summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
Commit message (Collapse)AuthorAgeFilesLines
...
* Change contract of krb5int_utf8_normalize and fix memory leaksGreg Hudson2009-02-092-42/+49
| | | | | | | | | | | | Make krb5int_utf8_normalize return a krb5_error_code and always allocate a structure to be placed in the output parameter. Adjust the function structure to use a cleanup handler, fixing many memory leaks. ticket: 6378 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21923 dc483132-0cff-0310-8789-dd5450dbe970
* Provide omitted return value in last changeKen Raeburn2009-02-091-1/+1
| | | | | | ticket: 6377 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21922 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused fileKen Raeburn2009-02-091-161/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21921 dc483132-0cff-0310-8789-dd5450dbe970
* make krb5_free_* functions ignore NULLKen Raeburn2009-02-096-230/+191
| | | | | | | | | | | | This makes them safer to call in various contexts where NULL may leak through, and makes analysis easier. Also, remove some checks for NULL before calling a free routine that will also check for NULL. ticket: 6377 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21920 dc483132-0cff-0310-8789-dd5450dbe970
* Memory handling fixes in walk_rtreeGreg Hudson2009-02-061-13/+35
| | | | | | | | | | | | | In walk_rtree's rtree_hier_tree, don't leak the result of rtree_hier_realms. In rtree_hier_realms, avoid freeing one too many krb5_data contents on allocation failure, and use the recommend pattern to ensure well-defined output parameter values. ticket: 6376 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21912 dc483132-0cff-0310-8789-dd5450dbe970
* Fix whitespace on previous commit to ure.c. Correct two other casesGreg Hudson2009-02-061-4/+6
| | | | | | | where %lX was used with a krb5_ui_4 type argument without a cast to unsigned long. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21911 dc483132-0cff-0310-8789-dd5450dbe970
* Pass the correct width argument to fprintf for URE_CHAR inGreg Hudson2009-02-061-1/+2
| | | | | | ure_write_dfa. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21910 dc483132-0cff-0310-8789-dd5450dbe970
* Fix error handling in krb5_walk_realm_treeGreg Hudson2009-02-061-1/+1
| | | | | | | | | | | | rtree_hier_realms was forgetting to assign the return value of krb5int_copy_data_contents to retval, which would cause a failure to notice out-of-memory conditions. ticket: 6375 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21909 dc483132-0cff-0310-8789-dd5450dbe970
* Change variable accepting return from strftime to time_t. ThisEzra Peisach2009-02-061-1/+1
| | | | | | matches prototype for function and removes a signed/unsigned warning. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21907 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory handling bug in mk_req_extGreg Hudson2009-02-051-2/+1
| | | | | | | | | | | In make_etype_list, assign *authdata before we have a chance to fail, since we may have invalidated the previous value with realloc. ticket: 6372 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21901 dc483132-0cff-0310-8789-dd5450dbe970
* In gc_frm_kdc.c's do_traversal(), fix an assert which was doing anGreg Hudson2009-02-051-1/+1
| | | | | | assignment instead of a compare. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21899 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_rc_io_store, check the return value of krb5int_buf_len as wellGreg Hudson2009-02-051-4/+6
| | | | | | | as krb5int_buf_data. The length can't be negative if the data is non-NULL, but Coverity doesn't know that. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21898 dc483132-0cff-0310-8789-dd5450dbe970
* In recvauth_common, initialize ap_option. It can't be usedGreg Hudson2009-02-051-1/+1
| | | | | | | uninitialized, but you can only deduce that by examining the relationships between ap_option, problem, and outbuf. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21897 dc483132-0cff-0310-8789-dd5450dbe970
* Change krb5_rc_resolve_type (not a public API) to allocate the rcacheGreg Hudson2009-02-052-37/+38
| | | | | | | structure. Make output parameter values of krb5_rc_resolve_type and krb5_rc_default well-defined in case of errors. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21896 dc483132-0cff-0310-8789-dd5450dbe970
* Add a missing break in the switch statement ofGreg Hudson2009-02-051-0/+1
| | | | | | | | | | krb5int_setpw_result_code_string. ticket: 6368 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21894 dc483132-0cff-0310-8789-dd5450dbe970
