summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
Commit message (Collapse)AuthorAgeFilesLines
...
* Use snprintf instead of strcpy/strcat in many placesGreg Hudson2008-10-235-45/+14
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_change_set_password should free chpw_rep contentsAlexandra Ellwood2008-10-211-0/+2
| | | | | | ticket: 6214 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20902 dc483132-0cff-0310-8789-dd5450dbe970
* Use asprintf instead of malloc/strcpy/strcat in many placesGreg Hudson2008-10-201-8/+2
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20901 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-2016-62/+26
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* handle stash file names with missing keytab type spec and colon in pathKen Raeburn2008-10-151-0/+5
| | | | | | | | | | | | | | | | | | | | Currently the keytab name resolution code will pass off any name with no colon to the default keytab type handler, which is the FILE handler. It will also check for Windows file names consisting of one letter followed by a colon, and treat them as FILE specs also. If a UNIX pathname contains a colon, however, and no type was explicitly specified, the leading part of the pathname gets treated as a type name and fails to match anything. It should instead treat type-less names starting with "/" as FILE specs also. Tweak the test suite to use such a name. Report and patch from Apple. rdar://problem/6179239 ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20872 dc483132-0cff-0310-8789-dd5450dbe970
* Change LDAP key-sequence encoder to use a single data structureKen Raeburn2008-10-061-7/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20829 dc483132-0cff-0310-8789-dd5450dbe970
* Make unset strings in kim_options and kim_selection_hintsAlexandra Ellwood2008-10-011-1/+1
| | | | | | | | | | | | be empty strings rather than NULL. This simplifies the stream code (and makes it easier to read and debug). In order to prevent copying tons of NUL bytes around, special case kim_string functions to use a special constant kim_empty_string. ticket: 6055 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20804 dc483132-0cff-0310-8789-dd5450dbe970
* Finished KLL to KIM shim.Alexandra Ellwood2008-10-013-24/+42
| | | | | | | | Switched krb5 code to using it. ticket: 6134 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20796 dc483132-0cff-0310-8789-dd5450dbe970
* krb5 library-side changes for com_err based error stringsAlexandra Ellwood2008-09-301-4/+1
| | | | | | ticket: 6138 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20786 dc483132-0cff-0310-8789-dd5450dbe970
* Merge 1.7 work on auxiliary ccache functions necessary for KIM. Adds ↵Justin Anderson2008-09-229-181/+966
| | | | | | | | | | | krb5_cc_lock/unlock, krb5_cccol_lock/unlock, krb5_cc_last_change_time, krb5_cccol_last_change_time, krb5_cc_move, and adds pertype cursor support to some cache types Locking functions work the same as the CCAPI cc_ccache_lock / cc_context_lock functions, though not as read/write locks. ticket: 6124 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20743 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-187-966/+1092
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify; trim trailing whitespace; add emacs local variables to avoid tabsKen Raeburn2008-09-0921-2285/+2306
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20711 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceKen Raeburn2008-09-081-176/+169
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20710 dc483132-0cff-0310-8789-dd5450dbe970
* Use braces to repair broken emacs indentation, caused by omission of aKen Raeburn2008-09-051-4/+6
| | | | | | semicolon, caused by use of macros that expand to compound statements. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20708 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace changes, mostly horizontal, for consistency with currentKen Raeburn2008-09-0512-3223/+3224
| | | | | | | | | style: indentation levels, spacing around if/else/for/while and braces. Still plenty of inconsistency with current coding standards, especially for when line breaks are to be used. Didn't touch multi-line macro definitions, or .h function declarations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20707 dc483132-0cff-0310-8789-dd5450dbe970
* Based on patch from lxs, with some changes:Ken Raeburn2008-08-2719-52/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add several new gcc warning flags, used in the KfM build process. Put declarations before code. Fix a bunch of signed/unsigned type mixes, mostly by changing variable types to unsigned int. Fix constness in handling name of default ccache name. Make sure functions get declared with prototypes: krb5int_pthread_loaded krb5int_gmt_mktime krb5int_aes_encrypt krb5int_aes_decrypt gssint_mecherrmap_init gssint_mecherramp_get. Don't shadow global names: stat accept index open encrypt. Fix variable shadowing in LDAP ASN.1 support. Don't define unused krb5int_local_addresses. Don't export internal krb5_change_set_password. Fix error return indications from gssint_oid_to_mech. Create and use k5-gmt_mktime.h to provide one global declaration of krb5int_gmt_mktime, needed before we've generated krb5.h on some platforms. Not incorporated from initial patch: const changes in function signatures. ticket: 6096 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20697 dc483132-0cff-0310-8789-dd5450dbe970
