summaryrefslogtreecommitdiffstats
path: root/src/lib/rpc
Commit message (Collapse)AuthorAgeFilesLines
...
* Include k5-platform.h for SIZE_MAXEzra Peisach2008-10-191-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20897 dc483132-0cff-0310-8789-dd5450dbe970
* Increase the default RPC timeout for kadmin from 25 seconds to 120Greg Hudson2008-10-021-2/+2
| | | | | | | | seconds. Code changes from a patch submitted by umich. ticket: 6120 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20810 dc483132-0cff-0310-8789-dd5450dbe970
* In clntudp_call, fix a bug in the handling of an error case (it failedGreg Hudson2008-10-021-1/+0
| | | | | | | | to set the error status field and generated a dead code warning). ticket: 6121 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20809 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-181-18/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* specify return type of 'harmless'Ken Raeburn2008-08-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20605 dc483132-0cff-0310-8789-dd5450dbe970
* In the gss rpc package, replace the type used for a Jeffrey Altman2008-07-236-29/+32
| | | | | | | | | | | | | | socket on Windows with SOCKET (instead of int) and replace all calls to close() that are used to close sockets with closesocket(). src/include/port-sockets.h includes the definitions of SOCKET and closesocket() for non-Windows systems. ticket: 6041 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20578 dc483132-0cff-0310-8789-dd5450dbe970
* Use autogenerated darwin.exports files for server frameworksAlexandra Ellwood2008-07-091-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20506 dc483132-0cff-0310-8789-dd5450dbe970
* misc memory leaksKen Raeburn2008-06-271-0/+1
| | | | | | | | | | | | Fix various memory leaks that show up mostly in error cases (e.g., failure to allocate one small object, and then we forget to free another one). ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20481 dc483132-0cff-0310-8789-dd5450dbe970
* Fix possible null pointer deref, possible uninit ptr use, possibleKen Raeburn2008-06-271-6/+13
| | | | | | | | | leak in unlikely small-allocation failure case. ticket: new target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20477 dc483132-0cff-0310-8789-dd5450dbe970
* Bump minor version number. Update dependenciesKen Raeburn2008-06-251-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20470 dc483132-0cff-0310-8789-dd5450dbe970
* Pull in xdr_sizeof from tirpc2.3 (which has the same license as our current ↵Ken Raeburn2008-06-253-0/+167
| | | | | | rpc code) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20468 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-101-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* On Mac OS X, try poking launchd to get the portmapper launched beforeKen Raeburn2008-06-061-3/+55
| | | | | | we try to connect to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20364 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a few incompatible-pointer warnings that aren't just about signednessKen Raeburn2008-06-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20351 dc483132-0cff-0310-8789-dd5450dbe970
* Left-shifting all the way in signed math is undefined, use unsignedKen Raeburn2008-04-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20310 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2008-002Ken Raeburn2008-03-182-2/+29
| | | | | | | | | | | | | | Fix MITKRB5-SA-2008-002: array overrun in libgssrpc. Don't update the internally-tracked maximum file descriptor value if the new one is FD_SETSIZE (or NOFILE) or above. Reject TCP file descriptors of FD_SETSIZE (NOFILE) or above. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20278 dc483132-0cff-0310-8789-dd5450dbe970
* fix CVE-2007-5902: integer overflow in svcauth_gss_get_principal()Tom Yu2007-12-141-1/+1
| | | | | | | | ticket: 5855 target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20181 dc483132-0cff-0310-8789-dd5450dbe970
* Set close-on-exec flag in most places where file descriptors areKen Raeburn2007-10-226-12/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* Revise patch to avoid 32-byte overflow which remained after theTom Yu2007-09-051-2/+10
| | | | | | | | | | | initial patch. Memory written to by the IXDR macro calls had not been accounted for. Thanks to Kevin Coffman, Will Fiveash, and Nico Williams for discovering this bug and assisting with patch development. ticket: 5706 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19923 dc483132-0cff-0310-8789-dd5450dbe970
* Rework error-mapping code to preserve status code values when returnedKen Raeburn2007-09-052-9/+6
| | | | | | | | | | | | | | | by only one mechanism. Revert RPC code to relying on this. Build error-mapping code on a bidirectional map instead of a simple array. When a status code is returned but has been seen returned from a different mechanism already, generate a new number, starting at 100,000. Use gssrpcint_printf for some more debugging code. ticket: 5654 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19919 dc483132-0cff-0310-8789-dd5450dbe970