* Create and use (in several places) a variant ofKen Raeburn2009-02-054-42/+44
| | | | | | | krb5int_copy_data_contents that adds a trailing '\0' so the result can be used as a C string. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21893 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_ktfileint_find_slot, check for an error return from ftell.Greg Hudson2009-02-051-0/+3
| | | | | | | (Such an error will never happen in any reasonable stdio implementation but it's more correct to check.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21892 dc483132-0cff-0310-8789-dd5450dbe970
* Coverity was nervous that hst_realm.c's domain_heuristic() wasn'tGreg Hudson2009-02-051-10/+10
| | | | | | | | | checking for a NULL return from strchr. The code was safe because a previous call to strchr on the same argments was checked, but make Coverity less nervous by storing the result of that previous call and reusing it. Also make the function conform better to our standards. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21891 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory leak in krb5_kt_resolve when we fail to lockGreg Hudson2009-02-051-6/+9
| | | | | | | | | | kt_typehead_lock. ticket: 6367 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21890 dc483132-0cff-0310-8789-dd5450dbe970
* Remove xfread/xfwrite macros. Casting the first argument to char * isGreg Hudson2009-02-041-36/+33
| | | | | | | | unnecessary (fread's first argument is void *, which does not require a cast) and confuses Coverity's UNINIT checker; casting the third argument to unsigned is not necessary for our current set of warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21883 dc483132-0cff-0310-8789-dd5450dbe970
* Use macros for config parametersZhanna Tsitkov2009-02-0414-72/+72
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21879 dc483132-0cff-0310-8789-dd5450dbe970
* prefer structure assignment to memcpyKen Raeburn2009-02-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21876 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-0226-45/+41
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of casts of free() argument to char*, except where it'sKen Raeburn2009-02-027-25/+20
| | | | | | | | casting away const (so as to make this change warning-neutral), and in unicode source (which we may want to keep in sync with another source), and krb5_xfree macro (to be handled separately). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21870 dc483132-0cff-0310-8789-dd5450dbe970
* Default allow_weak_crypto=true for now. Default supported_enctypes toTom Yu2009-01-311-1/+1
| | | | | | | | | exclude single-DES enctypes. ticket: 6353 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21851 dc483132-0cff-0310-8789-dd5450dbe970
* Master Key Migration ProjectWill Fiveash2009-01-301-0/+3
| | | | | | | | | | | | | | | Commit for the Master Key Migration Project. http://k5wiki.kerberos.org/wiki/Projects/Master_Key_Migration This commit provides the ability to add a new master key (with an enctype differing from the current master key) to the master key principal and stash file and then migrate the encryption of existing principals long term keys to use the new master key. In addition deletion of master keys is provided. ticket: 6354 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21844 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_server_rcache had some dead (and incorrect) code for cleaningGreg Hudson2009-01-301-13/+5
| | | | | | up the rcache on failure. Fix the cleanup code and make use of it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21842 dc483132-0cff-0310-8789-dd5450dbe970
* Make output parameter value of krb5_rc_resolve_full well-defined onGreg Hudson2009-01-301-8/+13
| | | | | | error return. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21841 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_kdcrep2creds, call the correct free function when cleaning upGreg Hudson2009-01-301-2/+2
| | | | | | the keyblock, and clean up the keyblock if krb5_copy_data fails. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21840 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2009-01-291-186/+185
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21826 dc483132-0cff-0310-8789-dd5450dbe970
* clear outbuf[0].data to unconfuse coverityKen Raeburn2009-01-291-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21825 dc483132-0cff-0310-8789-dd5450dbe970
* disable single-DES by defaultTom Yu2009-01-281-2/+15