* Incorporate Apple's patchKen Raeburn2008-08-251-1/+28
| | | | | | | | | | | | | | | | | | | | | | Add a test authorization data scheme, in both built-in and plugin forms; built-in version is #ifdef'ed out. Update configury to create the build directory for the plugin, but don't build or install it by default. Create the new (and normally empty) authorization data plugin directory at install time. Add some (normally disabled) code to log authz data from rd_req. Fix up some comments that still refer to preauth plugins. Add some details in comments on the API, and why it's private for now. Make the plugin init context support work, by not passing null pointers. ticket: 5565 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20691 dc483132-0cff-0310-8789-dd5450dbe970
* Let walk_realm_tree tests fail for now, ignore them and keep goingKen Raeburn2008-08-221-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20687 dc483132-0cff-0310-8789-dd5450dbe970
* Use capaths unconditionally. Update copyrightKen Raeburn2008-08-221-12/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20686 dc483132-0cff-0310-8789-dd5450dbe970
* lean client changesZhanna Tsitkov2008-08-2019-19/+85
| | | | | | | | | All changes are under LEAN_CLIENT macro. Application server functionality is disabled. Ticket:new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20680 dc483132-0cff-0310-8789-dd5450dbe970
* Fix broken build -- conditionalize some stuff on DISABLE_PKINIT that IKen Raeburn2008-08-192-1/+5
| | | | | | | | missed last time. ticket: 6076 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20675 dc483132-0cff-0310-8789-dd5450dbe970
* Using gcov, it was noted that the tests were never including authdataEzra Peisach2008-08-171-8/+86
| | | | | | | in the test credential - and a segment of code was never tested. Add some fake authdata to the test creds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20668 dc483132-0cff-0310-8789-dd5450dbe970
* In parsing authorization data, if run out of memory, the authorizationEzra Peisach2008-08-162-2/+6
| | | | | | | data was released, but the pointer not zeroed. This resulted in higher level code trying to free it again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20667 dc483132-0cff-0310-8789-dd5450dbe970
* In copying a credential - if we run out memory - the cleanup code failed to ↵Ezra Peisach2008-08-161-3/+5
| | | | | | clear the second_ticket git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20666 dc483132-0cff-0310-8789-dd5450dbe970
* Move internal cccursor structures/prototypes to the ccache private includeEzra Peisach2008-08-163-2/+23
| | | | | | | file. Functions are not exported from library. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20665 dc483132-0cff-0310-8789-dd5450dbe970
* Conditionalize building of CCAPI ccache type on USE_CCAPIAlexandra Ellwood2008-08-154-13/+22
| | | | | | | | | Still refer to Windows by OS macro because KfW builds do not set USE_CCAPI. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20664 dc483132-0cff-0310-8789-dd5450dbe970
* Move prototype for krb5int_random_string from k5-int.h to cc-int.h asEzra Peisach2008-08-154-4/+6
| | | | | | | it is private to the ccache code. Include cc-int.h where needed, and update Makefile.in dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20662 dc483132-0cff-0310-8789-dd5450dbe970
* a stash file is not a keytabWill Fiveash2008-08-153-6/+0
| | | | | | | | | Note, this is the commit for the associated Krb Consortium project: Projects/Masterkey Keytab Stash ticket: 194 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20661 dc483132-0cff-0310-8789-dd5450dbe970
* If the LDAP KDB back end is being built, define ENABLE_LDAP. IfKen Raeburn2008-08-142-2/+12
| | | | | | | | ENABLE_LDAP is not defined, don't build the LDAP KDB ASN.1 encoding and decoding functions, and use null pointers for them in the accessor function table. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20659 dc483132-0cff-0310-8789-dd5450dbe970
* In parsing principal - if run out memory - clean up after ourselves. Ezra Peisach2008-08-142-2/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20658 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5int_copy_creds_contents - if we run out of memory, do notEzra Peisach2008-08-141-1/+2
| | | | | | release pointer to output creds structure that is passed in by caller. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20657 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up memory leak in krb5_build_principal if we run out of memoryEzra Peisach2008-08-141-0/+3
| | | | | | while building pricipal. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20656 dc483132-0cff-0310-8789-dd5450dbe970
* Error return from krb5int_random_string not tested in ccache codeEzra Peisach2008-08-142-2/+13
| | | | | | | | | krb5int_random_string should probably only fail on malloc failure. Test for an error return from the function and cleanup properly (release mutex, return error instead of using uninitialized memory). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20655 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_fcc_read_addrs returns pointer to released memory on malloc failreEzra Peisach2008-08-141-0/+1