* Support using valgrind on test programsKen Raeburn2007-09-042-1/+44
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19916 dc483132-0cff-0310-8789-dd5450dbe970
* fix CVE-2007-3999 svc_auth_gss.c buffer overflowTom Yu2007-09-041-1/+1
| | | | | | | | | | | | Make sure svcauth_gss_validate adequately checks oa->oa_length prior to copying into rpcbuf. ticket: new target_version: 1.6.3 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19913 dc483132-0cff-0310-8789-dd5450dbe970
* remap mechanism-specific status codes in mechglue/spnegoKen Raeburn2007-08-162-2/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch creates a mapping in the mechglue/spnego code to modify mechanism status codes when passing them back to the application, so that mechglue's display_status dispatcher can determine the correct mechanism to dispatch to. This is part of the "get enhanced error messages from gssapi applications" project; ticket 5590 has updates to the Kerberos 5 mechanism to extract enhanced error messages (when there are any) from the Kerberos library. util/gen.pl, util/t_*.pm: New code generation script and templates. lib/gssapi/generic: Add a new, global mapping that enumerates the {mechOID,status} pairs as they're seen, allowing a magic mechOID value to indicate com_err error codes from mechglue and spnego, and reserving status code 0 for unknown errors. Preload the Kerberos "wrong principal" error code once for each mechanism OID used for Kerberos, so the entries get fixed positions (1-3) in the table. lib/gssapi/gss_libinit.c: Call the initializer and destructor functions. lib/gssapi/mechglue, lib/gssapi/spnego: Enter all mechanism-generated or locally-generated status codes into the mapping table, and return the table index to the application. Do the reverse in display_status, to get the messages from the mechanism.. lib/rpc: Define new function gssrpcint_printf to use for debugging instead of printf, to redirect output away from dejagnu; add a couple more debugging calls. Check for minor status codes 1-3 now instead of KRB5KRB_AP_WRONG_PRINC. tests/dejagnu/krb-standalone/gssftp.exp: Test getting more detailed error messages back, by having the ftp client attempt to authenticate to a non-existent service, and examining the error message for the service principal name. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19831 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid use of unchecked sprintf in libraries. Use asprintf if theKen Raeburn2007-07-121-25/+30
| | | | | | | output buffer is allocated according to the size of data to be written, or snprintf otherwise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]Tom Yu2007-06-262-5/+8
| | | | | | | | | | | | | | | CVE-2007-2442/VU#356961: The RPC library can free an uninitialized pointer. This may lead to execution of arbitrary code. CVE-2007-2443/VU#365313: The RPC library can write past the end of a stack buffer. This may (but is unlikely to) lead to execution of arbitrary code. ticket: new target_version: 1.6.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19636 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2006-002: svctcp_destroy() can call uninitialized function pointerTom Yu2007-01-091-0/+5
| | | | | | | | | | | | | | | Explicitly null out xprt->xp_auth when AUTH_GSSAPI is being used, so that svctcp_destroy() will not call through an uninitialized function pointer after code in svc_auth_gssapi.c has destroyed expired state structures. We can't unconditionally null it because the RPCSEC_GSS implementation needs it to retrieve state. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19042 dc483132-0cff-0310-8789-dd5450dbe970
* * svc_auth_gss.c (svcauth_gss_import_name): Unused function deletedKen Raeburn2006-11-021-26/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18758 dc483132-0cff-0310-8789-dd5450dbe970
* Include time.h for time() prototypeEzra Peisach2006-10-161-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18719 dc483132-0cff-0310-8789-dd5450dbe970
* Remove all unused variable warnings from treeEzra Peisach2006-10-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18712 dc483132-0cff-0310-8789-dd5450dbe970
* fix dependence on config.status to use correct dirKen Raeburn2006-10-051-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18647 dc483132-0cff-0310-8789-dd5450dbe970
* Move RPC header files to include/gssrpc, which we copy to them atKen Raeburn2006-09-1618-3129/+265
| | | | | | | build time, and which is the only place we use them from anyways. Update Makefile references and dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18589 dc483132-0cff-0310-8789-dd5450dbe970
* authgss_refresh(): Use GSS_C_NO_CHANNEL_BINDINGS macro Alexandra Ellwood2006-07-181-1/+1
| | | | | | | | instead of NULL with gss_init_sec_context to increase readbility. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18337 dc483132-0cff-0310-8789-dd5450dbe970