| | | | | | | | | | Mark all single-DES enctypes as "weak", and create a new libdefaults variable "allow_weak_crypto", which defaults to "false". ticket: 6353 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21823 dc483132-0cff-0310-8789-dd5450dbe970
* Start to phase out krb5_xfree macro, which just casts its argument toKen Raeburn2009-01-2860-358/+358
| | | | | | | | | | | char* and calls free. Replace most uses, outside of the LDAP KDB plugin, which doesn't build on my test system of the moment because of version dependencies. Add one explicit cast to make the change warning-neutral (under gcc 4.0.1 on Mac OS X 10.5.6). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21812 dc483132-0cff-0310-8789-dd5450dbe970
* "Coding practices" related fixesZhanna Tsitkov2009-01-271-60/+48
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21808 dc483132-0cff-0310-8789-dd5450dbe970
* In asn1_decode_pa_for_user(), ensure that user member is allocatedLuke Howard2009-01-261-0/+1
| | | | | | before assigning a value to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21805 dc483132-0cff-0310-8789-dd5450dbe970
* Use 16/32-bit big/little-endian store functions in more placesKen Raeburn2009-01-262-11/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21796 dc483132-0cff-0310-8789-dd5450dbe970
* Change 16/32/64-bit big-/little-endian/native unaligned load/storeKen Raeburn2009-01-241-1/+1
| | | | | | | | routines to take void pointers, so they can operate on both plain and unsigned char buffers, or other types. Remove some now-unneeded casts. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21793 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the need for the domain_realm mapping table on the client side by ↵Zhanna Tsitkov2009-01-232-1/+72
| | | | | | implementing minimal referral support in the KDC git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21792 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_pac_get_buffer, check the correct value for null after callingGreg Hudson2009-01-231-1/+1
| | | | | | malloc. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21789 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_pac_parse, change the code around a bit to avoid harmlesslyGreg Hudson2009-01-231-7/+8
| | | | | | copying an uninitialized Buffers field of a PACTYPE structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21788 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_get_init_creds, null out err_reply in a case where we free itGreg Hudson2009-01-231-0/+1
| | | | | | and do not necessarily exit the loop. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21785 dc483132-0cff-0310-8789-dd5450dbe970
* Always initialize the output parameter in krb5_parse_name and friendsGreg Hudson2009-01-231-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21784 dc483132-0cff-0310-8789-dd5450dbe970
* Add some output parameter initializations n order to eliminate someGreg Hudson2009-01-231-1/+4
| | | | | | spurious Coverity defects. (Far from a comprehensive pass.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21782 dc483132-0cff-0310-8789-dd5450dbe970
* Per coding standards, don't declare variables in inner scopes in newGreg Hudson2009-01-232-10/+6
| | | | | | | rcache code except when it really makes sense (option processing for t_replay). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21781 dc483132-0cff-0310-8789-dd5450dbe970
* fix trailing whitespaceTom Yu2009-01-225-10/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21779 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceTom Yu2009-01-228-27/+27
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21778 dc483132-0cff-0310-8789-dd5450dbe970
* If USE_VALGRIND, check readability of byte string before copyingKen Raeburn2009-01-221-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21774 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Love: when opening an existing replay cache, check moreGreg Hudson2009-01-211-14/+40
| | | | | | thoroughly to prevent symlink attacks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21770 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_rd_rep_dce, initialize repl to NULL to avoid using itsGreg Hudson2009-01-201-1/+1
| | | | | | initialized value when we take the first goto to clean_scratch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21763 dc483132-0cff-0310-8789-dd5450dbe970
* If buffer length is 0, force pointer to NULL, to keep valgrind happier when ↵Ken Raeburn2009-01-171-2/+4
| | | | | | callers don't bother git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21762 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 05:38:49 +0000