| | | | | | | | In cleanup code on malloc failure, addresses are released including pointer to the krb5_address * - but the freed value is returned to caller. Clear pointer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20654 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_fcc_resolve file locking error on malloc failuerEzra Peisach2008-08-141-1/+2
| | | | | | | | | | | | | | | | | In krb5_fcc_resolve, on malloc failure, the data->lock mutex needs to be destroyed. Unfortunately, this is done with the mutex is still locked. When thread debugging code is enabled, this results in aeg fault. Also - in krb5_fcc_generate_new, a strdup failure would result in the krb5int_cc_file_mutex being unlocked twice. [I have a modified version of valgrind in which I can signal after a certain number of mallocs for it to fail - I vary the allocation number from 1300 to 0 - and see what breaks - some memory leaks will be fixed separately] ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20653 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build PKINIT ASN.1 support code if not building PKINIT pluginKen Raeburn2008-08-133-46/+61
| | | | | | | | | | | | | | | | | | | If --disable-pkinit is given at configure time, don't build the PKINIT plugin. If the PKINIT plugin is not going to be built, define DISABLE_PKINIT. If DISABLE_PKINIT is defined, don't build the PKINIT-related ASN.1 encoding and decoding routines, and fill their slots in the accessor function table with null pointers. Tweak the accessor table initialization to use conditionally-varying macros rather than conditionally selecting between two blocks of invocations of fixed macros. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20652 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite the building of the ccache-type linked list to be linearKen Raeburn2008-08-122-25/+37
| | | | | | | | | instead of branched, and thus a bit easier to follow and modify. If NO_FILE_CCACHE is defined, leave the file cache out of the list, and (if we're not using ccapi) use the memory cache as the default. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20649 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use memcmp for comparing structures of valuesKen Raeburn2008-08-071-2/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20634 dc483132-0cff-0310-8789-dd5450dbe970
* sequence_of_no_tagvars declared variables used only inKen Raeburn2008-08-071-20/+16
| | | | | | | | end_sequence_of_no_tagvars and only as unnecessary temporaries, so get rid of them; also, push most of the work of the latter macro into a helper function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20632 dc483132-0cff-0310-8789-dd5450dbe970
* get_eoc() is always followed by next_tag(), so don't bother settingKen Raeburn2008-08-072-26/+16
| | | | | | | the variables that it's about to clobber. Since we don't need any of the tag info at the call site, push it down into the helper function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20631 dc483132-0cff-0310-8789-dd5450dbe970
* malloc+memset(,0,) -> callocKen Raeburn2008-08-0719-84/+43
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20630 dc483132-0cff-0310-8789-dd5450dbe970
* Pull out EOC error checks into separate functionsKen Raeburn2008-08-072-12/+34
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20629 dc483132-0cff-0310-8789-dd5450dbe970
* Use bitfields for class and construction typeKen Raeburn2008-08-071-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20628 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite tagnum-checking code to streamline normal path and push refinedKen Raeburn2008-08-075-33/+40
| | | | | | | | | | | error code selection into error path. Don't expand asn1buf_insert_octet inline or define asn1buf_ensure_space macro if CONFIG_SMALL. Remove some null-before-free checks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20626 dc483132-0cff-0310-8789-dd5450dbe970
* fix cleanup code in allocating preauth infoKen Raeburn2008-08-061-2/+2
| | | | | | | | | | | | After an allocation failure, free up the previously allocated array elements by counting back down to zero, not continuing to count up until we hit zero. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20608 dc483132-0cff-0310-8789-dd5450dbe970
* Use load/store_32/16_be/le functionsKen Raeburn2008-08-023-23/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20603 dc483132-0cff-0310-8789-dd5450dbe970
* Pull out two copies of errno mapping into a common functionKen Raeburn2008-08-021-60/+42
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20602 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5int_random_string, load_32_be, load_16_be, store_32_be, andKen Raeburn2008-08-021-66/+6
| | | | | | | store_16_be. Change krb5_krcc_unparse_int32 to call krb5_krc_unparse_ui_4 and reduce duplicated code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20597 dc483132-0cff-0310-8789-dd5450dbe970
* Rename and export random_string from cc_memory.cKen Raeburn2008-08-021-5/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20596 dc483132-0cff-0310-8789-dd5450dbe970
* Reduce code duplication: krb5_fcc_store_int32 vs krb5_fcc_store_ui_4Ken Raeburn2008-08-021-18/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20595 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-30 02:24:56 +0000