* autoconf 2.60 compatibilityKen Raeburn2006-06-281-2/+2
| | | | | | | | | | | Change all file substitutions so that @-patterns start at the beginning of their lines, as now required by autoconf 2.60 (released Monday). ticket: new target_version: 1.5 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18249 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branches/mechglue. Initial integration of Sun-donatedTom Yu2006-06-142-3/+2
| | | | | | | | | | | | | | | | mechglue and SPNEGO implementations. Additional changes outside of src/lib/gssapi: * src/configure.in: Add lib/gssapi/mechglue and lib/gssapi/spnego to list of directories to output Makefile in. * src/lib/rpc/unit-test/rpc_test.0/expire.exp (expired): Update regexp for mechglue. * src/tests/dejagnu/krb-standalone/v4gssftp.exp (v4ftp_test): Update "Miscellaneous failure" regexp for mechglue. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18131 dc483132-0cff-0310-8789-dd5450dbe970
* Merge about 1/3 of the remaining configure scripts into the top level. ThisKen Raeburn2006-05-314-209/+7
| | | | | | still leaves out appl and tests, and static library and plugin directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18068 dc483132-0cff-0310-8789-dd5450dbe970
* install headers into include/krb5Ken Raeburn2006-05-231-5/+6
| | | | | | | | | | | Create include/krb5 directory, and put krb5.h and (k5-)locate.h there in the build tree. Stub krb5.h in main include directory just includes krb5/krb5.h. Update dependencies, and add dependencies in a couple Makefiles that didn't have them. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18030 dc483132-0cff-0310-8789-dd5450dbe970
* Add SRCS definition and run make dependKen Raeburn2006-05-161-0/+38
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18011 dc483132-0cff-0310-8789-dd5450dbe970
* Generate rpc includes as part of the generate-files-mac targetAlexandra Ellwood2006-04-241-0/+2
| | | | | | | ticket: new target_version: 1.5 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17952 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ChangeLog files from the source tree. From now on, theSam Hartman2006-04-112-1716/+0
| | | | | | | subversion commit log entry needs to include information that would have been in the changelog. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17893 dc483132-0cff-0310-8789-dd5450dbe970
* * client.c (usage): Mark as "noreturn" under gccKen Raeburn2006-04-102-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17885 dc483132-0cff-0310-8789-dd5450dbe970
* set DEFS empty in more placesKen Raeburn2006-04-044-0/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17838 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-04-011-48/+53
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17826 dc483132-0cff-0310-8789-dd5450dbe970
* Include autoconf.h (or include it earlier) in a bunch of files that areKen Raeburn2006-04-0112-3/+22
| | | | | | currently depending on command-line macro settings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17825 dc483132-0cff-0310-8789-dd5450dbe970
* make depend, now with dependency sortingKen Raeburn2006-03-311-244/+264
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17811 dc483132-0cff-0310-8789-dd5450dbe970
* * dyn.c (DynDelete, DynInsert, DynPut): Delete bcopy branches.Ken Raeburn2006-03-302-22/+5
| | | | | | (HAVE_MEMMOVE): Don't define. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17807 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Always supply three arguments to AC_DEFINE_UNQUOTEDKen Raeburn2006-03-282-2/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17792 dc483132-0cff-0310-8789-dd5450dbe970
* Instead of arbitrary division of headers into include and include/krb5, withKen Raeburn2006-03-112-29/+4
| | | | | | | | | | | | include directives sometimes using krb5/foo.h and sometimes using foo.h, and -I options always given for both directories in both source and build trees, push include/krb5/* up a level and drop the krb5 directory (except, for the moment, the change log). Updated #include directives, -I options, and dependencies accordingly, and deleted one or two bits of old, unused code that was noticed in the process. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17730 dc483132-0cff-0310-8789-dd5450dbe970
* fix more executable permissionsTom Yu2005-08-251-0/+0
| | | | | | | | | | Fix some more executable permissions missing from import. ticket: new tags: pullup target_version: 1.4.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17357 dc483132-0cff-0310-8789-dd5450dbe970
* Delete .cvsignore files; contents have already been Sam Hartman2005-08-242-6/+0
| | | | | | set on svn:ignore properties. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17353 dc483132-0cff-0310-8789-dd5450dbe970
* All configure.in scripts: Use K5_AC_INIT instead of AC_INITKen Raeburn2005-08-204-2/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17342 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-09-22 04:27:46 +0000