* check calling conventions specified for WindowsKen Raeburn2006-06-291-2/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we're making changes on UNIX, sometimes we update the Windows export list but forget to make sure we've annotated the function declaration in the header file with a calling convention specification. This patch checks the krb5 and gssapi public headers against the Windows export lists (which are annotated with calling-convention and other info in comments), and flags any inconsistencies in public interfaces. * util/def-check.pl: Be quiet about normal stuff by default; accept a "-v" option to be verbose. Exit with non-zero status if something wrong is detected. Fix some problems in parsing gssapi header files. Handle DECSCRIPTION and HEAPSIZE directives in .def files, and DATA annotation in comments. * include/Makefile.in (verify-calling-conventions-krb5): New target. (all-unix): Depend on it in maintainer mode. * lib/gssapi/Makefile.in (verify-calling-conventions-gssapi): New target. (all-unix): Depend on it in maintainer mode. (merged-gssapi-header.h): New target; assemble public headers into one input file. (clean-misc-unix): New target; delete merged-gssapi-header.h. (clean-unix): Depend on it. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18258 dc483132-0cff-0310-8789-dd5450dbe970
* autoconf 2.60 compatibilityKen Raeburn2006-06-285-6/+6
| | | | | | | | | | | Change all file substitutions so that @-patterns start at the beginning of their lines, as now required by autoconf 2.60 (released Monday). ticket: new target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18249 dc483132-0cff-0310-8789-dd5450dbe970
* make gssint_get_mechanism match prototypeTom Yu2006-06-261-2/+1
| | | | | | | | | | | | * src/lib/gssapi/mechglue/g_initialize.c (gssint_get_mechanism): Protoize, and make match mglueP.h. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18230 dc483132-0cff-0310-8789-dd5450dbe970
* fix typo in MS_BUG_TEST case in krb5_gss_glue.cTom Yu2006-06-231-1/+1
| | | | | | | | | | | | * src/lib/gssapi/krb5/krb5_gss_glue.c (krb5_mech_configs_hack): Fix typo in MS_BUG_TEST case. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18208 dc483132-0cff-0310-8789-dd5450dbe970
* fix signedness warnings in spnego_mech.cTom Yu2006-06-231-66/+82
| | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c: Fix numerous signedness warnings. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18207 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/mechglue/g_initialize.c: Remove unused variablesTom Yu2006-06-221-3/+1
| | | | | | | | | | and include gss_libinit.h to clean up warnings. Patch from Michael Calmer. ticket: 3918 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18202 dc483132-0cff-0310-8789-dd5450dbe970
* Apply (modified) patches from Michael Calmer to fix some warningsTom Yu2006-06-222-17/+8
| | | | | | | | | | | | | | | * src/lib/gssapi/spnego/spnego_mech.c (get_req_flags): Remove unused var. (get_negTokenResp): Fix signedness bug. (make_spnego_tokenInit_msg): Remove unused vars (make_spnego_tokenTarg_msg): Initialize uninitialized vars. * src/lib/gssapi/spnego/gssapiP_spnego.h: Delete TWRITE_STR. ticket: 3905 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18198 dc483132-0cff-0310-8789-dd5450dbe970
* remove unimplemented/unused mechglue functionsTom Yu2006-06-218-407/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | * src/lib/gssapi/mechglue/Makefile.in (SRCS, STLIBOBJS): Delete g_userok, gssd_pname_to_uid. * src/lib/gssapi/mechglue/mechglue.h: Delete gssd_pname_to_uid, gss_initialize. * src/lib/gssapi/mechglue/mglueP.h: Delete gssint_userok, gssd_pname_to_uid, gssint_get_mechanism_ext, gss_acquire_cred_with_password_sfct, gss_mechanism_ext. * src/lib/gssapi/g_userok.c: * src/lib/gssapi/g_indicate_mechs.c: * src/lib/gssapi/gen_oids.c: * src/lib/gssapi/gssd_pname_to_uid: Delete. * src/lib/gssapi/mechglue/g_initialize.c: Delete gssint_get_mechanism_ext. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18187 dc483132-0cff-0310-8789-dd5450dbe970
* cease export of krb5_gss_*Tom Yu2006-06-211-37/+0
| | | | | | | | | | | | | | | * src/lib/gssapi/libgssapi_krb5.exports: Cease export of krb5 mechanism entry points which were once equivalent to GSS-API entry points. These were never public interfaces, and calling them directly now can cause problems. Also, cease export of some other internal symbols. ticket: new target_version: 1.5 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18185 dc483132-0cff-0310-8789-dd5450dbe970
* fix parallel builds for libgssTom Yu2006-06-201-1/+1
| | | | | | | | | | | | * src/lib/gssapi/Makefile.in (SUBDIROBJLISTS): Add missing spnego directory. ticket: new target_version: 1.5 tags: pullup component: krb5-build git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18176 dc483132-0cff-0310-8789-dd5450dbe970
* * src/lib/gssapi/libgssapi_krb5.exports: AddTom Yu2006-06-151-0/+1
| | | | | | gss_inquire_mechs_for_name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18143 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 11:52:27 +0000